Warning: Permanently added '[localhost]:46396' (ECDSA) to the list of known hosts. 2022/10/02 19:29:02 fuzzer started 2022/10/02 19:29:02 dialing manager at localhost:35095 syzkaller login: [ 43.886279] cgroup: Unknown subsys name 'net' [ 44.053984] cgroup: Unknown subsys name 'rlimit' 2022/10/02 19:29:16 syscalls: 2215 2022/10/02 19:29:16 code coverage: enabled 2022/10/02 19:29:16 comparison tracing: enabled 2022/10/02 19:29:16 extra coverage: enabled 2022/10/02 19:29:16 setuid sandbox: enabled 2022/10/02 19:29:16 namespace sandbox: enabled 2022/10/02 19:29:16 Android sandbox: enabled 2022/10/02 19:29:16 fault injection: enabled 2022/10/02 19:29:16 leak checking: enabled 2022/10/02 19:29:16 net packet injection: enabled 2022/10/02 19:29:16 net device setup: enabled 2022/10/02 19:29:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 19:29:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 19:29:16 USB emulation: enabled 2022/10/02 19:29:16 hci packet injection: enabled 2022/10/02 19:29:16 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 19:29:16 802.15.4 emulation: enabled 2022/10/02 19:29:17 fetching corpus: 50, signal 23320/25159 (executing program) 2022/10/02 19:29:17 fetching corpus: 100, signal 33546/37068 (executing program) 2022/10/02 19:29:17 fetching corpus: 150, signal 41199/46354 (executing program) 2022/10/02 19:29:17 fetching corpus: 200, signal 47331/54015 (executing program) 2022/10/02 19:29:17 fetching corpus: 250, signal 53360/61480 (executing program) 2022/10/02 19:29:17 fetching corpus: 300, signal 59334/68824 (executing program) 2022/10/02 19:29:17 fetching corpus: 350, signal 68977/79589 (executing program) 2022/10/02 19:29:18 fetching corpus: 400, signal 72969/84919 (executing program) 2022/10/02 19:29:18 fetching corpus: 450, signal 76748/89977 (executing program) 2022/10/02 19:29:18 fetching corpus: 500, signal 81234/95583 (executing program) 2022/10/02 19:29:18 fetching corpus: 550, signal 83481/99076 (executing program) 2022/10/02 19:29:18 fetching corpus: 600, signal 87701/104288 (executing program) 2022/10/02 19:29:18 fetching corpus: 650, signal 89025/106859 (executing program) 2022/10/02 19:29:18 fetching corpus: 700, signal 91157/110200 (executing program) 2022/10/02 19:29:18 fetching corpus: 750, signal 93495/113665 (executing program) 2022/10/02 19:29:18 fetching corpus: 800, signal 95884/117135 (executing program) 2022/10/02 19:29:18 fetching corpus: 850, signal 98332/120625 (executing program) 2022/10/02 19:29:19 fetching corpus: 900, signal 99950/123328 (executing program) 2022/10/02 19:29:19 fetching corpus: 950, signal 102116/126464 (executing program) 2022/10/02 19:29:19 fetching corpus: 1000, signal 104283/129612 (executing program) 2022/10/02 19:29:19 fetching corpus: 1050, signal 106088/132440 (executing program) 2022/10/02 19:29:19 fetching corpus: 1100, signal 109888/136897 (executing program) 2022/10/02 19:29:19 fetching corpus: 1150, signal 111839/139799 (executing program) 2022/10/02 19:29:20 fetching corpus: 1200, signal 114233/143008 (executing program) 2022/10/02 19:29:20 fetching corpus: 1250, signal 116573/146135 (executing program) 2022/10/02 19:29:20 fetching corpus: 1300, signal 118638/148963 (executing program) 2022/10/02 19:29:20 fetching corpus: 1350, signal 120389/151540 (executing program) 2022/10/02 19:29:20 fetching corpus: 1400, signal 121559/153672 (executing program) 2022/10/02 19:29:20 fetching corpus: 1450, signal 123443/156371 (executing program) 2022/10/02 19:29:20 fetching corpus: 1500, signal 126624/159986 (executing program) 2022/10/02 19:29:20 fetching corpus: 1550, signal 129488/163371 (executing program) 2022/10/02 19:29:20 fetching corpus: 1600, signal 130862/165533 (executing program) 2022/10/02 19:29:21 fetching corpus: 1650, signal 132178/167666 (executing program) 2022/10/02 19:29:21 fetching corpus: 1700, signal 133519/169777 (executing program) 2022/10/02 19:29:21 fetching corpus: 1750, signal 135517/172352 (executing program) 2022/10/02 19:29:21 fetching corpus: 1800, signal 137452/174873 (executing program) 2022/10/02 19:29:21 fetching corpus: 1850, signal 138575/176739 (executing program) 2022/10/02 19:29:21 fetching corpus: 1900, signal 139654/178566 (executing program) 2022/10/02 19:29:21 fetching corpus: 1950, signal 141169/180714 (executing program) 2022/10/02 19:29:21 fetching corpus: 2000, signal 142908/183008 (executing program) 2022/10/02 19:29:22 fetching corpus: 2050, signal 144151/184882 (executing program) 2022/10/02 19:29:22 fetching corpus: 2100, signal 145892/187131 (executing program) 2022/10/02 19:29:22 fetching corpus: 2150, signal 147062/188935 (executing program) 2022/10/02 19:29:22 fetching corpus: 2200, signal 147764/190356 (executing program) 2022/10/02 19:29:22 fetching corpus: 2250, signal 149091/192193 (executing program) 2022/10/02 19:29:22 fetching corpus: 2300, signal 150098/193831 (executing program) 2022/10/02 19:29:22 fetching corpus: 2350, signal 151099/195457 (executing program) 2022/10/02 19:29:22 fetching corpus: 2400, signal 151901/196917 (executing program) 2022/10/02 19:29:23 fetching corpus: 2450, signal 153138/198675 (executing program) 2022/10/02 19:29:23 fetching corpus: 2500, signal 154242/200325 (executing program) 2022/10/02 19:29:23 fetching corpus: 2550, signal 155016/201780 (executing program) 2022/10/02 19:29:23 fetching corpus: 2600, signal 157044/203965 (executing program) 2022/10/02 19:29:23 fetching corpus: 2650, signal 158942/206042 (executing program) 2022/10/02 19:29:23 fetching corpus: 2700, signal 159655/207359 (executing program) 2022/10/02 19:29:23 fetching corpus: 2750, signal 160602/208865 (executing program) 2022/10/02 19:29:23 fetching corpus: 2800, signal 161302/210224 (executing program) 2022/10/02 19:29:24 fetching corpus: 2850, signal 162047/211557 (executing program) 2022/10/02 19:29:24 fetching corpus: 2900, signal 162849/212887 (executing program) 2022/10/02 19:29:24 fetching corpus: 2950, signal 163941/214437 (executing program) 2022/10/02 19:29:24 fetching corpus: 3000, signal 164988/215935 (executing program) 2022/10/02 19:29:24 fetching corpus: 3050, signal 166405/217615 (executing program) 2022/10/02 19:29:24 fetching corpus: 3100, signal 166866/218746 (executing program) 2022/10/02 19:29:24 fetching corpus: 3150, signal 167451/219901 (executing program) 2022/10/02 19:29:24 fetching corpus: 3200, signal 168104/221113 (executing program) 2022/10/02 19:29:24 fetching corpus: 3250, signal 169271/222607 (executing program) 2022/10/02 19:29:25 fetching corpus: 3300, signal 170293/224005 (executing program) 2022/10/02 19:29:25 fetching corpus: 3350, signal 170890/225121 (executing program) 2022/10/02 19:29:25 fetching corpus: 3400, signal 171747/226365 (executing program) 2022/10/02 19:29:25 fetching corpus: 3450, signal 172710/227637 (executing program) 2022/10/02 19:29:25 fetching corpus: 3500, signal 173610/228893 (executing program) 2022/10/02 19:29:25 fetching corpus: 3550, signal 174283/230010 (executing program) 2022/10/02 19:29:25 fetching corpus: 3600, signal 174997/231178 (executing program) 2022/10/02 19:29:25 fetching corpus: 3650, signal 175938/232410 (executing program) 2022/10/02 19:29:25 fetching corpus: 3700, signal 176453/233446 (executing program) 2022/10/02 19:29:26 fetching corpus: 3750, signal 177119/234519 (executing program) 2022/10/02 19:29:26 fetching corpus: 3800, signal 177498/235417 (executing program) 2022/10/02 19:29:26 fetching corpus: 3850, signal 178738/236696 (executing program) 2022/10/02 19:29:26 fetching corpus: 3900, signal 179234/237658 (executing program) 2022/10/02 19:29:26 fetching corpus: 3950, signal 179659/238560 (executing program) 2022/10/02 19:29:26 fetching corpus: 4000, signal 180324/239644 (executing program) 2022/10/02 19:29:26 fetching corpus: 4050, signal 181010/240644 (executing program) 2022/10/02 19:29:26 fetching corpus: 4100, signal 182382/241936 (executing program) 2022/10/02 19:29:27 fetching corpus: 4150, signal 184029/243316 (executing program) 2022/10/02 19:29:27 fetching corpus: 4200, signal 185108/244460 (executing program) 2022/10/02 19:29:27 fetching corpus: 4250, signal 185550/245333 (executing program) 2022/10/02 19:29:27 fetching corpus: 4300, signal 186102/246271 (executing program) 2022/10/02 19:29:27 fetching corpus: 4350, signal 186425/247098 (executing program) 2022/10/02 19:29:27 fetching corpus: 4400, signal 187033/248036 (executing program) 2022/10/02 19:29:27 fetching corpus: 4450, signal 187925/249065 (executing program) 2022/10/02 19:29:27 fetching corpus: 4500, signal 188488/249991 (executing program) 2022/10/02 19:29:28 fetching corpus: 4550, signal 188882/250827 (executing program) 2022/10/02 19:29:28 fetching corpus: 4600, signal 189617/251782 (executing program) 2022/10/02 19:29:28 fetching corpus: 4650, signal 190193/252686 (executing program) 2022/10/02 19:29:28 fetching corpus: 4700, signal 190572/253540 (executing program) 2022/10/02 19:29:28 fetching corpus: 4750, signal 191104/254399 (executing program) 2022/10/02 19:29:28 fetching corpus: 4800, signal 191545/255199 (executing program) 2022/10/02 19:29:28 fetching corpus: 4850, signal 192724/256245 (executing program) 2022/10/02 19:29:28 fetching corpus: 4900, signal 193327/257074 (executing program) 2022/10/02 19:29:28 fetching corpus: 4950, signal 194248/258009 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/258820 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/259443 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/260112 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/260750 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/261366 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/262007 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/262633 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/263275 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/263912 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/264590 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/265251 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/265925 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/266551 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/267207 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/267857 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/268521 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/269169 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/269832 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/270491 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/271113 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/271745 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/272375 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/273047 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/273687 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/274339 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/274959 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/275607 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/276267 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/276906 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/277531 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/278177 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/278821 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/279480 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/280155 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/280809 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/281426 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/282067 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/282731 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/283358 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/284040 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/284680 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/285393 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/285491 (executing program) 2022/10/02 19:29:29 fetching corpus: 4997, signal 194783/285491 (executing program) 2022/10/02 19:29:33 starting 8 fuzzer processes 19:29:33 executing program 0: ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000040)=0x3, 0x4) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f00000000c0)=0x401, 0x4) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000100)=0x4) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000140)={'veth1\x00', {0x2, 0x0, @private}}) clone3(&(0x7f00000012c0)={0x20000000, &(0x7f0000000180)=0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000200), {0x3c}, &(0x7f0000000240), 0x0, &(0x7f0000000280)=""/4096, &(0x7f0000001280)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x4, {r0}}, 0x58) pwritev(r2, &(0x7f0000002340)=[{&(0x7f0000001340)="957c4748992363a7b5fa8d7b7f672f61dcb7e63274964f557857fb7101ba39404e944bdc35d9c55a32dc6eb0f9552df7661a23d3bc757dc88f44426a790c8715605ad76e3a1294d80eb875dd97611d0acf9a5aea83319e7db1650c4191d084158793222fb4bc049ec85fb552b3d8089f8a7113b7217bca96d6308d0d7fc27f46f46adabc78363fdd69d1833938b1f7ed96b57192444f37449baa7c988204dee52f4ec582a10c25cedf84cec1124e26ff7bd2fe92a53c4558f9ee26adb63963910e3e93a67c90b6bd884d3ad52292bfd61b79cffacc6f912fcfb39682a2bdd0aa0415e07374ea423710ec9a0600e1a9641a54f9e4885cb1651cbd8d89487aa77f8f0f0003dc0d5e0d7afd840dfd09059a72032d589246efdca0694a518ffc55f9caeef7f073c16ccd89ae5bf79d5d3a7ff689484343f5e79c0f0e98fa19269d4f0b449797ba92b217f541f5d668827bde76d30142f641a0054f8e4637c14d5bb157cb7bcde2238eaa03ea8bacdac8d20f9f7489ff714755bd6189d512e3daf53817b8971fd5d2b6b480b4b7eaca017ced5fa23a0312373d1ac180578552d2c725a6b810370d9ed93de18ec775b04a8be9be99268c410d4e6145088e39d367ef66f88f93ef36ee49f427f394eaea032c1bb82b042e1407b5a4e14ee0f158dc3848df22dd065cb92b0778836c482218d3b5842b92e7c44f3e1af8f2ee31ad3abd84f960bc979af80a776c17c24c94dcf22ad9f39d35e93cdcca8f45e7efefe628a56645445b7a5501967effb01dc39ac24a63fa64b072556e9d5b8cd71fa0b0950e78824d0f0591709d9c8a4748825c5f42d408e3c3858cbd51cd7bc28a351217105abe1c9b655ae856ffdc09c69ff0ae38693dfdf06432790601fe5b8d67140821a3eb50bed837a1879acf39ce6811d25b533b8b5494539a46f8c31f30f65116dd4836117516a6104bd2375eefe66fdc97bf01a39369ab1c8ba3edcf59453460137ce1c8da4846ab16c1fa5a4212dc077ad80b46b46a00841f25b40013ad6a49218592e87d6554e41e75648819a34fc9cefd51b4225593fdc7b1f41cee4c00fe02044aad33f3e91e1e9ec6b40080d4393956f7f261d4e050046592c47986f86e01686c991ac69ffa6418c91a0982afbc441e364010ca0c85d14a158153db9344c75f446ed89ab58d7f8af592d8014a15af637267d66bb7f78c5a2a1390c229dcef51d50cbfd1e39a374e5288bf933aad89148716afe1543789bf4a2e99c3f4ea7827602e71b2d10002b55df6f9eba293ffaaec2e94b4c0d3b19633ca53f40561de9fead245e6466b9087ee9a87b3722f8cb0497907b6b7ac60da196f1f3c422033633bcf85b7f75520762f9aa9221744ff8706e03a229e040da0960d3e1c07141f326f2a1c8721b505d3dc9fcb142958a9c3c096fbb4a36ea69fcde9daec6b7470870e88c2c12fd1df557969cc39d8e9bd9c2ad6ef41414b64262d008868703a32c8eae7284f1dd478f7fa7daf7cb313262d6d9bad227b43dbb3f9bb73e6baf79c66fc3c9ccaf613fd54b65da46cae49c9f2f22b3228d9d0857178274012bece0e0f1f0901ce762e63a41d76a86cb554b6e2ef0bf5fcadae297d364278a6bcdf14cf58e39104e3ebb5886f68f133853f4e738b11a1c6206e5b8e8c7c97a980b00b82f8fb3425245d703bdd7b4cb0544836e683ae57d2a397380b4978cf9aca83894acce4de629e0dac3ce4e00f10ea7b8971612b33b830fe571ed1bd02be2b39e7ead8c5b971c3259edcd964764fef63685abec3bf6f2267adc8f30d961c2b07a0e0d435aca1c4ee41defebdd04ac80333712aa1f16edeba74cd25d3af0099eb669f64051f35ec580c5f816f12646feb133d0f9f5229d43cfa2df80d2a1ac6d499b815ea0102069ab93f3b135ec2b089f5ed1a1f9130c8bdc4f271a5aaa56ab14d14a0261f1c47f86f4c2678a7144cf825060280dde21f7a94f66997fda0dbb7bd237b0ad195f611c6f29840c4276300fe4a0f69ae9d89b435ca0ac34384784c9e92e164ac57549ff85021657de1be30147ee9ce66eb1cb1b89a4f6e3e768c439a0bf3437f3b6cdbe68a93090c0a47549711617cc6329927ccf76b7da303fa63a2ea9fd2dd05b832b3b415cba8a4512ae3d3196c79794574bcd1a62d597bb1cd03522d04aa05dab2ef9c637ac0094cb7b7e959dceb644e24c95b4e1df9126afb666e40b058e9c4fe30a367cff5c74599736d7f9f27bd3af9f9a26cbf8c1a798f1e83672b2673deda10d6ccc32253726f97594e109fa470ac3a872916ffca3720100476dde1c001a7133e5b3dde828e284d77ea8f676167ab1f9c4caee0184f7ec110ed2ad0fbb798718e731813b0b301e42bbe292c4cd8d1c5c0ae0b267f1fff66fb86ac34a4b08709eb28ae2ff2cd423e91be148d8527d911707762773cb0cc403388eb9ddc198055d611f7dbf3ca42258a16e83f2ce996581ccd0bb0c9ea5b23f0f4f280a91e4fb03c5f5cb1294248d62efb4199fd7413c14031ac7429555daddcce4e929ed7b5b0994df2ddadc4e7b4860084d74d9d13be391532158a8cd50284ce373e8a71fa61ad3c5d2de48df46dc89a746888e71b1d02616a8d20002c834b323910ebe3d8d6d207e30f7c7ee1e9dc46269b48db8ca303e363df4d5b124f6c8efbb26493b28b3844f960c8cd6b923ba5684bbf7b757538110a3e776ef5c7b27d09c554b9730aa00c5f13500362bbd0af3f54a437b1c5699b9e32da844db9fa16c02b33e7921100d40cced60815ed811a18dcfc6275797a90d2539aa31b56deb7dd31d57e962638e91f76c435d6d342b465cebc57ad77be6d0e98b6aa8865a194e87d363eb089f05c913313c9e9a6335aa3900a5d5319baffa3e12975e1dbb893a798ee9d6d64e3a5af8e335a69db97aa3539af4f8f4fff088b6869f05ef2a7c980c04429849d5143213c5cdf24e76400956ad8b23df1cc2bdf60284730de0d9a777a20bb9ad032ce0a0fde4be4009db8abb3565f9faa7dff605ec049813316e1f12c75fbcb28067ea46c2b0513fca9487a5f00885c0ed9553e0bcbc434dad3ebfe520fbdac19dc0706d28310e1624751a4c7ff4db216775f987a8cdf21e523fcd5b3327e4787922cbef1a44a1ca6080bb5649ce021193a17d3d705f71919635ffbd8dda475b4d5b76f55e2c3f192406e1f3e98809d3273e6c938c642f7e6c06c84618554c83cebd781be4bb78fb424cbc1355608037037fc8211521230e42cdf8e474191673f41682f96af6bb37299cd212dbfc8afdedc451cec3e009a9d638348125330a46660f7e37f33ac15e8099009aca9da81a06a5df3ea27b80215dc56813e8827627a5128dc08a3701e5fda4e3475ee347dda01de4334643cf8c0cfeb4a498a0b1039f76fdd0d23a7fd08349bb93fca88b9043d38932ef9010897cae08705d1fbea0a4a36832299bf31fc74475386392bdbaf7a479427d2b0942d9580628faad824851d5a6f14f86dc9fe2c4a971e8fbe224b6bf50c0b4cb79a883504bd1af74f6b5a5e34779ba4718954bfccaabb545319adc5e0f5e6c3d78aa3104a3373f80c8b3d3ed2fa193b29fec79500c02998371a31d8890a5b43987189cae5f6f41ce91a044544ca591a6800b2ff44bb8baab70be1d014bbc939cac1922a76fef6ab55eee7c7fbbce02114d3dc51c951046901a763d36f8f992abc12b77df10d3feb5a6372fdfc9006b4105e35707fe78b9cdc401c79f50a067e854cd7f381e622135b986180b16c768ece17906b0425f9981a5a104182d846fd819aa5d1b45bfd684e260b475e75f00e1ee86c98604b5fb70eedb7352a97ac6aca9e3e97ecc17442d4fc0d7d85567372b6b032e54034b8ef4a82a1857db92f5e7aa1e0df1e770d195ae628c90f6137115fb343d1b063bea2545d44af9c40425fd84b5c3fbd1eba78016cf6b5ccb279f7a53ad2f5b41133c1ab23039dd74d86f95d0f21c46bb4f3a8dfbfac5e967bafa6603f7994804993d43e02551b181bd05033816411fa1d99301f6be1993f699e8d2b5d020049b49677488861ce9034822318fa9449d52ad759313d933a542ddb50b97037823e276448efcb9a6e800ee319e4f48b14ffc7281d031b8285a98bb97232f8e5a414afa6eac23975a69d9dab77286b7b14b317792a3d80bb0724010cf31369a435db6105d7eaef91683b499ca91033c4c31a9ed3861a893ee012333a1d8929788ccc61b0a9c0affeecc0b9bbaf6b767f1e2f8abfc300847911628bdcd75c82d67b985d4196d25e24605d3e5a3919f77e2458b534b98d5ea87a33bfd90291d5c0a4934358e653b1e73d4af384298bd2cf535744bc0be530415e0cec45f4c25b3c6c5b8944b2ca2a2aa16aa2c86641e9757e529a41e34098618993b4bf41d9874030bcb672ec49cd30c18f262d7517ce6d4c34bcaca30386c734c8aa70ac21e090950afec30f7363151d45b07174c1423b1c7933434d62f310df38d9284b1997f3d0d08a71df29e5ec974173c58333c4225ba20a5afcd9aa0071627ebfbf4a05bc4566b7807ad2a1542a96be2cc905cae796431b4c5f3b5cec8ef941fdad0845a344aaa63bb0c7360334ea18b1c069601cfa73ef740b42212faf59374789c7fce184432923d91e10c5fceaa9895e7201538ad796c590bddea683d64d4c78228590de6fb86d43a74494d212df29a3a0cf6dac6608862de2612e6c94be663bd9beb710871034078d86b6be173c4ac096a23b5ae369a39e99f2f43a02a2b3281985ba25e1103d95408448fec9d514988d36c7fd4f772e73594082fd74081dd3b0e9c3225e677d58c606239e814fa4cdbb43a5fb4afda6a2ce1fc1ab98f456d2b33bd7bc660c088250b70f29fa092a5bcd7ea8eeed6aba904a0a7f2b00df00f0e036c56c103982a3843a7891a5e5a1d8badf4e916f3d11b2b765dba858720ee53a3d4c25bda7633c2ad6cb6d9cdd5be2a1935aa30bd3c43fcc4abcacbfa38ae4b84e0430a919d93745b7c7cd4d04ae70f44210949bbc53615ada18eafef69c9cc816372febdd6eb0804f46e1cc73f75cace748ab7c433f87cce624a7064dfcb2cc195c390e16b146dce14def254f6dd1b259dce79a46d4358b0798194af413a6426c1ed4b725ff76fdbd5351785ddbcd2097a912da16cacaf4e9ff7bbda2d8a56e4dda5b41a75e8224417eccf0f832a9a6803c1b671b7263880764308ac7446729f7b001858eb070cdf8c02b4e605a98bb28b92956a7ef481ab140a2ddba4a04e30eae65a45f57045d7bcb0e522e5518be4d83fa29bddc85294b6e413c1591c3b94b755990324c8416cd822058cae6d0287559c55901f5c6303bb50446c428757995632b2d7cb3ed25b8e1fd1f8526bea9dba9a73b0415b3e146282a4b0cc4f975b188764c1c372502ae04afa82ac0a267afac7a4a383caa0d6cdd4023ca20ffa2502bf351b8f307becf1a0ebfb70d6513e914cf288322f3680c90a6266dd935cd93dd2010be20f245510382c2d35286a896f6f66b7db6bc54a440299fc5d6fe52b07519cb485a710e89bc115be7467975dbf94163c8d441e453ae128a57340c685d90c42c9b2200ea3fc67c6dd587da096552936a292d4962c233c3ce0289741d754d9b39933d30cd62b00a78f253d73aab0cfedcd3d3b045e0783f17700205018270e161a715a38b4deaf090e1e34d065e47bf5736d51aa4d7791b15af9c990cff31c0d26283457d3f64af0d7020f6f322845196e80dfef8a4e4e2dc1f7507f46e47bae0bda79aed5ad7cd10ece57ed9c343", 0x1000}], 0x1, 0x3, 0x8bf) sendfile(r2, r0, &(0x7f0000002380)=0x4, 0x4) sendfile(r0, r1, 0x0, 0xb5) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000023c0)={'syz_tun\x00'}) ppoll(&(0x7f0000002400), 0x0, &(0x7f0000002440)={0x77359400}, &(0x7f0000002480)={[0x8000]}, 0x8) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000024c0)={0x0, @dev, @initdev}, &(0x7f0000002500)=0xc) flock(r0, 0x6) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000002540)={0x0, 0x1, r2, 0x9}) setsockopt$inet6_buf(r0, 0x29, 0x0, &(0x7f0000002580)="9ed7fdd40a9eabf07e74b7d4480c44b65fcd4d07a7a3136503c77b6f4757c2c6288868c2ab9df7bee2426a57750304a28728b1eded6a79c4b33611313734", 0x3e) getsockname$packet(r0, &(0x7f00000025c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002600)=0x14) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000002640)={r3, 0x1, 0x6, @broadcast}, 0x10) 19:29:33 executing program 1: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r1 = syz_open_dev$vcsn(&(0x7f0000000000), 0xffffffffffffffc5, 0x400000) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000440)={0x193, 0xe, &(0x7f0000000040)}) pread64(r1, &(0x7f0000000480)=""/48, 0x30, 0x101) write$binfmt_aout(r0, &(0x7f00000004c0)={{0x2a6e2e466de7b299, 0xff, 0x0, 0x12f, 0x273, 0x9, 0x311, 0x7ff}, "071b8e2a26163ecaa8d0723db169d11afe733d309f6e60f164b2f87da0ea6bcca2a6c5bac27fb4dfb1618375437db33b45c16d0a4067df93da80985883dcfb98b4998173f51815755dec539bbb92de0b37bdf22d9b6696488301726896f428eb18bc31e61296c1f9fc796c7e443ee3f5be446c5e2b247a06d6b74aaa9d0415eb83262b8577c676b069634104a0198ee9a466f2bbdc4b95ba772b89cf4407ee3a8516817657891632ac157181436ca598bd6cc059bf02cbbd67c43dd7dcf96c1a149f23a9dc3dd5280e0a421e8afded730bee99aa602a49a646fc6bf8548f5e1a8f7ec41990c1ad3f8a277a", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xb0b) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000001000)=""/25) socketpair(0x9, 0x4, 0x178, &(0x7f0000001040)={0xffffffffffffffff}) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001080)={{{@in=@initdev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@ipv4={""/10, ""/2, @multicast2}}}, &(0x7f0000001180)=0xe8) setsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f00000011c0)={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, r3}, 0xc) close(r2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001200)={'batadv_slave_0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000001240)={@broadcast, @loopback, r5}, 0xc) ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000001340)=@buf={0xa9, &(0x7f0000001280)="d411efa6959ff6cd0e88e415472eded6c0f2b0237f545def024ab77af370e42f697aeabc2875a2d4277e7b6c1a028cca8f2344d4882c297061f0ada21dec12ee80cf73468ce60e6a7d80aab32c323fc8038635c0ac429f7f37dfa8fdc02f27a956719b84d8e24a2181eae4e3ab1f67f20369eb833ae829b8ec1e1907a6affa6aeef64dafa79eb7c5e8f390674bea7c95de9b53135af3a72be07eac92d594b749c72c8c0b273bc7b015"}) close(r0) r6 = syz_open_dev$usbmon(&(0x7f0000001380), 0x1, 0x44040) ioctl$FIONCLEX(r6, 0x5450) ioctl$KDSKBLED(r1, 0x4b65, 0x800) ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f00000013c0)) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000001400)={0x0, 0x1000, "45f9b0", 0x3, 0x2}) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001440)={{{@in=@empty, @in=@broadcast, 0x4e24, 0x7f, 0x4e24, 0x0, 0x2, 0x20, 0x20, 0x87, r5, r4}, {0x4, 0x3, 0x5, 0x0, 0x2, 0x3, 0x26, 0x5}, {0x80000001, 0x2, 0xff, 0x5}, 0x7f, 0x0, 0x0, 0x1, 0x1, 0x2}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d5, 0xff}, 0xa, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x3505, 0x1, 0x1, 0x41, 0x1, 0xfff, 0x7}}, 0xe8) 19:29:33 executing program 2: r0 = syz_open_dev$hiddev(&(0x7f0000000000), 0x8d, 0x111000) r1 = eventfd2(0x1, 0x80000) r2 = fcntl$dupfd(r0, 0x0, r1) close(r1) ioctl$MON_IOCH_MFLUSH(r2, 0x9208, 0xb8) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={0x0, 0x2, r3, 0x5, 0x80000}) openat(r2, &(0x7f00000000c0)='./file0\x00', 0x40080, 0x0) r4 = syz_mount_image$nfs4(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x4df5, 0x5, &(0x7f0000000400)=[{&(0x7f0000000180)="e4fc8c94e669c99bfb4a2e4ef4c49aace3832db897561035737ae39f6a92b7fbbca723c570d4527add0489beebe2b63d5a8ad38184bb77bce8ea5396de92ad8b98", 0x41, 0x2}, {&(0x7f0000000200)="a3c6838a48c52f48e440aa6ec638d130355a4f53c965de74757407", 0x1b, 0x5}, {&(0x7f0000000240)="29ac80af6459fc8eca911babfdcd35997e0bdcb6028960121e375b034634d77cb57ca8234715cec8e3700a56a0cc8231181b3f466148d40cf8df1615f933c5548d2c5c8146259f60ae87eee572f49c03f186fedd85ffd46b42053cf5cf60f0e615b12f51be3314af5926aaff53982bc1b190eb0585e0e09b71c68b5b9f112cc5eb6a2fd9822410494ad8765cd54f3bcd19c86832ee7ec1b560e8850768f4cedc681cef09617821752bb5052cd20eb2081de73abb3c4486ae887a0d7c151f9be76e7efad741da3617e4aa1639bcb12c9eee18004092bd5f4175d0433b2b0b9047e1f03a53487c30644d6a", 0xea, 0x7fffffff}, {&(0x7f0000000340)="63b27c48f09e07a471c8a81e560fa8b95e640a1038367f0447c670399a3b8930fa86ca2896dda27398d223b75765b9416481739bbe3d5a3b573b61ea38501dc37aa560a4c02dc173f8a336c7ab3239e80461d1dfc736028d47076720", 0x5c, 0x8001}, {&(0x7f00000003c0)="bbc0829d7af54848c7cc1ee7b4d6e18b5a79c3a2614316bbd386a3e5926cad86e8e6c06dcae46147732dbcaf0236dbd9a1b729a5ee383540", 0x38, 0xffffffff}], 0x40024, &(0x7f0000000480)={[{'/'}, {'&$^:]/,'}, {'/dev/vcsa\x00'}, {'\\^,{+\\)'}, {'/dev/usb/hiddev#\x00'}, {'/dev/vcsa\x00'}, {'/dev/usb/hiddev#\x00'}, {'/dev/vcsa\x00'}, {'/dev/vcsa\x00'}, {}], [{@fsname={'fsname', 0x3d, '/dev/vcsa\x00'}}, {@seclabel}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}) ioctl$INCFS_IOC_FILL_BLOCKS(r4, 0x80106720, &(0x7f0000001c40)={0xa, &(0x7f0000001b00)=[{0x8, 0xc6, &(0x7f0000000540)="7b857226b7f710960076a9365db4a73c2202f5793b705920b133fea65356c1a375c258276be738e154fc18625dea55bb0e0bee434cefef19d71b2736961d73df286dc299e3f2c38aa04f2ef4fa4429d89117fffc9fc778d646e6f4365be1145c524a0379dc855f22d2cdcad66b7f6aaf8fc753a483217114e8ffc2b57c0ad639bfcc387ba9ebfa603490f6f33c603a4d157a62b3741df7d643d3b8b7cd23d9b38cc36d7ef9ecae60da7ac955a608c7c6e37ab10188e1445e49573f504e1f1dbe13965e63af77", 0x0, 0xc5caaac9e9389ad1}, {0x6, 0xd3, &(0x7f0000000640)="b4831e2d6ca631fa2300299567a9cd2198426433d64c7dbfbe404a4b07d6818883be854cfebcc87850c4097b4be47c41f654eab6a1a472fe5fa50c1ccf996dace1f33b964489f0b6b272d342239181f0517c4a903796de15e01008ee4264da5967fda49723c9cd5b9d89f5e502effb2997946c207e25855c05614fca0359601ffc966f0b7b3e56d265c2ed482fa0bfb95a03d1890f7c65f87d21514df68dd33373634f87b9af6f3d6f3ea32206f481950804940cd3265afe0db86cc17110eafbf64f4b9f2162526aece09702f847b34ab7d5ef"}, {0x80000001, 0xb0, &(0x7f0000000740)="99963a4cf220fe100eab47cfe83db826eaa4d003f2b062347ae61d024842e4d6038c2c8c37f3a89ec7bf0cb682b6bafa060d5e5aa011385fd6882174aa59bc30753c0c1392e720d3760a81decd0c9c9a85111418351ff18a277f4335375f48d75bc1cee3a4b42f3986b6476cea2ec47101b35150ce1b1491a51550412f73094c3580f84910f04bc5a762b5ab60f24700771612287049f8724554dcee9b2cc1e5de7859595a7027cb50757f17160d2c6f"}, {0x3, 0x23, &(0x7f0000000800)="82bd0d22b94e3fc5c7104fb43e1aac45a384d112cd28c4f9b12df538ce85f81e6c27fa", 0x0, 0x1}, {0x40, 0x56, &(0x7f0000000840)="4cae15b92819f843531230ac35bd92af31271231dc440dfece12e242027d636da6cc5dd08dd8624fcaf15952a025ac594d0ec9e92200b362c7ed43a31966fa8069ed7240bd19297280d37a8cfdcebfc52b7d7ac5c423"}, {0x7, 0x4, &(0x7f00000008c0)='M\'\v\n', 0x0, 0x1}, {0x200, 0x1000, &(0x7f0000000900)="60ddec1e278bf7a7e2347a187f89fbef095c311833ad7450f8b07b3a7336e88494a7df98b23fb68a5a3c529b29ea3869e63e45bc3f8e63ec7ac54457c195d34386e362895177b9ff678cf765be22610b52a471f873da27265a5022a1cc156b7774445a189b2203ca572d072ceba91c3cbf43696d522caf561eaafca1291ed062f1189c92ad5762526c4b9bee8f53a6635dc5542a4623bc0e9c5ee8c9d9b19e56e3babbb1238a2d527960286917417131616afbb2eda1dce57080d78259f758cf866525c67fab66067a8b5b33ebaf581639e3c47cb8646c4985743905cd742a56c3512b76a405c3000874d04a14d18a399009532de58b84d41a69bbb094f7f3477838558ac2c754149a8758eb3e882c359137e1794bb4c3ea5081fb3a25360cb2aa04633f778d4d85895887035be7e04141c41c1ca5c6d29eab2db25d1d07b8450681c357d157c382dd04edc49af6cd328b5e3e2458341b6d2ea113aead2a0d90d0c3a52449c4a9423bebf537f10e45df81c079db11e532f3151cd469e1960a0e83bfbb7f7f7b9df94f90ef507e18bafc23d6f714ec07b1d27a389c116ea769b490cd47799ffaa9ca0daca90ee3d4da527a6577c9d4ddd96c174170771e565b1e7705efcdc4bbc9a1df21adccbb287d50edf28d202371c7e79d0fba8fdcb89d11f025d314d305138203ae8d314920865b03f80fbd26d62cd632e4b8dd48e2e46d7c9387b69a8c58e2a4a7411e005fe84d99195d02e30fd51efebd880c4d06766fd8aa9edcf9b4a2352a0e9a25aca50a863fa7d22204a30bc74b4e7ccb0a764839fbd86e5bad58e22b4cb07bd96927c7cab0ec7288b9348f1661e22673a78da32e10787c66af4fdcfda2a9ba9238a91a17ec01dcd9d1be15a2f3b626696dda92d98660582c1ac86f8d3068b8fe5419fff14cc97bfa0de36817be93e7b0e6515b40e08660488ca506185f719d5a34cfb2bb5801c5bb54c621041a2f4e75234e4c4f97d57e13ecd7a8309a1f6d5b213a921b61e17241fa7312e74bdbc2d7ea8b8a6f6989853a7785c3343239fe49e2831cfbd6454f1a379014afe0eb7766e2e7776915beaa32485329a6365a4ed01fba1445d7784675577771c8627b2a9b16592e6eb2bfdfddad4a1650a959f073bba51caf539d26564065fe27a963136799d7fccdd76a1e7728c8a4143b1b98909d95b0d8434e0654e7322cfc9508610fd05d6f4002057635500e492a9eb9cd65fbd3c33465f1f1c71b72392c7e9de3dfc9445bc41b504053671e439efb7aba82504e1bd49da27cfdf2ed661bbae2c6d5050d5f057210204c52d166451cab5782a6b384e79e1fabb87ca71334ba72204b84415f827ffe250f7ffd085cf00f664084692ecd0f10b08ff81ecbbe4d6f894ef12b4815da1d61f2bc986d61783b2b41efa488ae46619e714128583d6cce4a6cf04c37acc81ebeef15e15a215c8af95b3bbd3af1cf8d887f1021c041e7a7d26c277ad88c4bc6460a30201850ea1047e6c393aa1b6140df034e7532b36063e8cd2b59b70cd427b1fa5c54e701d537955d872032ffc6e628444e549ed6f9f4f9e07381022c6cca05a0e03f14d1a4d726616fb9aa095960085a45262d47e726c51a6b71439bdf03cdea7cbda8643a19c29085d3ca9b6bee7345f772e58eec7746c5f8988817ac0cfe2a56d418b3cb35bc2ffdcdd70ff2e499da81e1e8c728421fff0f49e1945f1b855a0759a5b6de740558f59f594c845cd7f6cd94a0fb131679d41a1642b42e683dcb5868abfb26056ddd68f11c95de55176fd524af2bf560eb12924ae56835a7a92b174841b7af0a297e3ba30790ad8ed912b536e57451aaff1da9870dd1c64ea07457b8525b605402f3a7b9953a6ebd08407e4208642cade732724e0314a5e77b568812a965ec5eadcb5048548d522441e98a7004c8ed4d9e7845ff8a47be7019709877fbd53047c5189a88c7d9a5b23f5c175108774ccf723cbb9d275dc8393eb5a55b77d6a0d79981c087219738065a0e4f7ae552c74e805c6781a0a20589659b0d9b8721aa8508e35aa871cb66b360e55d83d1aebb2d458d8d6c0eda15681ae9e9ca0b8680f5a71bd2d27e468650e3a1cd41862453c153ce9d5163749cc5b03e1511339b76cd99ca2336ebe057ab652fb8bf8366deeddb72ebc7f68ea6ffa26a403b6accd74ce292c517318488e05f26d32b7dfb29d055adc09b25878ed39d5810be93d583b7ea8386d8541ce277dd98922276a0cae9a2f41ef0ce7057cfafc5d8eba4819f58eed7d7fafd49754459bd7fe050153337ca9e1788f41cac101357cbe4916052e6a8d93680f059d546f0299259b9e27d02b4ec93731512a0ebbc707d30a2f28894b536d065b9899da73c8d2ad70fd73a89a5c5da7794f5beea00b663377bba895cab087d998167892dceb4f0ac718016a3667c645cd5de956b53402572547585e18eb4463775673b1dc35f101612f3ac4610128c166e5d4a533b5f5e76a5c13e1651d8a167ecce63100aa7b1fba02013bc929163ab4d97ec55d5bc04d0724f9b9a1dd840c2d7e87340da244b2802930ef74cf2dba7ac919f0d3b677f78e25b702f284a4d19e8a9e365ca6bedb0baa6ecfd8c059ac98d8384204235003e1e9da537c70be53b86adc66f3e85ea881799e18b6a8122bc6332f01e6f7105c09800205db506411f18a2ab8523c98db158e20b520452614351b7a775ba47e1e4b41a3680f55ca529ad83cfa92c3bb28695cf9f70c62785d3795f7018fdc59fd43cfc35e754f50d2e05e61a00d48a2667ff680828d4f10707e13fd8a39d662beb82a2c8dbbc01042b367a90d5c86b922de9a044f81e49526e953da179d368ba87edb2cb46c8d09aadada764a4628ad943c86c0fbe73b859420af158c9ab1842381c4aa51b9fed3ad476b44a4c3b323fd57e2d7ce127aa454e9ded518d29c3ee57af8388b6121ec45aed32e182af09a8069d351cc3fdc59bb08e856e94a4df7c204c307485c7af3b85a9e42eea50faf484a5fd8a81aab2d2dcca2cad68d97fc15555efe6c41d2f985340eb135044429c82bcc2d0750b75a167a6a67548de33882187dc9af6d58b2ab65f342e850d4d6a58857e03d974144c749904527f6e0527570735278e479d22821deea3c9d67da6efea703300856b7d024bb1f72e579f6eb8c8514fb0010a71f861b685c8cc30bfe5cd00a47cc84f741a3dd7664d45459c351f7134f92eeeaf0bf733e5dd06fe40c95e273c700ba2482fa36c92645bc5c255fe52c9bbc7f052daa9941f267d9bc5b4b833ee0b9803490fb30c1f9e8d60a5934b040f0b956ee1bbb6d80b15ed39da014a5cca99c99f3433b838851ce10e7f4dc7db4c6d9b9f2d887ff195793b55db1c4060ec07172a5b881d953a04a654cb67d44198a75aea75aac43d6c878c24a7c4e863e632b6f9d644e5dff94fb8c4bb7edd2cf1f8c0588f8a118a0c40b3cbe442c873d927fb7054b739e45571bb0e8c89f52bb5cbe45950d2225f739104588e3ff0e9c1910f695a85b50e0c133adb3e3ef00acee806c78a96a5f6371af8e551c69bd4a45403634ec3b0092c400fae1574ff03809ad86e78219d0d809288f8cc3204bfe2fb21b4c2286b674ce3a2a6d27dc5940f906619d14d16be6c67ee812cc1bd077a9eaccff8341a8137bd8da9864856810eaa0c9c2f7f8a43e2e70a208d8e348ffc2e55e7dc77f85752de7da7c1c7b316a29369644ce2db1cdce8a7bb5148bad69ac026f5e1387ad8ba40927d8ef867e67b8cf451ffd13d68e27636e52a4a945022bf519f38129816cb964b7b7c5748701af9517b54c477c662a85860ca59b4faf0efbe5c081d0f801eb01f30eb31723cf9a0d736f6fe9c67cea56cb09231867fac5f7eb7361afecfc84d10c5aee32fd7addec1a8bd9a71c95e5156d75efa00c080d95ea82e313c1b3f154d8006d8a236ca79df2e19adf8df8f398d79069af203ddf4af25e31226f08cef97b04fd3672c4d29984336e0160f3022604996bdeef89494fce31c1dff0decc3065d3af5130cb77ca91dc75aeba04904ed4d8e5348fbfed7f981b66d56f090272da655ad0069892b1c04f3d3aade3458ddbe701feef086ae35b293f04e6d8138ad6a10509a849162b179d08bcc99fe37db5732472b55f113903d61b2de5c0770d6db79754fa45cb72e335aefeba32bb8d0257cc7b31209e39886ae0cfcfce343b7d8ae913501678b8eebe5870fa4f95a06fb4c2c915e4310cb32bf1493d76b75fa381766721e26064af362fa586b565572b7899647150963d897eda27a6b18161611553b27f2b94131ed323fbc495bf3e132c2cf4c7c5dc6ea34e552924d504b481903fbc5a8cfc14efff705719a81904826ef40bd28bd5d93f2c9ecee23226afd9e8786c7bce19a5c877ac1143627e4a95824d5c9b760bbdff7e0786417e059b202c18e57c895d74572a2547ad7821920f9d95a6de264aadfdf2d5e3bf6c1d7ffaf3c36b3fd80ecc807ffaaaebad470bada2bcd5715233e31a9aeea0c03578ce0629f88c83afffeb0bfbdebf5c0441190646aad044bd2b29f0aaa53463d82a96091ec30dd55a67348e5688a28d9e58bfe08206968cfc18e8170235f5fc9e48bd895f3b3120deb3762ca04fc7c764da25b2482acb794de78a58306fa112402a1d0ee0fd206610f5ade2c5c6469dc147077e06a0a3517e1779e3a0b41bfdbfa7b23cd63340b451c34fde13282ba61f2bcfbdb4a897b71084d79841af6d43ae79156f6091e176a077e05518d3bb54d7578425c998846489540428ab8b7dc544c7564af30c70b943140e9f8a5d857f3516dd3b99db49134bd44fc2884c94406c61aca70cd4086bb0cfded15bf446d6b182120956c2a2f47927dd0e425ffb79a7edbcdf4cf3fda0f91cc5bf904998a550745da6fb5e883c611f97f672c14db86e871b8e6116b168e76efb793de55317b965f68d1b0da206304dc25dbd5b6f7aa1192f50f59baedf931720751fbf0f85e01c0e30add1e0904207b75c37de25984e6247ed49ad150144c0cac0072f29d3dddd2c74db5c2e51045a7e08d3859614d20cb4926729f0c9da3706383c11ae5b935017670f9f4934f56e866bcf5c65a25d6ecf41341bca8a2785241db7f72622b8f5949e08c503420cde016f2f407a6cd648b8a9897c17a0089c72e75ca750038472da8277e7c43695b1c74cf4b3725a83e9987d6b4625c60f60c44f32df663c5970e40bab08a6944189ff0b702ae6890d616c0a81c34e611e2ee044aa63936df7f2734f1c999f73bca71c43c7168b16bafba479bfd0db0199d576b22bba6ec5ea0086b91417f4e7b3855cee4f2194bf253950ea40764d8a150cce325858471cc1acc6c21dcb1cf1138631cb63c07f450ebe2228293a5580803d13a33ae73a29d957688e9819f1d23c6ec175653b82f1fe63d63b37e93188b848d8c4917613246d91fd4698fda6fcd2b24e086e221e3ca450d9669240c017e87b8b26ab9723ca8c8311077c0f951861a1ed548d5919664cd604758b293b2447bac0c73565ee4ba3edc6cf4a2cdd85b77270139b68a50fbb36afa0b5b8ac25f9d58fda752059918643a74d15f2fd464ae6f905eea02304a56ee044ad9c7f471c31ef17df2b7fbdd0918725930637c7c522579bd01838e8355e4d764b8d52e287bb36a6a15c95b03d88273e4508f416e5e9a7fefebffadb2796a7838d2c83a5a78266b8e2860856414742a7bce37ac6a1f20b109253d1fefa8e7c03c61b7c061dd935d204fc75dfc95c551d86a166c6a02833867488af98a", 0x0, 0x1}, {0x4, 0x34, &(0x7f0000001900)="c57f4f0e148e9ff71d67a96962ff0f0b44d8cf2e2d237dd4a1403375dc77db80e58b281874872d1122fafd7c2f4d12f622cc4605"}, {0x2, 0x94, &(0x7f0000001940)="aefd1b97a3f7eb5c3945ccb8ab04868702de94ae6b7ccbdaabc3549c4486fc2adaf400efd918480414f26dac2b6f04594eb68e07d14cb7ef4a10d14c2dbfa39fcf909a0de8c251da10e5859885606893b00a1aab630643809a433202bbd5b1fd0b56e1fb3e8945f083b5a23b719a9c60582847adf0377aa28dade64fc544c0b92429c23c0c52fa68dd6d3d90f05c7ad51c47b0b5", 0x1, 0x1}, {0x1f, 0xf2, &(0x7f0000001a00)="8bd2a2d0ce8801320cb6dd614fe51b300ac16da5f40e34e89a937be09e19a31365e9e162710ff777875a8ef31679674147ea4bcfeee670dc251044f00adff38e0c045ce9b2e36b2b6cc7adaaab19e03614f435312aa2f0b08c995430874a6634d489aa1d71006993b5b19a482c913322288577a551a6fefe85235af192b9037c97a0ac618de5386789939393fe01026e61d1fa6fce65a954f3a015d10eb0df8eec6a8c371fa167b0fb20ebf881244d51646e5e4d67436953c43cd58753d7f307da2e44ba51ce82fd6f40ac0967e0a35bdce14297d5ba3b53d6d51131b7581b129ea70b0177b016991b33c504fdf1b7aed070", 0x1}]}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff}) lseek(r5, 0x8, 0x0) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000001cc0), 0x2000, 0x0) ioctl$TUNSETVNETLE(r6, 0x400454dc, &(0x7f0000001d00)=0x1) write(r3, &(0x7f0000001d40)="e662040cb3b36653fd8b8b55708bd2955b8cfb850ac24d26d160679b54f42c0560850dd18151c19f546ca0617c39794168c032198615c2864a38972d9c79b59c7ac0daf7ef851f77fa475209a0c9f6342f1204bfafd6cc88508ad2eed9a560b243d6545188150f8da5bcca1688d868651df2b1ac071b2c1224685e4d2abde05bcc203aa6c01a20be7d21b388d4719270dbe78fcee91319c8453dc1a8a3191fef6dd94c3eb31c024370d2b5d9070eee1208f9991aa00957babca3e1", 0xbb) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000001e00)={{0x0, @multicast1, 0x4e24, 0x1, 'lblcr\x00', 0x31, 0x8c2, 0x11}, {@multicast2, 0x4e20, 0x3, 0x2, 0x0, 0x9}}, 0x44) syz_open_dev$usbmon(&(0x7f0000001e80), 0x6, 0x80000) llistxattr(&(0x7f0000001ec0)='./file0\x00', &(0x7f0000001f00)=""/241, 0xf1) close(0xffffffffffffffff) 19:29:33 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x3f, 0x169020) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r1, 0x100, 0x70bd2b, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x0, 0x7e}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4000840}, 0x40010) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000180)) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x200040, 0x8) ioctl$SG_SET_FORCE_PACK_ID(r2, 0x227b, &(0x7f0000000200)=0x1) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_inet_SIOCDARP(r3, 0x8953, &(0x7f0000000280)={{0x2, 0x4e21, @broadcast}, {0x306, @remote}, 0x12, {0x2, 0x4e20, @multicast1}, 'ipvlan0\x00'}) r4 = syz_open_dev$vcsa(&(0x7f0000000300), 0x8000, 0x181000) sendmsg$NFT_MSG_GETGEN(r4, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x10, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x6}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4008004}, 0x4042040) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r0) sendmsg$NL80211_CMD_GET_MPP(r2, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x7c, r5, 0xd22, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x400, 0x46}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r3, 0x40082102, &(0x7f00000005c0)) r6 = socket$inet_tcp(0x2, 0x1, 0x0) fsetxattr$security_capability(r6, &(0x7f0000000600), &(0x7f0000000640)=@v2={0x2000000, [{0x80000000, 0x6}, {0x7, 0x6f}]}, 0x14, 0x1) r7 = syz_io_uring_complete(0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000006c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x28, 0x0, 0x920, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x1, 0x8, 0x290]}]}, 0x28}, 0x1, 0x0, 0x0, 0x2000c004}, 0xc0) accept$inet(r7, &(0x7f00000007c0)={0x2, 0x0, @empty}, &(0x7f0000000800)=0x10) fcntl$dupfd(r7, 0x0, 0xffffffffffffffff) [ 74.029177] audit: type=1400 audit(1664738973.071:6): avc: denied { execmem } for pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:29:33 executing program 4: r0 = shmget(0x2, 0x4000, 0x2, &(0x7f0000ff9000/0x4000)=nil) shmat(r0, &(0x7f0000ffc000/0x2000)=nil, 0x0) r1 = shmget$private(0x0, 0x2000, 0x257a23eb91fea3ce, &(0x7f0000ffd000/0x2000)=nil) shmat(r1, &(0x7f0000ffe000/0x2000)=nil, 0x2000) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_INFO(r0, 0x3, &(0x7f0000000000)=""/178) r2 = shmget$private(0x0, 0x1000, 0x100, &(0x7f0000fff000/0x1000)=nil) shmctl$SHM_UNLOCK(r2, 0xc) r3 = shmget(0x1, 0x3000, 0x2, &(0x7f0000ff8000/0x3000)=nil) shmat(r3, &(0x7f0000ff7000/0x3000)=nil, 0x4000) mlock2(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x1) mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x1, 0x100010, 0xffffffffffffffff, 0x68d39000) shmctl$IPC_STAT(r1, 0x2, &(0x7f00000000c0)=""/158) shmat(r2, &(0x7f0000ffe000/0x2000)=nil, 0x5000) shmget$private(0x0, 0x3000, 0x1000, &(0x7f0000ffa000/0x3000)=nil) shmat(r0, &(0x7f0000ffc000/0x2000)=nil, 0x2000) r4 = shmget(0x3, 0x2000, 0x54000000, &(0x7f0000ffd000/0x2000)=nil) mlock(&(0x7f0000ff9000/0x1000)=nil, 0x1000) mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4000, &(0x7f0000000180)=0x1f, 0xffffffff, 0x0) shmat(r4, &(0x7f0000ff9000/0x1000)=nil, 0x7000) 19:29:33 executing program 6: prctl$PR_PAC_RESET_KEYS(0x36, 0x18) prctl$PR_PAC_RESET_KEYS(0x36, 0x0) prctl$PR_PAC_RESET_KEYS(0x36, 0x16) prctl$PR_PAC_RESET_KEYS(0x36, 0x12) prctl$PR_PAC_RESET_KEYS(0x36, 0x31) prctl$PR_PAC_RESET_KEYS(0x36, 0x19) prctl$PR_PAC_RESET_KEYS(0x36, 0x8) prctl$PR_PAC_RESET_KEYS(0x36, 0x10) prctl$PR_PAC_RESET_KEYS(0x36, 0x11) prctl$PR_PAC_RESET_KEYS(0x36, 0xe) prctl$PR_PAC_RESET_KEYS(0x36, 0x17) prctl$PR_PAC_RESET_KEYS(0x36, 0xe) prctl$PR_PAC_RESET_KEYS(0x36, 0x0) prctl$PR_PAC_RESET_KEYS(0x36, 0x1) prctl$PR_PAC_RESET_KEYS(0x36, 0x8) prctl$PR_PAC_RESET_KEYS(0x36, 0x7) prctl$PR_PAC_RESET_KEYS(0x36, 0x6) prctl$PR_PAC_RESET_KEYS(0x36, 0x2) prctl$PR_PAC_RESET_KEYS(0x36, 0x4) prctl$PR_PAC_RESET_KEYS(0x36, 0xb) 19:29:33 executing program 5: exit_group(0x1) exit_group(0x80) exit_group(0x1000) exit_group(0x6) exit_group(0x4) exit_group(0x4) exit_group(0x5) exit_group(0x400) exit_group(0x4) exit_group(0x6d1) exit_group(0xffffffffffffff4a) exit_group(0x1) exit_group(0x101) exit_group(0x8001) exit_group(0x20) exit_group(0x6) exit_group(0x101) exit_group(0x2) exit_group(0x20) exit_group(0x2) 19:29:33 executing program 7: arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x9) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0xffffffff) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x2) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x3) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x100) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x2) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0xffff) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0xa09a) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x1f) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x9) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x9) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x9b) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x8) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x4) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x3f) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x6d94) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x3) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x1) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x8) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x3ff) [ 75.346385] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.354662] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.363635] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.367014] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.369042] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.370672] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.375794] Bluetooth: hci0: HCI_REQ-0x0c1a [ 75.401368] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.402970] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.419967] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.421419] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.423588] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.430655] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.432903] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 75.434371] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.440573] Bluetooth: hci3: HCI_REQ-0x0c1a [ 75.457480] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.458744] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.460197] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.472610] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.475226] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.476329] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.478511] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.483574] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.485154] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.487514] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.489067] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 75.491469] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.493003] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.494863] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 75.496213] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.497996] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.504042] Bluetooth: hci1: HCI_REQ-0x0c1a [ 75.505140] Bluetooth: hci4: HCI_REQ-0x0c1a [ 75.517017] Bluetooth: hci2: HCI_REQ-0x0c1a [ 75.537171] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.542463] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.543955] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.545932] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.548310] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.552317] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.557341] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 75.560577] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.560713] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 75.562780] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 75.571023] Bluetooth: hci5: HCI_REQ-0x0c1a [ 75.579336] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 75.580992] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 75.583123] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.587686] Bluetooth: hci6: HCI_REQ-0x0c1a [ 75.598362] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.600925] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.607329] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 75.612228] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 75.613870] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 75.621199] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.428574] Bluetooth: hci0: command 0x0409 tx timeout [ 77.492242] Bluetooth: hci3: command 0x0409 tx timeout [ 77.556166] Bluetooth: hci2: command 0x0409 tx timeout [ 77.556185] Bluetooth: hci4: command 0x0409 tx timeout [ 77.557041] Bluetooth: hci1: command 0x0409 tx timeout [ 77.620307] Bluetooth: hci5: command 0x0409 tx timeout [ 77.620332] Bluetooth: hci6: command 0x0409 tx timeout [ 77.684144] Bluetooth: hci7: command 0x0409 tx timeout [ 79.476191] Bluetooth: hci0: command 0x041b tx timeout [ 79.540125] Bluetooth: hci3: command 0x041b tx timeout [ 79.604143] Bluetooth: hci4: command 0x041b tx timeout [ 79.604601] Bluetooth: hci2: command 0x041b tx timeout [ 79.604994] Bluetooth: hci1: command 0x041b tx timeout [ 79.668213] Bluetooth: hci6: command 0x041b tx timeout [ 79.668656] Bluetooth: hci5: command 0x041b tx timeout [ 79.732112] Bluetooth: hci7: command 0x041b tx timeout [ 81.524118] Bluetooth: hci0: command 0x040f tx timeout [ 81.588188] Bluetooth: hci3: command 0x040f tx timeout [ 81.652136] Bluetooth: hci1: command 0x040f tx timeout [ 81.652590] Bluetooth: hci2: command 0x040f tx timeout [ 81.653000] Bluetooth: hci4: command 0x040f tx timeout [ 81.716254] Bluetooth: hci5: command 0x040f tx timeout [ 81.716696] Bluetooth: hci6: command 0x040f tx timeout [ 81.780164] Bluetooth: hci7: command 0x040f tx timeout [ 83.572163] Bluetooth: hci0: command 0x0419 tx timeout [ 83.636126] Bluetooth: hci3: command 0x0419 tx timeout [ 83.700148] Bluetooth: hci4: command 0x0419 tx timeout [ 83.700611] Bluetooth: hci2: command 0x0419 tx timeout [ 83.701005] Bluetooth: hci1: command 0x0419 tx timeout [ 83.764143] Bluetooth: hci6: command 0x0419 tx timeout [ 83.764608] Bluetooth: hci5: command 0x0419 tx timeout [ 83.828163] Bluetooth: hci7: command 0x0419 tx timeout 19:30:26 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) lremovexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB]) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 127.424558] audit: type=1400 audit(1664739026.467:7): avc: denied { open } for pid=3702 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.426144] audit: type=1400 audit(1664739026.467:8): avc: denied { kernel } for pid=3702 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.445689] ------------[ cut here ]------------ [ 127.445713] [ 127.445717] ====================================================== [ 127.445720] WARNING: possible circular locking dependency detected [ 127.445725] 6.0.0-rc7-next-20220930 #1 Not tainted [ 127.445731] ------------------------------------------------------ [ 127.445735] syz-executor.6/3704 is trying to acquire lock: [ 127.445741] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 127.445781] [ 127.445781] but task is already holding lock: [ 127.445784] ffff88800e0d9420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.445811] [ 127.445811] which lock already depends on the new lock. [ 127.445811] [ 127.445814] [ 127.445814] the existing dependency chain (in reverse order) is: [ 127.445818] [ 127.445818] -> #3 (&ctx->lock){....}-{2:2}: [ 127.445831] _raw_spin_lock+0x2a/0x40 [ 127.445843] __perf_event_task_sched_out+0x53b/0x18d0 [ 127.445854] __schedule+0xedd/0x2470 [ 127.445868] schedule+0xda/0x1b0 [ 127.445882] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.445894] syscall_exit_to_user_mode+0x19/0x40 [ 127.445908] do_syscall_64+0x48/0x90 [ 127.445925] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.445938] [ 127.445938] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 127.445951] _raw_spin_lock_nested+0x30/0x40 [ 127.445962] raw_spin_rq_lock_nested+0x1e/0x30 [ 127.445975] task_fork_fair+0x63/0x4d0 [ 127.445991] sched_cgroup_fork+0x3d0/0x540 [ 127.446005] copy_process+0x4183/0x6e20 [ 127.446017] kernel_clone+0xe7/0x890 [ 127.446026] user_mode_thread+0xad/0xf0 [ 127.446039] rest_init+0x24/0x250 [ 127.446051] arch_call_rest_init+0xf/0x14 [ 127.446069] start_kernel+0x4c6/0x4eb [ 127.446084] secondary_startup_64_no_verify+0xe0/0xeb [ 127.446098] [ 127.446098] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 127.446113] _raw_spin_lock_irqsave+0x39/0x60 [ 127.446125] try_to_wake_up+0xab/0x1930 [ 127.446140] up+0x75/0xb0 [ 127.446154] __up_console_sem+0x6e/0x80 [ 127.446170] console_unlock+0x46a/0x590 [ 127.446186] do_con_write+0xc05/0x1d50 [ 127.446197] con_write+0x21/0x40 [ 127.446206] n_tty_write+0x4d4/0xfe0 [ 127.446218] file_tty_write.constprop.0+0x455/0x8a0 [ 127.446230] vfs_write+0x9c3/0xd90 [ 127.446246] ksys_write+0x127/0x250 [ 127.446261] do_syscall_64+0x3b/0x90 [ 127.446277] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.446290] [ 127.446290] -> #0 ((console_sem).lock){....}-{2:2}: [ 127.446303] __lock_acquire+0x2a02/0x5e70 [ 127.446320] lock_acquire+0x1a2/0x530 [ 127.446336] _raw_spin_lock_irqsave+0x39/0x60 [ 127.446347] down_trylock+0xe/0x70 [ 127.446361] __down_trylock_console_sem+0x3b/0xd0 [ 127.446377] vprintk_emit+0x16b/0x560 [ 127.446393] vprintk+0x84/0xa0 [ 127.446408] _printk+0xba/0xf1 [ 127.446420] report_bug.cold+0x72/0xab [ 127.446436] handle_bug+0x3c/0x70 [ 127.446458] exc_invalid_op+0x14/0x50 [ 127.446474] asm_exc_invalid_op+0x16/0x20 [ 127.446486] group_sched_out.part.0+0x2c7/0x460 [ 127.446504] ctx_sched_out+0x8f1/0xc10 [ 127.446521] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.446531] __schedule+0xedd/0x2470 [ 127.446545] schedule+0xda/0x1b0 [ 127.446558] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.446568] syscall_exit_to_user_mode+0x19/0x40 [ 127.446581] do_syscall_64+0x48/0x90 [ 127.446597] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.446609] [ 127.446609] other info that might help us debug this: [ 127.446609] [ 127.446612] Chain exists of: [ 127.446612] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 127.446612] [ 127.446627] Possible unsafe locking scenario: [ 127.446627] [ 127.446629] CPU0 CPU1 [ 127.446631] ---- ---- [ 127.446634] lock(&ctx->lock); [ 127.446639] lock(&rq->__lock); [ 127.446646] lock(&ctx->lock); [ 127.446652] lock((console_sem).lock); [ 127.446658] [ 127.446658] *** DEADLOCK *** [ 127.446658] [ 127.446660] 2 locks held by syz-executor.6/3704: [ 127.446666] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 127.446695] #1: ffff88800e0d9420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 127.446721] [ 127.446721] stack backtrace: [ 127.446724] CPU: 0 PID: 3704 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 127.446737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.446745] Call Trace: [ 127.446749] [ 127.446753] dump_stack_lvl+0x8b/0xb3 [ 127.446771] check_noncircular+0x263/0x2e0 [ 127.446788] ? format_decode+0x26c/0xb50 [ 127.446804] ? print_circular_bug+0x450/0x450 [ 127.446821] ? simple_strtoul+0x30/0x30 [ 127.446837] ? format_decode+0x26c/0xb50 [ 127.446854] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 127.446871] __lock_acquire+0x2a02/0x5e70 [ 127.446892] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 127.446914] lock_acquire+0x1a2/0x530 [ 127.446931] ? down_trylock+0xe/0x70 [ 127.446948] ? lock_release+0x750/0x750 [ 127.446968] ? vprintk+0x84/0xa0 [ 127.446986] _raw_spin_lock_irqsave+0x39/0x60 [ 127.446997] ? down_trylock+0xe/0x70 [ 127.447013] down_trylock+0xe/0x70 [ 127.447029] ? vprintk+0x84/0xa0 [ 127.447045] __down_trylock_console_sem+0x3b/0xd0 [ 127.447062] vprintk_emit+0x16b/0x560 [ 127.447081] vprintk+0x84/0xa0 [ 127.447098] _printk+0xba/0xf1 [ 127.447109] ? record_print_text.cold+0x16/0x16 [ 127.447126] ? report_bug.cold+0x66/0xab [ 127.447143] ? group_sched_out.part.0+0x2c7/0x460 [ 127.447161] report_bug.cold+0x72/0xab [ 127.447180] handle_bug+0x3c/0x70 [ 127.447197] exc_invalid_op+0x14/0x50 [ 127.447215] asm_exc_invalid_op+0x16/0x20 [ 127.447228] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.447248] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.447259] RSP: 0018:ffff88801835fc48 EFLAGS: 00010006 [ 127.447268] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.447276] RDX: ffff88801bf10000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 127.447283] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 127.447291] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800e0d9400 [ 127.447298] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 127.447309] ? group_sched_out.part.0+0x2c7/0x460 [ 127.447329] ? group_sched_out.part.0+0x2c7/0x460 [ 127.447349] ctx_sched_out+0x8f1/0xc10 [ 127.447368] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.447382] ? lock_is_held_type+0xd7/0x130 [ 127.447396] ? __perf_cgroup_move+0x160/0x160 [ 127.447406] ? set_next_entity+0x304/0x550 [ 127.447424] ? update_curr+0x267/0x740 [ 127.447442] ? lock_is_held_type+0xd7/0x130 [ 127.447456] __schedule+0xedd/0x2470 [ 127.447473] ? io_schedule_timeout+0x150/0x150 [ 127.447489] ? rcu_read_lock_sched_held+0x3e/0x80 [ 127.447510] schedule+0xda/0x1b0 [ 127.447525] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.447537] syscall_exit_to_user_mode+0x19/0x40 [ 127.447551] do_syscall_64+0x48/0x90 [ 127.447568] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.447581] RIP: 0033:0x7f0f99f66b19 [ 127.447589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.447600] RSP: 002b:00007f0f974dc218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.447611] RAX: 0000000000000001 RBX: 00007f0f9a079f68 RCX: 00007f0f99f66b19 [ 127.447618] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0f9a079f6c [ 127.447625] RBP: 00007f0f9a079f60 R08: 000000000000000e R09: 0000000000000000 [ 127.447632] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0f9a079f6c [ 127.447639] R13: 00007ffc6412514f R14: 00007f0f974dc300 R15: 0000000000022000 [ 127.447652] [ 127.505676] WARNING: CPU: 0 PID: 3704 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 127.506366] Modules linked in: [ 127.506627] CPU: 0 PID: 3704 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 127.507230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.508066] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 127.508481] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 127.509831] RSP: 0018:ffff88801835fc48 EFLAGS: 00010006 [ 127.510237] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.510787] RDX: ffff88801bf10000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 127.511321] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 127.511858] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800e0d9400 [ 127.512392] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 127.512930] FS: 00007f0f974dc700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 127.513532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.513967] CR2: 00007feb8f62f368 CR3: 00000000407d8000 CR4: 0000000000350ef0 [ 127.514514] Call Trace: [ 127.514716] [ 127.514898] ctx_sched_out+0x8f1/0xc10 [ 127.515201] __perf_event_task_sched_out+0x6d0/0x18d0 [ 127.515596] ? lock_is_held_type+0xd7/0x130 [ 127.515926] ? __perf_cgroup_move+0x160/0x160 [ 127.516265] ? set_next_entity+0x304/0x550 [ 127.516593] ? update_curr+0x267/0x740 [ 127.516894] ? lock_is_held_type+0xd7/0x130 [ 127.517224] __schedule+0xedd/0x2470 [ 127.517513] ? io_schedule_timeout+0x150/0x150 [ 127.517869] ? rcu_read_lock_sched_held+0x3e/0x80 [ 127.518245] schedule+0xda/0x1b0 [ 127.518527] exit_to_user_mode_prepare+0x114/0x1a0 [ 127.518897] syscall_exit_to_user_mode+0x19/0x40 [ 127.519260] do_syscall_64+0x48/0x90 [ 127.519551] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 127.519944] RIP: 0033:0x7f0f99f66b19 [ 127.520227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.521583] RSP: 002b:00007f0f974dc218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.522140] RAX: 0000000000000001 RBX: 00007f0f9a079f68 RCX: 00007f0f99f66b19 [ 127.522673] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0f9a079f6c [ 127.523209] RBP: 00007f0f9a079f60 R08: 000000000000000e R09: 0000000000000000 [ 127.523748] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0f9a079f6c [ 127.524275] R13: 00007ffc6412514f R14: 00007f0f974dc300 R15: 0000000000022000 [ 127.524821] [ 127.525006] irq event stamp: 2598 [ 127.525265] hardirqs last enabled at (2597): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 127.525961] hardirqs last disabled at (2598): [] __schedule+0x1225/0x2470 [ 127.526606] softirqs last enabled at (2516): [] __irq_exit_rcu+0x11b/0x180 [ 127.527252] softirqs last disabled at (2399): [] __irq_exit_rcu+0x11b/0x180 [ 127.527889] ---[ end trace 0000000000000000 ]--- [ 127.629680] loop6: detected capacity change from 0 to 256 [ 127.665534] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 127.951150] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 19:30:27 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) lremovexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB]) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 128.005439] loop6: detected capacity change from 0 to 256 [ 128.023120] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 19:30:27 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) lremovexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB]) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 128.330708] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 128.396713] loop6: detected capacity change from 0 to 256 [ 128.444603] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 19:30:27 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) lremovexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB]) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 128.764290] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 19:30:27 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) lremovexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB]) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 128.771473] loop3: detected capacity change from 0 to 256 [ 128.824119] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 128.829834] loop6: detected capacity change from 0 to 256 [ 128.877472] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 19:30:28 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) lremovexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB]) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 129.171870] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 129.252826] loop3: detected capacity change from 0 to 256 19:30:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 129.277987] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 129.284403] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 129.330139] loop6: detected capacity change from 0 to 256 [ 129.358430] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 19:30:28 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7e10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) eventfd2(0x0, 0x80000) pidfd_send_signal(0xffffffffffffffff, 0x57aa, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000001300)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) utimes(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) syz_open_dev$ptys(0xc, 0x3, 0x1) lremovexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB]) write(r1, &(0x7f0000000080)="01", 0xffff8000) [ 129.596924] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 129.601430] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 129.651575] loop3: detected capacity change from 0 to 256 [ 129.692476] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 129.921122] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 130.383600] loop2: detected capacity change from 0 to 264192 [ 130.394674] loop2: detected capacity change from 0 to 264192 VM DIAGNOSIS: 19:30:26 Registers: info registers vcpu 0 RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88801835f690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000037 R11=0000000000000001 R12=0000000000000037 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f0f974dc700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007feb8f62f368 CR3=00000000407d8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f0f9a04d7c0 00007f0f9a04d7c8 YMM02=0000000000000000 0000000000000000 00007f0f9a04d7e0 00007f0f9a04d7c0 YMM03=0000000000000000 0000000000000000 00007f0f9a04d7c8 00007f0f9a04d7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000006 RBX=0000561044a68000 RCX=0000000000000000 RDX=ffff88803f433580 RSI=ffffffff840e1df0 RDI=0000000000000006 RBP=0000000000000000 RSP=ffff8880405d7750 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000002 R11=0000000000000001 R12=ffff88804002e600 R13=ffff88804002e606 R14=0000000000000000 R15=0000000000000002 RIP=ffffffff840e1e02 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f486800c260 CR3=000000000eab6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 322e6f732e6c6462 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00322e6f732e6c64 62696c2f756e672d YMM03=0000000000000000 0000000000000000 78756e696c2d3436 5f3638782f62696c YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000