Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:35474' (ECDSA) to the list of known hosts. 2022/10/05 00:29:28 fuzzer started 2022/10/05 00:29:28 dialing manager at localhost:46847 syzkaller login: [ 36.864791] cgroup: Unknown subsys name 'net' [ 36.986616] cgroup: Unknown subsys name 'rlimit' 2022/10/05 00:29:43 syscalls: 2215 2022/10/05 00:29:43 code coverage: enabled 2022/10/05 00:29:43 comparison tracing: enabled 2022/10/05 00:29:43 extra coverage: enabled 2022/10/05 00:29:43 setuid sandbox: enabled 2022/10/05 00:29:43 namespace sandbox: enabled 2022/10/05 00:29:43 Android sandbox: enabled 2022/10/05 00:29:43 fault injection: enabled 2022/10/05 00:29:43 leak checking: enabled 2022/10/05 00:29:43 net packet injection: enabled 2022/10/05 00:29:43 net device setup: enabled 2022/10/05 00:29:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/05 00:29:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/05 00:29:43 USB emulation: enabled 2022/10/05 00:29:43 hci packet injection: enabled 2022/10/05 00:29:43 wifi device emulation: failed to parse kernel version (6.0.0-next-20221004) 2022/10/05 00:29:43 802.15.4 emulation: enabled 2022/10/05 00:29:43 fetching corpus: 50, signal 26732/28480 (executing program) 2022/10/05 00:29:43 fetching corpus: 100, signal 36749/40014 (executing program) 2022/10/05 00:29:43 fetching corpus: 150, signal 42884/47617 (executing program) 2022/10/05 00:29:43 fetching corpus: 200, signal 47985/54101 (executing program) 2022/10/05 00:29:43 fetching corpus: 250, signal 52368/59828 (executing program) 2022/10/05 00:29:43 fetching corpus: 300, signal 59935/68494 (executing program) 2022/10/05 00:29:43 fetching corpus: 350, signal 65251/74857 (executing program) 2022/10/05 00:29:44 fetching corpus: 400, signal 68190/78916 (executing program) 2022/10/05 00:29:44 fetching corpus: 450, signal 70801/82625 (executing program) 2022/10/05 00:29:44 fetching corpus: 500, signal 72713/85694 (executing program) 2022/10/05 00:29:44 fetching corpus: 550, signal 76084/89956 (executing program) 2022/10/05 00:29:44 fetching corpus: 600, signal 78329/93195 (executing program) 2022/10/05 00:29:44 fetching corpus: 650, signal 81054/96790 (executing program) 2022/10/05 00:29:44 fetching corpus: 700, signal 84965/101402 (executing program) 2022/10/05 00:29:44 fetching corpus: 750, signal 89138/106127 (executing program) 2022/10/05 00:29:44 fetching corpus: 800, signal 92002/109656 (executing program) 2022/10/05 00:29:44 fetching corpus: 850, signal 93116/111681 (executing program) 2022/10/05 00:29:44 fetching corpus: 900, signal 96913/115929 (executing program) 2022/10/05 00:29:45 fetching corpus: 950, signal 98934/118579 (executing program) 2022/10/05 00:29:45 fetching corpus: 1000, signal 101215/121449 (executing program) 2022/10/05 00:29:45 fetching corpus: 1050, signal 102405/123391 (executing program) 2022/10/05 00:29:45 fetching corpus: 1100, signal 103902/125545 (executing program) 2022/10/05 00:29:45 fetching corpus: 1150, signal 106981/128926 (executing program) 2022/10/05 00:29:45 fetching corpus: 1200, signal 108846/131392 (executing program) 2022/10/05 00:29:45 fetching corpus: 1250, signal 110029/133208 (executing program) 2022/10/05 00:29:45 fetching corpus: 1300, signal 111905/135512 (executing program) 2022/10/05 00:29:45 fetching corpus: 1350, signal 115576/139094 (executing program) 2022/10/05 00:29:46 fetching corpus: 1400, signal 116653/140759 (executing program) 2022/10/05 00:29:46 fetching corpus: 1450, signal 117722/142403 (executing program) 2022/10/05 00:29:46 fetching corpus: 1500, signal 119994/144873 (executing program) 2022/10/05 00:29:46 fetching corpus: 1550, signal 121106/146443 (executing program) 2022/10/05 00:29:46 fetching corpus: 1600, signal 123336/148797 (executing program) 2022/10/05 00:29:46 fetching corpus: 1650, signal 124504/150361 (executing program) 2022/10/05 00:29:46 fetching corpus: 1700, signal 125934/152058 (executing program) 2022/10/05 00:29:46 fetching corpus: 1750, signal 127360/153744 (executing program) 2022/10/05 00:29:46 fetching corpus: 1800, signal 128536/155295 (executing program) 2022/10/05 00:29:47 fetching corpus: 1850, signal 130144/157043 (executing program) 2022/10/05 00:29:47 fetching corpus: 1900, signal 131953/158939 (executing program) 2022/10/05 00:29:47 fetching corpus: 1950, signal 132879/160192 (executing program) 2022/10/05 00:29:47 fetching corpus: 2000, signal 135289/162340 (executing program) 2022/10/05 00:29:47 fetching corpus: 2050, signal 137248/164195 (executing program) 2022/10/05 00:29:47 fetching corpus: 2100, signal 138489/165594 (executing program) 2022/10/05 00:29:47 fetching corpus: 2150, signal 139593/166869 (executing program) 2022/10/05 00:29:47 fetching corpus: 2200, signal 140433/167983 (executing program) 2022/10/05 00:29:48 fetching corpus: 2250, signal 142236/169644 (executing program) 2022/10/05 00:29:48 fetching corpus: 2300, signal 143689/171068 (executing program) 2022/10/05 00:29:48 fetching corpus: 2350, signal 145151/172446 (executing program) 2022/10/05 00:29:48 fetching corpus: 2400, signal 145879/173449 (executing program) 2022/10/05 00:29:48 fetching corpus: 2450, signal 146776/174480 (executing program) 2022/10/05 00:29:48 fetching corpus: 2500, signal 147222/175242 (executing program) 2022/10/05 00:29:48 fetching corpus: 2550, signal 148637/176521 (executing program) 2022/10/05 00:29:48 fetching corpus: 2600, signal 149220/177341 (executing program) 2022/10/05 00:29:48 fetching corpus: 2650, signal 150219/178343 (executing program) 2022/10/05 00:29:49 fetching corpus: 2700, signal 150833/179167 (executing program) 2022/10/05 00:29:49 fetching corpus: 2750, signal 152091/180275 (executing program) 2022/10/05 00:29:49 fetching corpus: 2800, signal 152872/181143 (executing program) 2022/10/05 00:29:49 fetching corpus: 2850, signal 153330/181868 (executing program) 2022/10/05 00:29:49 fetching corpus: 2900, signal 154895/182993 (executing program) 2022/10/05 00:29:49 fetching corpus: 2950, signal 155809/183856 (executing program) 2022/10/05 00:29:49 fetching corpus: 3000, signal 156549/184637 (executing program) 2022/10/05 00:29:49 fetching corpus: 3050, signal 157090/185294 (executing program) 2022/10/05 00:29:49 fetching corpus: 3100, signal 157527/185910 (executing program) 2022/10/05 00:29:50 fetching corpus: 3150, signal 158646/186737 (executing program) 2022/10/05 00:29:50 fetching corpus: 3200, signal 159448/187505 (executing program) 2022/10/05 00:29:50 fetching corpus: 3250, signal 160771/188415 (executing program) 2022/10/05 00:29:50 fetching corpus: 3300, signal 162941/189590 (executing program) 2022/10/05 00:29:50 fetching corpus: 3350, signal 163408/190146 (executing program) 2022/10/05 00:29:50 fetching corpus: 3400, signal 165335/191193 (executing program) 2022/10/05 00:29:50 fetching corpus: 3450, signal 167167/192103 (executing program) 2022/10/05 00:29:50 fetching corpus: 3500, signal 167778/192641 (executing program) 2022/10/05 00:29:51 fetching corpus: 3550, signal 168324/193183 (executing program) 2022/10/05 00:29:51 fetching corpus: 3600, signal 168887/193704 (executing program) 2022/10/05 00:29:51 fetching corpus: 3650, signal 169410/194262 (executing program) 2022/10/05 00:29:51 fetching corpus: 3700, signal 170352/194873 (executing program) 2022/10/05 00:29:51 fetching corpus: 3750, signal 170906/195315 (executing program) 2022/10/05 00:29:51 fetching corpus: 3800, signal 172212/195990 (executing program) 2022/10/05 00:29:51 fetching corpus: 3850, signal 172666/196387 (executing program) 2022/10/05 00:29:51 fetching corpus: 3900, signal 173338/196830 (executing program) 2022/10/05 00:29:51 fetching corpus: 3950, signal 173873/197230 (executing program) 2022/10/05 00:29:51 fetching corpus: 4000, signal 174406/197603 (executing program) 2022/10/05 00:29:52 fetching corpus: 4050, signal 174977/197988 (executing program) 2022/10/05 00:29:52 fetching corpus: 4100, signal 175364/198379 (executing program) 2022/10/05 00:29:52 fetching corpus: 4150, signal 176093/198798 (executing program) 2022/10/05 00:29:52 fetching corpus: 4200, signal 176968/199190 (executing program) 2022/10/05 00:29:52 fetching corpus: 4250, signal 177382/199537 (executing program) 2022/10/05 00:29:52 fetching corpus: 4300, signal 178853/200373 (executing program) 2022/10/05 00:29:52 fetching corpus: 4350, signal 179282/200679 (executing program) 2022/10/05 00:29:52 fetching corpus: 4400, signal 179957/201006 (executing program) 2022/10/05 00:29:52 fetching corpus: 4450, signal 180350/201276 (executing program) 2022/10/05 00:29:53 fetching corpus: 4500, signal 180955/201575 (executing program) 2022/10/05 00:29:53 fetching corpus: 4550, signal 181385/201838 (executing program) 2022/10/05 00:29:53 fetching corpus: 4600, signal 181906/202116 (executing program) 2022/10/05 00:29:53 fetching corpus: 4650, signal 182389/202367 (executing program) 2022/10/05 00:29:53 fetching corpus: 4700, signal 182887/202641 (executing program) 2022/10/05 00:29:53 fetching corpus: 4750, signal 183347/202882 (executing program) 2022/10/05 00:29:53 fetching corpus: 4800, signal 183920/203124 (executing program) 2022/10/05 00:29:53 fetching corpus: 4850, signal 184378/203319 (executing program) 2022/10/05 00:29:53 fetching corpus: 4900, signal 184895/203516 (executing program) 2022/10/05 00:29:54 fetching corpus: 4950, signal 185620/203694 (executing program) 2022/10/05 00:29:54 fetching corpus: 5000, signal 186083/203888 (executing program) 2022/10/05 00:29:54 fetching corpus: 5050, signal 186833/203998 (executing program) 2022/10/05 00:29:54 fetching corpus: 5100, signal 187369/204008 (executing program) 2022/10/05 00:29:54 fetching corpus: 5118, signal 187629/204008 (executing program) 2022/10/05 00:29:54 fetching corpus: 5118, signal 187629/204008 (executing program) 2022/10/05 00:29:56 starting 8 fuzzer processes 00:29:56 executing program 0: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x24, 0x9, 0x9}}}, 0xc) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}, 0x1}}, 0x4) syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9c}, "8deba159f1ed109451db4c98fd5d13dca4a12d5c2c0424fbdebdc6a3fedcb1e03028af3d6705f84b0fde873e3338e43e35d8a10f5c0867275d86954e5ee657ed0a4c891e9b485e5ffc622f2c950bab9755942f170a7e0b5db2f3f1e5653c700f33f083a1ad546da1a26cb03bcbd12bb48ebd7e9ac9d3d4c83f399164b05b0fde0d17ca04a354de6fd6c29245a37a16edbd4ac7a9770f0a8636778c96"}, 0xa0) syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x1, 0x2, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_move_chan_cfm={{0x10, 0x20, 0x4}, {0x800, 0x5}}, @l2cap_move_chan_cfm={{0x10, 0x7f, 0x4}, {0x9}}, @l2cap_disconn_req={{0x6, 0x80, 0x4}, {0x9e9c, 0xff}}]}}, 0x21) syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_role_change={{0x12, 0x8}, {0x0, @none, 0x1}}}, 0xb) syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x45, 0x4}, {0x1, 0x1}}}}, 0x11) syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x80, 0x8}, {0x252, 0x0, 0x4, 0x401}}}}, 0x15) syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_train_complete={{0x4f, 0x1}, {0x7}}}, 0x4) syz_emit_vhci(&(0x7f0000000380)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0xe1, 0xc8, 0x1}}}, 0x8) syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x38, 0x8}, {0x8001, 0x8, 0x3f, 0xff}}}}, 0x15) syz_emit_vhci(&(0x7f0000000400)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x3a}, "3e1501887a3b7f0c5c5840ddaecfd8990bec9a47d99ecfa8e22a7cb645de7119c31d8ef4049b687e4ead94685c1b21ca1423c3a54fe07453db85"}, 0x3e) syz_emit_vhci(&(0x7f0000000440)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x14}, "73a29f3f3140397109651311a2d03795a1d2fc86"}, 0x18) syz_emit_vhci(&(0x7f0000000480)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x1, 0x1, 0xc7}, @l2cap_cid_signaling={{0xc3}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x6, 0x2}, {0x1}}, @l2cap_conn_req={{0x2, 0xff, 0x4}, {0x5, 0xff}}, @l2cap_conf_req={{0x4, 0xbf, 0x3c}, {0x5, 0x4, [@l2cap_conf_rfc={0x4, 0x9, {0x3, 0x3, 0x2, 0xfff, 0x94d, 0xfe01}}, @l2cap_conf_mtu={0x1, 0x2, 0x8}, @l2cap_conf_efs={0x6, 0x10, {0x40, 0x1, 0x91a, 0xe49b, 0x3, 0x8}}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_ews={0x7, 0x2, 0xfffc}, @l2cap_conf_flushto={0x2, 0x2, 0x8bd}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0xfa}, @l2cap_conf_flushto={0x2, 0x2, 0xfffb}]}}, @l2cap_conf_rsp={{0x5, 0xff, 0x48}, {0x1ff, 0x5, 0x1, [@l2cap_conf_rfc={0x4, 0x9, {0x3, 0x1, 0x0, 0x8, 0xf801, 0x58ee}}, @l2cap_conf_mtu={0x1, 0x2, 0x8}, @l2cap_conf_flushto={0x2, 0x2, 0x3f}, @l2cap_conf_efs={0x6, 0x10, {0x0, 0x1, 0x9372, 0x0, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x1, 0x5, 0x9, 0x4, 0xbc, 0x3f}}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x4, 0x7a, 0x1, 0x8001, 0xe6c}}, @l2cap_conf_flushto={0x2, 0x2, 0x8cd}]}}, @l2cap_cmd_rej_unk={{0x1, 0x7f, 0x2}, {0x1}}, @l2cap_cmd_rej_unk={{0x1, 0x1f, 0x2}, {0x401}}, @l2cap_move_chan_req={{0xe, 0x3, 0x3}, {0x6, 0x7f}}, @l2cap_info_req={{0xa, 0x7, 0x2}, {0x6}}, @l2cap_move_chan_cfm={{0x10, 0x80, 0x4}, {0x4, 0x7}}, @l2cap_disconn_req={{0x6, 0x2, 0x4}, {0x400, 0x3}}]}}, 0xcc) syz_emit_vhci(&(0x7f0000000580)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "f290e61f11e1dc5022d4cad395bb7c1b", 0xfb}}}, 0x1a) syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb6}, "a04a6eb4df56fc2fbbfc913f94bc471013806228347f0a83a7b69d53da70bc9c0f117d4c1c87997cb17c5ea40cff625bd615fb1c7d64ce0a2b8fdba5870e3aad2c8f9ded60400ee52717d5513331a55dac1b0ee49124851e6f3fea02760db3db256d1b7c0e6706ce9f2b0a658eadd41e2bc7b578db28452b8e4faba9683367cf7d0bb9b99c681f02f7af63708050cf8f3a7dafeaebc9083a7e671f9e19619bcb1faa4a8351e50689b27b10967b3093c7b4bdab9fdeac"}, 0xba) syz_emit_vhci(&(0x7f0000000680)=@HCI_EVENT_PKT={0x4, @hci_ev_si_device={{0x1, 0x4}, {0x74, 0x200}}}, 0x7) 00:29:56 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/sem\x00', 0x0, 0x0) ioctl$CDROMEJECT_SW(r0, 0x530f, 0x1) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/consoles\x00', 0x0, 0x0) ioctl$CDROMRESUME(r1, 0x5302) close_range(r0, r0, 0x2) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/tcp6\x00') ioctl$EVIOCSCLOCKID(r2, 0x400445a0, &(0x7f00000000c0)=0x4) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r3, 0xc0c89425, &(0x7f0000000100)={"48b8adcd9c47f76e036f683cddbca0f1", 0x0, 0x0, {0x7, 0x9}, {0x100, 0x7fffffff}, 0x0, [0x0, 0xffffffff, 0x100, 0x9, 0x52, 0x6, 0x6, 0xb38, 0x9c6, 0xb5e7, 0xffffffffffffce2d, 0x7b, 0x8000, 0x101, 0x0, 0xff]}) memfd_secret(0x80000) r4 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x620440, 0x0) pwritev2(r4, &(0x7f0000000680)=[{&(0x7f0000000240)="9f066475296e9f8d9e5effd7f2b408f8ad9fb27fe2c850c11593a65289c2d94463808886c02276a0d788d6f87c191944e4521fee91dfff0a8d77791b254561d75fb389381eee1a9f808e7d8f5c072ddf4babd5655e13f4e0770c2cb0ff9ce4cf09657bcd3a2f1da97be1c29156cdab953c8f7d2cb349dbb68d12b3007d9101d8ccb867d7c0049a5c36c0a3729061209960d0a14afb83fca89d40abd9bbd5ae199d5d3913f48e0a8f33eb51fac07f426e958bdc1fb3156e8357b42e0898a4c8e2d5435429f6", 0xc5}, {&(0x7f0000000340)="afd608ab5c6a5deda9842a8873a118b916346be9ceb35b506da0ceba7bc105fb35937a5fb8accdeb4247e52f9df7159e819dc312a2bfd814e45698864856b0", 0x3f}, {&(0x7f0000000380)="4baa4969f1419624e16488e72769ca6f5a198c3a9d01016ba81530c9769c38f9136f60657376d21d0cf378250f2bf642fd98c4a8e94e327c7a99fc1fc1ea623ec900bacaa903c2fd02a0ab4660996bac2631bc45a3", 0x55}, {&(0x7f0000000400)="06cd04bcb1869b9a9ba6d54de41a0c57a52e901e5e64cabb7740d0b69aee752a31aaaa0432842a94abf81171be0fa28b952dccff34562c1cbe2691b6fac6137d2fa9ccea07aaf156ee797503cd1c1c0cc676f0b12ffbf9cb382d65cb785d485e8f0b32f92588f97dfc72e5155bb1a6137401798aa6f487338ffe11d386dc1e59be6f5ee676d6cf0aa3e628b8e84413bf5e5bbd5d3482b941ea973e1e02e21616937dd206131fe3ad510f101aea3df65ea94319d1d08285163149d405f09b0e75a5169a0cf55e34dd710d681d6cae8a7f1c28fdb98fda5050d57fb36ee271cd0852bd51c88b3b01e4d2b758", 0xeb}, {&(0x7f0000000500)="10a86dcfeab375bc35a9fad47b9290490927722c0e4ad3fff76a8418e5c43d515eed6be896557dc71942ec2569af92479b94dd665106be36eca0b4f459e9fa7e419418c289aa0fc0fba3b0d03e73481dc32cc4b41be79eb5e5a9ac1a2dbf954571e8e28dbcc0cb7fb71e07ed155ad3d68297d900a50e", 0x76}, {&(0x7f0000000580)="bb5d8efa1160b4edc58a42550eafb39aac7d7a03e7ed276a0eea350514e7dcb42ba61f5f326ce7acc0a4baf25a8f14167ae45ebcd7d185a24cd353eac8ed676e0a3cab17808c976ef2364792418a6ad411b5eab4d9fcbf814a87a0fe25107f598ec28db332f39a1f39fe18b8b3c60b929fc63fc0c46eda4f583997ea03b4c56ecbb08e2b805a24b9b238f0b567670cd8c5f7757630e628cca82fb6269a8431128154433e6dd3276dea8bfb1335b49e6e5184115283c63fbd06039cb10df2b5c12db24c8add266465a888568b6131b478ea39799d42372dfbbb2e15e2", 0xdc}], 0x6, 0x1, 0x4, 0x17) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x30, 0x0, 0x200, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x14}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x4c}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x20040820) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x100, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x81}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x8100}, 0x48800) r5 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000900)='./binderfs/binder-control\x00', 0x2, 0x0) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000940)=0x0) fcntl$lock(r5, 0x0, &(0x7f0000000980)={0x0, 0x3, 0x2800000000000, 0x401, r6}) ioctl$TIOCSISO7816(r2, 0xc0285443, &(0x7f00000009c0)={0x5, 0x7, 0x6, 0x8, 0x7}) flock(0xffffffffffffffff, 0x3) fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000a00)='\\\x00', 0x0, r2) 00:29:56 executing program 7: fsync(0xffffffffffffffff) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x100000001}) ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, &(0x7f0000000440)={0xeb, 0x5, &(0x7f0000000040)}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000000480)) fdatasync(0xffffffffffffffff) ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, &(0x7f00000004c0)) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000580)={'ip6gre0\x00', &(0x7f0000000500)={'syztnl2\x00', 0x0, 0x29, 0x1, 0x1, 0xd7, 0x54, @private2, @mcast2, 0x1, 0x1, 0x8, 0x2}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000640)={'syztnl1\x00', &(0x7f00000005c0)={'syztnl0\x00', r0, 0x7800, 0x1, 0x4401, 0x3, {{0x18, 0x4, 0x3, 0x0, 0x60, 0x66, 0x0, 0x53, 0x0, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ssrr={0x89, 0xf, 0x7b, [@broadcast, @private=0xa010100, @remote]}, @end, @lsrr={0x83, 0x7, 0xae, [@multicast1]}, @timestamp_prespec={0x44, 0x34, 0x51, 0x3, 0x4, [{@multicast1, 0x6}, {@loopback, 0x7}, {@broadcast, 0x10000}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7f7}, {@multicast2, 0x5}]}]}}}}}) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4a, &(0x7f0000000680)=""/4096) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x84000020}, 0xc, &(0x7f0000001800)={&(0x7f00000016c0)={0x10c, 0x0, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x80, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x44, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x2c, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x10c}, 0x1, 0x0, 0x0, 0x10}, 0x88041) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000001880)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) write$char_usb(r1, &(0x7f00000018c0)="e9e6fe912f6d69ce9644031d00932b7fcfde9f6ae40f6bacf8a6473ecbe0fd014a76acd5101a55055c7b597c2ff143fcacc8960c939c3c1afbda3e", 0x3b) r2 = syz_io_uring_complete(0x0) unlinkat(r2, &(0x7f0000001900)='./file0\x00', 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000001940)=""/242) sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000001b00)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a80)={0x40, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0xd, 0x2a, [@mesh_config={0x71, 0x7, {0x1, 0x0, 0x1, 0xffffffffffffffff, 0x2, 0x20, 0xa9}}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x2}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x4) flistxattr(r2, &(0x7f0000001b40)=""/147, 0x93) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000001c00)=0x5) ioctl$SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000001c40)) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000001cc0)=0x1, 0x4) 00:29:56 executing program 2: ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x100000001, 0x0, 0x9}) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000040)={0x32, 0x8, 0x0, 0x3f, 0x0, [@empty, @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x34}}, @empty]}, 0x48) r1 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x40203, 0x80) sendmsg$IPSET_CMD_DEL(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, 0xa, 0x6, 0x5, 0x0, 0x0, {0xb, 0x0, 0x8}, [@IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x6}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x7f}]}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x4}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x7}, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz0\x00'}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xfffffff8}]}, 0x60}, 0x1, 0x0, 0x0, 0x40800}, 0x4000011) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x400, 0x0, 0x12, 0x18, 0x5, "4ce9184ed7edf5c7456d9d384c580c7261e8e08ab116d970800f6fa46f330a0a797abaa4683263704854654ca14526998ac8c30cfd35d3e37ffe8426cfaacb7e", "55b6dd550aa2d5097c94591bd3bcb69d809eebe833acad2cf6f5215306e8ef10eaed283e55d53c4dd98b847da54fe25e300d8832f7698284f595242249f445e5", "3855644847b488b6ec9514dda86a88e4e26594ceca569e68d749d20376c0fe9b", [0xdfc, 0x9]}) r2 = openat(r1, &(0x7f0000000340)='./file0\x00', 0x101000, 0x43) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'}) write(r3, &(0x7f00000003c0), 0x0) sendfile(r0, r1, &(0x7f0000000400)=0x4, 0x1) ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r1, 0x8982, &(0x7f0000000440)={0x8, 'veth0_to_bond\x00', {'veth0_to_bridge\x00'}}) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4010) pwritev(r3, &(0x7f0000000940)=[{&(0x7f0000000580)="821ce8f77c12330407fed78ab54a9015c49748a7821f5f362028bf5ffaf18b4026a989dd5e583199bce70b019ce78620bac0f8b46eb9e7d2164634fd9cc653a7075cdeffffe48be5d93d44cc5f88c65f2eae16c47128cb141421b652b3524031dc6fd31f0a2f71f14de9e953d9298d593ce6f42952817a4dd36e124afd481437eeadf7ed4bc0a32158bbb8344ab21d27a4c2f1b8b72f4ec90dce644825d14eb1", 0xa0}, {&(0x7f0000000640)}, {&(0x7f0000000680)="3c46e65c1b314923a6426f52f9c12fa41b1c4353eb961b5670e05dcee767c2f3d8698c88e94190814f85cd28f817af4b6d1f56a3fdd0da54e3a0ee10c199a3b896cdaa79bce3e2dd3c060e0a693d2e53a48ad3e6109db20d469bc6a386dc5a5ad7e39b9ccc54e78a2ac912e404c9822d280d74870e472f257d9b203d11034ceb51c2a6697d25ab9b", 0x88}, {&(0x7f0000000740)="b1724dea5c8e057c3ce68f276b91529e1eb1dd0925973cddb81b3e7931206f7bc3127c809ecf741886ea70c355aa1a65169e27af5e510a69ea5e042b3ed7bdd72c51324f18b7a4e9b76c6e486e4dafa3312bd903fd91b2a238b759ff86ff00cd028b9f58d4a58586ed89838be91af57076c66779b6cac008a9e0f5bba77f8bfe9a884b1c4a4f17ec8abdb327676d26e284a50d61bf9bafe7ca039dc65f01242c3652f7b58c31a4d02e74b59c04537fce68f833c32488b1b40ec0cbc0bff3e389c268d57f4772da7edb9a5a5e528fd2646fb8f858b5f94908553f", 0xda}, {&(0x7f0000000840)="e807dae0506071cd26cd78f68478c16258839ab13464b919750d925bc405d4f41f8a82295174211b0b84baa8660d8ebec5bcb58284f22bef4b62034505b013c043e9ef622a33c6f8faee9b94685a1036d1a38c63bb8e8eb3a2d772f011a0bb536b6eb2aebd21460e947133284a58f5b77ffd67610ab08b81b1748bf4b80855cf8e07709be69a92ead0a7f8d735541f522d065dab028a83e4b97ec3cbbae90b524848a4873b378f45cadfe2befb9347fcd95cfad2ba927b8e3c9d00d5dd96dcb5c1aa0cd6adf78edb0c6f1ef91500e6db97f0d223249eb759ad895f8962be68ba2cf742bf21b0", 0xe6}], 0x5, 0x81, 0x8) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$FICLONE(r3, 0x40049409, r4) r5 = syz_open_dev$rtc(&(0x7f00000009c0), 0x2, 0x181800) ioctl$F2FS_IOC_GARBAGE_COLLECT(r5, 0x4004f506, &(0x7f0000000a00)=0x1) getpeername$unix(0xffffffffffffffff, &(0x7f0000000a40)=@abs, &(0x7f0000000ac0)=0x6e) r6 = accept4$inet(r0, &(0x7f0000000b00), &(0x7f0000000b40)=0x10, 0x800) ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000b80)={0x8, 0xfffffffb, 0xb0ac, 0x401, 0x9}) setsockopt$inet6_MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000bc0)={0xc47, 0x0, 0x9, 0xfb3}, 0xc) 00:29:56 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x12400, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000040)={0x0, 0x9}) ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000080)={0x1, 0x2, 0x2}) ioctl$FICLONE(r0, 0x40049409, 0xffffffffffffffff) r1 = syz_io_uring_setup(0x5bdf, &(0x7f00000000c0)={0x0, 0x4abc, 0x10, 0x1, 0x2db, 0x0, r0}, &(0x7f0000ff8000/0x5000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000180)) ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f00000001c0)={0x0, 0x1f, 0x0, [0x1, 0x20, 0x1, 0x7, 0xfffffffffffffffd], [0x5, 0x7, 0x4, 0xe8e4, 0x10000, 0x1, 0x7, 0x2, 0xffffffffffffffff, 0x4, 0x5e2df3ca, 0xb0e, 0x1000, 0x3, 0x8, 0xac, 0x9, 0x4, 0xffffffffffffb5ef, 0x0, 0xa0, 0x4, 0xfffffffffffff55b, 0x2, 0xfff, 0x1, 0x9, 0x9, 0x80000000, 0x8, 0x0, 0x6, 0x3, 0xd97, 0x8000, 0x5, 0x917, 0x23, 0x1000, 0x5, 0x1, 0x6, 0x0, 0x72c6e5b0, 0x7, 0x1, 0x3, 0x4, 0x949, 0x1fffc0000000000, 0x1e4, 0x81, 0x3, 0x9, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x5, 0x7fffffff, 0x2, 0x7fff, 0x20, 0xffffffffffffff01, 0x8, 0x100000000, 0x100000001, 0xff8, 0x835, 0x1, 0x8dae511, 0x8, 0x40, 0x0, 0x100, 0x3ff, 0x9, 0x80000001, 0x4, 0xea, 0x9ec, 0x1, 0x8, 0x1, 0xd19, 0x5, 0x0, 0x380000000000, 0x2, 0x8, 0x8, 0xffffffffffffff80, 0x32d9, 0xffffffffffff9a64, 0x4, 0xffffffff00000001, 0x5, 0x8, 0x7, 0xa95e, 0x41b, 0x8001, 0x4, 0x3, 0x2, 0x2, 0x2, 0x800, 0x0, 0x80000001, 0x1, 0x4, 0x5, 0x5, 0xffffffffffff7646, 0x2, 0x0, 0x9, 0x5, 0x7fff]}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000600)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) io_uring_enter(r2, 0x708f, 0x2584, 0x3, &(0x7f0000000640)={[0xffff]}, 0x8) syz_io_uring_setup(0x5f45, &(0x7f0000000680)={0x0, 0x918b, 0x20, 0x3, 0x11, 0x0, r1}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000700), &(0x7f0000000740)) mount$9p_xen(&(0x7f0000000780), &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800), 0x8040, &(0x7f0000000840)={'trans=xen,', {[{@cache_mmap}, {@msize={'msize', 0x3d, 0x20}}, {@cachetag={'cachetag', 0x3d, '\x00'}}, {@noextend}, {@dfltuid}, {@noextend}, {@msize={'msize', 0x3d, 0x7fff}}, {@mmap}, {@fscache}], [{@subj_user={'subj_user', 0x3d, '/dev/vcsa\x00'}}, {@subj_role={'subj_role', 0x3d, '/dev/vcsa\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/vcsa\x00'}}, {@subj_type={'subj_type', 0x3d, '\x00'}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}, {@measure}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@context={'context', 0x3d, 'root'}}]}}) setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f0000000980)={0x2, 0x800, 0x1, 0x9}, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0) sendmsg$NL80211_CMD_NOTIFY_RADAR(r2, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0xc0058400}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x48, r3, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3, 0x63}}}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7ff}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x8881) r4 = memfd_secret(0x80000) ioctl$PERF_EVENT_IOC_REFRESH(r4, 0x2402, 0xffffffffffff7fff) sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000d80)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x10120000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000b80)={0x194, r3, 0x200, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x200, 0x79}}}}, [@NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x7f}, @NL80211_ATTR_VENDOR_DATA={0x91, 0xc5, "a7071217c576346cfe1b660246d32b9acb8f08cb3e0ac74f5b78a2fbd111cdd687627f245649d4adf108f20da4b6154b8efcc43e430070931a337ff3f083a4844ce3a024015b4232342fd87ba114146344e45235927304048af2f9457d2dac1757d4209b7b4179a76a4261a31623361cab583c7e188ca587e0053fcaeaa7c1401f8517b7cf86a65388a76eea60"}, @NL80211_ATTR_VENDOR_DATA={0xb9, 0xc5, "68ec66da2418bd080bd3089b14c97a74a8ed026ff0fe049efd0b8aedac8e861a048ec75dc76b0705f4a5d82205f8fb82b29cc7fed60db119b7aa5edbc8c95bdf5e722c1bc2a26c4d9c8e6f2d815f70cbe027615a9b87ef0655e2c8b7bfcf3337820177e07a6afdac29b44b162d0af32a207e004d9864f3b0541328e31fd755062f7d72b13526b1aa1e38d506965b4e4cca1f984ce51ecb102722f6f2e1f8f3590832c4ea8d5cf055c15ade338d7a06f3bebbb76d52"}, @NL80211_ATTR_VENDOR_DATA={0xc, 0xc5, "81541dfb8af0ab69"}]}, 0x194}, 0x1, 0x0, 0x0, 0x4000}, 0x20040000) ioctl$FIONCLEX(r0, 0x5450) io_uring_setup(0x322e, &(0x7f0000000dc0)={0x0, 0x2978, 0x0, 0x2, 0x2d1}) r5 = fsmount(r4, 0x0, 0x85) ioctl(r5, 0x7fffffff, &(0x7f0000000e40)="ddeba89ac7e0a61db3b1eadcb0a91b050eae0e55767c9b0dfb3527d2e49da59140da40dd142276e680ffe5a0ee72176d51df91c23f88579b9ddfe0bf887f1b190278225781195920723ecdc5d37e4c72cb57ca7c492be684a50d46050638db5777165b4ec2db8b6d323b49c1c268bb9a9ce5f773fbdf9d4a05a720f8c4cea704f7644b323d631496295c2f125067dfd661c646f6affd55d427d8a7b0b17736703597268f6dc2f6aa48c605f7dd4e567dca6a23cd8d2a7247f2fe77a028a32be22e47a79f8ad5") [ 65.115626] audit: type=1400 audit(1664929796.794:6): avc: denied { execmem } for pid=283 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 00:29:56 executing program 3: ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000000)={0x0, 0x6}) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f0000001000)={0xffffffffffffffff, 0xffffffffffffffff, 0x24f8}) r0 = dup(0xffffffffffffffff) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001040), 0x301800, 0x0) fstat(r0, &(0x7f0000001080)) sendto$inet(r1, &(0x7f0000001100), 0x0, 0x0, &(0x7f0000001140)={0x2, 0x4e22, @private=0xa010102}, 0x10) r2 = dup(r1) accept$inet(r2, 0x0, &(0x7f0000001180)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) fstat(r3, &(0x7f00000011c0)) r4 = fsmount(0xffffffffffffffff, 0x0, 0xf8) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000013c0)={&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001240)=""/148, 0x94, 0x1, &(0x7f0000001300)=""/152, 0x98}, &(0x7f0000001400)=0x40) ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000001440)) fcntl$setlease(r4, 0x400, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0xc080661a, &(0x7f0000001480)={@desc={0x1, 0x0, @desc1}}) r5 = accept4$unix(r1, &(0x7f0000001500), &(0x7f0000001580)=0x6e, 0x81000) ioctl$BTRFS_IOC_QUOTA_RESCAN(r5, 0x4040942c, &(0x7f00000015c0)={0x0, 0x2, [0x6, 0x1ff, 0x3, 0x3, 0x81, 0x5]}) r6 = openat(0xffffffffffffff9c, &(0x7f0000001600)='./file0\x00', 0x80, 0x192) setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000001640)={@multicast1, @rand_addr=0x64010101}, 0xc) stat(&(0x7f0000001680)='./file0\x00', &(0x7f00000016c0)) 00:29:56 executing program 4: getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000000), &(0x7f0000000040)=0x8) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x170, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xb7, 0xa8, @random="6e1665a82d1fb5408cb32be3ab777ed61d3601cfe2fdbb6e92bf7b805f4902a2d988df59bb9e9a875d6dfeadb9916b31c8f0fb8a42865eedce2f80051e0923831a475ff85e91d3e4fa7db7762b444d4f9e439f40bb572a1e5f9ed61cf0cf4c76c35f148f43f51b23d71da0fe9d02bd0872ca82f72cc2923310c0fa81b023cb5b542b1597caae20aba8dd810f30c8980d8b7b03a711072e34987267cbb6c9a8513c23247c0003c94e8859837e82350d6ee9d948"}]}, 0x170}, 0x1, 0x0, 0x0, 0x4}, 0x10) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xe8, r0, 0x200, 0x70bd28, 0x100, {}, [@HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) r1 = syz_io_uring_complete(0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, r2, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48000}, 0x200440d0) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000600)={'bridge_slave_0\x00', 0x0}) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, r0, 0x508, 0x70bd2a, 0x25dfdbfc}, 0x14}}, 0x20000000) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000780), r1) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000900)={'batadv0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f0000000c40)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x4010}, 0xc, &(0x7f0000000c00)={&(0x7f0000000940)={0x2a8, r5, 0x210, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x190, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0xc, 0x3, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x13}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0xf0, 0x3, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '}$\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\xab\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfff}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x100}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1ff}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, 'netdevsim\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'pci\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '{\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1ff}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, 'secondname\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_MASK={0x7c, 0x5, "0b0df9a5967e049e3e6fef8128a523c52de8d6e1bf813fc5aca4a47ed48f0a02318dc65f06c06a7c2823d3e23b84d4b114e1df8888a33bfaaf060f34f3f8dde63f3a5e286ae40b3f28ee4a0ee7188cbc9135e2c256c982cb7e6ffd9d2dd6591670a60f6fb7cf6647413f7b15362e01efbc4a773b32eb6273"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x2a8}, 0x1, 0x0, 0x0, 0x20004014}, 0x40000) r7 = open_tree(r1, &(0x7f0000000c80)='./file0\x00', 0x1000) sendmsg$802154_dgram(r7, &(0x7f0000000dc0)={&(0x7f0000000cc0), 0x14, &(0x7f0000000d80)={&(0x7f0000000d00)="3be0c7fe810e7d1512fc3f07e8a2814cea6994f890ae62a65cea6b9b66a5e884887e32a4a3d267a57180ded1bf5cd33e837e57d6e3f10745502d9ef7e2916a97ec6ce277ddfca4b1ffde7878e87ef8e1c2731cc0aab952bb98534fd05e4ec14b6a47a6b2eadfa2e3938d7c1b00e23f", 0x6f}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r8 = openat$cgroup_ro(r7, &(0x7f0000000e00)='cpuacct.usage_user\x00', 0x0, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(r8, &(0x7f0000000f40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000e80)={0x44, r5, 0x2, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_TX={0x5}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x810}, 0x20000000) sendmsg$nl_netfilter(r8, &(0x7f0000002400)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000023c0)={&(0x7f0000000fc0)={0x13fc, 0x11, 0x8, 0x5, 0x70bd26, 0x25dfdbfc, {0x9, 0x0, 0x3}, [@nested={0x22a, 0x16, 0x0, 0x1, [@generic="acc060f206742555b025109e2633da58c0f56e179cccf30a61ce19d59da70fa4ec859848f8c84c413820163233b600d615a12bcbac", @generic="cbd0605c63483a6ba165a6ed0e47ab48cf8cb9793b6995c88ff7e603dcdddda3d2340f279eb061da34e4fd17c174b594438994d08a85688f668b1da25a02804750737860fb9a3d7aab21a90470a3f1bdc06fba6a1a2ad98e3bba976efcbed08b951b8a172a7f48d554025e0c75d357eb295dd7fcfdb3983791cec595f27e5c801f990525cd1b05f8dcad7e52870a89502d599e0f80b6563f34e862ba3235a5a1675511df8cbbe3ce44aaa26ce090cc8e1f8127c6401fc06c190652c82651d7735c0adce718320868f62e88eb2574665992ab248cbfc0d2ac75b4a90374525e8eeaa9b5be00cc90c5c35c5c13ff2154723c0571ec3c42199083", @generic="1c364ccb990e03073978072d740c84bc36430524dc42ae5c00154718e4194d24e5f00a1f65903772cbf601e818605635c527472449851feeca8244ee5750e4df561c4452cf8b418972a99fef890b4f7039065522e6e19a6c065c38448683a08ac7cc5080e2182d5ed071c66500613c58e6cd4271910b07faeaf8561b05afe2fa1d09fb97e58348f84852cf7ef5c2f8ffb57d452010e82da7f0bbf447ff8eb1f6dec59600941af40d1c1e0b55c2ceb81abe475fd7ec3a781a5af11f82b963602fbf5634f058b00a46015dba5fa6967d3d530f85c216ef474616ed69f297abc216e44941e119ca6f483a44dcb7d39bd051a49f40a7", @typed={0x4, 0x7}]}, @nested={0x55, 0x0, 0x0, 0x1, [@generic="1380fe62aaad549f408c7d20e289e7ae0eb2c85a84591daf4af4d9450c54980a46bb44752e5da6a64ec2de8678f201b931a8f2625bbc96da263174ef99dca8a35e7c72e6bd74407280b491b4d7fb89f200"]}, @generic="40c8daaa2c70afd27215200d9b9168c76539565de7651935c37015a6a032a6ab4bd28a0002c6a36fd29d3f217a54d37db1e235091265520135c49594884928412e36a068a9932199cf8257704f850f38f6ac4710593db4d98fd2f5f37651a39aa3c774841870d60216415d4e2fac07fa99944c2d6c2b6fbcaf90a55b1b1415621be5469f16fd4a206e996f3bb7d9effe918310a0355602874941a7fc19d36b379f829c76be8823eebd82d0be5ed8df5100c75d24", @nested={0x10af, 0x45, 0x0, 0x1, [@generic="e05c0836ba060b08fd4e07a05dede6441af05bc0a8824880a7f6993064fa342e2a366b121e3a9a7814562b6eae644e98ffaf6ba9efb9e4b513f46ef78b76eef7ed47a0f4c016700d3f8e17dd63a1a33e14fb59adf4f751569fdc917ab0440e5d5fc94e52b6b31c2a417ce8ba9ac58ffd28ef3a29dbe4e21cc0b3246dca6204c67d1ca06b4159839f595658ab772ff44f847a72bd2309335aede950646f9dae5580fe5bada94cb124821b016300fb713c9bf0bfcc2367128ddffeae27e09728f45aca188a0e266be1ed01d0a18d88c205d15762e5d4510cdb0fb76e2e892fc5f60e0ae746df5950154ae6212de175342e5d57213cffd6ee477922aedb81c8a5d93c0c5f6ef3a1ce2dd079e5dc5ed22161af4a4e9fe27d1cf0523f30206bcc352189f6a72f5b78d3ec20e79da1254376efe28102872f61998b6bc593627f4d968ff342cca9ba8a5b2f0726756d5a352342972dd41d15a39f58bc4d40df37e8fac0ee5eef32f2004cea61e697d6f0dea2b504ae8b2cd92ea61ee37325da1df58225d74f20ae1874c18abf1e30975488d74439fdd1322018550c915a774bf2b52da98f4d541dea94b805cd03095d00010675bbba55b9940e65e7e7f230a70433a21c876d7bbfceea0a82607d3dcfa1356ba6a63cff229d74786d16b1976429d6b0043308f7cb8e6772a5ab910ede7e0f3efdecbb52f79f1d0d29a41cdb15a43318cfd125cba55470acf15eba80fd0a2ed09f73d1588dda1f118add611e40f873e7847c9490eeb6dfc83c5eecae6bd845bc34b30d074865b27b5a36618f9abbf9afad8e641e7946b7848849ed9651c1582de88fbb9ff03a944b4f52cc95ff47a5f8049f9f648e2321ab9ca7c3ee9dcc1e2c14b04a1f98b43b81f4e1fb17fcd0240dcceb6fc1aa6773a6ba740fe1d33f6c8d81d442f91068fc29d47f2e16bb0d427fc58cdaf291489025949aa837daec95f441a5e8fa48143beb58e25f7dbaa10f5f653f090c0b6cb039a764cfadcb6d9330ca0cc19756a3b106cb3585ea0832a5fbe9c247a8407c2013d2c36f5d0e931e25357ea6c51bd4c2c2608ffbf67d7c2c65bffb4868fb4451419045a57fdc11166fb3bf91f1ef0c66fd8cef0ce2619433222a698b5b67b34600fe8cad02acc8ba79b8dbdf79653fc2bbd7f3cd1a389a9d3bca3f9a53e7a1b6c7c541588f7110ef270d04b0a01d4f35fffdabf7c9181a66316af5ef29939108c11cc938a9f4d16906a84eed3f460c4012fddbd7e4596a023fb50b587a7b108827a1dc7f9c3c3f4613f04eeef7f00b01ff128007716120d6fb81c4a0ebb39bc32c30faf59b70f1318516f360f80734e7e9e1e2db886ec3e756e2a0951bec4961264d3e79356d9944c46313cb36e53a12cf1c1a89aacac1efb9071a2c70b0cb643cc6ea661c3f9109ea35e69479c859d22ca52c3bba4fc4c1c7b582d3c3afb08dc88f639959f77f82a220795101fd0aaa392982764d840fb332f7213b50c0d917e95d092ddb8396ffd9c96769adf9dc2cb317af23122c8279bfadc0d3ab08cdb168676902ab9947d99a27859192f305afe06ce11d6e34a428bef932d056f48efc265db82bf4d446ea06a53b4e7d04b2a2939e7de878a167b9ed823cdfdcf526d47c70e98942bc9e2737f2c213a1e02d8ce35e036b195735eff4a2546c673ea790894800165932b94ebe8b3c64912547e6137ffd90f5e315ea3524b657ef1c29df8490a5d079558deffc072dbf2dd028cb55074855760591a610b0d3d4759d59e1cd432bfb5cea364f718d49133dd8adf439bcf40022298111cf7610d925c2597e66c74e6316a7e5b8036c9e7d1cd8eb9be5aaefe053fb07dfe7e12a855c6eae43519df83041ba173f7e3fb9b992f471e0e21fe2f4360e2992e99c100faa2a19f0ff77860c32a54aa8af3e5486ee80ca8f12f863608028c6ac989670ee8dd645463f251161f97f4a14dc7e8a23bf635b8b89166a9a8d89076814703197b6314bb2a01f4b8094415ce172c962b6441bb7e1ac703e04c1dd5ad9f1768d16fb4297f55125b792dc2a475dfcf852f58ab674a78d3440c92e7499ebb8b47a66f7222e0903ddb7a684c64c1c928411f59efb5c3bdc60678a29e457cca50860a73a3e594f6c3186e592b54ca5965e9ecbc5819e58f44d4b9d5d7dc032d0352e35c6d89cda2534b19071135a0627c2d708e15aaa426049a3d6d2d98f3c9ba401b96a663a11e82424244eec3fcc42fbac606b97807d606b26a3fa02a9d046986b29695d59aea7cd85ff33c71813c8cf3089d703fc46952bb2415cf667115e321118359e0d931f7591bc58ffaa68cd12e771eb97807e6fc29b5ee508337d0bfeb9dbe3997a45e89243461e2489e1327bd9df90925dfec950425eac17bb1b8e329c0ebf12cd20481572ea9d09b6f40177081f0901f27761334225c7815305562fc9a8ea18b39b044660349d745e9f90f402f76ba9c5c1a781c53047ec803a9fcf63edeac5cfd9acc6e9a947c80b8fbf671c018868ca3dae709da03cc7a54048ebcb060a6d1128a0f463a5d016cb7fbd0c9abf5a0ebfb05922c4a67387fe902ade1ac6240a3a2ed206191c2b5fc88b43c8632e8a92319018317a9a2ae093507c16d022fec4794ec08c67828d31511a5e90aba8021652926a9bcda728b5d8e78ad8a9564c3082630ee48fc8e942af6a7efcaf2ef0213af33d0e56e5b75fde924af79844e099dbd11b68f2dd18fd47b2bcc5b74ccf557a5d64cb877a5447b6727d428b8409aa825d75505d7403f7c06a59e3b98b8f8aa1df18ab75f31264b54f8a716595f54e47329d73943ca511962f83e152890b46a33cb16fe1edbea5dd730fc18bb828b65c66e1f3015a71a4cdf2040185a809a2a77b49eacaab86a1a1fd054c7e18431f5d1b6266037aca8324a1399be155bd7e149f5ce0be92196a028433377291e28917c28d11c9486dbfa390143cd3b8c18045178e3a904301832c6d94a3709e6ce3e29ec29f160c5077862aaf1be195a49d1d6d9b0c29c4ff4d6322508cc572819ff177c61b2c3fbb83bb00a961e08ab0f672e3acb1ba62a1787e4a0e7fb619942b3223186233a5d2f72c218df75803db61163c3c420bede0c2ce8e4b28ef20a92803212ae9caba416c5b7e42aecc628805f018882892ba6b6b091e9c6bfbef299d1dc155a968cef2bccc836272e3502c75cdb7f439d27a44d98ea22e3dbc3622868b8ccff5b5ff1148860fefe9a01c4a86b426b72351ae712dbf5c25a01044bad6c3f091bcd467b43d96a3740d6c87193697bf4ea58ccafc1d897bd00243cb6e701919e6bc155c0778099278352fdd3ba84abe4353421134edfa425f782abe7e9159f1dd78e3d80b0c12ebd5b0a4f9073721900e5f4053d4f5b7ce157a21eb02b5c5bd62ffb1fadbcbcc202fea4c208140504a9a8ac29fc6b914e6dec4270494eb2545e9c6cee6c16a04c21372ae41abc5bb4b5492fd5e856547a8375d1956c855afd6c8a4c4991e32dd2d1ff7d1f137fbba6dbdf890f36f1a53e556eb0418930a68fefd18f07cfc1ad5871b4c99ec1063905bd0ab8f202dd14f177bfab6c3e90847e91fe716eb788c8c4b67e58a8c8b9ce4ef58566f0947c8ba04527a6eaac7cde32a77159855a53297193fde2c9fcf5cb6db9c07afe6cb6a8d2115d9a261d660683432e3e131db924d0d5d238c4f1112adcb88c7aad401e4eb195404ed5894980e2cb245adb4b502e0ff44e5213460250da3dca7236a79ad09173853c8e819645284f612d90ad6f997f169f6d0de6a1655219e2191cb64dd4f0058a17c2eaa9802dd5c64d3305f6a492823b27ce985da02b37f7a0acf69eed7986584111b248e637deb6b9f4dd50b90f6c419f2bdf4e5c34ae3f268c4e682542db9e569529128738189e9374c772b1afd473775b50f06ed14b0b77a92f57a65e407d1652d174386a8bd0351611759f3dc0ed3fe92250044842b2bd4f6ad461bd773560633b48fbe0fd92311b175a247fcb21eddf6afb7e66c5209cf04c0ae5134853acd553cec1d0c8504d5a2a398edef93f92acfd7a3185c6e045e260b6a347b4a1a5aaed69d9e7cc03dc6bc1c88f4da03f52138de49bec65003f41fe1755e05a0542adc0a24159f60b00fd8a810517d25a5dbe11eb024a12982dcd5285f7568f4adc23e4f832f3bdeb47d99436e70c835887fb8d6f55746309e75081e59aca9a14d70fb7bdfcce02c635215dc7bd9ad490a7d1852461e72dc2bbe73428ddaa570e604f573b9a3254994ec438fb3a383180606eb92e1730e0c4c88fe058b11f9c16f3c0aa0344cd7db7e9d3cfcf93c7857b51211f3d28fdb3bba62d6c75f022a3a272ac7e7d4d60c28efc4f2288a743ace44483d2f6ffd7b076a1680cbc8889ee8b736710117b6e3844385cb1e96366c801e26deb9cd47edb714240374f2b069ea49bd13d81e8c374485f0d6b397b59b61d4a6e64bba8cf7d330460e85d78c4655719fe806c27335dbe8589a51788e9ee4ccf4f938c1ffb1a60f97db4335316657c806b14287e556850bb4b868756dd38c80fdd350fc4fb80389897f7e2e88c4cc23e01350e5210a8cde532b0afe58f18ec381d1208882a98750ceccc3e693120111f3977da5ca1584b636946dda7e449c41c56f0bc9db4247db5f5121dfb3fb259534b08394bfd072e07ce7684fb434ab3e58c1e5a3e8cb51e54e072ad492a2fd68d0379f57507a46da0738e25755c7432de51eadab1eb9ff90b4ab757db82d1f3896d966a3f186643fb68dace6c6d0d55e6c4577ef2c679bffd57a46847b3d3de54c3e22407604f108763c5d67cfbe3ce8dce2131ca2b863187b9d1dce6e28f267085b7509c9661ae4e1bcb1ccd43e6433684ea0ec2ec63faaed1949a2ac13d9b22131e556cd85b67cb23b733125c55f8198de555ae4535be332c0229cf1b8ede62ed371ef790ff5c946a50772098bb9ed5cbe5c0eac710d80fd34a06904f846b89f8cf53527e259962976dc1463b9b7ddf31247a146f498618c5ef4e24272f15e7f14f23b04baf7c475a2c091a7e983a54e0ba5dbdbef6fe8e89a4115f855821b39d3a1b283142fa3fb2a830481dbad7b80237dbec92da5044e4ac5bcfdc6ae482258d851d1684eecd4445f1800d134252328badab1fdd2ed3dbc19bedf873f12690d7ac3c607e5383bd17483fdd2f250f73f10b11bb2bf54df3e9b5f9109e667afc3b6ea29cba7280ba42891093c6c3aa538ca7284d1d03065ac85396abcf59ba46a6656cfb30ac4760cb07f0f2d320090dbff2c44859ada7f262e239a0f0e1c9570fde29228d84cb9e558d838528d94cc7a8efde64d3f3cd8cb7c93b95ffd59d56281d044875a661a4fad2f07e8c53ab1d84ef4e7cef2f1716cac0e7abb82be8f35992df8cb004d19f5d462b5cff2ef32d01141f307448043f3d14855740c64b89ef1c6e567cdc214f2989a06871804ec595c235b0b65fd70be10161683eda112fec848d44ee4db99bb2544009a0773b72d21b4931844ad3df5241213256768d6a7bd7aaa24dd4ed4a50ccdf28ac597d44eb1628f18ed344065a50626fa3ac3889797612b628cc78cc196f127d536cb865d6ed5a4295b5cd48021e1bf297402140bdbbbf9e91086be11934b0a401b62e11b5993be6ab2df3fbc902bbc4d127f3eb31b7631368e1017dc8efde2d7f7ebfea88da09af54054ead7b4c7002bba95ef42835863003121f9899850d21e9266a8754eb0978332478064f15a43e09be66c962e1c799d4aa52ce59dd1d3da3c1a9de48f7d8054af320d3c92c61aa3b521", @typed={0xc, 0x7e, 0x0, 0x0, @u64=0x100000000}, @typed={0x8, 0x2c, 0x0, 0x0, @u32=0x1f}, @typed={0x8, 0x49, 0x0, 0x0, @pid}, @generic="88aa69266e8bdcb950fd86cbfc97cbb5747b829869190cc5e816ba052375a6fe6b75013477bebce85ec36a27e2d375bbe70655618ed167db12527e94b7d51e58235eae3f3df21530a1339822b3f34f982bcee58db9cbd64d43d8cf72d24952846f5cdf209ba3a3eeb1b3408dfdaf9d0abf4f643728f08a6d4fb33c2006c83ea7aeb593b76b421e", @typed={0x8, 0x6f, 0x0, 0x0, @ipv4=@private=0xa010100}]}]}, 0x13fc}, 0x1, 0x0, 0x0, 0x4000000}, 0x8854) r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000002440), 0x0, 0x0) setsockopt$WPAN_SECURITY(r9, 0x0, 0x1, &(0x7f0000002480)=0x1, 0x4) 00:29:56 executing program 6: r0 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, &(0x7f0000000040)=0x1c) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000080)) r1 = syz_open_dev$mouse(&(0x7f00000000c0), 0x400, 0xc00) sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3, 0x35}}}}, [@NL80211_ATTR_BSSID={0xa, 0xf5, @random="44d8b2760e1a"}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x0, 0x1}}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x2450}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x8}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x401}]}, 0x50}, 0x1, 0x0, 0x0, 0x801}, 0x4000000) ioctl$HIDIOCGSTRING(0xffffffffffffffff, 0x81044804, &(0x7f0000000240)={0x29, "f5b64ba3836da32d46748cdebe1eef6747d34346f8a599b1500ea5bd72adc0ea1053c0ac31324a76c9"}) ioctl(r0, 0xd1, &(0x7f0000000280)="b473a73cde61580a31e83a51bea108c88fba132a948a39a4100fde82f50630c08b083abb05bda3") getsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f00000002c0)=""/131, &(0x7f0000000380)=0x83) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000003c0), &(0x7f0000000400)=0x4) ioctl$HIDIOCSREPORT(r1, 0x400c4808, &(0x7f0000000440)={0x3, 0x3, 0x4}) r2 = socket$inet(0x2, 0x4, 0x5) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000480)={0x0, 'macvtap0\x00', {0x4}}) getsockopt$inet_buf(r2, 0x0, 0x23, &(0x7f00000004c0)=""/4, &(0x7f0000000500)=0x4) r3 = syz_open_dev$vcsa(&(0x7f0000000540), 0x10001, 0x4cc540) getpeername$inet6(r3, &(0x7f0000000580)={0xa, 0x0, 0x0, @loopback}, &(0x7f00000005c0)=0x1c) r4 = accept$unix(r3, &(0x7f0000000600), &(0x7f0000000680)=0x6e) r5 = getuid() setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000006c0)={0xffffffffffffffff, r5, 0xffffffffffffffff}, 0xc) ioprio_set$uid(0x0, r5, 0x2004) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f0000000700)=@srh={0xa5, 0x12, 0x4, 0x9, 0x4, 0x20, 0x8af, [@mcast1, @loopback, @loopback, @private2, @empty, @private1, @dev={0xfe, 0x80, '\x00', 0x10}, @local, @empty]}, 0x98) setsockopt$inet6_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x29, 0x2d, &(0x7f0000000800)={0x9, {{0xa, 0x4e20, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9}}}, 0x88) [ 66.225134] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.226984] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.228798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.232666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.235563] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.236837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.242847] Bluetooth: hci0: HCI_REQ-0x0c1a [ 66.408412] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 66.416768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 66.418769] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 66.419870] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 66.421717] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 66.422830] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 66.423857] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 66.425109] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 66.426723] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 66.428449] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 66.429478] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 66.430858] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 66.436307] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.438455] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 66.440292] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 66.442292] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.443677] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.444790] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.445104] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 66.447380] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 66.449411] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 66.451460] Bluetooth: hci2: HCI_REQ-0x0c1a [ 66.451469] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 66.459225] Bluetooth: hci3: HCI_REQ-0x0c1a [ 66.471409] Bluetooth: hci4: HCI_REQ-0x0c1a [ 66.471552] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 66.482667] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 66.484282] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 66.489111] Bluetooth: hci5: HCI_REQ-0x0c1a [ 66.492974] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 66.493428] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 66.495619] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 66.500685] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 66.502278] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 66.503395] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 66.505451] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 66.507015] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 66.508201] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 66.517203] Bluetooth: hci6: HCI_REQ-0x0c1a [ 66.518210] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 66.532012] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 66.541439] Bluetooth: hci7: HCI_REQ-0x0c1a [ 68.305230] Bluetooth: hci0: command 0x0409 tx timeout [ 68.369037] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 68.496997] Bluetooth: hci4: command 0x0409 tx timeout [ 68.497024] Bluetooth: hci5: command 0x0409 tx timeout [ 68.498105] Bluetooth: hci2: command 0x0409 tx timeout [ 68.498685] Bluetooth: hci3: command 0x0409 tx timeout [ 68.561440] Bluetooth: hci6: command 0x0409 tx timeout [ 68.561503] Bluetooth: hci7: command 0x0409 tx timeout [ 70.352943] Bluetooth: hci0: command 0x041b tx timeout [ 70.544960] Bluetooth: hci3: command 0x041b tx timeout [ 70.545933] Bluetooth: hci2: command 0x041b tx timeout [ 70.546351] Bluetooth: hci5: command 0x041b tx timeout [ 70.546747] Bluetooth: hci4: command 0x041b tx timeout [ 70.609759] Bluetooth: hci6: command 0x041b tx timeout [ 70.610380] Bluetooth: hci7: command 0x041b tx timeout [ 71.155700] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.156746] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.157572] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.159351] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.163330] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.167390] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.173474] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.400962] Bluetooth: hci0: command 0x040f tx timeout [ 72.593035] Bluetooth: hci4: command 0x040f tx timeout [ 72.593818] Bluetooth: hci5: command 0x040f tx timeout [ 72.595251] Bluetooth: hci2: command 0x040f tx timeout [ 72.595997] Bluetooth: hci3: command 0x040f tx timeout [ 72.657051] Bluetooth: hci7: command 0x040f tx timeout [ 72.657788] Bluetooth: hci6: command 0x040f tx timeout [ 73.233083] Bluetooth: hci1: command 0x0409 tx timeout [ 74.448963] Bluetooth: hci0: command 0x0419 tx timeout [ 74.641065] Bluetooth: hci3: command 0x0419 tx timeout [ 74.641625] Bluetooth: hci2: command 0x0419 tx timeout [ 74.642162] Bluetooth: hci5: command 0x0419 tx timeout [ 74.642641] Bluetooth: hci4: command 0x0419 tx timeout [ 74.705007] Bluetooth: hci6: command 0x0419 tx timeout [ 74.705504] Bluetooth: hci7: command 0x0419 tx timeout [ 75.281060] Bluetooth: hci1: command 0x041b tx timeout [ 77.328949] Bluetooth: hci1: command 0x040f tx timeout [ 79.376965] Bluetooth: hci1: command 0x0419 tx timeout 00:30:49 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x1080498, 0x0) setxattr$system_posix_acl(&(0x7f00000002c0)='./mnt\x00', &(0x7f0000000280)='system.posix_acl_access\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000300000020"], 0x24, 0x0) getxattr(&(0x7f0000000000)='./mnt\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', 0x0, 0x2) 00:30:49 executing program 5: sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x88, 0x0, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3, 0x9}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x88}, 0x1, 0x0, 0x0, 0x20008041}, 0x4) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x3, 0x0) io_setup(0x3, &(0x7f0000000440)) io_uring_setup(0x46ca, &(0x7f0000000480)) io_submit(0x0, 0x2, &(0x7f0000000600)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="7716e5cd34", 0x5, 0x100000001}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}]) 00:30:49 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}, 0x18292}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x48080, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000002100), 0x0, 0x0) statx(r3, &(0x7f0000002640)='./file0\x00', 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3, {0x800}}, './file0\x00'}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)=""/156, 0x9c}, {&(0x7f00000003c0)=""/41, 0x29}, {&(0x7f0000000540)=""/253, 0xfd}], 0x3, 0x7706170c, 0x4) 00:30:49 executing program 5: sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x88, 0x0, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3, 0x9}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x88}, 0x1, 0x0, 0x0, 0x20008041}, 0x4) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x3, 0x0) io_setup(0x3, &(0x7f0000000440)) io_uring_setup(0x46ca, &(0x7f0000000480)) io_submit(0x0, 0x2, &(0x7f0000000600)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="7716e5cd34", 0x5, 0x100000001}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}]) [ 118.082290] audit: type=1400 audit(1664929849.761:7): avc: denied { open } for pid=3809 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 118.084175] audit: type=1400 audit(1664929849.761:8): avc: denied { kernel } for pid=3809 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 118.101369] ------------[ cut here ]------------ [ 118.101387] [ 118.101390] ====================================================== [ 118.101393] WARNING: possible circular locking dependency detected [ 118.101397] 6.0.0-next-20221004 #1 Not tainted [ 118.101403] ------------------------------------------------------ [ 118.101406] syz-executor.7/3811 is trying to acquire lock: [ 118.101412] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 118.101451] [ 118.101451] but task is already holding lock: [ 118.101454] ffff88801b0c5c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 118.101480] [ 118.101480] which lock already depends on the new lock. [ 118.101480] [ 118.101483] [ 118.101483] the existing dependency chain (in reverse order) is: [ 118.101486] [ 118.101486] -> #3 (&ctx->lock){....}-{2:2}: [ 118.101499] _raw_spin_lock+0x2a/0x40 [ 118.101511] __perf_event_task_sched_out+0x53b/0x18d0 [ 118.101522] __schedule+0xedd/0x2470 [ 118.101536] schedule+0xda/0x1b0 [ 118.101550] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.101562] syscall_exit_to_user_mode+0x19/0x40 [ 118.101575] do_syscall_64+0x48/0x90 [ 118.101592] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.101605] [ 118.101605] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 118.101618] _raw_spin_lock_nested+0x30/0x40 [ 118.101629] raw_spin_rq_lock_nested+0x1e/0x30 [ 118.101642] task_fork_fair+0x63/0x4d0 [ 118.101658] sched_cgroup_fork+0x3d0/0x540 [ 118.101672] copy_process+0x4183/0x6e20 [ 118.101682] kernel_clone+0xe7/0x890 [ 118.101692] user_mode_thread+0xad/0xf0 [ 118.101702] rest_init+0x24/0x250 [ 118.101714] arch_call_rest_init+0xf/0x14 [ 118.101732] start_kernel+0x4c6/0x4eb [ 118.101749] secondary_startup_64_no_verify+0xe0/0xeb [ 118.101762] [ 118.101762] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 118.101775] _raw_spin_lock_irqsave+0x39/0x60 [ 118.101786] try_to_wake_up+0xab/0x1930 [ 118.101799] up+0x75/0xb0 [ 118.101814] __up_console_sem+0x6e/0x80 [ 118.101829] console_unlock+0x46a/0x590 [ 118.101845] do_con_write+0xc05/0x1d50 [ 118.101856] con_write+0x21/0x40 [ 118.101865] n_tty_write+0x4d4/0xfe0 [ 118.101880] file_tty_write.constprop.0+0x455/0x8a0 [ 118.101892] vfs_write+0x9c3/0xd90 [ 118.101908] ksys_write+0x127/0x250 [ 118.101923] do_syscall_64+0x3b/0x90 [ 118.101940] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.101953] [ 118.101953] -> #0 ((console_sem).lock){....}-{2:2}: [ 118.101966] __lock_acquire+0x2a02/0x5e70 [ 118.101983] lock_acquire+0x1a2/0x530 [ 118.101998] _raw_spin_lock_irqsave+0x39/0x60 [ 118.102009] down_trylock+0xe/0x70 [ 118.102024] __down_trylock_console_sem+0x3b/0xd0 [ 118.102040] vprintk_emit+0x16b/0x560 [ 118.102056] vprintk+0x84/0xa0 [ 118.102072] _printk+0xba/0xf1 [ 118.102083] report_bug.cold+0x72/0xab [ 118.102100] handle_bug+0x3c/0x70 [ 118.102109] exc_invalid_op+0x14/0x50 [ 118.102118] asm_exc_invalid_op+0x16/0x20 [ 118.102130] group_sched_out.part.0+0x2c7/0x460 [ 118.102147] ctx_sched_out+0x8f1/0xc10 [ 118.102164] __perf_event_task_sched_out+0x6d0/0x18d0 [ 118.102175] __schedule+0xedd/0x2470 [ 118.102189] schedule+0xda/0x1b0 [ 118.102202] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.102213] syscall_exit_to_user_mode+0x19/0x40 [ 118.102226] do_syscall_64+0x48/0x90 [ 118.102243] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.102256] [ 118.102256] other info that might help us debug this: [ 118.102256] [ 118.102258] Chain exists of: [ 118.102258] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 118.102258] [ 118.102273] Possible unsafe locking scenario: [ 118.102273] [ 118.102275] CPU0 CPU1 [ 118.102277] ---- ---- [ 118.102279] lock(&ctx->lock); [ 118.102284] lock(&rq->__lock); [ 118.102290] lock(&ctx->lock); [ 118.102296] lock((console_sem).lock); [ 118.102302] [ 118.102302] *** DEADLOCK *** [ 118.102302] [ 118.102304] 2 locks held by syz-executor.7/3811: [ 118.102310] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 118.102340] #1: ffff88801b0c5c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 118.102366] [ 118.102366] stack backtrace: [ 118.102368] CPU: 1 PID: 3811 Comm: syz-executor.7 Not tainted 6.0.0-next-20221004 #1 [ 118.102381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 118.102389] Call Trace: [ 118.102392] [ 118.102396] dump_stack_lvl+0x8b/0xb3 [ 118.102414] check_noncircular+0x263/0x2e0 [ 118.102431] ? format_decode+0x26c/0xb50 [ 118.102447] ? print_circular_bug+0x450/0x450 [ 118.102464] ? simple_strtoul+0x30/0x30 [ 118.102480] ? format_decode+0x26c/0xb50 [ 118.102498] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 118.102515] __lock_acquire+0x2a02/0x5e70 [ 118.102536] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 118.102559] lock_acquire+0x1a2/0x530 [ 118.102575] ? down_trylock+0xe/0x70 [ 118.102593] ? lock_release+0x750/0x750 [ 118.102613] ? vprintk+0x84/0xa0 [ 118.102631] _raw_spin_lock_irqsave+0x39/0x60 [ 118.102642] ? down_trylock+0xe/0x70 [ 118.102674] down_trylock+0xe/0x70 [ 118.102690] ? vprintk+0x84/0xa0 [ 118.102707] __down_trylock_console_sem+0x3b/0xd0 [ 118.102724] vprintk_emit+0x16b/0x560 [ 118.102743] vprintk+0x84/0xa0 [ 118.102760] _printk+0xba/0xf1 [ 118.102772] ? record_print_text.cold+0x16/0x16 [ 118.102788] ? report_bug.cold+0x66/0xab [ 118.102806] ? group_sched_out.part.0+0x2c7/0x460 [ 118.102825] report_bug.cold+0x72/0xab [ 118.102844] handle_bug+0x3c/0x70 [ 118.102854] exc_invalid_op+0x14/0x50 [ 118.102864] asm_exc_invalid_op+0x16/0x20 [ 118.102877] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 118.102898] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 118.102909] RSP: 0018:ffff888040c47c48 EFLAGS: 00010006 [ 118.102919] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.102926] RDX: ffff888008a50000 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 118.102934] RBP: ffff888040c90000 R08: 0000000000000005 R09: 0000000000000001 [ 118.102941] R10: 0000000000000000 R11: ffffffff865b605b R12: ffff88801b0c5c00 [ 118.102949] R13: ffff88806cf3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 118.102960] ? group_sched_out.part.0+0x2c7/0x460 [ 118.102980] ? group_sched_out.part.0+0x2c7/0x460 [ 118.103000] ctx_sched_out+0x8f1/0xc10 [ 118.103019] __perf_event_task_sched_out+0x6d0/0x18d0 [ 118.103033] ? lock_is_held_type+0xd7/0x130 [ 118.103047] ? __perf_cgroup_move+0x160/0x160 [ 118.103058] ? set_next_entity+0x304/0x550 [ 118.103075] ? update_curr+0x267/0x740 [ 118.103094] ? lock_is_held_type+0xd7/0x130 [ 118.103108] __schedule+0xedd/0x2470 [ 118.103126] ? io_schedule_timeout+0x150/0x150 [ 118.103143] ? rcu_read_lock_sched_held+0x3e/0x80 [ 118.103163] schedule+0xda/0x1b0 [ 118.103178] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.103191] syscall_exit_to_user_mode+0x19/0x40 [ 118.103205] do_syscall_64+0x48/0x90 [ 118.103223] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.103236] RIP: 0033:0x7f88e8ad0b19 [ 118.103244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.103255] RSP: 002b:00007f88e6046218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 118.103266] RAX: 0000000000000001 RBX: 00007f88e8be3f68 RCX: 00007f88e8ad0b19 [ 118.103273] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f88e8be3f6c [ 118.103281] RBP: 00007f88e8be3f60 R08: 000000000000000e R09: 0000000000000000 [ 118.103288] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f88e8be3f6c [ 118.103295] R13: 00007ffd47419ebf R14: 00007f88e6046300 R15: 0000000000022000 [ 118.103308] [ 118.159544] WARNING: CPU: 1 PID: 3811 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 118.160221] Modules linked in: [ 118.160458] CPU: 1 PID: 3811 Comm: syz-executor.7 Not tainted 6.0.0-next-20221004 #1 [ 118.161017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 118.161822] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 118.162234] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 118.163558] RSP: 0018:ffff888040c47c48 EFLAGS: 00010006 [ 118.163952] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.164473] RDX: ffff888008a50000 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 118.165005] RBP: ffff888040c90000 R08: 0000000000000005 R09: 0000000000000001 [ 118.165526] R10: 0000000000000000 R11: ffffffff865b605b R12: ffff88801b0c5c00 [ 118.166049] R13: ffff88806cf3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 118.166572] FS: 00007f88e6046700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 118.167172] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.167604] CR2: 00007f57d0ce2260 CR3: 000000003fe6e000 CR4: 0000000000350ee0 [ 118.168153] Call Trace: [ 118.168354] [ 118.168530] ctx_sched_out+0x8f1/0xc10 [ 118.168836] __perf_event_task_sched_out+0x6d0/0x18d0 [ 118.169229] ? lock_is_held_type+0xd7/0x130 [ 118.169557] ? __perf_cgroup_move+0x160/0x160 [ 118.169900] ? set_next_entity+0x304/0x550 [ 118.170232] ? update_curr+0x267/0x740 [ 118.170537] ? lock_is_held_type+0xd7/0x130 [ 118.170875] __schedule+0xedd/0x2470 [ 118.171166] ? io_schedule_timeout+0x150/0x150 [ 118.171514] ? rcu_read_lock_sched_held+0x3e/0x80 [ 118.171898] schedule+0xda/0x1b0 [ 118.172166] exit_to_user_mode_prepare+0x114/0x1a0 [ 118.172537] syscall_exit_to_user_mode+0x19/0x40 [ 118.172903] do_syscall_64+0x48/0x90 [ 118.173195] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.173586] RIP: 0033:0x7f88e8ad0b19 [ 118.173866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.175224] RSP: 002b:00007f88e6046218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 118.175795] RAX: 0000000000000001 RBX: 00007f88e8be3f68 RCX: 00007f88e8ad0b19 [ 118.176337] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f88e8be3f6c [ 118.176883] RBP: 00007f88e8be3f60 R08: 000000000000000e R09: 0000000000000000 [ 118.177420] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f88e8be3f6c [ 118.177959] R13: 00007ffd47419ebf R14: 00007f88e6046300 R15: 0000000000022000 [ 118.178497] [ 118.178685] irq event stamp: 1130 [ 118.178943] hardirqs last enabled at (1129): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 118.179656] hardirqs last disabled at (1130): [] __schedule+0x1225/0x2470 [ 118.180282] softirqs last enabled at (478): [] mac80211_hwsim_netlink_notify+0x253/0xa00 [ 118.181002] softirqs last disabled at (476): [] mac80211_hwsim_netlink_notify+0x140/0xa00 [ 118.181732] ---[ end trace 0000000000000000 ]--- 00:30:49 executing program 5: ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000100)={&(0x7f0000000040)=""/160, 0xa0, 0xfffff5c2, 0x7}) epoll_create1(0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000002100), 0x0, 0x0) statx(r0, &(0x7f0000002640)='./file0\x00', 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000440)) select(0x40, &(0x7f0000000240)={0x9}, 0x0, &(0x7f00000002c0)={0x5, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x101}, &(0x7f0000000300)={0x77359400}) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x4, 0x4, 0x4, "975dd1a97fe293aa35b85ac092df1eb88b4296ba9f87b8723b4335dedc36e46cc78fba901509a9f9767b2baaaba13b32ea506a283dd1e712ecfde276e53cd5ca", "c5c5b662a7e2f1b60403e408e2e3a6753c772980b278a63ff9fc53a9ce33d4b5aab254b9a452a67ae582a26e68c9d275c916c7ad8c123692ebbe49b244dfb16d", "c73f54d80ae469b4ba084a74446a09e2bca70184798f9386a3c0aa396eb084ae", [0x4, 0x5]}) pselect6(0x40, &(0x7f0000000000)={0x4, 0x0, 0x1, 0x318d, 0x2, 0x1ff, 0xffffffffffffffff, 0x5}, &(0x7f0000000140)={0x20000001, 0x8, 0xfff, 0x3, 0xfffffffffffffffc, 0x9, 0x3, 0x200}, &(0x7f0000000180)={0xff, 0x0, 0x5, 0x8, 0x100, 0x1, 0x6, 0x1f}, &(0x7f00000001c0), &(0x7f0000000280)={&(0x7f0000000200)={[0x7fffffff]}, 0x8}) 00:30:50 executing program 5: ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000100)={&(0x7f0000000040)=""/160, 0xa0, 0xfffff5c2, 0x7}) epoll_create1(0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000002100), 0x0, 0x0) statx(r0, &(0x7f0000002640)='./file0\x00', 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000440)) select(0x40, &(0x7f0000000240)={0x9}, 0x0, &(0x7f00000002c0)={0x5, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x101}, &(0x7f0000000300)={0x77359400}) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x4, 0x4, 0x4, "975dd1a97fe293aa35b85ac092df1eb88b4296ba9f87b8723b4335dedc36e46cc78fba901509a9f9767b2baaaba13b32ea506a283dd1e712ecfde276e53cd5ca", "c5c5b662a7e2f1b60403e408e2e3a6753c772980b278a63ff9fc53a9ce33d4b5aab254b9a452a67ae582a26e68c9d275c916c7ad8c123692ebbe49b244dfb16d", "c73f54d80ae469b4ba084a74446a09e2bca70184798f9386a3c0aa396eb084ae", [0x4, 0x5]}) pselect6(0x40, &(0x7f0000000000)={0x4, 0x0, 0x1, 0x318d, 0x2, 0x1ff, 0xffffffffffffffff, 0x5}, &(0x7f0000000140)={0x20000001, 0x8, 0xfff, 0x3, 0xfffffffffffffffc, 0x9, 0x3, 0x200}, &(0x7f0000000180)={0xff, 0x0, 0x5, 0x8, 0x100, 0x1, 0x6, 0x1f}, &(0x7f00000001c0), &(0x7f0000000280)={&(0x7f0000000200)={[0x7fffffff]}, 0x8}) 00:30:50 executing program 5: ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000100)={&(0x7f0000000040)=""/160, 0xa0, 0xfffff5c2, 0x7}) epoll_create1(0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000002100), 0x0, 0x0) statx(r0, &(0x7f0000002640)='./file0\x00', 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000440)) select(0x40, &(0x7f0000000240)={0x9}, 0x0, &(0x7f00000002c0)={0x5, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x101}, &(0x7f0000000300)={0x77359400}) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x4, 0x4, 0x4, "975dd1a97fe293aa35b85ac092df1eb88b4296ba9f87b8723b4335dedc36e46cc78fba901509a9f9767b2baaaba13b32ea506a283dd1e712ecfde276e53cd5ca", "c5c5b662a7e2f1b60403e408e2e3a6753c772980b278a63ff9fc53a9ce33d4b5aab254b9a452a67ae582a26e68c9d275c916c7ad8c123692ebbe49b244dfb16d", "c73f54d80ae469b4ba084a74446a09e2bca70184798f9386a3c0aa396eb084ae", [0x4, 0x5]}) pselect6(0x40, &(0x7f0000000000)={0x4, 0x0, 0x1, 0x318d, 0x2, 0x1ff, 0xffffffffffffffff, 0x5}, &(0x7f0000000140)={0x20000001, 0x8, 0xfff, 0x3, 0xfffffffffffffffc, 0x9, 0x3, 0x200}, &(0x7f0000000180)={0xff, 0x0, 0x5, 0x8, 0x100, 0x1, 0x6, 0x1f}, &(0x7f00000001c0), &(0x7f0000000280)={&(0x7f0000000200)={[0x7fffffff]}, 0x8}) [ 118.558800] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 00:30:50 executing program 5: ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000100)={&(0x7f0000000040)=""/160, 0xa0, 0xfffff5c2, 0x7}) epoll_create1(0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000002100), 0x0, 0x0) statx(r0, &(0x7f0000002640)='./file0\x00', 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000440)) select(0x40, &(0x7f0000000240)={0x9}, 0x0, &(0x7f00000002c0)={0x5, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x101}, &(0x7f0000000300)={0x77359400}) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x4, 0x4, 0x4, "975dd1a97fe293aa35b85ac092df1eb88b4296ba9f87b8723b4335dedc36e46cc78fba901509a9f9767b2baaaba13b32ea506a283dd1e712ecfde276e53cd5ca", "c5c5b662a7e2f1b60403e408e2e3a6753c772980b278a63ff9fc53a9ce33d4b5aab254b9a452a67ae582a26e68c9d275c916c7ad8c123692ebbe49b244dfb16d", "c73f54d80ae469b4ba084a74446a09e2bca70184798f9386a3c0aa396eb084ae", [0x4, 0x5]}) pselect6(0x40, &(0x7f0000000000)={0x4, 0x0, 0x1, 0x318d, 0x2, 0x1ff, 0xffffffffffffffff, 0x5}, &(0x7f0000000140)={0x20000001, 0x8, 0xfff, 0x3, 0xfffffffffffffffc, 0x9, 0x3, 0x200}, &(0x7f0000000180)={0xff, 0x0, 0x5, 0x8, 0x100, 0x1, 0x6, 0x1f}, &(0x7f00000001c0), &(0x7f0000000280)={&(0x7f0000000200)={[0x7fffffff]}, 0x8}) [ 118.602761] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 118.630175] syz-executor.7 (3811) used greatest stack depth: 22872 bytes left [ 119.309649] Bluetooth: hci6: ACL packet for unknown connection handle 1 [ 119.310559] Bluetooth: hci6: ACL packet for unknown connection handle 0 [ 119.311162] Bluetooth: hci6: ACL packet for unknown connection handle 0 [ 119.311821] Bluetooth: hci6: unexpected event 0x01 length: 4 > 1 [ 119.312217] Bluetooth: hci6: ACL packet for unknown connection handle 1 [ 119.313563] Bluetooth: hci6: ACL packet for unknown connection handle 0 [ 119.314121] Bluetooth: hci6: ACL packet for unknown connection handle 0 VM DIAGNOSIS: 00:30:50 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000033b60 RCX=0000000000000000 RDX=ffff88800ff00000 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffffff849ec9c0 RSP=ffff88803fcaf848 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=ffffffff849ec980 R14=ffff888007c75000 R15=ffff88801bd52200 RIP=ffffffff8425628e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f0f9505e540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f0f95130910 CR3=000000001da38000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ff00ffffffffffff 0000000000000000 YMM01=0000000000000000 0000000000000000 0100010001000000 ffffffffffffffff YMM02=0000000000000000 0000000000000000 0500050005000000 455441564952505f YMM03=0000000000000000 0000000000000000 0000000000000000 000000564952505f YMM04=0000000000000000 0000000000000000 0003000500050005 0005000000455441 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bd531 RDI=ffffffff8765c9a0 RBP=ffffffff8765c960 RSP=ffff888040c47690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000064 R11=0000000000000001 R12=0000000000000064 R13=ffffffff8765c960 R14=0000000000000010 R15=ffffffff823bd520 RIP=ffffffff823bd589 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f88e6046700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f57d0ce2260 CR3=000000003fe6e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffffffff ff00000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000