Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:32294' (ECDSA) to the list of known hosts. 2022/10/02 23:12:08 fuzzer started 2022/10/02 23:12:08 dialing manager at localhost:35095 syzkaller login: [ 38.788077] cgroup: Unknown subsys name 'net' [ 38.890995] cgroup: Unknown subsys name 'rlimit' 2022/10/02 23:12:21 syscalls: 2215 2022/10/02 23:12:21 code coverage: enabled 2022/10/02 23:12:21 comparison tracing: enabled 2022/10/02 23:12:21 extra coverage: enabled 2022/10/02 23:12:21 setuid sandbox: enabled 2022/10/02 23:12:21 namespace sandbox: enabled 2022/10/02 23:12:21 Android sandbox: enabled 2022/10/02 23:12:21 fault injection: enabled 2022/10/02 23:12:21 leak checking: enabled 2022/10/02 23:12:21 net packet injection: enabled 2022/10/02 23:12:21 net device setup: enabled 2022/10/02 23:12:21 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 23:12:21 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 23:12:21 USB emulation: enabled 2022/10/02 23:12:21 hci packet injection: enabled 2022/10/02 23:12:21 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 23:12:21 802.15.4 emulation: enabled 2022/10/02 23:12:22 fetching corpus: 50, signal 27077/28871 (executing program) 2022/10/02 23:12:22 fetching corpus: 100, signal 38266/41718 (executing program) 2022/10/02 23:12:22 fetching corpus: 150, signal 45184/50219 (executing program) 2022/10/02 23:12:22 fetching corpus: 200, signal 53140/59650 (executing program) 2022/10/02 23:12:22 fetching corpus: 250, signal 58033/66038 (executing program) 2022/10/02 23:12:22 fetching corpus: 300, signal 63263/72663 (executing program) 2022/10/02 23:12:22 fetching corpus: 350, signal 68403/79116 (executing program) 2022/10/02 23:12:22 fetching corpus: 400, signal 70748/82865 (executing program) 2022/10/02 23:12:22 fetching corpus: 450, signal 73271/86716 (executing program) 2022/10/02 23:12:22 fetching corpus: 500, signal 77659/92295 (executing program) 2022/10/02 23:12:23 fetching corpus: 550, signal 82550/98312 (executing program) 2022/10/02 23:12:23 fetching corpus: 600, signal 86196/103115 (executing program) 2022/10/02 23:12:23 fetching corpus: 650, signal 88678/106772 (executing program) 2022/10/02 23:12:23 fetching corpus: 700, signal 90336/109619 (executing program) 2022/10/02 23:12:23 fetching corpus: 750, signal 93488/113834 (executing program) 2022/10/02 23:12:23 fetching corpus: 800, signal 95704/117143 (executing program) 2022/10/02 23:12:23 fetching corpus: 850, signal 97253/119874 (executing program) 2022/10/02 23:12:23 fetching corpus: 900, signal 99567/123246 (executing program) 2022/10/02 23:12:23 fetching corpus: 950, signal 101418/126134 (executing program) 2022/10/02 23:12:24 fetching corpus: 1000, signal 103831/129560 (executing program) 2022/10/02 23:12:24 fetching corpus: 1050, signal 105748/132486 (executing program) 2022/10/02 23:12:24 fetching corpus: 1100, signal 107151/134954 (executing program) 2022/10/02 23:12:24 fetching corpus: 1150, signal 109437/138130 (executing program) 2022/10/02 23:12:24 fetching corpus: 1200, signal 110966/140687 (executing program) 2022/10/02 23:12:24 fetching corpus: 1250, signal 112070/142819 (executing program) 2022/10/02 23:12:24 fetching corpus: 1300, signal 113693/145382 (executing program) 2022/10/02 23:12:24 fetching corpus: 1350, signal 116468/148868 (executing program) 2022/10/02 23:12:25 fetching corpus: 1400, signal 119142/152190 (executing program) 2022/10/02 23:12:25 fetching corpus: 1450, signal 122343/155985 (executing program) 2022/10/02 23:12:25 fetching corpus: 1500, signal 125014/159269 (executing program) 2022/10/02 23:12:25 fetching corpus: 1550, signal 125828/161051 (executing program) 2022/10/02 23:12:25 fetching corpus: 1600, signal 126809/162964 (executing program) 2022/10/02 23:12:25 fetching corpus: 1650, signal 127782/164821 (executing program) 2022/10/02 23:12:25 fetching corpus: 1700, signal 129373/167173 (executing program) 2022/10/02 23:12:25 fetching corpus: 1750, signal 131534/169933 (executing program) 2022/10/02 23:12:26 fetching corpus: 1800, signal 132546/171753 (executing program) 2022/10/02 23:12:26 fetching corpus: 1850, signal 133447/173492 (executing program) 2022/10/02 23:12:26 fetching corpus: 1900, signal 135438/176052 (executing program) 2022/10/02 23:12:26 fetching corpus: 1950, signal 136313/177769 (executing program) 2022/10/02 23:12:26 fetching corpus: 2000, signal 137016/179334 (executing program) 2022/10/02 23:12:26 fetching corpus: 2050, signal 138071/181155 (executing program) 2022/10/02 23:12:26 fetching corpus: 2100, signal 139182/182991 (executing program) 2022/10/02 23:12:26 fetching corpus: 2150, signal 141339/185541 (executing program) 2022/10/02 23:12:26 fetching corpus: 2200, signal 142261/187182 (executing program) 2022/10/02 23:12:27 fetching corpus: 2250, signal 145050/190074 (executing program) 2022/10/02 23:12:27 fetching corpus: 2300, signal 146021/191723 (executing program) 2022/10/02 23:12:27 fetching corpus: 2350, signal 147100/193475 (executing program) 2022/10/02 23:12:27 fetching corpus: 2400, signal 147829/194940 (executing program) 2022/10/02 23:12:27 fetching corpus: 2450, signal 148458/196336 (executing program) 2022/10/02 23:12:27 fetching corpus: 2500, signal 149285/197875 (executing program) 2022/10/02 23:12:27 fetching corpus: 2550, signal 150829/199826 (executing program) 2022/10/02 23:12:27 fetching corpus: 2600, signal 151734/201399 (executing program) 2022/10/02 23:12:28 fetching corpus: 2650, signal 154524/204100 (executing program) 2022/10/02 23:12:28 fetching corpus: 2700, signal 155536/205710 (executing program) 2022/10/02 23:12:28 fetching corpus: 2750, signal 156257/207032 (executing program) 2022/10/02 23:12:28 fetching corpus: 2800, signal 157736/208849 (executing program) 2022/10/02 23:12:28 fetching corpus: 2850, signal 158396/210202 (executing program) 2022/10/02 23:12:28 fetching corpus: 2900, signal 159495/211810 (executing program) 2022/10/02 23:12:28 fetching corpus: 2950, signal 160006/213051 (executing program) 2022/10/02 23:12:28 fetching corpus: 3000, signal 160690/214356 (executing program) 2022/10/02 23:12:29 fetching corpus: 3050, signal 161372/215784 (executing program) 2022/10/02 23:12:29 fetching corpus: 3100, signal 162120/217137 (executing program) 2022/10/02 23:12:29 fetching corpus: 3150, signal 162999/218627 (executing program) 2022/10/02 23:12:29 fetching corpus: 3200, signal 163520/219798 (executing program) 2022/10/02 23:12:29 fetching corpus: 3250, signal 164551/221261 (executing program) 2022/10/02 23:12:29 fetching corpus: 3300, signal 165493/222608 (executing program) 2022/10/02 23:12:29 fetching corpus: 3350, signal 166318/223920 (executing program) 2022/10/02 23:12:30 fetching corpus: 3400, signal 167826/225590 (executing program) 2022/10/02 23:12:30 fetching corpus: 3450, signal 168526/226813 (executing program) 2022/10/02 23:12:30 fetching corpus: 3500, signal 169652/228226 (executing program) 2022/10/02 23:12:30 fetching corpus: 3550, signal 170620/229526 (executing program) 2022/10/02 23:12:30 fetching corpus: 3600, signal 171594/230860 (executing program) 2022/10/02 23:12:30 fetching corpus: 3650, signal 172627/232183 (executing program) 2022/10/02 23:12:30 fetching corpus: 3700, signal 173185/233267 (executing program) 2022/10/02 23:12:30 fetching corpus: 3750, signal 174100/234557 (executing program) 2022/10/02 23:12:30 fetching corpus: 3800, signal 175525/236038 (executing program) 2022/10/02 23:12:31 fetching corpus: 3850, signal 176719/237357 (executing program) 2022/10/02 23:12:31 fetching corpus: 3900, signal 177408/238477 (executing program) 2022/10/02 23:12:31 fetching corpus: 3950, signal 178025/239528 (executing program) 2022/10/02 23:12:31 fetching corpus: 4000, signal 179135/240820 (executing program) 2022/10/02 23:12:31 fetching corpus: 4050, signal 180104/242043 (executing program) 2022/10/02 23:12:31 fetching corpus: 4100, signal 181216/243266 (executing program) 2022/10/02 23:12:31 fetching corpus: 4150, signal 181863/244271 (executing program) 2022/10/02 23:12:31 fetching corpus: 4200, signal 182574/245327 (executing program) 2022/10/02 23:12:32 fetching corpus: 4250, signal 183465/246485 (executing program) 2022/10/02 23:12:32 fetching corpus: 4300, signal 184388/247639 (executing program) 2022/10/02 23:12:32 fetching corpus: 4350, signal 185094/248665 (executing program) 2022/10/02 23:12:32 fetching corpus: 4400, signal 186045/249727 (executing program) 2022/10/02 23:12:32 fetching corpus: 4450, signal 186807/250707 (executing program) 2022/10/02 23:12:32 fetching corpus: 4500, signal 187176/251576 (executing program) 2022/10/02 23:12:32 fetching corpus: 4550, signal 188083/252622 (executing program) 2022/10/02 23:12:32 fetching corpus: 4600, signal 188708/253604 (executing program) 2022/10/02 23:12:33 fetching corpus: 4650, signal 189462/254609 (executing program) 2022/10/02 23:12:33 fetching corpus: 4700, signal 189856/255384 (executing program) 2022/10/02 23:12:33 fetching corpus: 4750, signal 190643/256337 (executing program) 2022/10/02 23:12:33 fetching corpus: 4800, signal 191388/257304 (executing program) 2022/10/02 23:12:33 fetching corpus: 4850, signal 192046/258186 (executing program) 2022/10/02 23:12:33 fetching corpus: 4900, signal 193021/259216 (executing program) 2022/10/02 23:12:33 fetching corpus: 4950, signal 194422/260335 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/261112 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/261780 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/262421 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/263093 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/263761 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/264434 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/265104 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/265767 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/266422 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/267106 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/267796 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/268452 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/269105 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/269797 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/270460 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/271129 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/271790 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/272433 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/273070 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/273760 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/274422 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/275094 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/275747 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/276418 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/277079 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/277749 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/278395 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/279058 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/279687 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/280382 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/281016 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/281677 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/282341 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/282979 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/283632 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/284287 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/284916 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/285582 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/286298 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/286960 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/287618 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/288278 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/288967 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/289615 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/289835 (executing program) 2022/10/02 23:12:34 fetching corpus: 4997, signal 194783/289835 (executing program) 2022/10/02 23:12:37 starting 8 fuzzer processes 23:12:37 executing program 1: ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0x1) ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000040)=0x6) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x14) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) ioctl$KDENABIO(r0, 0x4b36) ioctl$VT_RELDISP(r0, 0x5605) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x1b1840, 0x0) ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000140)={0x7, 0x3, 0x7, 0xfffffff9, 0x7, "3f4c3794d93258ef8e576a29a2955574a0c0aa", 0x9, 0x59}) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/md_mod', 0xca2c074faa2eaf94, 0x140) ioctl$VT_SETMODE(r2, 0x5602, &(0x7f00000001c0)={0x7f, 0x4, 0x8001, 0x7f, 0x8001}) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCOUTQ(r3, 0x5411, &(0x7f0000000200)) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000240)={0x5, 0x7, 0x3, 0x6, 0x59, "27f4d19ec0e16bbb2211b0aa348ea8a39f7e03", 0x8000, 0x1}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000280)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$TIOCSWINSZ(r4, 0x5414, &(0x7f00000002c0)={0xd765, 0x6, 0x3ff, 0x338}) stat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = socket(0x18, 0x800, 0x9) sendmmsg$unix(r4, &(0x7f0000000680)=[{{&(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000380)="5f6a9a78dc34096593be6a4a0fb69283e5bb40409372323fc12366b4984924a934a4df616eea4f43b7a9d72de49fe3707e969b3f9500571c5eb6935d439bc95419b2fc3b478175f3990b680a4dd67178e5202383045edf01815aed03d22aa3369cf5af240d86cc73ab104e5c0d096c0b9ce00e059033aff926b3fce4431aa6091e68cd0f9ca9ab46230cdcf01b11973d9a306ecfe9bb6f191a00d09279961aec694281c5f42ee6908e8efd4525cfc5320254f8e10bcf3bee79ed71471f31c660625f41957b0ae324762aaac64d84bf15c3e64417e96870b04ce17203af4480f4f7c4ea7c3821cddc49370fa6260b7348f96c", 0xf2}], 0x1, &(0x7f0000000640)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r5}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, r6]}}], 0x40, 0x880}}], 0x1, 0x40805) 23:12:37 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x7, 0x1, 0x45, 0x0, 0x80000000, 0x1012, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x5, 0x5}, 0x201, 0xac, 0x1, 0x0, 0x80, 0x1, 0x68cf, 0x0, 0x0, 0x0, 0xe6}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x4) r1 = getpid() r2 = perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x2, 0x5, 0x50, 0x0, 0x0, 0x100000000, 0x4004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x8, 0x5}, 0x8, 0x0, 0x9, 0x3, 0x1, 0xfffffffb, 0x1, 0x0, 0x6, 0x0, 0xfffffffffffffff8}, r1, 0x0, r0, 0x0) r3 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x8, 0x40, 0x20, 0x6, 0x0, 0x0, 0xf2c01, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0xc82, 0x0, @perf_config_ext={0x7, 0x1ff}, 0x2001, 0x1, 0xffff, 0x0, 0x3ff, 0x20, 0xff, 0x0, 0x2, 0x0, 0x8001}, r1, 0x9, r2, 0x0) r4 = perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0x4, 0x20, 0x6, 0x0, 0x3f, 0x60002, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8000, 0x4, @perf_bp={&(0x7f0000000180), 0xc}, 0x0, 0x10000, 0x3, 0x9, 0x7, 0x2c, 0x3, 0x0, 0x7, 0x0, 0x7}, r1, 0xb, r0, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x1f, 0xe0, 0x0, 0x1, 0x0, 0x8, 0x10, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000240), 0x2}, 0x3002, 0x5, 0x5, 0x3, 0x0, 0x2, 0x9, 0x0, 0xb5, 0x0, 0x3f}, r1, 0xf, r4, 0xb) fchdir(r2) sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, 0x0, 0x4, 0x70bd2c, 0x25dfdbfd, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20004004}, 0x20000000) r6 = perf_event_open(&(0x7f0000000440)={0x3, 0x80, 0x81, 0x1, 0x7, 0x1, 0x0, 0xffffffffffffffff, 0x1801, 0xd, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x4, @perf_bp={&(0x7f0000000400), 0x4}, 0x9159088cce321b54, 0xffffffffffffffc0, 0x0, 0x5, 0x9, 0x2, 0x8, 0x0, 0x0, 0x0, 0x1d2}, r1, 0x8, 0xffffffffffffffff, 0xe) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x50, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x1}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x8048}, 0x8000) flistxattr(0xffffffffffffffff, &(0x7f0000000600)=""/225, 0xe1) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001180)={&(0x7f0000000740)={0xa24, 0x0, 0x20, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x63}}}}, [@NL80211_ATTR_TID_CONFIG={0xc8, 0x11d, 0x0, 0x1, [{0x8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xfffffffffffff000}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x7}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xffffffff}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xb4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xb8}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x41}]}]}, @NL80211_ATTR_TID_CONFIG={0x6f0, 0x11d, 0x0, 0x1, [{0x448, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x400, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x80, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x20, 0x2, [{0x6, 0x7}, {0x6, 0xa}, {0x5, 0x8}, {0x6, 0x2}, {0x2, 0x6}, {0x7, 0x4}, {0x2, 0x2}, {0x4, 0x1}, {0x2, 0x1}, {0x7, 0xa}, {0x0, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x7, 0x8}, {0x1}, {0x1, 0x6}, {0x3, 0x7}, {0x4, 0x1}, {0x2}, {0x4, 0x5}, {0x1, 0x2}, {0x3, 0x1}, {0x1, 0xa}, {0x6, 0xa}, {0x4, 0x8}, {0x2, 0x1}, {0x0, 0x8}, {0x6, 0x5}]}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x1, 0x3c, 0x1b]}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x16, 0x37, 0x16, 0x36, 0x9, 0x4, 0x1b, 0x30, 0x6c, 0x6, 0x16, 0x16, 0x36, 0x2, 0x48, 0x3, 0x9, 0x9, 0x60, 0xb, 0x9, 0x36, 0xc, 0x6c, 0x1b, 0x1b, 0x30, 0x6, 0x16, 0x4, 0x30]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xeee, 0x5, 0x0, 0xc6f, 0xf476, 0x800, 0x2f, 0xfff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0xffff, 0x8, 0xffaf, 0x3d, 0x710a, 0x7f, 0x7]}}]}, @NL80211_BAND_2GHZ={0x8c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffa, 0x8001, 0x6c, 0x9, 0x200, 0x6, 0x200, 0xfffb]}}, @NL80211_TXRATE_HT={0x46, 0x2, [{0x4, 0xa}, {0x1, 0x1}, {0x4, 0xa}, {0x0, 0x7}, {0x1}, {0x5, 0x7}, {0x3, 0x1}, {0x0, 0x8}, {0x5, 0x1}, {0x0, 0xa}, {0x0, 0xa}, {0x0, 0x7}, {0x7, 0x3}, {0x2}, {0x5, 0x5}, {0x4, 0x7}, {0x5, 0xa}, {0x5, 0x3}, {0x7, 0x1}, {0x3, 0xa}, {0x7, 0x3}, {0x1, 0xa}, {0x6, 0x8}, {0x4, 0x5}, {0x1, 0x8}, {0x1, 0x9}, {0x5, 0x4}, {}, {0x5, 0x7}, {0x1}, {0x0, 0x8}, {0x2, 0x3}, {0x7, 0x7}, {0x3, 0x6}, {0x3, 0x3}, {0x1, 0x9}, {0x1}, {0x4}, {0x4, 0x2}, {0x2, 0x3}, {0x0, 0x9}, {0x6, 0x2}, {0x5, 0x8}, {0x3, 0x5}, {0x0, 0x7}, {0x7, 0x2}, {0x1, 0x2}, {0x3, 0x5}, {0x7, 0x5}, {0x2, 0x7}, {0x3, 0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x7, 0x2}, {0x3, 0x8}, {0x6, 0x6}, {0x3, 0x8}, {0x1, 0x5}, {0x0, 0x2}, {0x0, 0x3}, {0x1, 0x1}, {0x0, 0x2}, {0x5, 0x8}, {0x1}, {0x3, 0x3}, {0x1, 0x9}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x92, 0x1ff, 0x4, 0x4, 0x0, 0x8, 0x80, 0x400]}}, @NL80211_TXRATE_HT={0x18, 0x2, [{0x0, 0x3}, {0x3, 0x1}, {0x5, 0x9}, {0x2, 0x9}, {0x7, 0x3}, {0x1, 0x1}, {0x4, 0x6}, {0x0, 0x2}, {0x6, 0x5}, {0x3, 0x8}, {0x1, 0xa}, {0x1, 0x6}, {0x2, 0x5}, {0x3, 0x1}, {0x3, 0x8}, {0x3}, {0x1, 0x8}, {0x1, 0x5}, {0x7, 0x6}, {0x2, 0x5}]}]}, @NL80211_BAND_6GHZ={0x88, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x21, 0x1, [0xb, 0x36, 0x3, 0x6c, 0x2, 0xb, 0x7, 0x24, 0x9, 0x24, 0xb, 0x12, 0x60, 0x4, 0x1d, 0x18, 0x6c, 0x2, 0x3, 0x5, 0x12, 0x9, 0x24, 0x2, 0x4, 0x6c, 0x18, 0x4, 0x36]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3f, 0x3, 0xd70, 0x3, 0x8, 0x1, 0x5, 0x5]}}, @NL80211_TXRATE_HT={0x4c, 0x2, [{0x4, 0xa}, {0x7, 0x5}, {0x1, 0x8}, {0x5}, {0x1, 0x2}, {0x3, 0x4}, {0x1, 0x4}, {0x7, 0x7}, {0x7, 0x2}, {0x3, 0x1}, {0x6, 0x7}, {0x6, 0x6}, {0x2, 0x8}, {0x5, 0x5}, {0x0, 0x4}, {0x6, 0x3}, {0x4}, {0x2, 0x4}, {0x1, 0x1}, {}, {}, {0x4, 0xa}, {0x0, 0x8}, {0x5, 0xa}, {0x1, 0x3}, {0x7, 0x3}, {0x0, 0x3}, {0x4, 0x9}, {0x4, 0x3}, {}, {0x0, 0x5}, {0x3}, {0x6, 0x7}, {0x0, 0x4}, {0x1, 0x2}, {0x1, 0x7}, {0x7, 0xa}, {0x6, 0x4}, {0x5, 0x2}, {0x2, 0x8}, {0x1, 0x4}, {0x6, 0x9}, {0x5, 0x4}, {0x3, 0x4}, {0x3, 0x5}, {0x7, 0x6}, {0x6, 0x9}, {0x4, 0x3}, {0x0, 0x4}, {0x7, 0x7}, {0x6, 0x4}, {0x3, 0x2}, {0x3, 0x4}, {0x4, 0xa}, {0x0, 0x8}, {0x2, 0x5}, {0x4, 0x7}, {0x0, 0xa}, {0x6, 0x2}, {0x6, 0x8}, {0x7, 0x6}, {0x2, 0x2}, {0x3, 0x7}, {0x7, 0x8}, {0x6, 0x7}, {0x7, 0x8}, {0x4}, {0x4, 0xa}, {0x2, 0x9}, {0x2, 0x9}, {0x3}, {0x0, 0x1}]}]}, @NL80211_BAND_2GHZ={0x170, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3642, 0x5, 0x96d, 0x1, 0xfff8, 0x5, 0x9, 0x7]}}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x7, 0x9}, {0x1, 0x2}, {0x2, 0x4}, {0x7, 0x8}, {0x0, 0x7}, {0x7, 0x4}, {0x1, 0xa}, {0x2, 0x5}, {0x0, 0x9}, {0x5, 0x8}, {0x4, 0x1}, {0x2, 0x7}, {0x7, 0x6}, {0x0, 0x7}, {0x0, 0x4}, {0x2, 0x8}, {0x0, 0x9}, {0x4, 0x4}, {0x5, 0x7}, {0x7, 0x3}, {0x7, 0x7}, {0x3, 0x5}, {0x1, 0x3}, {0x0, 0x2}, {0x3, 0x5}, {0x7, 0x1}, {0x5, 0x3}, {0x4, 0x1}, {0x1, 0x4}, {0x4, 0x7}, {0x1, 0x3}, {0x7, 0x6}, {0x3, 0x4}, {}, {0x4, 0x3}, {0x3, 0x6}, {0x4, 0x4}, {0x2, 0xa}, {0x2, 0xa}, {0x2, 0x5}, {0x2, 0x1}, {}, {0x3, 0xa}, {0x3, 0x2}, {0x7, 0x7}, {0x2, 0x3}, {0x0, 0x5}, {}, {0x6, 0x1}, {0x1, 0x3}, {0x1}, {0x2, 0x1}, {0x1, 0x9}, {0x0, 0x6}, {0x3, 0xa}, {0x1, 0x5}, {0x4, 0x9}, {0x7, 0x1}, {0x7, 0x6}, {0x4, 0x5}, {0x1, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x80, 0x800, 0x81a8, 0x0, 0xf42e, 0x1, 0x101]}}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x4, 0x1b, 0x9, 0x60, 0x2, 0x36, 0x6, 0x0, 0x30, 0x6c, 0x3, 0x24, 0x3, 0x30, 0x48, 0x6c, 0xa06be3ec3243fe1c, 0x36, 0x2, 0xb, 0x6, 0x36, 0x2, 0x6, 0x6, 0x1]}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x5, 0x9}, {0x2, 0x5}, {0x3, 0x1}, {}, {0x0, 0x5}, {0x7, 0x9}, {0x7, 0x4}, {0x0, 0x4}, {0x1, 0x1}, {0x4, 0x3}, {0x2, 0xf}, {0x7, 0x6}, {0x2, 0xa}, {0x7, 0x1}, {0x5, 0x5}, {0x2, 0x3}, {0x3, 0x6}, {0x0, 0x6}, {0x5, 0x6}, {0x2, 0x2}, {0x3, 0x7}, {0x0, 0x3}, {0x4, 0x2}, {0x4, 0x1}, {0x0, 0x2}, {0x4, 0x2}, {0x1, 0xa}, {0x0, 0x1}, {0x4, 0xa}, {0x0, 0x5}, {0x2, 0x6}, {0x1}, {0x6, 0x9}, {0x1, 0x1}, {0x7, 0x3}, {0x3, 0x3}, {0x1, 0x3}, {0x0, 0xa}, {0x0, 0x1}, {0x0, 0x2}, {0x7, 0x3}, {0x4, 0x9}, {0x7, 0x5}, {0x3, 0x9}]}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x3, 0x1}, {0x0, 0x3}, {0x7, 0x2}, {0x0, 0x6}, {0x0, 0x3}, {0x0, 0x7}, {0x0, 0x6}, {0x4, 0x6}, {0x6, 0x7}, {0x1, 0x3}, {0x1, 0x1}, {0x5, 0x7}, {0x7, 0x5}, {0x1, 0x2}, {0x7, 0xa}, {0x1, 0x8}, {0x0, 0x6}, {0x4, 0x3}, {0x3, 0x8}, {0x7, 0x1}, {0x0, 0x6}, {0x2, 0x3}, {0x5, 0x1}, {0x6, 0x3}, {0x1, 0x9}, {0x1, 0x3}, {0x6, 0x3}, {0x7, 0xa}, {0x1, 0x2}, {0x4}, {0x1, 0x8}, {0x6, 0x9}, {0x5, 0x4}, {0x4, 0x6}, {0x3, 0x1}, {0x2, 0x6}, {}, {0x4, 0x8}, {0x7, 0x1}, {0x6, 0x4}, {0x4, 0x1}, {0x1, 0x8}, {0x2, 0x3}, {0x2, 0x4}, {0x1, 0x1}, {0x5, 0x3}, {0x0, 0x5}, {0x3, 0x4}, {0x1, 0x1}, {0x7, 0x9}, {0x1}, {0x3, 0x5}, {0x0, 0x8}, {0x5, 0x9}, {0x7, 0x9}, {0x2, 0xa}, {0x6, 0x9}, {0x6}, {0x1, 0x4}, {0x0, 0x6}, {0x2, 0x7}, {}]}, @NL80211_TXRATE_HT={0x4b, 0x2, [{0x2, 0x9}, {0x6, 0x9}, {0x1, 0x1}, {0x2}, {0x4, 0x2}, {0x0, 0x6}, {0x5, 0x1}, {0x6, 0x3}, {0x2, 0x7}, {0x1, 0x4}, {0x6, 0x3}, {0x3, 0x5}, {0x0, 0x3}, {0x7, 0xa}, {0x7, 0x8}, {0x7, 0x8}, {0x6, 0x5}, {0x0, 0x8}, {0x4, 0x2}, {0x0, 0x1}, {0x4, 0x1}, {0x1, 0x4}, {0x3, 0x3}, {0x0, 0x6}, {0x1, 0x9}, {0x5, 0x1}, {0x1, 0x2}, {0x4, 0x1}, {0x7, 0x1}, {0x4}, {0x6, 0x3}, {0x1, 0x1}, {0x1, 0x6}, {0x4, 0x5}, {0x0, 0xa}, {0x3, 0x4}, {0x3, 0x5}, {0x0, 0x7}, {0x5, 0x9}, {0x2, 0x1}, {0x4, 0x7}, {0x1, 0x2}, {0x4, 0x4}, {0x4, 0x6}, {0x2, 0x15}, {0x5, 0x9}, {0x5, 0x1}, {0x4, 0x8}, {0x1, 0x6}, {0x5, 0x4}, {}, {0x2, 0xa}, {0x0, 0x3}, {0x6, 0x1}, {0x1, 0x1}, {0x3}, {0x4}, {0x2, 0x5}, {0x0, 0x9}, {0x0, 0x6}, {0x7, 0xa}, {0x1, 0x1}, {0x0, 0x6}, {0x4, 0xa}, {0x7, 0x2}, {0x4, 0x1}, {0x5, 0x1}, {0x7, 0x3}, {0x2, 0x2}, {0x7, 0x3}, {0x4, 0x9}]}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x6c, 0x16, 0x5, 0x2a, 0x18, 0x6c, 0x30, 0x2, 0x2, 0x5, 0x18, 0x12, 0x6, 0x3, 0x4, 0x24, 0x5, 0x5, 0x18, 0x12]}, @NL80211_TXRATE_HT={0x7, 0x2, [{0x1, 0x3}, {0x5, 0x3}, {0x7}]}]}, @NL80211_BAND_6GHZ={0x90, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x8, 0x2, 0x8, 0x3, 0x9, 0x1, 0x5]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffc, 0x100, 0xfff, 0x2, 0x4, 0x200, 0x2b2, 0xdfe]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x2, 0x4, 0x39, 0x6c, 0xb, 0x5, 0x6, 0x30, 0x0, 0x5e, 0x4, 0x18, 0x60, 0x0, 0x6, 0xb, 0xb, 0xc, 0x1b, 0x0, 0x2, 0x12, 0x30, 0x1, 0x4]}, @NL80211_TXRATE_HT={0x13, 0x2, [{0x1, 0x8}, {0x4, 0x6}, {0x0, 0x8}, {0x1}, {0x6, 0x4}, {0x0, 0x1}, {0x4, 0x6}, {0x5, 0x8}, {0x1, 0xa}, {0x1, 0x4}, {0x7, 0x1}, {0x1, 0x8}, {0x4, 0x2}, {0x2}, {0x7, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x4, 0x100, 0x6, 0x2, 0x98, 0x800, 0x800]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x6, 0x24, 0x6, 0x5, 0x3, 0xb, 0xc, 0x9, 0x24, 0x18, 0x0, 0x24, 0xc]}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x8, 0x2, [{0x2, 0x7}, {0x1, 0x1}, {0x0, 0x1}, {0x4, 0x4}]}]}, @NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8001, 0x1, 0x1, 0x9, 0x0, 0x9, 0x101, 0x3]}}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x24, 0x5, 0x16, 0x60, 0x36, 0x12, 0xc, 0x5, 0x24, 0x12]}]}, @NL80211_BAND_5GHZ={0x34, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1140, 0x4, 0xfbff, 0x6, 0x7, 0x3f, 0x20, 0x4]}}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x36, 0x1b, 0x1, 0xb, 0x3, 0x16, 0x36, 0x6c, 0x1, 0x6c, 0x2, 0x3, 0x2, 0x16, 0x5, 0x9, 0x9, 0x9, 0x24, 0xb, 0x18]}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x51}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x326}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x8e}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x48, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x22}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x81}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xab}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x9a}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x100000000}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x92}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x1a4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x184, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x20, 0x4, 0x7ff, 0x4, 0x3f, 0x9, 0x9c68, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x7, 0x3, 0x40, 0xcb8, 0xfc01, 0x7f, 0x80]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x51, 0x4, 0x8000, 0x9, 0x2, 0x4]}}]}, @NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x23, 0x1, [0x24, 0x5, 0x9, 0x6, 0x1, 0x3, 0x48, 0x4, 0x6c, 0xb, 0x18, 0x9, 0x3, 0x48, 0x12, 0x24, 0x1, 0x1b, 0x6c, 0x1, 0x1b, 0x48, 0x6c, 0xc, 0x30, 0x6c, 0x1, 0x5, 0x5, 0x0, 0x16]}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x6c, 0x1, 0x1b, 0x60, 0x54, 0x24, 0x3, 0x18, 0x6, 0xc, 0x0, 0xc, 0x30, 0x9, 0x3, 0x1b, 0xc, 0x2, 0x36, 0xb, 0x6, 0xb, 0x4, 0x18]}]}, @NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x19, 0x1, [0x24, 0xc, 0x30, 0x6c, 0x30, 0xb, 0x9, 0x6c, 0x60, 0x0, 0x48, 0xb, 0x4, 0x60, 0x1, 0x9, 0x0, 0x3, 0x24, 0x24, 0x18]}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x9, 0x18, 0x12, 0x4, 0x18, 0x48, 0x16, 0x4, 0x1b, 0x48, 0x18, 0x30, 0xc, 0x24, 0xb, 0x6c, 0xb, 0x5, 0x24, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x40, 0x9, 0x1f, 0x6, 0x9, 0x3, 0x7a63, 0x3f]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6f2d, 0x6, 0x5, 0x7f, 0x0, 0xfffa, 0xf465, 0xcb96]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x9]}]}, @NL80211_BAND_2GHZ={0x50, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x17, 0x1, [0x6c, 0x48, 0x5, 0x36, 0x60, 0x16, 0x43, 0x12, 0x42, 0x6, 0x48, 0x2, 0x4d, 0x60, 0x8, 0x6, 0x3, 0x2, 0x18]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x36, 0x1b, 0x6c, 0x16]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x4, 0x2, 0x60, 0x18, 0x18, 0xb, 0x5, 0x6c, 0xb, 0xc, 0x18, 0x9f6864d9f118095, 0x12, 0x4, 0x6]}]}, @NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x37, 0x2, [{}, {0x7, 0x6}, {0x1, 0x3}, {0x5, 0x1}, {0x0, 0x9}, {0x6, 0x3}, {0x3, 0x8}, {0x2, 0x8}, {0x6, 0xa}, {0x1, 0x7}, {0x7, 0xa}, {0x2, 0x1}, {0x2, 0x6}, {0x1, 0xa}, {0x5, 0x8}, {0x1, 0xa}, {0x7, 0x5}, {0x0, 0x8}, {0x3, 0x5}, {0x0, 0x2}, {0x3, 0xa}, {0x2, 0xa}, {0x7, 0x7}, {0x6, 0x4}, {0x1, 0x9}, {0x0, 0x1}, {0x5, 0xa}, {0x1, 0x3}, {0x0, 0x7}, {0x5, 0x4}, {0x1, 0xa}, {0x7, 0x6}, {0x5, 0x6}, {}, {0x0, 0xa}, {0x4, 0x8}, {0x1, 0x7}, {0x6, 0x8}, {0x2, 0x8}, {0x7, 0x7}, {0x1, 0x6}, {0x0, 0x5}, {0x7, 0xa}, {0x3, 0x2}, {0x5, 0x8}, {0x7, 0xa}, {0x1}, {0x6, 0x6}, {0x2, 0x4}, {}, {0x6, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xfffffffffffffffe}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x21}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x72}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x47}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x81}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x94}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x244, 0x11d, 0x0, 0x1, [{0x240, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x7b}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x800}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x27}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x214, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x1a, 0x2, [{0x3}, {0x0, 0x1}, {0x0, 0x6}, {0x2, 0x2}, {0x1, 0x8}, {0x7, 0x4}, {0x1, 0x5}, {0x4, 0x2}, {0x3, 0x2}, {0x1, 0x3}, {0x6, 0x9}, {0x5, 0x8}, {0x4, 0xa}, {0x3, 0x2}, {0x6, 0x2}, {0x5, 0x9}, {0x2, 0x7}, {0x5, 0x6}, {0x5, 0xa}, {0x2, 0xa}, {0x3}, {0x5}]}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x5, 0x8759a89f8ac3c9a8, 0x6, 0xc, 0x9, 0x0, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_5GHZ={0x24, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0xfcd6, 0x0, 0x9, 0x7, 0x5, 0x2, 0x8e4d]}}]}, @NL80211_BAND_2GHZ={0x28, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x8, 0x2, [{0x0, 0x5}, {0x6, 0x6}, {0x5, 0x9}, {0x3, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x8, 0x4, 0x0, 0x200, 0x7, 0x0, 0x1]}}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x14c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x2, 0x7}, {0x0, 0x8}, {0x3, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x6, 0x2}, {0x5, 0x1}, {0x0, 0x2}, {0x7, 0xa}, {0x0, 0x3}, {0x4, 0x6}, {0x1, 0x5}, {0x7, 0x5}, {0x0, 0x5}, {0x3, 0x7}, {0x0, 0x2}, {0x0, 0x4}, {0x3, 0x1}, {0x1, 0x7}, {0x7, 0x4}, {0x2, 0x6}, {0x0, 0x3}, {0x0, 0x9}, {0x0, 0x9}, {0x4, 0x9}, {0x1, 0x6}, {0x1, 0x1}, {0x7}, {0x3, 0x6}, {0x1}, {0x6}, {0x2, 0x3}, {0x3, 0x9}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3c, 0x4, 0xe96, 0x1, 0x1ff, 0x0, 0x8000, 0xfa9a]}}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x2, 0x9}, {0x1, 0xa}, {0x2, 0x5}, {0x0, 0xa}, {0x6}, {0x3, 0x2}, {0x4, 0x8}, {0x0, 0x2}, {0x7, 0x3}, {0x2, 0x8}, {0x5, 0x6}, {0x1, 0x6}, {0x4}, {0x7, 0x7}, {0x1}, {0x6, 0x4}, {0x3, 0x1}, {0x6, 0x4}, {0x1, 0x3}, {0x2}, {}, {0x2, 0x4}, {0x3}, {0x0, 0x9}, {0x6, 0x7}, {0x0, 0xa}, {0x1, 0x2}, {0x2, 0x3}, {0x0, 0x9}, {0x0, 0x5}, {0x0, 0x1}, {0x1, 0x6}, {0x0, 0x9}, {0x5, 0x4}, {0x6, 0x8}, {0x4, 0x4}, {0x0, 0x9}, {0x1, 0xa}, {0x4, 0xa}, {0x7, 0xa}, {0x4, 0x3}, {0x2, 0xa}, {0x2, 0x9}, {0x1, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x1f, 0x7f, 0xc781, 0x3af, 0x1f, 0x2, 0x52c]}}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x4, 0x6}, {0x2, 0x6}, {0x6, 0x5}, {0x4, 0x6}, {0x6, 0xa}, {0x0, 0x2}, {0x5, 0x6}, {0x1, 0x8}, {0x5, 0x9}, {0x1, 0x1}, {0x7, 0x1}, {0x2, 0xa}, {0x1, 0x1}, {0x0, 0x2}, {0x3, 0x4}, {0x4, 0x3}, {0x1, 0x5}, {0x3, 0x6}, {0x5, 0x6}, {0x1, 0x3}, {0x0, 0x6}, {0x3, 0x2}, {0x6, 0x8}, {0x0, 0x3}, {0x4, 0x5}, {0x7, 0x5}, {0x0, 0x7}, {0x5, 0xa}, {0x0, 0x7}, {0x1, 0x6}]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x4, 0x8}, {0x3, 0x5}, {0x2, 0x7}, {0x1, 0xa}, {0x7, 0xa}, {0x7, 0x7}, {0x0, 0x4}, {0x4, 0x8}, {0x2, 0x8}, {}, {0x2, 0x3}, {0x5, 0x8}, {0x3, 0x5}, {0x0, 0x4}, {0x2, 0x9}, {0x3, 0x7}, {0x0, 0x5}, {0x0, 0x9}, {0x4, 0x9}, {0x3, 0x8}, {0x5, 0x7}, {0x7, 0x2}, {0x2, 0x7}, {0x5}, {0x4, 0x6}, {0x5, 0x2}, {0x4, 0x1}, {0x1, 0x7}, {0x1, 0x3}, {0x1, 0x2}, {0x0, 0x3}, {0x1, 0x3}, {0x0, 0x6}, {0x0, 0x9}, {0x4, 0x6}, {0x6, 0x1}, {0x5, 0x3}, {0x7, 0x6}, {0x4, 0x1}, {0x6, 0x5}, {0x0, 0x9}, {0x0, 0x8}, {0x5, 0x7}, {0x4, 0x2}, {0x6, 0x4}, {0x5, 0x8}, {0x5, 0x1}, {0x6, 0x1}, {0x0, 0x5}, {0x3}, {0x3, 0xa}, {0x0, 0x5}, {0x2, 0x4}, {0x5, 0x1}, {0x5, 0x8}, {0x1, 0x4}, {0x3, 0x2}, {0x6, 0x7}, {0x7, 0x5}, {0x1, 0xa}, {0x0, 0x4}, {0x0, 0x6}, {0x2, 0x2}, {0x4, 0x6}, {0x7, 0x6}, {0x2, 0x7}, {0x0, 0x1}]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x5}, {0x2, 0x6}, {0x6, 0xa}, {0x4, 0x2}, {0x3, 0x5}, {0x0, 0x8}, {0x1, 0x4}, {0x4}, {0x6, 0x4}, {0x4, 0x5}, {0x5, 0x4}, {0x7, 0x7}, {0x0, 0x7}, {0x7}, {0x1, 0x5}, {0x7, 0xa}, {0x1, 0x4}, {0x0, 0x5}, {0x0, 0x1}, {0x3, 0x7}, {0x2, 0x1}, {0x7}, {0x1, 0xa}, {0x6, 0x5}, {0x7, 0x2}, {0x2, 0x2}, {0x1, 0xa}, {0x0, 0x9}, {0x4, 0x9}, {0x0, 0x2}, {0x7, 0x5}, {0x7}, {0x7, 0x8}, {0x4}, {0x6, 0x1}, {0x2, 0x8}, {0x1, 0x6}, {0x6, 0x1}, {0x3, 0x2}, {0x5, 0x2}, {0x3, 0x8}, {0x7, 0x6}, {0x1, 0x4}, {0x4, 0x3}, {0x4, 0x9}, {0x7, 0x9}, {0x3, 0x5}, {0x0, 0x7}, {0x4, 0x4}, {0x0, 0x9}, {0x7, 0x5}, {0x1, 0xa}, {0x7, 0x7}, {0x2, 0x8}, {0x2, 0x6}, {0x7, 0xa}, {0x7, 0x5}, {0x7, 0x5}, {0x2, 0x5}, {0x2, 0xa}, {0x1, 0x1}, {0x6, 0x5}, {0x4, 0x9}, {0x7, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x1c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0x2, 0x60, 0x36, 0x2, 0x16, 0x4, 0x1b, 0x16, 0x6c, 0x16, 0x1b, 0x3d]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6838, 0x3b7, 0x0, 0x0, 0xff0, 0x9, 0xeb55, 0x3]}}]}]}]}]}]}, 0xa24}, 0x1, 0x0, 0x0, 0x88}, 0x20044004) r7 = fork() perf_event_open(&(0x7f0000001200)={0x2, 0x80, 0x7, 0x7, 0x9, 0x7f, 0x0, 0xffff, 0x20000, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xfffff000, 0x4, @perf_config_ext={0x5, 0x4}, 0x4000, 0x4, 0x5, 0x1, 0x6, 0x6, 0x4, 0x0, 0x0, 0x0, 0x8001}, r7, 0xfffffffffffffffb, r6, 0x0) io_setup(0xa297, &(0x7f0000001280)=0x0) r9 = socket$nl_audit(0x10, 0x3, 0x9) r10 = openat$full(0xffffffffffffff9c, &(0x7f0000001340), 0x50483, 0x0) io_submit(r8, 0x3, &(0x7f0000001580)=[&(0x7f0000001380)={0x0, 0x0, 0x0, 0x5, 0x9, r9, &(0x7f00000012c0)="1afbfb7bf4de85d3acbce979fdbfcb9fe8b33a7746f7a7658b9364c04ca46cf54d53b163cc1798f17ce88470aa1739392649fd12a5e3b62dc4d6267cf52d7c9c8ce74413", 0x44, 0x9, 0x0, 0x3, r10}, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x8, r5, &(0x7f00000013c0)="ac40734351b39ea2592889821dd3f74d2c36acf04acd23c113865aa1fd83fedcb4d909584f663ceaa6b18740d932bc2025d96394313c8b282e891ec932eb56d9a3b2759a476e5b95dc70a9a515833740d65fb9014528551b04d3a34cbc156b4da43c03f2ac19e338a01be441cce03bc73d52dce5ba135ccd9c9c2e42d944f8a4a87e5efc65b27b8d7efa96dfd99c0405c00299b559bae4f22949e5449ffe021ec359a23879deb1d531ecc6f9610bcc02e98b05f641c57b741b4723cf371c0c2b571c2186f27571bbe835a4cd39f2cd2df468e2c4eb152f58f7fd5e77f7af7711b6cdcea63d65cfd715ca03bd463136f698b2", 0xf2, 0xfffffffffffffffc}, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000001500)="43d5d4f4f30304d73b1b2db01bf6e0", 0xf, 0xe611, 0x0, 0x2}]) fork() ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f00000015c0)={0x2, 0xfffffffa, 0xdb63, 0x3f, 0x93db}) 23:12:37 executing program 2: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) fstat(r0, &(0x7f0000000000)) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_TIOCOUTQ(r2, 0x5411, &(0x7f0000000100)) setsockopt(r2, 0x8, 0x8, &(0x7f0000000140)="d0b63564135097fb3d374965ded00e461bd3408d92cece60c0a561985d3f1c772157abd8e7764e37b81b391dcddc6b65e525f9f16ce5ad40be6300ca1aafa857d04e885780700ba2b9c996d8b88e1ebbfa7b6088f33f73192d2986c8cfb48f3f719bddbbc7b948ba43d6d7ee81ec0eb5e27d34726c2230e587030c5e8a200be6d2", 0x81) getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, &(0x7f0000000200)={'IDLETIMER\x00'}, &(0x7f0000000240)=0x1e) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) recvmmsg(r3, &(0x7f0000002bc0)=[{{&(0x7f00000002c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @initdev}}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000340)=""/172, 0xac}, {&(0x7f0000000400)=""/129, 0x81}, {&(0x7f00000004c0)=""/89, 0x59}, {&(0x7f0000000540)=""/125, 0x7d}, {&(0x7f00000005c0)=""/204, 0xcc}], 0x5, &(0x7f0000000740)=""/245, 0xf5}, 0x9}, {{&(0x7f0000000840)=@alg, 0x80, &(0x7f0000000940)=[{&(0x7f00000008c0)=""/8, 0x8}, {&(0x7f0000000900)=""/55, 0x37}], 0x2, &(0x7f0000000980)=""/223, 0xdf}, 0x6}, {{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000000a80)=""/32, 0x20}, {&(0x7f0000000ac0)=""/28, 0x1c}, {&(0x7f0000000b00)=""/247, 0xf7}, {&(0x7f0000000c00)=""/165, 0xa5}, {&(0x7f0000000cc0)=""/12, 0xc}, {&(0x7f0000000d00)=""/145, 0x91}, {&(0x7f0000000dc0)=""/230, 0xe6}], 0x7, &(0x7f0000000f40)=""/4096, 0x1000}, 0x101}, {{&(0x7f0000001f40)=@qipcrtr, 0x80, &(0x7f0000002100)=[{&(0x7f0000001fc0)=""/21, 0x15}, {&(0x7f0000002000)=""/254, 0xfe}], 0x2, &(0x7f0000002140)}, 0x7}, {{&(0x7f0000002180)=@xdp, 0x80, &(0x7f0000002280)=[{&(0x7f0000002200)=""/102, 0x66}], 0x1}, 0x4}, {{&(0x7f00000022c0)=@l2, 0x80, &(0x7f00000024c0)=[{&(0x7f0000002340)=""/243, 0xf3}, {&(0x7f0000002440)=""/78, 0x4e}], 0x2, &(0x7f0000002500)=""/96, 0x60}}, {{0x0, 0x0, &(0x7f0000002b00)=[{&(0x7f0000002580)=""/233, 0xe9}, {&(0x7f0000002680)=""/179, 0xb3}, {&(0x7f0000002740)=""/206, 0xce}, {&(0x7f0000002840)=""/73, 0x49}, {&(0x7f00000028c0)=""/60, 0x3c}, {&(0x7f0000002900)=""/38, 0x26}, {&(0x7f0000002940)=""/135, 0x87}, {&(0x7f0000002a00)=""/251, 0xfb}], 0x8, &(0x7f0000002b80)}, 0x5}], 0x7, 0x40000141, 0x0) execveat(r3, &(0x7f0000002d80)='./file0\x00', &(0x7f0000002e00)=[&(0x7f0000002dc0)='IDLETIMER\x00'], &(0x7f0000002f00)=[&(0x7f0000002e40)='IDLETIMER\x00', &(0x7f0000002e80)='IDLETIMER\x00', &(0x7f0000002ec0)], 0x800) pipe2$9p(&(0x7f0000002f40)={0xffffffffffffffff}, 0x4000) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000002f80)={0x0, r4, 0x5, 0xac, 0xe5, 0xa58}) recvmmsg(r3, &(0x7f0000006400)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000002fc0)=""/251, 0xfb}, {&(0x7f00000030c0)=""/160, 0xa0}, {&(0x7f0000003180)=""/13, 0xd}, {&(0x7f00000031c0)}, {&(0x7f0000003200)=""/122, 0x7a}, {&(0x7f0000003280)=""/163, 0xa3}, {&(0x7f0000003340)=""/64, 0x40}], 0x7, &(0x7f0000003400)=""/177, 0xb1}, 0x36}, {{&(0x7f00000034c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000036c0)=[{&(0x7f0000003540)=""/189, 0xbd}, {&(0x7f0000003600)=""/187, 0xbb}], 0x2, &(0x7f0000003700)=""/4096, 0x1000}, 0x7f}, {{0x0, 0x0, &(0x7f0000004800)=[{&(0x7f0000004700)=""/217, 0xd9}], 0x1, &(0x7f0000004840)=""/64, 0x40}, 0xd5db}, {{0x0, 0x0, &(0x7f0000005a00)=[{&(0x7f0000004880)=""/100, 0x64}, {&(0x7f0000004900)=""/238, 0xee}, {&(0x7f0000004a00)=""/4096, 0x1000}], 0x3, &(0x7f0000005a40)=""/181, 0xb5}, 0x3f}, {{&(0x7f0000005b00)=@phonet, 0x80, &(0x7f0000005d00)=[{&(0x7f0000005b80)=""/167, 0xa7}, {&(0x7f0000005c40)=""/157, 0x9d}], 0x2, &(0x7f0000005d40)=""/245, 0xf5}, 0x7}, {{0x0, 0x0, &(0x7f0000005ec0)=[{&(0x7f0000005e40)=""/126, 0x7e}], 0x1}, 0x4}, {{&(0x7f0000005f00)=@sco, 0x80, &(0x7f0000006300)=[{&(0x7f0000005f80)=""/77, 0x4d}, {&(0x7f0000006000)=""/242, 0xf2}, {&(0x7f0000006100)=""/95, 0x5f}, {&(0x7f0000006180)=""/150, 0x96}, {&(0x7f0000006240)=""/32, 0x20}, {&(0x7f0000006280)=""/55, 0x37}, {&(0x7f00000062c0)=""/50, 0x32}], 0x7, &(0x7f0000006380)=""/73, 0x49}, 0x5}], 0x7, 0x0, &(0x7f00000065c0)={0x0, 0x989680}) ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000006600)={'vxcan1\x00', {0x2, 0x0, @private}}) r5 = openat2(r3, &(0x7f0000006640)='./file0\x00', &(0x7f0000006680)={0x80000, 0x2, 0x5}, 0x18) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000006840)={0x70, 0x0, &(0x7f0000006780)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f00000066c0)={@fda={0x66646185, 0x0, 0x0, 0x24}, @fda={0x66646185, 0x3, 0x1, 0x16}, @flat=@weak_binder}, &(0x7f0000006740)={0x0, 0x20, 0x40}}}, @acquire_done, @acquire={0x40046305, 0x2}, @clear_death={0x400c630f, 0x2}], 0x4, 0x0, &(0x7f0000006800)="d7914a84"}) execveat(r5, &(0x7f0000006880)='./file0\x00', &(0x7f00000069c0)=[&(0x7f00000068c0)='IDLETIMER\x00', &(0x7f0000006900)='.^@)\x00', &(0x7f0000006940)='vxcan1\x00', &(0x7f0000006980)='\x00'], &(0x7f0000006a80)=[&(0x7f0000006a00)='*]-\x00', &(0x7f0000006a40)='@\x00'], 0x1000) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000006ac0)) accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000006b00)) 23:12:37 executing program 3: r0 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000001240)="e0243b56b31a303eed3b5c05d4c6c9b9fbccf1e2b60895dc253804ecc5437c52bf2121a578ee68e9c12016082c451b4650692ac8b5c5b17e33395a4dced61fb1e4bd8e76336cdf251caa78a8728136bc23c0042c96717331ddb6955b6e2d7ac2a7a2a361cbf938c370c6b0f627779e67145746a81b6899ccf2216c43c2fa9913460b5d8e26d0585df2f24ec1e00f059a1810e1b376b96dc6cbb95b2f51c97c35d23cd94b68b1223a2e56d4f27debdf921e6a4d0de4709dff1ab5eec065d1b6a75877457b7ebabb9859fa32bfcfc4aa1a19397907ced202794c2ee4ab4fa553d3c821cf7ecb9c5cc2023f1bd1714d6398e2a8b6ed5f83e80d420b8da4afe11d6e") mount_setattr(0xffffffffffffffff, &(0x7f0000001340)='./file0\x00', 0x0, &(0x7f0000001380)={0x100004, 0x200000, 0x40000, {r0}}, 0x20) execveat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', &(0x7f0000001580)=[&(0x7f0000001400)='@\x00', &(0x7f0000001440)='%@+\xe6\x00', &(0x7f0000001480)='\x82-\\^(\x00', &(0x7f00000014c0)='^!\'{\x00', &(0x7f0000001500)=']\x00', &(0x7f0000001540)='[\x00'], &(0x7f0000001700)=[&(0x7f00000015c0)='\'%(\x00', &(0x7f0000001600)='(\x87%\x93(\x00', &(0x7f0000001640)='\x00', &(0x7f0000001680)='[\xcd\x00', &(0x7f00000016c0)='\x00'], 0x400) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000001740)='./file0\x00', 0x40000, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001780)={{0x1, 0x1, 0x18, r1, @out_args}, './file0/file0\x00'}) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000008, 0x4001110, r2, 0x10000000) lsetxattr$security_evm(&(0x7f00000017c0)='./file0\x00', &(0x7f0000001800), &(0x7f0000001840)=@md5={0x1, "0943551dd01765f30eb48cd47adbafa3"}, 0x11, 0x3) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000001880)={0x3, 'veth0_to_bond\x00', {0xa2}, 0xaf}) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000018c0), 0x103501, 0x0) execveat(r2, &(0x7f0000001900)='./file0\x00', &(0x7f0000001a00)=[&(0x7f0000001940)='(\x87%\x93(\x00', &(0x7f0000001980)='%@+\xe6\x00', &(0x7f00000019c0)='a-\\:(.h[+/$-$,'], &(0x7f0000001c40)=[&(0x7f0000001a40)='\x00', &(0x7f0000001a80)='\x00', &(0x7f0000001ac0)='&*-@\x00', &(0x7f0000001b00)='/+^[#[%^\x00', &(0x7f0000001b40)='\x00', &(0x7f0000001b80)='\'%(\x00', &(0x7f0000001bc0)='[\xcd\x00', &(0x7f0000001c00)='\'-,){-}\'@*#[[\x00'], 0x400) lsetxattr(&(0x7f0000001c80)='./file0/file0\x00', &(0x7f0000001cc0)=@random={'osx.', '\x00'}, &(0x7f0000001d00)='a-\\:(.h[+/$-$,', 0xe, 0x2) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000001d80), r2) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000001d40), 0xc, &(0x7f0000001e40)={&(0x7f0000001dc0)={0x44, r4, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @remote}, @GTPA_I_TEI={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010101}]}, 0x44}, 0x1, 0x0, 0x0, 0x2400c801}, 0x4090) fremovexattr(r3, &(0x7f0000001ec0)=@known='trusted.overlay.origin\x00') r5 = memfd_secret(0x80000) readlinkat(r5, &(0x7f0000001f00)='./file0/file0\x00', &(0x7f0000001f40)=""/146, 0x92) setxattr$trusted_overlay_redirect(&(0x7f0000002000)='./file0/file0\x00', &(0x7f0000002040), &(0x7f0000002080)='./file0/file1\x00', 0xe, 0x2) accept4(r2, &(0x7f00000020c0)=@nfc_llcp, &(0x7f0000002140)=0x80, 0x400) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, &(0x7f00000021c0)={0x29, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e22, 0x1, 'lblc\x00', 0x28, 0x6, 0x57}, 0x2c) [ 67.184270] audit: type=1400 audit(1664752357.424:6): avc: denied { execmem } for pid=283 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 23:12:37 executing program 4: ioctl$INCFS_IOC_READ_FILE_SIGNATURE(0xffffffffffffffff, 0x8010671f, &(0x7f0000000100)={&(0x7f0000000000)=""/211, 0xd3}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000180)={0x6, 0x40, 0xe56, 0x1ff}, 0x10) sendmsg$AUDIT_SET(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x38, 0x3e9, 0x300, 0x70bd2a, 0x25dfdbfe, {0x4, 0x1, 0x2, 0xffffffffffffffff, 0xd6d, 0x0, 0x1f, 0x4, 0x0, 0x4}, ["", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4000080}, 0x4004010) sendmsg$SMC_PNETID_GET(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x60, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x60}, 0x1, 0x0, 0x0, 0x404}, 0x40) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x70, 0x0, 0x8, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x3}, @NL80211_MESHCONF_HOLDING_TIMEOUT={0x6, 0x3, 0xed}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x1ff}]}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x404c090}, 0x40040) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r2) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x40, r4, 0x20, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xba}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x25da8ffb}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x80000000}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x40408c0) r5 = syz_open_dev$mouse(&(0x7f00000006c0), 0x41, 0x2a4000) ioctl$sock_inet_SIOCGIFNETMASK(r5, 0x891b, &(0x7f0000000700)={'veth0_to_hsr\x00', {0x2, 0x0, @loopback}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000007c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x60, 0x0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000010}, 0x4) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000940), r2) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000a40)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x60, r7, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x44, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x3f}}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000040}, 0x4048085) setsockopt$inet6_int(r1, 0x29, 0x50, &(0x7f0000000a80)=0x5, 0x4) r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000b00), r5) sendmsg$TIPC_CMD_GET_NETID(r1, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x1c, r8, 0x200, 0x70bd28, 0x25dfdbfd, {}, [""]}, 0x1c}}, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r1, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x58, 0x4, 0x8, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6002}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x24008004) 23:12:37 executing program 5: ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000000000)) r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000040)={0x9, 0x4, 0x6, 0x7, "aa68672630530b9d1eaa35124e13ce1292e27d61d13539344c549afc9898126a"}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f00000000c0)) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1, {0x3}}, './file0\x00'}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1) sendmsg$NL80211_CMD_START_P2P_DEVICE(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r3, 0x100, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008810}, 0x20000000) fsync(r0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000280)={0xb7a, 0x54b, 0x1, 0x0, 0x7fff}, 0x14) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), r2) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000340)={0x2, &(0x7f0000000300)=[{0xfffe, 0x4, 0x31, 0x9}, {0x6efd, 0xbe, 0x81, 0x3}]}) ioctl$BTRFS_IOC_BALANCE_CTL(r5, 0x40049421, 0x0) r6 = open$dir(&(0x7f0000000380)='./file1\x00', 0x4001, 0x0) sendfile(r1, r6, &(0x7f00000003c0)=0xaa, 0x9) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x40, r3, 0x300, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x7a7}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x12, 0xcd, [0x7, 0xfff, 0x2800, 0x3, 0x800, 0x8, 0x1]}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x803}]}, 0x40}, 0x1, 0x0, 0x0, 0x48000}, 0x4001) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, &(0x7f00000005c0)={'ip6gre0\x00', &(0x7f0000000540)={'syztnl0\x00', 0x0, 0x2f, 0x0, 0x0, 0x5, 0x32, @private2={0xfc, 0x2, '\x00', 0x1}, @local, 0x10, 0x8000, 0xeb, 0x8001}}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f00000007c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000780)={&(0x7f0000000600)={0x158, r4, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x158}, 0x1, 0x0, 0x0, 0x8000}, 0x10) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x58, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4004040}, 0x8800) 23:12:37 executing program 6: setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x14) setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000040)={{0xa, 0x4e23, 0x8, @dev={0xfe, 0x80, '\x00', 0x3c}}, {0xa, 0x4e20, 0x5, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x9}, 0x81, [0xd29, 0x81, 0x0, 0x3, 0x16f, 0x40, 0x81, 0x69f]}, 0x5c) r0 = socket(0x9, 0x3, 0x1d) r1 = accept4$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000100)=0x1c, 0x800) r2 = syz_io_uring_setup(0x35f2, &(0x7f0000000140)={0x0, 0xc562, 0x0, 0x0, 0x51}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000200)) r4 = syz_io_uring_setup(0x1886, &(0x7f0000000240)={0x0, 0x3962, 0x8, 0x1, 0x354, 0x0, r2}, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000002c0), &(0x7f0000000300)) syz_io_uring_setup(0x4b46, &(0x7f0000000340)={0x0, 0xce71, 0x2, 0x0, 0x2db, 0x0, r2}, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=0x0) syz_io_uring_submit(r3, r5, &(0x7f00000004c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x5e3, 0x0, &(0x7f0000000440)="7064e7e8b4424a44f3a90113630748123a9754f21cd77d855fbe6f384ab4f3f3020b8e5df9524962be7fc7d19a0218cf0f0a18785dfd29ae5c46f7d4e861f7efe9d4b85f49887e1e484f9a9351aafe37a1966390669b595bccc9f8be4c1227e90c852b9dbe0f73101a87c6e3e3a77e04ee67a970464a54b5", 0x1, 0x0, 0x1, {0x2}}, 0x1f) getsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000500), &(0x7f0000000540)=0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000005c0)) r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000600), 0x1, 0x0) preadv(r6, &(0x7f0000000840)=[{&(0x7f0000000640)=""/218, 0xda}, {&(0x7f0000000740)=""/203, 0xcb}], 0x2, 0x1f, 0x7a) connect$inet6(r1, &(0x7f0000000880)={0xa, 0x4e24, 0x400, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}, 0x1c) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) clock_gettime(0x0, &(0x7f0000000900)={0x0, 0x0}) ppoll(&(0x7f00000008c0)=[{r7, 0x8}], 0x1, &(0x7f0000000940)={r8, r9+60000000}, &(0x7f0000000980)={[0xfffffffffffffffa]}, 0x8) ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, &(0x7f00000009c0)={0x3, 0x800}) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x6, 0x10, r4, 0x0) syz_io_uring_submit(r10, 0x0, &(0x7f0000000a00)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x1}, 0x6) 23:12:37 executing program 7: lseek(0xffffffffffffffff, 0x9, 0x3) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3, 0xe02}}, './file0\x00'}) r1 = openat(r0, &(0x7f0000000040)='./file0\x00', 0x80481, 0x100) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r4) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0xac}}, './file0\x00'}) pread64(r5, &(0x7f00000000c0)=""/235, 0xeb, 0xccca) mount$9p_unix(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x1, &(0x7f0000000280)={'trans=unix,', {[{@access_client}, {@debug={'debug', 0x3d, 0x1ff8000000000000}}, {@debug}, {@access_any}, {@access_client}, {@cache_mmap}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@aname={'aname', 0x3d, '\'\\\xa92)^!'}}], [{@subj_type={'subj_type', 0x3d, '.:-],%)@:&#'}}, {@euid_lt={'euid<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x1a}}, {@audit}, {@obj_user={'obj_user', 0x3d, '&@%{\'-$:'}}, {@fsname={'fsname', 0x3d, ']/}-)'}}, {@obj_role={'obj_role', 0x3d, '%]\x19&\xfb{}'}}]}}) r6 = openat$null(0xffffffffffffff9c, &(0x7f00000003c0), 0x305080, 0x0) ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r2) listen(0xffffffffffffffff, 0x1ca) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0, {r1}}, './file0\x00'}) ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r3) ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000480)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) [ 68.558264] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.560799] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.562399] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.565237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.567091] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.569024] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.575102] Bluetooth: hci1: HCI_REQ-0x0c1a [ 68.585402] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.587670] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.613872] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.617385] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.619950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.630023] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.631731] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 68.633401] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.634621] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 68.635794] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.636852] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.638003] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 68.639341] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.641678] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.644681] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.646428] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 68.648341] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.649761] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 68.650748] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 68.654919] Bluetooth: hci0: HCI_REQ-0x0c1a [ 68.656495] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 68.658246] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.659912] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.662190] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.666983] Bluetooth: hci4: HCI_REQ-0x0c1a [ 68.668020] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.675598] Bluetooth: hci3: HCI_REQ-0x0c1a [ 68.690292] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 68.692782] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 68.695276] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 68.696756] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 68.701130] Bluetooth: hci6: HCI_REQ-0x0c1a [ 68.716771] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 68.717290] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 68.720429] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 68.721985] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 68.723369] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 68.728046] Bluetooth: hci5: HCI_REQ-0x0c1a [ 68.741733] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 68.745766] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 68.749710] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 68.757433] Bluetooth: hci7: HCI_REQ-0x0c1a [ 70.636976] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 70.638797] Bluetooth: hci1: command 0x0409 tx timeout [ 70.700606] Bluetooth: hci3: command 0x0409 tx timeout [ 70.701683] Bluetooth: hci4: command 0x0409 tx timeout [ 70.702659] Bluetooth: hci0: command 0x0409 tx timeout [ 70.764668] Bluetooth: hci7: command 0x0409 tx timeout [ 70.765751] Bluetooth: hci5: command 0x0409 tx timeout [ 70.766709] Bluetooth: hci6: command 0x0409 tx timeout [ 72.684673] Bluetooth: hci1: command 0x041b tx timeout [ 72.748632] Bluetooth: hci0: command 0x041b tx timeout [ 72.749404] Bluetooth: hci4: command 0x041b tx timeout [ 72.750440] Bluetooth: hci3: command 0x041b tx timeout [ 72.812602] Bluetooth: hci6: command 0x041b tx timeout [ 72.813358] Bluetooth: hci5: command 0x041b tx timeout [ 72.814156] Bluetooth: hci7: command 0x041b tx timeout [ 74.732560] Bluetooth: hci1: command 0x040f tx timeout [ 74.796612] Bluetooth: hci3: command 0x040f tx timeout [ 74.797051] Bluetooth: hci4: command 0x040f tx timeout [ 74.797507] Bluetooth: hci0: command 0x040f tx timeout [ 74.860550] Bluetooth: hci7: command 0x040f tx timeout [ 74.861000] Bluetooth: hci5: command 0x040f tx timeout [ 74.861401] Bluetooth: hci6: command 0x040f tx timeout [ 75.757107] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 76.780599] Bluetooth: hci1: command 0x0419 tx timeout [ 76.844541] Bluetooth: hci0: command 0x0419 tx timeout [ 76.844958] Bluetooth: hci4: command 0x0419 tx timeout [ 76.845336] Bluetooth: hci3: command 0x0419 tx timeout [ 76.908524] Bluetooth: hci6: command 0x0419 tx timeout [ 76.908929] Bluetooth: hci5: command 0x0419 tx timeout [ 76.909321] Bluetooth: hci7: command 0x0419 tx timeout [ 78.274429] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.283082] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.284302] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.290602] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.295630] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 78.298005] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.303808] Bluetooth: hci2: HCI_REQ-0x0c1a [ 80.364629] Bluetooth: hci2: command 0x0409 tx timeout [ 82.412556] Bluetooth: hci2: command 0x041b tx timeout [ 84.460520] Bluetooth: hci2: command 0x040f tx timeout [ 86.508617] Bluetooth: hci2: command 0x0419 tx timeout 23:13:32 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = openat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x26e1, 0x62) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) readv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/79, 0x4f}], 0x1) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file1\x00'}) syncfs(r1) [ 122.139262] audit: type=1400 audit(1664752412.379:7): avc: denied { open } for pid=3742 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.140833] audit: type=1400 audit(1664752412.379:8): avc: denied { kernel } for pid=3742 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.157096] ------------[ cut here ]------------ [ 122.157121] [ 122.157125] ====================================================== [ 122.157128] WARNING: possible circular locking dependency detected [ 122.157133] 6.0.0-rc7-next-20220930 #1 Not tainted [ 122.157139] ------------------------------------------------------ [ 122.157142] syz-executor.2/3744 is trying to acquire lock: [ 122.157149] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 122.157188] [ 122.157188] but task is already holding lock: [ 122.157191] ffff88800ea27c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 122.157217] [ 122.157217] which lock already depends on the new lock. [ 122.157217] [ 122.157220] [ 122.157220] the existing dependency chain (in reverse order) is: [ 122.157223] [ 122.157223] -> #3 (&ctx->lock){....}-{2:2}: [ 122.157237] _raw_spin_lock+0x2a/0x40 [ 122.157248] __perf_event_task_sched_out+0x53b/0x18d0 [ 122.157259] __schedule+0xedd/0x2470 [ 122.157273] schedule+0xda/0x1b0 [ 122.157286] exit_to_user_mode_prepare+0x114/0x1a0 [ 122.157299] syscall_exit_to_user_mode+0x19/0x40 [ 122.157312] do_syscall_64+0x48/0x90 [ 122.157329] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.157342] [ 122.157342] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 122.157355] _raw_spin_lock_nested+0x30/0x40 [ 122.157366] raw_spin_rq_lock_nested+0x1e/0x30 [ 122.157379] task_fork_fair+0x63/0x4d0 [ 122.157395] sched_cgroup_fork+0x3d0/0x540 [ 122.157410] copy_process+0x4183/0x6e20 [ 122.157420] kernel_clone+0xe7/0x890 [ 122.157430] user_mode_thread+0xad/0xf0 [ 122.157440] rest_init+0x24/0x250 [ 122.157451] arch_call_rest_init+0xf/0x14 [ 122.157469] start_kernel+0x4c6/0x4eb [ 122.157484] secondary_startup_64_no_verify+0xe0/0xeb [ 122.157498] [ 122.157498] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 122.157512] _raw_spin_lock_irqsave+0x39/0x60 [ 122.157523] try_to_wake_up+0xab/0x1930 [ 122.157535] up+0x75/0xb0 [ 122.157549] __up_console_sem+0x6e/0x80 [ 122.157565] console_unlock+0x46a/0x590 [ 122.157581] vt_ioctl+0x2822/0x2ca0 [ 122.157592] tty_ioctl+0x785/0x16b0 [ 122.157603] __x64_sys_ioctl+0x19a/0x210 [ 122.157616] do_syscall_64+0x3b/0x90 [ 122.157633] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.157645] [ 122.157645] -> #0 ((console_sem).lock){....}-{2:2}: [ 122.157659] __lock_acquire+0x2a02/0x5e70 [ 122.157675] lock_acquire+0x1a2/0x530 [ 122.157691] _raw_spin_lock_irqsave+0x39/0x60 [ 122.157702] down_trylock+0xe/0x70 [ 122.157716] __down_trylock_console_sem+0x3b/0xd0 [ 122.157732] vprintk_emit+0x16b/0x560 [ 122.157748] vprintk+0x84/0xa0 [ 122.157763] _printk+0xba/0xf1 [ 122.157775] report_bug.cold+0x72/0xab [ 122.157791] handle_bug+0x3c/0x70 [ 122.157807] exc_invalid_op+0x14/0x50 [ 122.157823] asm_exc_invalid_op+0x16/0x20 [ 122.157835] group_sched_out.part.0+0x2c7/0x460 [ 122.157853] ctx_sched_out+0x8f1/0xc10 [ 122.157870] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.157880] __schedule+0xedd/0x2470 [ 122.157894] schedule+0xda/0x1b0 [ 122.157907] exit_to_user_mode_prepare+0x114/0x1a0 [ 122.157917] syscall_exit_to_user_mode+0x19/0x40 [ 122.157930] do_syscall_64+0x48/0x90 [ 122.157946] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.157958] [ 122.157958] other info that might help us debug this: [ 122.157958] [ 122.157961] Chain exists of: [ 122.157961] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 122.157961] [ 122.157976] Possible unsafe locking scenario: [ 122.157976] [ 122.157979] CPU0 CPU1 [ 122.157981] ---- ---- [ 122.157983] lock(&ctx->lock); [ 122.157989] lock(&rq->__lock); [ 122.157995] lock(&ctx->lock); [ 122.158001] lock((console_sem).lock); [ 122.158007] [ 122.158007] *** DEADLOCK *** [ 122.158007] [ 122.158009] 2 locks held by syz-executor.2/3744: [ 122.158016] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 122.158045] #1: ffff88800ea27c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 122.158071] [ 122.158071] stack backtrace: [ 122.158074] CPU: 0 PID: 3744 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 122.158086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 122.158094] Call Trace: [ 122.158097] [ 122.158102] dump_stack_lvl+0x8b/0xb3 [ 122.158120] check_noncircular+0x263/0x2e0 [ 122.158136] ? format_decode+0x26c/0xb50 [ 122.158152] ? print_circular_bug+0x450/0x450 [ 122.158169] ? simple_strtoul+0x30/0x30 [ 122.158185] ? format_decode+0x26c/0xb50 [ 122.158202] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 122.158219] __lock_acquire+0x2a02/0x5e70 [ 122.158241] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 122.158263] lock_acquire+0x1a2/0x530 [ 122.158279] ? down_trylock+0xe/0x70 [ 122.158296] ? lock_release+0x750/0x750 [ 122.158317] ? vprintk+0x84/0xa0 [ 122.158334] _raw_spin_lock_irqsave+0x39/0x60 [ 122.158345] ? down_trylock+0xe/0x70 [ 122.158361] down_trylock+0xe/0x70 [ 122.158377] ? vprintk+0x84/0xa0 [ 122.158394] __down_trylock_console_sem+0x3b/0xd0 [ 122.158411] vprintk_emit+0x16b/0x560 [ 122.158429] vprintk+0x84/0xa0 [ 122.158446] _printk+0xba/0xf1 [ 122.158458] ? record_print_text.cold+0x16/0x16 [ 122.158474] ? report_bug.cold+0x66/0xab [ 122.158491] ? group_sched_out.part.0+0x2c7/0x460 [ 122.158509] report_bug.cold+0x72/0xab [ 122.158528] handle_bug+0x3c/0x70 [ 122.158545] exc_invalid_op+0x14/0x50 [ 122.158563] asm_exc_invalid_op+0x16/0x20 [ 122.158576] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 122.158596] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 122.158607] RSP: 0018:ffff888015fc7c48 EFLAGS: 00010006 [ 122.158616] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.158624] RDX: ffff88803a35d040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 122.158631] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 122.158638] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800ea27c00 [ 122.158646] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 122.158657] ? group_sched_out.part.0+0x2c7/0x460 [ 122.158677] ? group_sched_out.part.0+0x2c7/0x460 [ 122.158696] ctx_sched_out+0x8f1/0xc10 [ 122.158716] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.158730] ? lock_is_held_type+0xd7/0x130 [ 122.158743] ? __perf_cgroup_move+0x160/0x160 [ 122.158754] ? set_next_entity+0x304/0x550 [ 122.158772] ? update_curr+0x267/0x740 [ 122.158790] ? lock_is_held_type+0xd7/0x130 [ 122.158804] __schedule+0xedd/0x2470 [ 122.158821] ? io_schedule_timeout+0x150/0x150 [ 122.158837] ? rcu_read_lock_sched_held+0x3e/0x80 [ 122.158858] schedule+0xda/0x1b0 [ 122.158873] exit_to_user_mode_prepare+0x114/0x1a0 [ 122.158885] syscall_exit_to_user_mode+0x19/0x40 [ 122.158898] do_syscall_64+0x48/0x90 [ 122.158916] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.158929] RIP: 0033:0x7f8cae69eb19 [ 122.158937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.158947] RSP: 002b:00007f8cabc14218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.158958] RAX: 0000000000000001 RBX: 00007f8cae7b1f68 RCX: 00007f8cae69eb19 [ 122.158965] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8cae7b1f6c [ 122.158973] RBP: 00007f8cae7b1f60 R08: 000000000000000e R09: 0000000000000000 [ 122.158980] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8cae7b1f6c [ 122.158987] R13: 00007fff1231b49f R14: 00007f8cabc14300 R15: 0000000000022000 [ 122.158999] [ 122.214012] WARNING: CPU: 0 PID: 3744 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 122.214691] Modules linked in: [ 122.214933] CPU: 0 PID: 3744 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 122.215519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 122.216357] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 122.216764] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 122.218084] RSP: 0018:ffff888015fc7c48 EFLAGS: 00010006 [ 122.218480] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.219005] RDX: ffff88803a35d040 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 122.219520] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 122.220043] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800ea27c00 [ 122.220561] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 122.221079] FS: 00007f8cabc14700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 122.221674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.222106] CR2: 00007fa156a071f0 CR3: 0000000037912000 CR4: 0000000000350ef0 [ 122.222626] Call Trace: [ 122.222818] [ 122.222986] ctx_sched_out+0x8f1/0xc10 [ 122.223282] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.223662] ? lock_is_held_type+0xd7/0x130 [ 122.223991] ? __perf_cgroup_move+0x160/0x160 [ 122.224326] ? set_next_entity+0x304/0x550 [ 122.224649] ? update_curr+0x267/0x740 [ 122.224951] ? lock_is_held_type+0xd7/0x130 [ 122.225272] __schedule+0xedd/0x2470 [ 122.225556] ? io_schedule_timeout+0x150/0x150 [ 122.225900] ? rcu_read_lock_sched_held+0x3e/0x80 [ 122.226274] schedule+0xda/0x1b0 [ 122.226533] exit_to_user_mode_prepare+0x114/0x1a0 [ 122.226900] syscall_exit_to_user_mode+0x19/0x40 [ 122.227256] do_syscall_64+0x48/0x90 [ 122.227539] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.227922] RIP: 0033:0x7f8cae69eb19 [ 122.228199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.229529] RSP: 002b:00007f8cabc14218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.230088] RAX: 0000000000000001 RBX: 00007f8cae7b1f68 RCX: 00007f8cae69eb19 [ 122.230610] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8cae7b1f6c [ 122.231131] RBP: 00007f8cae7b1f60 R08: 000000000000000e R09: 0000000000000000 [ 122.231661] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8cae7b1f6c [ 122.232197] R13: 00007fff1231b49f R14: 00007f8cabc14300 R15: 0000000000022000 [ 122.232720] [ 122.232895] irq event stamp: 636 [ 122.233138] hardirqs last enabled at (635): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 122.233818] hardirqs last disabled at (636): [] __schedule+0x1225/0x2470 [ 122.234425] softirqs last enabled at (0): [] copy_process+0x1e15/0x6e20 [ 122.235027] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.235496] ---[ end trace 0000000000000000 ]--- 23:13:32 executing program 3: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000000c0)=0x11) io_submit(0x0, 0x5, &(0x7f0000000480)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x3, 0x9, r0, &(0x7f0000000180)="799f2fbd19cdb4078cad1921c0329c09ec57535ea52c20d7ddf70ffb1eea83433373911b4f81dab308fdf2495f101055e55fa4c3f8ef3a6b920d7ebc550f1a9a06f6e564b80b65357588a6ea", 0x4c, 0xfff}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0xb, 0x78, r1, &(0x7f0000000240)="74027e7c08583aac9b80a839c3471a", 0xf, 0x5, 0x0, 0x3}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x3, 0x4, r2, &(0x7f0000000340)="c22589004fdac6659a141a503b0f3e415293bfe461848b9df6c5f4206a4e2b593ce89cf96d1172c59ab9396e6619504e0112a0cd53dcfbd74e8b63dfbc552d4aaa08da0cd14cd7eafa462591b800b6b78e6b50c206f4203c866b158cd22ebc312f", 0x61, 0x0, 0x0, 0x1}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x6, 0x8, r0, &(0x7f00000005c0)="feb1a716c04ab705f3a5fdfe78e875b051a1eb5da100389d307ca8a9dba87e7ddd850987c9a1d951dbb1224d07be0c4ee44f88759344ecc702c4570785deb68aefebd638873c319557167e7672babc438ab615636b0a9f5931d5c5ce90c4f67918e138322355e5afe957f29c746c6fde8ea60556edad99c1fac0965deb12f303d659dd8443a60591a375a331c5b30d8b8d79a6681344746b25a9f350518c90a1cd0f4c01224aa242774e4288c6b29e266e0bc2b358001c25462671ac847508f7fd2676be0d915c48ed566e5d8743d2c167b933987defb533809cbed260d31349cc7f659813f1bd0d6f01", 0xea, 0x4, 0x0, 0x3}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f00000006c0)="fc37e85c843e79a6ffc7e301b786b7e045305f2f99202a5fa15b8a19c705a1f9c3e01ffecd6ff747418b45cc2d9c4bf9dee67b9bc5d9d24b85ca7a44dab871d8dbc69e233eeb577ecb3d4044136540a157fd6b7747069bed5622f6d1290e925784322e7ffeccc5e0ca9c4ffd1ab2741c73d7a5a389ce70b39a6af482d5bf556f6b0e7c1869dc834de6a2a5e03eaff803bf665789d44fc2b1dc330a2ffd4ac661ba8e0976e15514fbb9a95ea07b1808779a43842fd04ecde2c67e4b8abc728fb38739e49791ab23b3bc0972a1930ed1a6fb862c3cd316b80c3ab59755f37d97f7d9a281afeb2b1ee1", 0xe8, 0x3, 0x0, 0x3}]) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002, 0xa824}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r1, 0x80083313, &(0x7f0000000000)) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000540)={0x0, 0x0}) perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0x3, 0x0, 0x3f, 0x5d, 0x0, 0x9, 0x80000, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80000009, 0x4, @perf_config_ext={0x3, 0xfc0000000}, 0x12198, 0x1000, 0x0, 0x0, 0x8, 0x2, 0x9, 0x0, 0x9, 0x0, 0x5}, r3, 0x2, 0xffffffffffffffff, 0x3) getpid() lchown(&(0x7f0000000140)='./file0\x00', 0xee01, 0xee01) 23:13:32 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = openat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x26e1, 0x62) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) readv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/79, 0x4f}], 0x1) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file1\x00'}) syncfs(r1) 23:13:33 executing program 3: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000000c0)=0x11) io_submit(0x0, 0x5, &(0x7f0000000480)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x3, 0x9, r0, &(0x7f0000000180)="799f2fbd19cdb4078cad1921c0329c09ec57535ea52c20d7ddf70ffb1eea83433373911b4f81dab308fdf2495f101055e55fa4c3f8ef3a6b920d7ebc550f1a9a06f6e564b80b65357588a6ea", 0x4c, 0xfff}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0xb, 0x78, r1, &(0x7f0000000240)="74027e7c08583aac9b80a839c3471a", 0xf, 0x5, 0x0, 0x3}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x3, 0x4, r2, &(0x7f0000000340)="c22589004fdac6659a141a503b0f3e415293bfe461848b9df6c5f4206a4e2b593ce89cf96d1172c59ab9396e6619504e0112a0cd53dcfbd74e8b63dfbc552d4aaa08da0cd14cd7eafa462591b800b6b78e6b50c206f4203c866b158cd22ebc312f", 0x61, 0x0, 0x0, 0x1}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x6, 0x8, r0, &(0x7f00000005c0)="feb1a716c04ab705f3a5fdfe78e875b051a1eb5da100389d307ca8a9dba87e7ddd850987c9a1d951dbb1224d07be0c4ee44f88759344ecc702c4570785deb68aefebd638873c319557167e7672babc438ab615636b0a9f5931d5c5ce90c4f67918e138322355e5afe957f29c746c6fde8ea60556edad99c1fac0965deb12f303d659dd8443a60591a375a331c5b30d8b8d79a6681344746b25a9f350518c90a1cd0f4c01224aa242774e4288c6b29e266e0bc2b358001c25462671ac847508f7fd2676be0d915c48ed566e5d8743d2c167b933987defb533809cbed260d31349cc7f659813f1bd0d6f01", 0xea, 0x4, 0x0, 0x3}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f00000006c0)="fc37e85c843e79a6ffc7e301b786b7e045305f2f99202a5fa15b8a19c705a1f9c3e01ffecd6ff747418b45cc2d9c4bf9dee67b9bc5d9d24b85ca7a44dab871d8dbc69e233eeb577ecb3d4044136540a157fd6b7747069bed5622f6d1290e925784322e7ffeccc5e0ca9c4ffd1ab2741c73d7a5a389ce70b39a6af482d5bf556f6b0e7c1869dc834de6a2a5e03eaff803bf665789d44fc2b1dc330a2ffd4ac661ba8e0976e15514fbb9a95ea07b1808779a43842fd04ecde2c67e4b8abc728fb38739e49791ab23b3bc0972a1930ed1a6fb862c3cd316b80c3ab59755f37d97f7d9a281afeb2b1ee1", 0xe8, 0x3, 0x0, 0x3}]) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002, 0xa824}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r1, 0x80083313, &(0x7f0000000000)) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000540)={0x0, 0x0}) perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0x3, 0x0, 0x3f, 0x5d, 0x0, 0x9, 0x80000, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80000009, 0x4, @perf_config_ext={0x3, 0xfc0000000}, 0x12198, 0x1000, 0x0, 0x0, 0x8, 0x2, 0x9, 0x0, 0x9, 0x0, 0x5}, r3, 0x2, 0xffffffffffffffff, 0x3) getpid() lchown(&(0x7f0000000140)='./file0\x00', 0xee01, 0xee01) 23:13:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d5f4655fd5f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="00000000000000000000000091b73ef4b8d944c4be6aeaa0d6c47e6c010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000014a00)) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x101800) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000a40)={{0x9}}) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) setxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.advise\x00', &(0x7f00000001c0)='\x00', 0x1, 0x2) [ 122.935949] loop4: detected capacity change from 0 to 16 [ 122.949653] EXT4-fs (loop4): fragment/cluster size (65536) != block size (4096) 23:13:33 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = openat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x26e1, 0x62) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) readv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/79, 0x4f}], 0x1) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file1\x00'}) syncfs(r1) [ 123.041331] loop4: detected capacity change from 0 to 16 [ 123.049394] EXT4-fs (loop4): fragment/cluster size (65536) != block size (4096) 23:13:33 executing program 2: shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ffc000/0x4000)=nil) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x6000) socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil) shmat(r1, &(0x7f0000ffe000/0x2000)=nil, 0x4000) 23:13:33 executing program 4: r0 = epoll_create(0x1) r1 = socket$packet(0x11, 0x3, 0x300) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x60000017}) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0) epoll_pwait(r0, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r2, 0x40505330, &(0x7f0000000a40)={{0x9}}) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r3, 0x40505330, &(0x7f0000000a40)={{0x9}}) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40000, 0x1) write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file0', [{0x20, '\x00'}, {}], 0xa, "935e1d7fe750"}, 0x14) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000000)={0x0, r3, 0x5, 0xfff, 0x74}) [ 123.234310] audit: type=1400 audit(1664752413.474:9): avc: denied { block_suspend } for pid=3830 comm="syz-executor.4" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 VM DIAGNOSIS: 23:13:32 Registers: info registers vcpu 0 RAX=000000000000006c RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff888015fc7690 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006c R11=0000000000000001 R12=000000000000006c R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f8cabc14700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa156a071f0 CR3=0000000037912000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f8cae7857c0 00007f8cae7857c8 YMM02=0000000000000000 0000000000000000 00007f8cae7857e0 00007f8cae7857c0 YMM03=0000000000000000 0000000000000000 00007f8cae7857c8 00007f8cae7857c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=1ffffd40003676d0 RBX=ffff888035ef7c60 RCX=ffffffff815b5c9e RDX=fffff940003676d1 RSI=0000000000000008 RDI=ffffea0001b3b680 RBP=ffffea0001b3b680 RSP=ffff888035ef7b48 R8 =0000000000000000 R9 =ffffea0001b3b687 R10=fffff940003676d0 R11=0000000000000001 R12=0100000000020036 R13=dffffc0000000000 R14=ffff88800bd30000 R15=00000000000000a3 RIP=ffffffff815b5cb4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe377b83540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe377c408b0 CR3=000000001d9ae000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ff00ffffffffffff 0000000000000000 YMM01=0000000000000000 0000000000000000 0100010001000000 ffffffffffffffff YMM02=0000000000000000 0000000000000000 0500050005000000 455441564952505f YMM03=0000000000000000 0000000000000000 0000000000000000 000000564952505f YMM04=0000000000000000 0000000000000000 0003000500050005 0005000000455441 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000