Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:45955' (ECDSA) to the list of known hosts. 2022/10/04 07:08:09 fuzzer started 2022/10/04 07:08:10 dialing manager at localhost:35095 syzkaller login: [ 35.939693] cgroup: Unknown subsys name 'net' [ 36.032904] cgroup: Unknown subsys name 'rlimit' 2022/10/04 07:08:24 syscalls: 2215 2022/10/04 07:08:24 code coverage: enabled 2022/10/04 07:08:24 comparison tracing: enabled 2022/10/04 07:08:24 extra coverage: enabled 2022/10/04 07:08:24 setuid sandbox: enabled 2022/10/04 07:08:24 namespace sandbox: enabled 2022/10/04 07:08:24 Android sandbox: enabled 2022/10/04 07:08:24 fault injection: enabled 2022/10/04 07:08:24 leak checking: enabled 2022/10/04 07:08:24 net packet injection: enabled 2022/10/04 07:08:24 net device setup: enabled 2022/10/04 07:08:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/04 07:08:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/04 07:08:24 USB emulation: enabled 2022/10/04 07:08:24 hci packet injection: enabled 2022/10/04 07:08:24 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/04 07:08:24 802.15.4 emulation: enabled 2022/10/04 07:08:24 fetching corpus: 50, signal 33557/35337 (executing program) 2022/10/04 07:08:24 fetching corpus: 100, signal 45183/48611 (executing program) 2022/10/04 07:08:24 fetching corpus: 150, signal 54539/59514 (executing program) 2022/10/04 07:08:24 fetching corpus: 200, signal 58734/65242 (executing program) 2022/10/04 07:08:25 fetching corpus: 250, signal 61015/69048 (executing program) 2022/10/04 07:08:25 fetching corpus: 300, signal 63496/73028 (executing program) 2022/10/04 07:08:25 fetching corpus: 350, signal 66357/77395 (executing program) 2022/10/04 07:08:25 fetching corpus: 400, signal 71810/84211 (executing program) 2022/10/04 07:08:25 fetching corpus: 450, signal 80023/93464 (executing program) 2022/10/04 07:08:25 fetching corpus: 500, signal 82863/97618 (executing program) 2022/10/04 07:08:25 fetching corpus: 550, signal 85966/101979 (executing program) 2022/10/04 07:08:25 fetching corpus: 600, signal 90528/107666 (executing program) 2022/10/04 07:08:25 fetching corpus: 650, signal 97099/115129 (executing program) 2022/10/04 07:08:26 fetching corpus: 700, signal 100088/119287 (executing program) 2022/10/04 07:08:26 fetching corpus: 750, signal 102103/122475 (executing program) 2022/10/04 07:08:26 fetching corpus: 800, signal 104068/125589 (executing program) 2022/10/04 07:08:26 fetching corpus: 850, signal 105868/128518 (executing program) 2022/10/04 07:08:26 fetching corpus: 900, signal 107792/131574 (executing program) 2022/10/04 07:08:26 fetching corpus: 950, signal 110436/135207 (executing program) 2022/10/04 07:08:26 fetching corpus: 1000, signal 111887/137786 (executing program) 2022/10/04 07:08:26 fetching corpus: 1050, signal 113205/140216 (executing program) 2022/10/04 07:08:26 fetching corpus: 1100, signal 114962/142962 (executing program) 2022/10/04 07:08:27 fetching corpus: 1150, signal 117466/146405 (executing program) 2022/10/04 07:08:27 fetching corpus: 1200, signal 119138/149110 (executing program) 2022/10/04 07:08:27 fetching corpus: 1250, signal 122664/153333 (executing program) 2022/10/04 07:08:27 fetching corpus: 1300, signal 124041/155741 (executing program) 2022/10/04 07:08:27 fetching corpus: 1350, signal 124942/157722 (executing program) 2022/10/04 07:08:27 fetching corpus: 1400, signal 126329/160092 (executing program) 2022/10/04 07:08:27 fetching corpus: 1450, signal 127972/162648 (executing program) 2022/10/04 07:08:28 fetching corpus: 1500, signal 129678/165194 (executing program) 2022/10/04 07:08:28 fetching corpus: 1550, signal 130938/167409 (executing program) 2022/10/04 07:08:28 fetching corpus: 1600, signal 133191/170399 (executing program) 2022/10/04 07:08:28 fetching corpus: 1650, signal 134200/172368 (executing program) 2022/10/04 07:08:28 fetching corpus: 1700, signal 135241/174311 (executing program) 2022/10/04 07:08:28 fetching corpus: 1750, signal 137624/177357 (executing program) 2022/10/04 07:08:28 fetching corpus: 1800, signal 138657/179261 (executing program) 2022/10/04 07:08:28 fetching corpus: 1850, signal 139599/181086 (executing program) 2022/10/04 07:08:28 fetching corpus: 1900, signal 141105/183371 (executing program) 2022/10/04 07:08:29 fetching corpus: 1950, signal 142774/185738 (executing program) 2022/10/04 07:08:29 fetching corpus: 2000, signal 143824/187642 (executing program) 2022/10/04 07:08:29 fetching corpus: 2050, signal 145132/189708 (executing program) 2022/10/04 07:08:29 fetching corpus: 2100, signal 145617/191183 (executing program) 2022/10/04 07:08:29 fetching corpus: 2150, signal 146707/193070 (executing program) 2022/10/04 07:08:29 fetching corpus: 2200, signal 148219/195245 (executing program) 2022/10/04 07:08:29 fetching corpus: 2250, signal 149393/197142 (executing program) 2022/10/04 07:08:29 fetching corpus: 2300, signal 150085/198721 (executing program) 2022/10/04 07:08:29 fetching corpus: 2350, signal 151414/200740 (executing program) 2022/10/04 07:08:30 fetching corpus: 2400, signal 152980/202903 (executing program) 2022/10/04 07:08:30 fetching corpus: 2450, signal 154568/205085 (executing program) 2022/10/04 07:08:30 fetching corpus: 2500, signal 155227/206569 (executing program) 2022/10/04 07:08:30 fetching corpus: 2550, signal 156386/208395 (executing program) 2022/10/04 07:08:30 fetching corpus: 2600, signal 157614/210242 (executing program) 2022/10/04 07:08:30 fetching corpus: 2650, signal 158196/211687 (executing program) 2022/10/04 07:08:30 fetching corpus: 2700, signal 159254/213416 (executing program) 2022/10/04 07:08:30 fetching corpus: 2750, signal 160110/214998 (executing program) 2022/10/04 07:08:31 fetching corpus: 2800, signal 161184/216639 (executing program) 2022/10/04 07:08:31 fetching corpus: 2850, signal 162040/218150 (executing program) 2022/10/04 07:08:31 fetching corpus: 2900, signal 164492/220674 (executing program) 2022/10/04 07:08:31 fetching corpus: 2950, signal 165761/222479 (executing program) 2022/10/04 07:08:31 fetching corpus: 3000, signal 166488/223899 (executing program) 2022/10/04 07:08:31 fetching corpus: 3050, signal 167528/225505 (executing program) 2022/10/04 07:08:31 fetching corpus: 3100, signal 168137/226809 (executing program) 2022/10/04 07:08:32 fetching corpus: 3150, signal 168665/228064 (executing program) 2022/10/04 07:08:32 fetching corpus: 3200, signal 169082/229263 (executing program) 2022/10/04 07:08:32 fetching corpus: 3250, signal 169474/230418 (executing program) 2022/10/04 07:08:32 fetching corpus: 3300, signal 170233/231761 (executing program) 2022/10/04 07:08:32 fetching corpus: 3350, signal 170932/233152 (executing program) 2022/10/04 07:08:32 fetching corpus: 3400, signal 171729/234555 (executing program) 2022/10/04 07:08:32 fetching corpus: 3450, signal 172362/235862 (executing program) 2022/10/04 07:08:32 fetching corpus: 3500, signal 173031/237226 (executing program) 2022/10/04 07:08:32 fetching corpus: 3550, signal 173550/238456 (executing program) 2022/10/04 07:08:32 fetching corpus: 3600, signal 174367/239884 (executing program) 2022/10/04 07:08:33 fetching corpus: 3650, signal 175179/241208 (executing program) 2022/10/04 07:08:33 fetching corpus: 3700, signal 175793/242465 (executing program) 2022/10/04 07:08:33 fetching corpus: 3750, signal 176337/243692 (executing program) 2022/10/04 07:08:33 fetching corpus: 3800, signal 176841/244831 (executing program) 2022/10/04 07:08:33 fetching corpus: 3850, signal 177524/246088 (executing program) 2022/10/04 07:08:33 fetching corpus: 3900, signal 178031/247203 (executing program) 2022/10/04 07:08:33 fetching corpus: 3950, signal 178291/248216 (executing program) 2022/10/04 07:08:33 fetching corpus: 4000, signal 178995/249415 (executing program) 2022/10/04 07:08:33 fetching corpus: 4050, signal 179569/250540 (executing program) 2022/10/04 07:08:34 fetching corpus: 4100, signal 180367/251797 (executing program) 2022/10/04 07:08:34 fetching corpus: 4150, signal 180976/252971 (executing program) 2022/10/04 07:08:34 fetching corpus: 4200, signal 181402/254093 (executing program) 2022/10/04 07:08:34 fetching corpus: 4250, signal 182290/255390 (executing program) 2022/10/04 07:08:34 fetching corpus: 4300, signal 183009/256588 (executing program) 2022/10/04 07:08:34 fetching corpus: 4350, signal 183791/257789 (executing program) 2022/10/04 07:08:34 fetching corpus: 4400, signal 184651/258982 (executing program) 2022/10/04 07:08:34 fetching corpus: 4450, signal 185122/260074 (executing program) 2022/10/04 07:08:35 fetching corpus: 4500, signal 186129/261383 (executing program) 2022/10/04 07:08:35 fetching corpus: 4550, signal 187041/262517 (executing program) 2022/10/04 07:08:35 fetching corpus: 4600, signal 187584/263551 (executing program) 2022/10/04 07:08:35 fetching corpus: 4650, signal 188470/264734 (executing program) 2022/10/04 07:08:35 fetching corpus: 4700, signal 190070/266188 (executing program) 2022/10/04 07:08:35 fetching corpus: 4750, signal 190770/267292 (executing program) 2022/10/04 07:08:35 fetching corpus: 4800, signal 191573/268410 (executing program) 2022/10/04 07:08:35 fetching corpus: 4850, signal 192187/269475 (executing program) 2022/10/04 07:08:35 fetching corpus: 4900, signal 193122/270606 (executing program) 2022/10/04 07:08:36 fetching corpus: 4950, signal 194122/271745 (executing program) 2022/10/04 07:08:36 fetching corpus: 5000, signal 194730/272788 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/273587 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/274353 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/275119 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/275880 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/276646 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/277407 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/278170 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/278914 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/279692 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/280448 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/281217 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/281987 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/282759 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/283520 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/284285 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/285115 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/285888 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/286665 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/287435 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/288220 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/288970 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/289748 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/290537 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/291383 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/292164 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/292910 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/293662 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/294418 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/295202 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/295981 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/296736 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/297523 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/298301 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/299065 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/299814 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/300579 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/301360 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/302146 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/302954 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/303708 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/304485 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/305230 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/305996 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/306763 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/307507 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/308324 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/309130 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/309840 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/310604 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/311408 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/312154 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/312895 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/313705 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/314508 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/315273 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/316052 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/316734 (executing program) 2022/10/04 07:08:36 fetching corpus: 5013, signal 194825/316734 (executing program) 2022/10/04 07:08:39 starting 8 fuzzer processes 07:08:39 executing program 0: sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x94, 0x0, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan1\x00'}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:dmesg_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @loopback}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}]}, 0x94}, 0x1, 0x0, 0x0, 0x1}, 0x4001) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000010}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x2, 0x70bd2b, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x0) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0xc0, 0x1, 0x2, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@CTA_EXPECT_MASK={0xa0, 0x3, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0xa}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}}}]}, @CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40001}, 0x40c0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) sendmsg$IPCTNL_MSG_CT_GET_STATS(r0, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x3, 0x0, 0x3}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x20000800) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0xa4, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_SECCTX={0x24, 0x7, 'system_u:object_r:apt_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x3b}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x28}}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_SECCTX={0x1f, 0x7, 'system_u:object_r:man_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000680)) sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000a40)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a00)={&(0x7f0000000700)={0x2dc, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_WOL_SOPASS={0x96, 0x3, "2258a13b2338117bc20e61eebdf4b1e94415d19ab88e20d6e29569519401b0affe541a28eef7ca2da643ad388299e1cbab864325dd37411280976b3359515c2ca66dbfd6c2d4afdede65375427f7ef86d3a48a733dcde27ff8aa047ecd3bb5c88ef92692b22d5f69eb5a9730514906a1573be446f6680398867b56f37bd9687f19d6fee409da7e583334e0dca2d8f692f177"}, @ETHTOOL_A_WOL_MODES={0x90, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x80, 0x3, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7f}, @ETHTOOL_A_BITSET_BIT_NAME={0x1f, 0x2, 'system_u:object_r:man_t:s0\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '+\xb9)\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7e0}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x20}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}]}]}, @ETHTOOL_A_WOL_SOPASS={0x67, 0x3, "8e7ea1c1e04a05e269cc7a172efc19755507833f298281b75b0d4ebe4d997201f29d269dbbed75d75c65c1129f857c39efb7cbfa7efbfc4e328bf97d84af8b851a760c773481ae8b8d067520fe95bcba3477606bec040b0da6859d722d458cf2c40f5d"}, @ETHTOOL_A_WOL_HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_WOL_MODES={0xcc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x88, 0x3, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ')--\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x1f, 0x2, 'system_u:object_r:man_t:s0\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ',+\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'vlan1\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1f}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'Q.931\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, ':\\@+*.&\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x5}, @ETHTOOL_A_BITSET_MASK={0x2f, 0x5, "53583fa73d519fabbabc4931b17a655c6046dd246b58fb63857fc6fdd4cdea8d75e1ac735848324b93c516"}]}]}, 0x2dc}, 0x1, 0x0, 0x0, 0x8000}, 0x1) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000c00)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0xd8, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_KEY={0x84, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "3e70814db8bf470cf794a558f9a6edb6"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "3c5a3e8c9454ed93620173cf2cbbf8c9ab6051b1b637a7d26d8665495181893c"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "6fa67c5f3501a1af100c4541e1c1d2133f382ac4794b032787ac10de988bf313"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a86fd31058492bd308049a8f5e44697ffacdfd23c88eac56eba317311b8511d5"}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c80), r0) sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x10904933}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x34, r2, 0x10, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0xc, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x4c044) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x3c, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000001}, 0x800) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f0000001000)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0xcc, 0x0, 0x400, 0x70bd29, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x20004010}, 0x20044054) sendmsg$NET_DM_CMD_STOP(r1, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)={0x14, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20000080) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_KEY(r3, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x81}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000001380)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001340)={&(0x7f0000001280)={0x98, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xf4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xd18}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80000001}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6000}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x61}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x28, 0x1a}}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x1d}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6f}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xf8000000}]}, 0x98}}, 0x20000880) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001480)={&(0x7f00000013c0), 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x20, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008000}, 0x840) 07:08:39 executing program 1: ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'sit0\x00', &(0x7f0000000240)={'ip6gre0\x00', 0x0, 0x4, 0x5, 0x40, 0x401, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, 0x7, 0x8, 0x6, 0xffff}}) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)={0x11c, 0x0, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_FEATURES_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_FEATURES_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @ETHTOOL_A_FEATURES_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xb4, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xae, 0x4, "8e5e50650d38dcfa83eb9bb5bf7d3b900c65f1226b06d63aae0f9b69018bb0871ace0750743f4aeeb1b225b3f031480154d6b0f053117f786a06503d90aae48f7e1b48586a70985870eb5dbf67e605db916768e0c34e835e81fc1cde40c1a2cb081e974456e80f50d1f69a026447bc29d898ca00129b435f3fb393ca729b89c112786b4dd889062b62b0e2a3945527ddd84fa3596c90de3fe2a6ad7552b0b426319e1c7602f1027865df"}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x48041}, 0x4008024) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f00000004c0)='.log\x00', 0x840, 0x100) r2 = accept4$packet(r1, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000540)=0x14, 0x800) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000680)={&(0x7f00000005c0)={0xa4, 0x0, 0x300, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x47, 0xbe, "e21e417b5beaa245d8969004c2335c7bced2610246b4266a488b8e7409b778908a10cae1a86a064553a6904606d1f9ed1cc0218dfe77509f25c1748ab443c693b0fe34"}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0xd7}, @NL80211_ATTR_STA_CAPABILITY={0x6}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x4}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x35b}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x58278477, 0x81}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20008000}, 0x41) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000700)) syz_genetlink_get_family_id$batadv(&(0x7f0000000900), r1) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000009c0)={'syztnl1\x00', &(0x7f0000000940)={'ip6tnl0\x00', r0, 0x29, 0x3, 0x20, 0x9, 0x13, @private1={0xfc, 0x1, '\x00', 0x1}, @private0, 0x7, 0x7, 0xffffffff, 0x7}}) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000a00), 0x40800, 0x0) read$char_usb(r3, &(0x7f0000000a40)=""/181, 0xb5) poll(&(0x7f0000000b00)=[{r3, 0x8268}], 0x1, 0xb9be) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000b80), 0x50e00, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000b40), r4) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000c40)={'syztnl1\x00', &(0x7f0000000bc0)={'syztnl1\x00', 0x0, 0x2f, 0xff, 0x3, 0x24c, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @loopback, 0x1, 0x1, 0x7ff, 0x51e}}) ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000c80)={@local, 0x7f, r5}) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000cc0)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private2}, 0x0, @in6=@mcast2}}, &(0x7f0000000dc0)=0xe8) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000e80)={'sit0\x00', &(0x7f0000000e00)={'syztnl0\x00', r6, 0x29, 0x1, 0xa5, 0xb, 0x0, @remote, @remote, 0x1, 0x7, 0x5, 0xf7}}) syz_genetlink_get_family_id$batadv(&(0x7f0000000ec0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000fc0)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x34, 0x0, 0x4, 0x70bd28, 0x25dfdbfe, {{}, {}, {0x18, 0x18, {0x6, @bearer=@l2={'ib', 0x3a, 'virt_wifi0\x00'}}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x24048850}, 0x40001) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r2, 0x942e, 0x0) 07:08:39 executing program 2: capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)={0x8001, 0x3, 0x3, 0x70c5, 0x2, 0x7}) capset(&(0x7f0000000080)={0x19980330, 0xffffffffffffffff}, &(0x7f00000000c0)={0x7f, 0x8, 0x8000, 0x81, 0x7, 0x3f}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000001c0)={0x8, 0x7, 0x81, 0x7fffffff, 0x8, 0x2ac}) getpid() recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000e00)=[{{&(0x7f0000000200)=@abs, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000280)=""/143, 0x8f}], 0x1}}, {{&(0x7f0000000380), 0x6e, &(0x7f00000008c0)=[{&(0x7f0000000400)=""/175, 0xaf}, {&(0x7f00000004c0)=""/168, 0xa8}, {&(0x7f0000000580)=""/80, 0x50}, {&(0x7f0000000600)=""/183, 0xb7}, {&(0x7f00000006c0)=""/97, 0x61}, {&(0x7f0000000740)=""/156, 0x9c}, {&(0x7f0000000800)=""/146, 0x92}], 0x7}}, {{&(0x7f0000000940), 0x6e, &(0x7f0000000c00)=[{&(0x7f00000009c0)}, {&(0x7f0000000a00)=""/139, 0x8b}, {&(0x7f0000000ac0)=""/57, 0x39}, {&(0x7f0000000b00)=""/207, 0xcf}], 0x4}}, {{&(0x7f0000000c40), 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000cc0)=""/20, 0x14}, {&(0x7f0000000d00)=""/104, 0x68}], 0x2, &(0x7f0000000dc0)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x20}}], 0x4, 0x40000100, &(0x7f0000000f00)={0x77359400}) migrate_pages(r1, 0x4d30, &(0x7f0000000f40)=0x1ff, &(0x7f0000000f80)=0x8001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000fc0)='./file0\x00', 0x40002, 0x13) r3 = fork() r4 = creat(&(0x7f0000001000)='./file0/file0\x00', 0xc) clock_gettime(0x0, &(0x7f0000001080)={0x0, 0x0}) utimensat(r2, &(0x7f0000001040)='./file0/file0\x00', &(0x7f00000010c0)={{0x77359400}, {r5, r6/1000+10000}}, 0x100) r7 = getpgid(r0) migrate_pages(r7, 0x8, &(0x7f0000001100)=0x3, &(0x7f0000001140)=0x200) signalfd4(r4, &(0x7f0000001180)={[0x8000]}, 0x8, 0x800) capset(&(0x7f00000011c0)={0x20080522, r3}, &(0x7f0000001200)={0x4, 0x0, 0x7fff, 0x8, 0xe523, 0x6}) r8 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) recvmsg(r8, &(0x7f0000001640)={&(0x7f0000001240)=@nfc_llcp, 0x80, &(0x7f0000001580)=[{&(0x7f00000012c0)=""/251, 0xfb}, {&(0x7f00000013c0)=""/61, 0x3d}, {&(0x7f0000001400)=""/58, 0x3a}, {&(0x7f0000001440)=""/139, 0x8b}, {&(0x7f0000001500)=""/98, 0x62}], 0x5, &(0x7f0000001600)}, 0x0) r9 = memfd_secret(0x80000) sendfile(r9, r4, &(0x7f0000001680), 0xe4) 07:08:39 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, r0, 0x20, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x400, 0x60}}}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40001}, 0x20004010) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000000240)={0x218, r2, 0x800, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x16, 0xcd, [0x0, 0x3, 0x6, 0x6, 0x0, 0x3ff, 0x3, 0x0, 0x7]}, @NL80211_ATTR_FRAME={0x196, 0x33, @probe_response={@wo_ht={{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x1}, @broadcast, @device_b, @from_mac=@broadcast, {0x6, 0xb3a}}, 0x800, @default, 0x8, @void, @void, @val={0x3, 0x1, 0xd}, @void, @val={0x6, 0x2, 0x3f}, @void, @void, @void, [{0xdd, 0xa0, "f93bbdb31c169c54bace8268a0b90dba6a55e1a543641268ace5ec1b26a270d4391dee70f6736997fc5b93852d84e27e03d76256cf71458ee73b8c841c39dc5dfcc4aa1bc3d0bf8f0457cfb3432c8e367746cfec6a12ffbc83321ad6d1cb65740209715f3d91502da6b9d2542a4a73fedeadba8021b733c586ee8d8f591e1d3fab28cf8bef184dbbe3f863af03585fe9a39b83c7e821c23e79e109279a43038f"}, {0xdd, 0xc3, "e2fa2b1f8610ae67b488973398e828d5497343df1b58bad54e21db3a3e4f142d3fb52e9962f42a438851e1d8a77ffad46edd14b56760db3ab206d338a8f0997816a145fd9e9d24b2590b31d0a2c5ff71756ffbb6b433ba1820281d7b1262e3f0dfa9c4ca2f7d10ad4aa8baf24ebfef14ed3494726a3e1db5d4b55ae5eb05fcd4542005cff6efed9280326aba01aa2a98fd7f29501652bd8a7e5be269281ba59972f34547016e7483b009636c26854eb4f97a9a41ed25d1d6f488f077a1ab844e21e9df"}]}}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_FRAME={0x22, 0x33, @deauth={@with_ht={{{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x9}, @device_b, @device_b, @random="862afd2b6756", {0x3, 0x2}}, @ver_80211n={0x0, 0x7ed5, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1}}, 0x18, @void}}, @NL80211_ATTR_FRAME={0x1e, 0x33, @disassoc={@wo_ht={{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x80}, @device_b, @broadcast, @initial, {0x8, 0x8}}, 0x5, @void}}]}, 0x218}, 0x1, 0x0, 0x0, 0x4000}, 0x4001) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'vxcan1\x00', 0x0}) setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000540)={{{@in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4e23, 0x8000, 0x4e23, 0x6, 0xa, 0xa0, 0x0, 0x84, r3, 0xffffffffffffffff}, {0x0, 0x0, 0xe8d, 0x4, 0x3, 0x8, 0x6, 0xfffffffffffffff9}, {0xcd9, 0x8001, 0xf25, 0xc5}, 0x1, 0x6e6bb4, 0x0, 0x0, 0x1, 0x3}, {{@in6=@loopback, 0x4d2, 0x3c}, 0x2, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x3502, 0x6, 0x2, 0x5, 0x9, 0x1, 0x8}}, 0xe8) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000640), 0x4000, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000a40)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a00)={&(0x7f0000000700)={0x2d0, r0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x69}, @val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_VENDOR_DATA={0xe6, 0xc5, "4b9755f23648577d19987fc5c709c12790507eae3648438979f222e0782668ffaed0d2baceb88d262584421664c82968b08b7ca7d217ab0258832b5adf27fb4724acf03ce137b601ff9f708c64fb4ce17d7241a937e9e22a162bdd85ea2bf551b60eb31f8a7b5fc30785388c8393cd5a36556947fcfb6756995d79aa8c38ed2a83b9c94c33f5c54fc77f00a9f72890d3b0abba38b85bb36c5baf90aa4c0829a8de39266466e0d17adf4f52c4e78e33e0e5777fb3cd02ae249180b4f483b2755904339918ea9838d47587df09e721070c381a0e689514b6d11456ae07d5c56ab1185b"}, @NL80211_ATTR_VENDOR_DATA={0x79, 0xc5, "e1ffe4b7ce759c8f0bf2a575a913812648c881a5086c7955337319aeb65be609218d30e1320148366952818100055e77cd1921008053448cb328096862e3977bed93dc1c2aa970fb813d4261a7a073811a1aa9a877a7cafa78c77a77647a5021b0ed2f0d506d518dcd20f34a01de1fe4c6c3bc4fb5"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xfff}, @NL80211_ATTR_VENDOR_DATA={0x58, 0xc5, "77e680db6f6ef82900988098f765b201f3cabe95f001af1c0acbfb0952911c58b272ba6de08a35fb12a21b1a49a95bc51e78b786fc6a0c38ae9dfecce96f57e3854b66ff2fda0ac08ed5d436bc0eca63d7ca6b09"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xbae}, @NL80211_ATTR_VENDOR_DATA={0xd8, 0xc5, "a3b9593a45027d0dca19b197d6211c29b07efaec54a3793324f415df85c8790f2865d633da25fa2fc6c3a29edf10139f53e8c7d7c1b6944cd5d35ea2637b48ec172cb7263dba74ffd380c95c6954e6eef70ad2c02c7fc8eeba6e80ae54ef52f774f60b2eb10ed0cebf28fb64ba6452cdfc32ff41bdd52f015d8dfeeed7005ffb49a790d5f640f2446edfeb1b4f9c2522132a92595b397d4589845976b59ec48ec58c14a6cb80e505ad0184bd769551ae2a3db1b627be04da0ec97a2a5b7a4a1198d4c6c70c237f34ac704354fa96665d1c6c6db2"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xa595}]}, 0x2d0}, 0x1, 0x0, 0x0, 0x20040010}, 0x800) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000ac0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r4, &(0x7f0000000bc0)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x50, r0, 0x20, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0xd42, 0x51}}}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x4004800}, 0x4000000) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c40), r4) sendmsg$NL80211_CMD_SET_MPATH(r4, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x68, r7, 0x4, 0x70bd2d, 0x4, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x68}, 0x1, 0x0, 0x0, 0x11}, 0x90) sendmsg$AUDIT_LIST_RULES(r4, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x10, 0x3f5, 0x4, 0x70bd2b, 0x25dfdbfe, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20004040}, 0x801) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000e80), 0x80000, 0x0) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f00), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_KEY(r8, &(0x7f0000001000)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f40)={0x80, r9, 0x10, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x2, 0x37}}}}, [@NL80211_ATTR_KEY_SEQ={0xe, 0xa, "f38cf78aa56125403153"}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "6f99170c0dc5b82c8c55603cc4"}, @NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_TYPE={0x8, 0x7, 0x2}, @NL80211_KEY_TYPE={0x8}]}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x14, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x3}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x4095) pipe2(&(0x7f0000001040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) sendmsg$AUDIT_USER_AVC(r10, &(0x7f0000001240)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001200)={&(0x7f00000010c0)={0x10c, 0x453, 0x200, 0x70bd28, 0x25dfdbfd, "69f14b52b067f059a62fbe2c7ebdbf3c5d284c7dc71772f678cfaffdbd00be5b2e884effd3237f165269694af81db679f102e725ab46f9e9b882cbfdac412f9ab9cacc8178596e4592cc0ad805c4a16ffc8c6a5020f373a7215d45c066ecf72efe73cffe669c45110c9d41b0189ad79107067762f9b5c8a70d6287b4302aaf0408740b907ba09819e99d36fbb753b8fd798b708fb05d26ff26216f616be721ae8eddb42c49ce18b465fad3d102bacb1794f97b54d26792b3e4075e823a40d23e706dfe8067cfb6534869fae199b5e6ff6086e502c3075a5c73064be20eb797e91c79143666d75a6c0cb5d49613efbda24d33bbd9c2aeac89d6cdee50", ["", "", "", "", "", ""]}, 0x10c}, 0x1, 0x0, 0x0, 0x40894}, 0x4000) 07:08:39 executing program 4: r0 = syz_open_dev$vcsu(&(0x7f0000000000), 0x1f, 0x22080) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000fe9000/0x14000)=nil, 0x14000, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/80, 0x50, 0x0, &(0x7f00000000c0)=""/250, 0xfa}, &(0x7f0000000200)=0x40) r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240)) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280), 0x4) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000002c0)={0x0, {0x2, 0x4e21, @private=0xa010101}, {0x2, 0x4e21, @broadcast}, {0x2, 0x4e21, @loopback}, 0x42, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x7f, 0xff, 0xfbc2}) r2 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$IP_SET_OP_GET_BYNAME(r2, 0x1, 0x53, &(0x7f0000000340)={0x6, 0x7, 'syz1\x00'}, &(0x7f0000000380)=0x28) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/tracing', 0x42000, 0x102) ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x8905, &(0x7f0000000400)) r4 = socket$inet6(0xa, 0x4, 0x100) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000440)) r5 = creat(&(0x7f0000000480)='./file0\x00', 0x20) ioctl$AUTOFS_DEV_IOCTL_FAIL(r5, 0xc0189377, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r1, {0x2fd, 0x7d60}}, './file0\x00'}) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) close_range(r7, r2, 0x2) r8 = dup3(r4, r7, 0x0) getsockopt$IP6T_SO_GET_INFO(r8, 0x29, 0x40, &(0x7f0000000540)={'mangle\x00', 0x0, [0x28a2, 0x31, 0x80000000, 0x8, 0x1]}, &(0x7f00000005c0)=0x54) pipe(&(0x7f0000000600)) setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000640)={0x2c, 0x9, '\x00', [@pad1, @ra={0x5, 0x2, 0x844}, @hao={0xc9, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}, @generic={0xfd, 0x28, "be56332280f3c967196e26503c2e55a77d9ae1971b586a4db1413a5c29ffa801ff52bd50051d41d2"}, @enc_lim={0x4, 0x1, 0x1}, @ra={0x5, 0x2, 0x65c8}]}, 0x58) connect$inet(r6, &(0x7f00000006c0)={0x2, 0x4e20, @remote}, 0x10) 07:08:40 executing program 5: ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) ioctl$CDROMREADCOOKED(r0, 0x5315, &(0x7f0000000040)) r1 = accept$inet6(r0, &(0x7f0000000ac0)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000b00)=0x1c) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000c40)={&(0x7f0000000b40)=""/224, 0xe0, 0xa5, 0x9}) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000c80)='/proc/asound/timers\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000cc0)={0x4}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000d00), 0x20000, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000d80)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_MPATH(r3, &(0x7f0000000ec0)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000e80)={&(0x7f0000000dc0)={0x88, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x7, 0x3e}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) r5 = socket(0x2a, 0x800, 0x67e0) setsockopt$inet6_opts(r5, 0x29, 0x0, &(0x7f0000000f00)=@fragment={0x2c, 0x0, 0x82, 0x0, 0x0, 0x2, 0x66}, 0x8) r6 = signalfd(0xffffffffffffffff, &(0x7f0000000f40)={[0x9]}, 0x8) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000fc0), r3) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r3, &(0x7f00000010c0)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001080)={&(0x7f0000001000)={0x5c, r7, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x3}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x6}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x74}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x7}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000054}, 0x40010) ioctl$sock_SIOCDELRT(r6, 0x890c, &(0x7f0000001140)={0x0, @nl=@unspec, @generic={0x25, "c149ef029324ef1a44898df086d6"}, @in={0x2, 0x4e20, @rand_addr=0x64010102}, 0x9, 0x0, 0x0, 0x0, 0x101, &(0x7f0000001100)='virt_wifi0\x00', 0x61, 0x9f85, 0x8001}) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f00000011c0), 0x40000, 0x0) signalfd4(r8, &(0x7f0000001200)={[0x2]}, 0x8, 0x800) syz_open_procfs(0xffffffffffffffff, &(0x7f0000001240)='net/fib_trie\x00') io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000001280)=[r6, r3], 0x2) syz_open_procfs(0x0, &(0x7f0000001540)='attr\x00') [ 65.483731] audit: type=1400 audit(1664867320.008:6): avc: denied { execmem } for pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 07:08:40 executing program 6: ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffff, 0x3}}, './file0\x00'}) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x9, 0x31}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x48044}, 0x48880) r1 = syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0xfff, 0x1, &(0x7f0000000240)=[{&(0x7f00000001c0)="c49f81701badeb6269f5223f38ed7c049b79aa8750985aa0cda3cc300106bb565bee62ad37d698468c39e6ac9fedad605e137cac5793138c9ba5bd8fb08b988e44dc41eafa4d85fcbcd5c3d4eb3da5e6727ece34b35cfb1ba4596ecae2997e262c60c7284598f670f2cfd85279f1fca7", 0x70, 0xffffffffffffff2f}], 0x2, &(0x7f0000000280)={[{@dots}, {@nodots}, {@nodots}, {@nodots}], [{@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@obj_type={'obj_type', 0x3d, '^&-(/-/'}}, {@fsmagic={'fsmagic', 0x3d, 0x8}}, {@appraise}, {@seclabel}]}) sendmsg$AUDIT_USER(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0xf4, 0x3ed, 0x100, 0x70bd25, 0x25dfdbfd, "d7b2ed115466c56dab1cf1edc0675a59d989f278ad87ea846dbb97e0dbaa7c81831eda3d348f6b4a2e243f436f9db0b2d276c55da48b22db5c10cffa07f3a6ed37a9af438865a673ad885656f2510b7fc3ad157a71d93d3a6a6eff88b18cd3889f49dcae45bddaad04e26d59d3108633f67232ce9e88c410366a32075991fcb95c7684e9ad61b518698b02ee8e2ca2f426dc5d8019e220ffdad0a2c757fcf3d2693a9518e8bc9e9d499660ba88f75732a3cbcd40e6aec3afc4c481934acad1938599f88eac5a0540f41073031ba38d11beda66a99190fb373a1d997665b6eb0aafd30b", ["", "", "", "", "", "", "", "", "", ""]}, 0xf4}, 0x1, 0x0, 0x0, 0x4004}, 0x800) r2 = open(&(0x7f0000000500)='./file0\x00', 0x80000, 0x12) lseek(r0, 0x10001, 0x0) sendmsg$NL80211_CMD_STOP_NAN(r2, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, 0x0, 0x300, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x8}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000080}, 0x8004) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000640), 0x181100, 0x0) sendmsg$TIPC_NL_LINK_RESET_STATS(r3, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000800)={&(0x7f00000006c0)={0x118, 0x0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_SOCK={0x84, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x400}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x576e765}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc1e4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x92c5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xab}]}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}]}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffff9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x11e9a2e5}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x200440c0}, 0x8004) ioctl$CDROM_GET_MCN(r0, 0x5311, &(0x7f0000000880)) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000009c0)={&(0x7f00000008c0), 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x44, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {{}, {@void, @void, @val={0xc, 0x99, {0x4, 0x1e}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x44}}, 0x40800) r4 = syz_mount_image$vfat(&(0x7f0000000a00), &(0x7f0000000a40)='./file0\x00', 0x9, 0x7, &(0x7f00000010c0)=[{&(0x7f0000000a80)="f83d8860bda6d1288287da99e1c553eb3e861e47f2fe41d77448bdd1a99b67971c16f951c518295942783039ccafa9f2a0f5424694cf55d1443b309007576ec466bba152d4c2b59caecc14605815d8bd1488eb2f2d1eabb9926eec48cddb8ad7fc83d426576a30d84bbb52f90296726adc393e54f1c4b4a9f82635bbf4944305ba80d39ec2cc7434cbf2cdc7866dabd3c5c59f4c60c0084197457f", 0x9b, 0x6}, {&(0x7f0000000b40)="4375f0ad09691d01b1f1a49b8b5c9069e919a9f2cf528acb2c266f398cfa899f2852763fd5ae5ae4b1a9300bccfba236e9b29af7a8fe444e6cb0b9520cde6be84937f3159eecdcdeb87596f6ff930cf24a6912941d7ca6742177134fc1845d4760f02e0564010b4a52b8286906964f0febdb809ccf34c19c5cc5d296b7d51d63f4440fa8c126eb3a1d398fd47b55649c0563edcd5b42c96a81aebac9dafacde7d5836f535ae80fef8895d4ebddacd43be9295c5ed214a727b4bec1979a2f0d61a7fd3fdedc73626b5a52de896573ce0d9a83c233fd4d13ee0f440eb0d16315769106365e9ad704af93350fe96840bdb4", 0xf0, 0x101}, {&(0x7f0000000c40)="bb5bc22f1ba08b3136d821bc122df2c97f462dd145899decdd37a4d1e1a23f8e78e162671e5ed77676f3d3e2cd44cc78f04e2b52e359e13e58b1e7b670165340944f691280955e900925741d17e0ea2422c156b190b3c319fa4381902bb9fec4623e9307b2ec3f44b67407f524a142c68a430f3b4974aa7eccf642a7d47fd3f01b950ce32d2a606440ae96c9f44565f9455e4eae8a11d5da4c30950c4bc4930c3da2642482eaacc4e94d50baa164be4e3cf3969926422e5ec5b4f4683ad4656e845c0b86d6ea5c9ca6d02d86559b82c196841582d8b62ca89afb81b550bc203c03ed4520818ac7", 0xe7, 0x2}, {&(0x7f0000000d40)="4327dbf3b8a3715858bc26d68b2fde1334409a8d7daecefc5f07521b22b40ec83e4f40d1347f43a38cbb5e5583db4e811a3b975bd105cec95ec44347677d1c9cf439900f53cc43589d2c683ba77cdbf37a876c8492310c632d800125251c8263e31ac601fb3dd84634aaf0ca2db6b55d5f051ab1a667b881f6390aa74deaad2c6bf069fec9ef981bd559eda944597fefcd6836c4d00ac5e99cfcf40bcbf102b9317d2127620886641412ff3756950d43b215b3976b2c1a735b0ccd61cf82e92a7d09a233a2f8", 0xc6, 0x2}, {&(0x7f0000000e40)="cc61158535628cb51bf76ea31f8dca19f67484261e96ee62a2d5e6d5381c439f6148f2f847932d3beb9f3caa71b843bda7a08bd95accd8699b841e8f2a4c2cf72e57aa47f2e1a5ceb271592edc2c7a30743fce9bca15856b2a820ae58963b0ee365c367cfd11d76b638ca5", 0x6b, 0x400}, {&(0x7f0000000ec0)="6d1920c044d3db63e1867645b5900aab394841e0b6e2baeaa462c7d57f808b86b09656edd2efc0e185ec1a852146714a9f76883016de64776b83118640e4a727df4c4783ebf1566dd470af792e8dedbbe3d1cc65e84e6f924c4dc18c119e4b68bdb76216b364a628f4addcc23c0755f9c5cd8a3ae29de4f51e3874556e75f768d4d70949fbdfdd8d55504ff2fa3ce8eee047363a54e470b9ec8ade738f6da4dc107971c7fe8fa1ec6f15cf72ee75477542b3a3d290cc354b15e6b30c93a7adec3da6e2dbc5fc7416f7a14e50086c349716fd30fcec8631e378789c", 0xdb, 0x90a9}, {&(0x7f0000000fc0)="a0b8f49121e36a48a43c2026200c4114dfa68b59903743d2def7138127594419b94ee6857cf182b25ef6df5b5e4141ce9b3ac27d7304867bd431872d00e5520f3a77117aedf7b493b5cb213d1404bcce4ec733a00fcf94ea84c08b70aa0874ba6a1fd5c006ecd5c1fee3be3a1d4c51b44f1ab01bd82d95cb82274bf22599a940eb9bfa87f53d680519d3d5424993231791262919d2f9459feb70c0c7c8c81228d28fe5e8662b0accd5fd82867d71017dd61697fd9d3aa027a7d858df1125d26fb9caa795cf38f27f3a0d12d4497c8de72c9de17be1c074a7a7c4966916ab58f5e1484b4d3d481ad75ac39fd5110ef6395881e458", 0xf4, 0xfffffffffffffffc}], 0x42000, &(0x7f0000001180)={[{@fat=@gid={'gid', 0x3d, 0xee01}}, {@nonumtail}], [{@subj_type}]}) copy_file_range(r1, &(0x7f00000011c0)=0x7f, r4, &(0x7f0000001200)=0x9, 0x1, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000001240)='./file0\x00', 0xa82c2, 0x6) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000001280)={{0x1, 0x1, 0x18, r2, {0xffffffffffffffff, 0xee00}}, './file0\x00'}) sendmsg$NL80211_CMD_GET_MPP(r6, &(0x7f0000001380)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x28, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x20048081) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f00000014c0)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001480)={&(0x7f0000001400)={0x74, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x4709}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1f}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x40}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x10a}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x10000}]}, 0x74}, 0x1, 0x0, 0x0, 0x4}, 0x0) r8 = openat$incfs(r0, &(0x7f0000001500)='.log\x00', 0x40000, 0x8) execveat(r8, &(0x7f0000001540)='./file0\x00', &(0x7f0000001740)=[&(0x7f0000001580)='dots', &(0x7f00000015c0)='func', &(0x7f0000001600)='+\xae[$*%-][\x00', &(0x7f0000001640)='appraise', &(0x7f0000001680)='veth0\x00', &(0x7f00000016c0)='seclabel', &(0x7f0000001700)='msdos\x00'], &(0x7f00000017c0)=[&(0x7f0000001780)='\x00'], 0x900) 07:08:40 executing program 7: ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000040)={{}, 0x0, 0x0, @unused=[0x9, 0x4, 0x10001, 0x7fffffff], @subvolid=0x1}) ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000001040)=0xae) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/slabinfo\x00', 0x0, 0x0) umount2(&(0x7f00000010c0)='./file0\x00', 0x3) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000001100)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) stat(&(0x7f0000001140)='./file0\x00', &(0x7f0000001180)) mkdir(&(0x7f0000001200)='./file0\x00', 0x10) r3 = open_tree(r2, &(0x7f0000001240)='./file0\x00', 0x0) readv(r3, &(0x7f0000001540)=[{&(0x7f0000001280)=""/161, 0xa1}, {&(0x7f0000001340)=""/215, 0xd7}, {&(0x7f0000001440)=""/194, 0xc2}], 0x3) r4 = syz_open_dev$vcsa(&(0x7f0000001580), 0x20, 0x400080) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f00000015c0)={0x0, 0x800, 0x3f}) ioctl$BTRFS_IOC_BALANCE_V2(r4, 0xc4009420, &(0x7f00000019c0)={0xa, 0x4, {0x1000, @struct={0x53, 0x6216}, 0x0, 0x3, 0x52, 0x937, 0x1, 0xffffffff, 0x0, @struct={0x2, 0x80}, 0x800, 0x7928, [0xffffffffffffffff, 0x73b, 0x3c8, 0x20, 0x0, 0x3]}, {0x7, @usage, 0x0, 0x7, 0x1, 0xffffffffffffff9b, 0x6, 0x0, 0x0, @usage=0x100000000, 0x60, 0x7ff, [0xcae, 0x3, 0xc11, 0x200, 0x1, 0x4]}, {0x6, @usage=0x5, r5, 0x3ff, 0x3, 0x20, 0x0, 0xec, 0x3, @usage=0x8, 0x2, 0x1e0, [0x2, 0x10000, 0x33917f08, 0x4, 0x1, 0x6]}, {0x9, 0x8001, 0x80}}) ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000001dc0)=0x1) mknod(&(0x7f0000001e00)='./file0\x00', 0x4, 0x1000) r6 = dup(r1) syz_io_uring_setup(0x2020, &(0x7f0000001e40)={0x0, 0x651f, 0x8, 0x0, 0x305, 0x0, r6}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000001ec0), &(0x7f0000001f00)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xf, 0x20010, r0, 0x8000000) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000001f40)={{0x6, 0xff}, 0x100, './file0\x00'}) openat(r3, &(0x7f0000002080)='./file0\x00', 0x4000, 0x8) [ 66.844769] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.846978] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.849923] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.853804] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.856029] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.859195] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.865757] Bluetooth: hci0: HCI_REQ-0x0c1a [ 66.911846] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 66.913906] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 66.915385] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 66.917597] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 66.919485] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 66.920997] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 66.922706] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 66.923735] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 66.924924] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 66.926242] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 66.927350] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 66.928641] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 66.932337] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 66.933729] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 66.935008] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 66.936297] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 66.938032] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 66.939366] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 66.940778] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 66.948970] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 66.950580] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 66.953420] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.955148] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 66.956759] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 66.958453] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 66.961335] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 66.962888] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.966084] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 66.967565] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.968397] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.968877] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 66.972772] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 66.973759] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 66.974178] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 66.976318] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 66.977829] Bluetooth: hci2: HCI_REQ-0x0c1a [ 66.986689] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 66.986718] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 66.990499] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 66.991830] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 66.992586] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 66.997353] Bluetooth: hci3: HCI_REQ-0x0c1a [ 66.998202] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.005085] Bluetooth: hci4: HCI_REQ-0x0c1a [ 67.005928] Bluetooth: hci6: HCI_REQ-0x0c1a [ 67.009704] Bluetooth: hci5: HCI_REQ-0x0c1a [ 67.043353] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.044684] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.049860] Bluetooth: hci7: HCI_REQ-0x0c1a [ 68.918976] Bluetooth: hci0: command 0x0409 tx timeout [ 69.046393] Bluetooth: hci4: command 0x0409 tx timeout [ 69.046641] Bluetooth: hci2: command 0x0409 tx timeout [ 69.047532] Bluetooth: hci3: command 0x0409 tx timeout [ 69.047935] Bluetooth: hci5: command 0x0409 tx timeout [ 69.048726] Bluetooth: hci6: command 0x0409 tx timeout [ 69.049270] Bluetooth: hci1: command 0x0409 tx timeout [ 69.110248] Bluetooth: hci7: command 0x0409 tx timeout [ 70.966146] Bluetooth: hci0: command 0x041b tx timeout [ 71.094903] Bluetooth: hci1: command 0x041b tx timeout [ 71.096729] Bluetooth: hci6: command 0x041b tx timeout [ 71.097064] Bluetooth: hci5: command 0x041b tx timeout [ 71.097193] Bluetooth: hci3: command 0x041b tx timeout [ 71.097928] Bluetooth: hci2: command 0x041b tx timeout [ 71.098337] Bluetooth: hci4: command 0x041b tx timeout [ 71.158138] Bluetooth: hci7: command 0x041b tx timeout [ 73.015242] Bluetooth: hci0: command 0x040f tx timeout [ 73.142168] Bluetooth: hci2: command 0x040f tx timeout [ 73.142746] Bluetooth: hci3: command 0x040f tx timeout [ 73.143392] Bluetooth: hci5: command 0x040f tx timeout [ 73.143848] Bluetooth: hci6: command 0x040f tx timeout [ 73.144303] Bluetooth: hci4: command 0x040f tx timeout [ 73.144721] Bluetooth: hci1: command 0x040f tx timeout [ 73.207304] Bluetooth: hci7: command 0x040f tx timeout [ 75.062169] Bluetooth: hci0: command 0x0419 tx timeout [ 75.191442] Bluetooth: hci1: command 0x0419 tx timeout [ 75.191881] Bluetooth: hci4: command 0x0419 tx timeout [ 75.192326] Bluetooth: hci6: command 0x0419 tx timeout [ 75.192754] Bluetooth: hci5: command 0x0419 tx timeout [ 75.193208] Bluetooth: hci3: command 0x0419 tx timeout [ 75.193616] Bluetooth: hci2: command 0x0419 tx timeout [ 75.254208] Bluetooth: hci7: command 0x0419 tx timeout [ 118.095380] capability: warning: `syz-executor.2' uses 32-bit capabilities (legacy support in use) [ 118.395808] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 118.396571] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 118.397087] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 118.397606] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00 [ 118.398191] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 2 [ 118.399336] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.399828] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.400589] Buffer I/O error on dev sr0, logical block 0, async page read [ 118.401680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.402086] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.402737] Buffer I/O error on dev sr0, logical block 1, async page read [ 118.403431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.403829] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.404482] Buffer I/O error on dev sr0, logical block 2, async page read [ 118.405496] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.405900] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.406554] Buffer I/O error on dev sr0, logical block 3, async page read [ 118.408068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.408508] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.409174] Buffer I/O error on dev sr0, logical block 4, async page read [ 118.409783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.410224] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.410855] Buffer I/O error on dev sr0, logical block 5, async page read [ 118.411624] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.412030] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.412676] Buffer I/O error on dev sr0, logical block 6, async page read [ 118.413336] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 118.413748] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 118.414393] Buffer I/O error on dev sr0, logical block 7, async page read [ 118.593347] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 118.594069] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 118.594710] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 118.595214] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00 [ 118.595765] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 2 07:09:33 executing program 1: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="b72ae8fb5a4c316e545238e0ab2072648cb4112885ba4fbb2708b78f54536ca6a32a2225055b327cc4c2bd11ea44f619596882f5ff586443d91b21882e117fa45cc66fefc714c91b092c18"]) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f00000001c0)) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) openat(0xffffffffffffffff, 0x0, 0x400000, 0x8) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0xc020662a, &(0x7f0000000140)) [ 118.697248] audit: type=1400 audit(1664867373.221:7): avc: denied { open } for pid=3860 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 118.699296] audit: type=1400 audit(1664867373.222:8): avc: denied { kernel } for pid=3860 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 118.710658] ------------[ cut here ]------------ [ 118.710680] [ 118.710683] ====================================================== [ 118.710687] WARNING: possible circular locking dependency detected [ 118.710691] 6.0.0-rc7-next-20220930 #1 Not tainted [ 118.710697] ------------------------------------------------------ [ 118.710701] syz-executor.1/3861 is trying to acquire lock: [ 118.710707] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 118.710747] [ 118.710747] but task is already holding lock: [ 118.710750] ffff888015d12420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 118.710777] [ 118.710777] which lock already depends on the new lock. [ 118.710777] [ 118.710780] [ 118.710780] the existing dependency chain (in reverse order) is: [ 118.710784] [ 118.710784] -> #3 (&ctx->lock){....}-{2:2}: [ 118.710798] _raw_spin_lock+0x2a/0x40 [ 118.710809] __perf_event_task_sched_out+0x53b/0x18d0 [ 118.710821] __schedule+0xedd/0x2470 [ 118.710835] schedule+0xda/0x1b0 [ 118.710848] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.710861] syscall_exit_to_user_mode+0x19/0x40 [ 118.710874] do_syscall_64+0x48/0x90 [ 118.710892] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.710904] [ 118.710904] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 118.710918] _raw_spin_lock_nested+0x30/0x40 [ 118.710928] raw_spin_rq_lock_nested+0x1e/0x30 [ 118.710942] task_fork_fair+0x63/0x4d0 [ 118.710958] sched_cgroup_fork+0x3d0/0x540 [ 118.710973] copy_process+0x4183/0x6e20 [ 118.710984] kernel_clone+0xe7/0x890 [ 118.710993] user_mode_thread+0xad/0xf0 [ 118.711003] rest_init+0x24/0x250 [ 118.711015] arch_call_rest_init+0xf/0x14 [ 118.711033] start_kernel+0x4c6/0x4eb [ 118.711048] secondary_startup_64_no_verify+0xe0/0xeb [ 118.711062] [ 118.711062] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 118.711075] _raw_spin_lock_irqsave+0x39/0x60 [ 118.711086] try_to_wake_up+0xab/0x1930 [ 118.711102] up+0x75/0xb0 [ 118.711116] __up_console_sem+0x6e/0x80 [ 118.711132] console_unlock+0x46a/0x590 [ 118.711148] do_con_write+0xc05/0x1d50 [ 118.711159] con_write+0x21/0x40 [ 118.711168] n_tty_write+0x4d4/0xfe0 [ 118.711180] file_tty_write.constprop.0+0x455/0x8a0 [ 118.711192] vfs_write+0x9c3/0xd90 [ 118.711208] ksys_write+0x127/0x250 [ 118.711224] do_syscall_64+0x3b/0x90 [ 118.711240] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.711253] [ 118.711253] -> #0 ((console_sem).lock){....}-{2:2}: [ 118.711266] __lock_acquire+0x2a02/0x5e70 [ 118.711283] lock_acquire+0x1a2/0x530 [ 118.711299] _raw_spin_lock_irqsave+0x39/0x60 [ 118.711309] down_trylock+0xe/0x70 [ 118.711324] __down_trylock_console_sem+0x3b/0xd0 [ 118.711340] vprintk_emit+0x16b/0x560 [ 118.711356] vprintk+0x84/0xa0 [ 118.711371] _printk+0xba/0xf1 [ 118.711383] report_bug.cold+0x72/0xab [ 118.711399] handle_bug+0x3c/0x70 [ 118.711415] exc_invalid_op+0x14/0x50 [ 118.711432] asm_exc_invalid_op+0x16/0x20 [ 118.711444] group_sched_out.part.0+0x2c7/0x460 [ 118.711462] ctx_sched_out+0x8f1/0xc10 [ 118.711478] __perf_event_task_sched_out+0x6d0/0x18d0 [ 118.711489] __schedule+0xedd/0x2470 [ 118.711502] schedule+0xda/0x1b0 [ 118.711515] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.711526] syscall_exit_to_user_mode+0x19/0x40 [ 118.711538] do_syscall_64+0x48/0x90 [ 118.711554] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.711567] [ 118.711567] other info that might help us debug this: [ 118.711567] [ 118.711569] Chain exists of: [ 118.711569] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 118.711569] [ 118.711584] Possible unsafe locking scenario: [ 118.711584] [ 118.711587] CPU0 CPU1 [ 118.711589] ---- ---- [ 118.711591] lock(&ctx->lock); [ 118.711597] lock(&rq->__lock); [ 118.711603] lock(&ctx->lock); [ 118.711610] lock((console_sem).lock); [ 118.711615] [ 118.711615] *** DEADLOCK *** [ 118.711615] [ 118.711617] 2 locks held by syz-executor.1/3861: [ 118.711624] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 118.711653] #1: ffff888015d12420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 118.711679] [ 118.711679] stack backtrace: [ 118.711682] CPU: 0 PID: 3861 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 118.711694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 118.711702] Call Trace: [ 118.711706] [ 118.711710] dump_stack_lvl+0x8b/0xb3 [ 118.711728] check_noncircular+0x263/0x2e0 [ 118.711744] ? format_decode+0x26c/0xb50 [ 118.711761] ? print_circular_bug+0x450/0x450 [ 118.711777] ? simple_strtoul+0x30/0x30 [ 118.711793] ? format_decode+0x26c/0xb50 [ 118.711810] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 118.711827] __lock_acquire+0x2a02/0x5e70 [ 118.711849] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 118.711871] lock_acquire+0x1a2/0x530 [ 118.711904] ? down_trylock+0xe/0x70 [ 118.711921] ? lock_release+0x750/0x750 [ 118.711941] ? vprintk+0x84/0xa0 [ 118.711959] _raw_spin_lock_irqsave+0x39/0x60 [ 118.711970] ? down_trylock+0xe/0x70 [ 118.711986] down_trylock+0xe/0x70 [ 118.712002] ? vprintk+0x84/0xa0 [ 118.712019] __down_trylock_console_sem+0x3b/0xd0 [ 118.712036] vprintk_emit+0x16b/0x560 [ 118.712054] vprintk+0x84/0xa0 [ 118.712072] _printk+0xba/0xf1 [ 118.712083] ? record_print_text.cold+0x16/0x16 [ 118.712099] ? report_bug.cold+0x66/0xab [ 118.712117] ? group_sched_out.part.0+0x2c7/0x460 [ 118.712135] report_bug.cold+0x72/0xab [ 118.712153] handle_bug+0x3c/0x70 [ 118.712170] exc_invalid_op+0x14/0x50 [ 118.712188] asm_exc_invalid_op+0x16/0x20 [ 118.712201] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 118.712221] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 118.712233] RSP: 0018:ffff888040bbfc48 EFLAGS: 00010006 [ 118.712242] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.712249] RDX: ffff888010273580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 118.712257] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 118.712264] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888015d12400 [ 118.712272] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 118.712283] ? group_sched_out.part.0+0x2c7/0x460 [ 118.712303] ? group_sched_out.part.0+0x2c7/0x460 [ 118.712323] ctx_sched_out+0x8f1/0xc10 [ 118.712342] __perf_event_task_sched_out+0x6d0/0x18d0 [ 118.712356] ? lock_is_held_type+0xd7/0x130 [ 118.712370] ? __perf_cgroup_move+0x160/0x160 [ 118.712380] ? set_next_entity+0x304/0x550 [ 118.712398] ? update_curr+0x267/0x740 [ 118.712416] ? lock_is_held_type+0xd7/0x130 [ 118.712430] __schedule+0xedd/0x2470 [ 118.712447] ? io_schedule_timeout+0x150/0x150 [ 118.712464] ? rcu_read_lock_sched_held+0x3e/0x80 [ 118.712484] schedule+0xda/0x1b0 [ 118.712499] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.712512] syscall_exit_to_user_mode+0x19/0x40 [ 118.712525] do_syscall_64+0x48/0x90 [ 118.712543] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.712556] RIP: 0033:0x7f75891dfb19 [ 118.712564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.712575] RSP: 002b:00007f7586755218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 118.712586] RAX: 0000000000000001 RBX: 00007f75892f2f68 RCX: 00007f75891dfb19 [ 118.712593] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f75892f2f6c [ 118.712600] RBP: 00007f75892f2f60 R08: 000000000000000e R09: 0000000000000000 [ 118.712607] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f75892f2f6c [ 118.712615] R13: 00007fff390a88bf R14: 00007f7586755300 R15: 0000000000022000 [ 118.712627] [ 118.768343] WARNING: CPU: 0 PID: 3861 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 118.769026] Modules linked in: [ 118.769271] CPU: 0 PID: 3861 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 118.769866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 118.770697] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 118.771104] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 118.772447] RSP: 0018:ffff888040bbfc48 EFLAGS: 00010006 [ 118.772843] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.773370] RDX: ffff888010273580 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 118.773899] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 118.774431] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888015d12400 [ 118.774958] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 118.775484] FS: 00007f7586755700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 118.776073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.776504] CR2: 00007f4b3f1ca8e0 CR3: 000000003f88a000 CR4: 0000000000350ef0 [ 118.777029] Call Trace: [ 118.777223] [ 118.777397] ctx_sched_out+0x8f1/0xc10 [ 118.777700] __perf_event_task_sched_out+0x6d0/0x18d0 [ 118.778091] ? lock_is_held_type+0xd7/0x130 [ 118.778417] ? __perf_cgroup_move+0x160/0x160 [ 118.778760] ? set_next_entity+0x304/0x550 [ 118.779081] ? update_curr+0x267/0x740 [ 118.779374] ? lock_is_held_type+0xd7/0x130 [ 118.779702] __schedule+0xedd/0x2470 [ 118.779999] ? io_schedule_timeout+0x150/0x150 [ 118.780345] ? rcu_read_lock_sched_held+0x3e/0x80 [ 118.780717] schedule+0xda/0x1b0 [ 118.780979] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.781350] syscall_exit_to_user_mode+0x19/0x40 [ 118.781712] do_syscall_64+0x48/0x90 [ 118.782003] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.782396] RIP: 0033:0x7f75891dfb19 [ 118.782677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.784025] RSP: 002b:00007f7586755218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 118.784596] RAX: 0000000000000001 RBX: 00007f75892f2f68 RCX: 00007f75891dfb19 [ 118.785118] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f75892f2f6c [ 118.785645] RBP: 00007f75892f2f60 R08: 000000000000000e R09: 0000000000000000 [ 118.786171] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f75892f2f6c [ 118.786702] R13: 00007fff390a88bf R14: 00007f7586755300 R15: 0000000000022000 [ 118.787243] [ 118.787421] irq event stamp: 832 [ 118.787670] hardirqs last enabled at (831): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 118.788360] hardirqs last disabled at (832): [] __schedule+0x1225/0x2470 [ 118.788967] softirqs last enabled at (700): [] __irq_exit_rcu+0x11b/0x180 [ 118.789594] softirqs last disabled at (499): [] __irq_exit_rcu+0x11b/0x180 [ 118.790227] ---[ end trace 0000000000000000 ]--- 07:09:33 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000540)='./file0\x00', 0x334337b9, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='debugfs\x00', 0x0, 0x0) pivot_root(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='./file0\x00') syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x7fff, 0x2, &(0x7f0000000400)=[{&(0x7f0000000200)="bfb664f2be7c064f673283760a1b74dac1eb9ba448cda49f04f435a46251ec92a041ae5d37709797401cb5a694a118ca3eeb99e0cd6c59bdfea332a85eed250f57a89556f1602c219ac19dbc267da8156de08cb0577e478c7efbc589c9d706364263618ca1a583ec382506500a30efbe8724a296705e1e3bf8b7477adf2799fff63521f97afe9d6d8d100215fbac490fe86fc38982a9669a6d39b42aa4f310a862f9269159a80da297fb9151a29656056785cf0e26f2ab27875069fd1a8a840bd79d8917ab7676f628dc625760b66a596b3d1b5e00100a3d23fc2665d6b606fe2651c9d080ebb6ee2c47073337", 0xed, 0x186}, {&(0x7f0000000300)="f2ced0465b00f73394d2ecdce29c3922038af63bea1679a8ed2a4fff6f19f340371898e73895f4747c7001355b30b2f3e76f1855c9ac1f0f61b446186e940d27ca3ba7f666c86ebda06970b6ceeedfe4677febe139eb2867e39dcaf6cc374cc545881584ec3b0ebbbb30e1b93ecd8af4db2a49fdacd9eccd2904d3c89167260baa266ca2b92f0645350d81fd12ac060e1137d9d98437e862cb2482b3165b8ad62a7bacd88b9355960274e9e6392834341205cc4a3e497941056ef3913a9fc663dead411f6940a344ef2ccbbcc8fb937e9830af66ef5ff76dc4916866ca93395769c169f3fde94cd3d792f57d65e8dfe6f7a296fe080a8359cd11", 0xfa, 0x80000000}], 0x400, &(0x7f0000000440)={[{@dioread_lock}, {@data_writeback}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@grpjquota}, {@nodiscard}, {@journal_async_commit}, {@norecovery}], [{@appraise_type}]}) syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f0000000080)=ANY=[@ANYBLOB="670e39e820913c14c200000000000000fffc00000000000000"]) 07:09:33 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x101) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000740)={'gre0\x00', &(0x7f00000006c0)={'gretap0\x00', 0x0, 0x7, 0x7800, 0x10000, 0x400, {{0xb, 0x4, 0x0, 0x38, 0x2c, 0x65, 0x0, 0x1, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0xe}, @empty, {[@lsrr={0x83, 0x17, 0x55, [@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101]}]}}}}}) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000780)={@ipv4={'\x00', '\xff\xff', @local}, r1}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x15, 0x0, 0x0) 07:09:33 executing program 2: symlink(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') lsetxattr$security_ima(&(0x7f0000001500)='./file0\x00', &(0x7f0000001540), &(0x7f0000000080)=ANY=[@ANYRES32], 0x9, 0x0) unlink(&(0x7f0000000040)='./file0\x00') 07:09:33 executing program 1: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="b72ae8fb5a4c316e545238e0ab2072648cb4112885ba4fbb2708b78f54536ca6a32a2225055b327cc4c2bd11ea44f619596882f5ff586443d91b21882e117fa45cc66fefc714c91b092c18"]) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f00000001c0)) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) openat(0xffffffffffffffff, 0x0, 0x400000, 0x8) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0xc020662a, &(0x7f0000000140)) 07:09:33 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x7, 0x7, 0x0, 0x8}, {0xffff, 0x7, 0xf1, 0x6}, {0x8001, 0xe2, 0x7f, 0x200}, {0x7, 0xf7, 0x4, 0x3}, {0x8, 0x4, 0x2, 0x2}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x5, &(0x7f0000000080)=[{0x1422, 0x1f, 0x1, 0x2}, {0x7, 0x81, 0x9, 0xffffff3b}, {0x1, 0x4, 0x7, 0x9}, {0x401, 0x8, 0x1f, 0x8}, {0x3, 0x0, 0x5a, 0x20}]}) 07:09:33 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0xfffffffffffffdf4, 0x77, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x1, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x10020, 0x0, 0x0, 0x0, 0xf28, 0xfffffffd, 0x0, 0x0, 0x4000000}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYRES32, @ANYBLOB="084d01"], 0x24}}, 0x0) recvmmsg(r0, &(0x7f0000003840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 07:09:33 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r1, 0x400, 0x1) close(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r2, 0x400, 0x1) close(r2) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x70) lsetxattr$security_ima(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000200)=@md5={0x1, "a243eab2a466e3ea1728c413ab899c2b"}, 0x11, 0x0) sched_setaffinity(0x0, 0x0, 0x0) fcntl$lock(r3, 0x7, &(0x7f0000000140)={0x1, 0x0, 0xc707, 0x6485e967}) [ 119.390379] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 119.396499] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 119.720671] loop6: detected capacity change from 0 to 16383 [ 119.723124] FAT-fs (loop6): Unrecognized mount option "fowner=18446744073709551615" or missing value [ 119.739468] loop6: detected capacity change from 0 to 16383 VM DIAGNOSIS: 07:09:33 Registers: info registers vcpu 0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff888040bbf690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000031 R11=0000000000000001 R12=0000000000000031 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f7586755700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4b3f1ca8e0 CR3=000000003f88a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f75892c67c0 00007f75892c67c8 YMM02=0000000000000000 0000000000000000 00007f75892c67e0 00007f75892c67c0 YMM03=0000000000000000 0000000000000000 00007f75892c67c8 00007f75892c67c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff815ac792 RDX=fffffbfff0b60ddb RSI=0000000000000008 RDI=ffffffff85b06ed0 RBP=ffffffff848cccc0 RSP=ffff888040c47a20 R8 =0000000000000000 R9 =ffffffff85b06ed7 R10=fffffbfff0b60dda R11=0000000000000001 R12=4000000000000000 R13=4000000000000002 R14=0000000000041f54 R15=ffffffff848cccc0 RIP=ffffffff815ac79a RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f391edb2368 CR3=000000001bafc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 322e6f732e6c6462 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00322e6f732e6c64 62696c2f756e672d YMM03=0000000000000000 0000000000000000 78756e696c2d3436 5f3638782f62696c YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000