Warning: Permanently added '[localhost]:24003' (ECDSA) to the list of known hosts. 2022/10/06 06:03:22 fuzzer started 2022/10/06 06:03:22 dialing manager at localhost:37193 syzkaller login: [ 36.681730] cgroup: Unknown subsys name 'net' [ 36.763749] cgroup: Unknown subsys name 'rlimit' 2022/10/06 06:03:36 syscalls: 2215 2022/10/06 06:03:36 code coverage: enabled 2022/10/06 06:03:36 comparison tracing: enabled 2022/10/06 06:03:36 extra coverage: enabled 2022/10/06 06:03:36 setuid sandbox: enabled 2022/10/06 06:03:36 namespace sandbox: enabled 2022/10/06 06:03:36 Android sandbox: enabled 2022/10/06 06:03:36 fault injection: enabled 2022/10/06 06:03:36 leak checking: enabled 2022/10/06 06:03:36 net packet injection: enabled 2022/10/06 06:03:36 net device setup: enabled 2022/10/06 06:03:36 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/06 06:03:36 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/06 06:03:36 USB emulation: enabled 2022/10/06 06:03:36 hci packet injection: enabled 2022/10/06 06:03:36 wifi device emulation: failed to parse kernel version (6.0.0-next-20221005) 2022/10/06 06:03:36 802.15.4 emulation: enabled 2022/10/06 06:03:37 fetching corpus: 50, signal 29766/31469 (executing program) 2022/10/06 06:03:37 fetching corpus: 100, signal 38882/42154 (executing program) 2022/10/06 06:03:37 fetching corpus: 150, signal 49072/53663 (executing program) 2022/10/06 06:03:37 fetching corpus: 200, signal 52636/58608 (executing program) 2022/10/06 06:03:37 fetching corpus: 250, signal 59463/66635 (executing program) 2022/10/06 06:03:37 fetching corpus: 300, signal 63402/71760 (executing program) 2022/10/06 06:03:37 fetching corpus: 350, signal 66227/75848 (executing program) 2022/10/06 06:03:37 fetching corpus: 400, signal 70422/81136 (executing program) 2022/10/06 06:03:37 fetching corpus: 450, signal 75008/86672 (executing program) 2022/10/06 06:03:37 fetching corpus: 500, signal 77691/90389 (executing program) 2022/10/06 06:03:37 fetching corpus: 550, signal 80719/94377 (executing program) 2022/10/06 06:03:38 fetching corpus: 600, signal 83608/98189 (executing program) 2022/10/06 06:03:38 fetching corpus: 650, signal 87338/102715 (executing program) 2022/10/06 06:03:38 fetching corpus: 700, signal 90255/106421 (executing program) 2022/10/06 06:03:38 fetching corpus: 750, signal 91943/109053 (executing program) 2022/10/06 06:03:38 fetching corpus: 800, signal 94028/111966 (executing program) 2022/10/06 06:03:38 fetching corpus: 850, signal 95835/114631 (executing program) 2022/10/06 06:03:38 fetching corpus: 900, signal 96863/116560 (executing program) 2022/10/06 06:03:38 fetching corpus: 950, signal 99019/119363 (executing program) 2022/10/06 06:03:38 fetching corpus: 1000, signal 101728/122636 (executing program) 2022/10/06 06:03:39 fetching corpus: 1050, signal 103682/125250 (executing program) 2022/10/06 06:03:39 fetching corpus: 1100, signal 105074/127397 (executing program) 2022/10/06 06:03:39 fetching corpus: 1150, signal 106979/129926 (executing program) 2022/10/06 06:03:39 fetching corpus: 1200, signal 109137/132587 (executing program) 2022/10/06 06:03:39 fetching corpus: 1250, signal 111377/135280 (executing program) 2022/10/06 06:03:39 fetching corpus: 1300, signal 113134/137577 (executing program) 2022/10/06 06:03:39 fetching corpus: 1350, signal 114744/139659 (executing program) 2022/10/06 06:03:39 fetching corpus: 1400, signal 116391/141886 (executing program) 2022/10/06 06:03:40 fetching corpus: 1450, signal 117401/143545 (executing program) 2022/10/06 06:03:40 fetching corpus: 1500, signal 118744/145386 (executing program) 2022/10/06 06:03:40 fetching corpus: 1550, signal 120625/147628 (executing program) 2022/10/06 06:03:40 fetching corpus: 1600, signal 123453/150502 (executing program) 2022/10/06 06:03:40 fetching corpus: 1650, signal 124575/152168 (executing program) 2022/10/06 06:03:40 fetching corpus: 1700, signal 125733/153788 (executing program) 2022/10/06 06:03:40 fetching corpus: 1750, signal 126421/155088 (executing program) 2022/10/06 06:03:40 fetching corpus: 1800, signal 127287/156512 (executing program) 2022/10/06 06:03:40 fetching corpus: 1850, signal 128213/157893 (executing program) 2022/10/06 06:03:40 fetching corpus: 1900, signal 129115/159289 (executing program) 2022/10/06 06:03:41 fetching corpus: 1950, signal 131031/161285 (executing program) 2022/10/06 06:03:41 fetching corpus: 2000, signal 132146/162803 (executing program) 2022/10/06 06:03:41 fetching corpus: 2050, signal 133350/164308 (executing program) 2022/10/06 06:03:41 fetching corpus: 2100, signal 134473/165772 (executing program) 2022/10/06 06:03:41 fetching corpus: 2150, signal 136353/167704 (executing program) 2022/10/06 06:03:41 fetching corpus: 2200, signal 136873/168673 (executing program) 2022/10/06 06:03:41 fetching corpus: 2250, signal 137251/169585 (executing program) 2022/10/06 06:03:41 fetching corpus: 2300, signal 138128/170751 (executing program) 2022/10/06 06:03:41 fetching corpus: 2350, signal 140355/172727 (executing program) 2022/10/06 06:03:41 fetching corpus: 2400, signal 141295/173952 (executing program) 2022/10/06 06:03:41 fetching corpus: 2450, signal 142851/175507 (executing program) 2022/10/06 06:03:42 fetching corpus: 2500, signal 143525/176539 (executing program) 2022/10/06 06:03:42 fetching corpus: 2550, signal 144188/177582 (executing program) 2022/10/06 06:03:42 fetching corpus: 2600, signal 145038/178657 (executing program) 2022/10/06 06:03:42 fetching corpus: 2650, signal 145747/179636 (executing program) 2022/10/06 06:03:42 fetching corpus: 2700, signal 146963/180884 (executing program) 2022/10/06 06:03:42 fetching corpus: 2750, signal 148274/182131 (executing program) 2022/10/06 06:03:42 fetching corpus: 2800, signal 149002/183125 (executing program) 2022/10/06 06:03:42 fetching corpus: 2850, signal 149796/184083 (executing program) 2022/10/06 06:03:42 fetching corpus: 2900, signal 150846/185192 (executing program) 2022/10/06 06:03:42 fetching corpus: 2950, signal 152076/186305 (executing program) 2022/10/06 06:03:42 fetching corpus: 3000, signal 152500/187057 (executing program) 2022/10/06 06:03:43 fetching corpus: 3050, signal 153946/188212 (executing program) 2022/10/06 06:03:43 fetching corpus: 3100, signal 154509/189007 (executing program) 2022/10/06 06:03:43 fetching corpus: 3150, signal 155277/189909 (executing program) 2022/10/06 06:03:43 fetching corpus: 3200, signal 155925/190736 (executing program) 2022/10/06 06:03:43 fetching corpus: 3250, signal 156494/191543 (executing program) 2022/10/06 06:03:43 fetching corpus: 3300, signal 157295/192408 (executing program) 2022/10/06 06:03:43 fetching corpus: 3350, signal 157969/193196 (executing program) 2022/10/06 06:03:43 fetching corpus: 3400, signal 158485/193914 (executing program) 2022/10/06 06:03:43 fetching corpus: 3450, signal 159258/194760 (executing program) 2022/10/06 06:03:43 fetching corpus: 3500, signal 160045/195530 (executing program) 2022/10/06 06:03:43 fetching corpus: 3550, signal 160526/196195 (executing program) 2022/10/06 06:03:44 fetching corpus: 3600, signal 161211/196905 (executing program) 2022/10/06 06:03:44 fetching corpus: 3650, signal 161784/197589 (executing program) 2022/10/06 06:03:44 fetching corpus: 3700, signal 162340/198238 (executing program) 2022/10/06 06:03:44 fetching corpus: 3750, signal 163069/198935 (executing program) 2022/10/06 06:03:44 fetching corpus: 3800, signal 164297/199870 (executing program) 2022/10/06 06:03:44 fetching corpus: 3850, signal 164996/200524 (executing program) 2022/10/06 06:03:44 fetching corpus: 3900, signal 165636/201151 (executing program) 2022/10/06 06:03:44 fetching corpus: 3950, signal 166606/201881 (executing program) 2022/10/06 06:03:44 fetching corpus: 4000, signal 167589/202632 (executing program) 2022/10/06 06:03:44 fetching corpus: 4050, signal 168318/203267 (executing program) 2022/10/06 06:03:44 fetching corpus: 4100, signal 168652/203748 (executing program) 2022/10/06 06:03:45 fetching corpus: 4150, signal 169946/204436 (executing program) 2022/10/06 06:03:45 fetching corpus: 4200, signal 170338/204891 (executing program) 2022/10/06 06:03:45 fetching corpus: 4250, signal 171059/205462 (executing program) 2022/10/06 06:03:45 fetching corpus: 4300, signal 172275/206102 (executing program) 2022/10/06 06:03:45 fetching corpus: 4350, signal 173062/206667 (executing program) 2022/10/06 06:03:45 fetching corpus: 4400, signal 173422/207114 (executing program) 2022/10/06 06:03:45 fetching corpus: 4450, signal 174161/207591 (executing program) 2022/10/06 06:03:45 fetching corpus: 4500, signal 174752/208059 (executing program) 2022/10/06 06:03:46 fetching corpus: 4550, signal 175419/208515 (executing program) 2022/10/06 06:03:46 fetching corpus: 4600, signal 176146/209012 (executing program) 2022/10/06 06:03:46 fetching corpus: 4650, signal 176703/209455 (executing program) 2022/10/06 06:03:46 fetching corpus: 4700, signal 177328/209887 (executing program) 2022/10/06 06:03:46 fetching corpus: 4750, signal 178229/210313 (executing program) 2022/10/06 06:03:46 fetching corpus: 4800, signal 178843/210728 (executing program) 2022/10/06 06:03:46 fetching corpus: 4850, signal 179553/211130 (executing program) 2022/10/06 06:03:46 fetching corpus: 4900, signal 180061/211506 (executing program) 2022/10/06 06:03:46 fetching corpus: 4950, signal 180724/211884 (executing program) 2022/10/06 06:03:47 fetching corpus: 5000, signal 181469/212230 (executing program) 2022/10/06 06:03:47 fetching corpus: 5050, signal 181915/212568 (executing program) 2022/10/06 06:03:47 fetching corpus: 5100, signal 182245/212897 (executing program) 2022/10/06 06:03:47 fetching corpus: 5150, signal 183090/213221 (executing program) 2022/10/06 06:03:47 fetching corpus: 5200, signal 183719/213558 (executing program) 2022/10/06 06:03:47 fetching corpus: 5250, signal 184072/213858 (executing program) 2022/10/06 06:03:47 fetching corpus: 5300, signal 184717/214129 (executing program) 2022/10/06 06:03:47 fetching corpus: 5350, signal 185539/214247 (executing program) 2022/10/06 06:03:47 fetching corpus: 5400, signal 186053/214255 (executing program) 2022/10/06 06:03:47 fetching corpus: 5450, signal 186446/214261 (executing program) 2022/10/06 06:03:48 fetching corpus: 5500, signal 186983/214261 (executing program) 2022/10/06 06:03:48 fetching corpus: 5524, signal 187418/214261 (executing program) 2022/10/06 06:03:48 fetching corpus: 5524, signal 187418/214261 (executing program) 2022/10/06 06:03:50 starting 8 fuzzer processes 06:03:50 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x19}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4050) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x8}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x2c}}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x38}, 0x1, 0x0, 0x0, 0x20}, 0x44004) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x58, r1, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x20040814) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000440)={'wpan4\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x28, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x28}, 0x1, 0x0, 0x0, 0x200000d0}, 0x0) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000580)={0x98, 0xb, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_ADT={0x84, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x2}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0xda}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2={0x5, 0x15, 0x7}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x5b}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private2}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x98}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0xa0}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x4000}, 0x40) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000006c0), r2) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r2) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000780)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000007c0)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f00000008c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x4c, r4, 0x8, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x7ff}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x40041) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000940), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x40, r8, 0x100, 0x70bd29, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x11}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x10}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x4048015) 06:03:50 executing program 1: write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x402000, 0x10) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0x100}}, './file0\x00'}) r3 = openat(r2, &(0x7f00000000c0)='./file0\x00', 0xc001, 0xc0) write$P9_RMKDIR(r3, &(0x7f0000000100)={0x14, 0x49, 0x2, {0x20, 0x1}}, 0x14) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x94a00, 0x0) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f0000000180)={0x0, 0xffffffff, 0x0, 0x10001, 0x6, [{0x9b, 0x1, 0x8, '\x00', 0x80}, {0x1f, 0x1000, 0x59a8, '\x00', 0x2}, {0x6e, 0x7, 0xffffffffffffffc0, '\x00', 0x283}, {0x3, 0x10000000, 0x20, '\x00', 0x200}, {0x4, 0x6, 0x2, '\x00', 0x2180}, {0x0, 0x0, 0x1, '\x00', 0x2008}]}) r5 = syz_open_procfs(0x0, &(0x7f0000000300)='net/vlan/config\x00') write$P9_RMKNOD(r5, &(0x7f0000000340)={0x14, 0x13, 0x2, {0x18, 0x0, 0x3}}, 0x14) write$P9_RATTACH(r2, &(0x7f0000000380)={0x14, 0x69, 0x2, {0x4, 0x1, 0x1}}, 0x14) creat(&(0x7f00000003c0)='./file0\x00', 0x81) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000400)={{0x1, 0x1, 0x18, r4, {0xf2}}, './file1\x00'}) write$P9_RLERROR(r6, &(0x7f0000000440)={0x19, 0x7, 0x1, {0x10, 'net/vlan/config\x00'}}, 0x19) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r6, 0x40189429, &(0x7f0000000480)={0x0, 0x3, 0x3f}) r7 = creat(&(0x7f00000004c0)='./file0\x00', 0x104) sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x201109a}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, 0x0, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20048000}, 0x44) ioctl$BTRFS_IOC_INO_LOOKUP(r7, 0xd0009412, &(0x7f0000000600)={0x0, 0xc67}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r6, 0x89f4, &(0x7f0000001680)={'ip6tnl0\x00', &(0x7f0000001600)={'sit0\x00', 0x0, 0x4, 0xfc, 0xbe, 0x7880, 0x60, @mcast2, @private0, 0x8, 0x7, 0x5, 0x8001}}) perf_event_open(&(0x7f0000001700)={0x2, 0x80, 0x92, 0x7f, 0x1f, 0x40, 0x0, 0x8, 0x888, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x4, @perf_bp={&(0x7f00000016c0), 0x8}, 0x8008, 0x9, 0x0, 0x7, 0x1, 0x0, 0x4, 0x0, 0x75e, 0x0, 0x5}, 0x0, 0x8, 0xffffffffffffffff, 0x8) 06:03:50 executing program 2: delete_module(&(0x7f0000000000)='-\x00', 0x0) delete_module(&(0x7f0000000040)='-\x00', 0xa00) delete_module(&(0x7f0000000080)='-\x00', 0xa00) delete_module(&(0x7f00000000c0)='\x00', 0x200) delete_module(&(0x7f0000000100)='\x00', 0x0) delete_module(&(0x7f0000000140)='\x00', 0x0) delete_module(&(0x7f0000000180)='\x00', 0x0) delete_module(&(0x7f00000001c0)='\xa8-#@\x00', 0x800) delete_module(&(0x7f0000000200)='\x00', 0x359cc95ab448da8) delete_module(&(0x7f0000000240)='][@!\x00', 0x200) delete_module(&(0x7f0000000280)='\x00', 0x200) delete_module(&(0x7f00000002c0)='\xa8-#@\x00', 0x0) delete_module(&(0x7f0000000300)='\'\x00', 0x200) delete_module(&(0x7f0000000340)='$}^}\x00', 0x0) delete_module(&(0x7f0000000380)='\x00', 0x100) delete_module(&(0x7f00000003c0)='$}^}\x00', 0x600) delete_module(&(0x7f0000000400)=':]\'{(^\x00', 0xa00) delete_module(&(0x7f0000000440)='\xa8-#@\x00', 0x200) delete_module(&(0x7f0000000480)='}&#\x00', 0x800) delete_module(&(0x7f00000004c0)=':]\'{(^\x00', 0xa00) [ 64.940367] audit: type=1400 audit(1665036230.909:6): avc: denied { execmem } for pid=284 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 06:03:50 executing program 4: statx(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x800, 0x80, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@loopback, 0x4e23, 0x7fff, 0x4e22, 0x3ea, 0x2, 0xa0, 0xa0, 0x3c, 0x0, r0}, {0x400, 0x0, 0x0, 0x2, 0x1, 0xf7, 0xf901}, {0x100, 0x101, 0x637, 0x2}, 0xff, 0x6e6bb9, 0x1, 0x1, 0x1}, {{@in6=@remote, 0x4d5, 0xff}, 0xa, @in6=@private1, 0x3504, 0x3, 0x0, 0x4, 0x0, 0x9, 0x3}}, 0xe8) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e20, @broadcast}, {0x2, 0x4e20, @broadcast}, 0x8, 0x0, 0x0, 0x0, 0x90, &(0x7f0000000240)='veth1_macvtap\x00', 0x10001, 0x9, 0x3}) statx(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x6000, 0x200, &(0x7f0000000340)) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000440)={{0x2, 0x4e22, @remote}, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}}, 0x4, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1b}}, 'vcan0\x00'}) removexattr(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)=@random={'btrfs.', ']^\x00'}) mkdirat(0xffffffffffffffff, &(0x7f0000000540)='./file0\x00', 0x11) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000580), &(0x7f00000005c0)='./file0\x00', 0x8, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000600)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, {0x200}, 0x1}, 0x9) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000640)={'veth1_macvtap\x00', {0x2, 0x0, @remote}}) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000680)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x10001, 0x5}}, './file1\x00'}) r2 = openat(r1, &(0x7f00000006c0)='./file1\x00', 0x181000, 0xc0) mkdirat(r1, &(0x7f0000000700)='./file1\x00', 0x92) r3 = accept(r1, &(0x7f0000000740)=@caif=@dgm, &(0x7f00000007c0)=0x80) sendto$unix(0xffffffffffffffff, &(0x7f0000000800)="e230e7807daf1b47fd07618a896bc51777165af7856601c02182b20c0ae68dd9ce4e677b65c9aa0f49ba8ccde7cc6c1aa7b41166d9c5fa15b6e214fe15589d160a647f742f15bd6392342004b264b8d26a09c35812c57c112c1915e28defba3e185c6337eb801cfab49fbf7cd37777baeecb18d36b2c755ff4d88439e306b5532a04cf47259015e93757b766e2054c8287bc06655005d2f92b1cb0c9e2c4b0845d365ba36afe4f90faac97fcb698b047d9c7fc2dc81205dd6b7d86447ff2be21e9e233681fa6e41bfed54eea77fd1d94ed347454a508acf11c3e347ff4488aa016c3c731b5", 0xe5, 0x20040081, &(0x7f0000000900)=@file={0x1, './file0\x00'}, 0x6e) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000980)={0x0, @remote, @empty}, &(0x7f00000009c0)=0xc) r5 = openat(r2, &(0x7f0000000a00)='./file0\x00', 0x2000, 0x24) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r3, 0x89f6, &(0x7f0000000ac0)={'ip6tnl0\x00', &(0x7f0000000a40)={'ip6_vti0\x00', r4, 0x4, 0x5, 0xf9, 0xff, 0x8, @empty, @empty, 0x1, 0x8, 0x3, 0x7}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000b80)={'syztnl0\x00', &(0x7f0000000b00)={'ip6tnl0\x00', r6, 0x2f, 0x5, 0x7, 0xfffffff9, 0x4a, @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}, 0x80, 0x10, 0x5, 0x2}}) ioctl$sock_inet_SIOCADDRT(r5, 0x890b, &(0x7f0000000c00)={0x0, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e24, @rand_addr=0x64010101}, 0x4, 0x0, 0x0, 0x0, 0xf1, &(0x7f0000000bc0)='ip6erspan0\x00', 0xe855, 0x7fff, 0x4}) 06:03:50 executing program 5: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80020}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xd4, r0, 0x112, 0x70bd28, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x42}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x29}}]}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}]}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}]}]}, 0xd4}}, 0x0) sendmsg$NL80211_CMD_START_NAN(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x6c, 0x0, 0x800, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x6}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xe}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xf}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xe}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x3}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x81}, 0x4040) ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f0000000340)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000500)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r2 = geteuid() stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000380)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000400)="5f2c5e29a56d86c3ce6744c45285ed6afeead79451b3134d522591604577e10a5862e465c0e777cfeb883c4adbcb3e49b75734f787931d043e779ec412717e90a984f27bb964a480850ecb7625ab8cf91e4ed13e1636111cd78cfd86f9e89e2a2938228c7d71d9cf6445ef7595957313cd10f371e32bec126cd6cc18dd1ee9d24ce0d108a3d59e17f8f0f9bf5e6e2d44fc69ca52190c6dcf68bca3a7dee97e923101524441b705dace7205aab78b", 0xae}], 0x1, &(0x7f0000000600)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r3}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff}}}], 0x58, 0x40000}, 0x4000000) r4 = pidfd_getfd(r1, r1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r4, &(0x7f0000000840)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000740)={0xb4, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x0, 0x78}}}}, [@NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_HE_BSS_COLOR={0x18, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}]}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x10, 0x49, [0xfac00, 0xfac0c, 0xfac06]}], @beacon=[@NL80211_ATTR_IE={0x18, 0x2a, [@mesh_config={0x71, 0x7, {0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x8}}, @tim={0x5, 0x9, {0x1, 0x1a, 0x8, "18a20f267289"}}]}], @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_PBSS={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xffffffff}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]]}, 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x10) ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, &(0x7f0000000880)=0x4) sendmsg$802154_dgram(r4, &(0x7f0000000980)={&(0x7f00000008c0)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0202}}}, 0x14, &(0x7f0000000940)={&(0x7f0000000900)="964149dcccda9590c6e8365e1374", 0xe}, 0x1, 0x0, 0x0, 0x20000841}, 0x4040000) accept$unix(r1, &(0x7f00000009c0)=@abs, &(0x7f0000000a40)=0x6e) ioctl$SIOCGSTAMPNS(r4, 0x8907, &(0x7f0000000a80)) r6 = socket$inet_tcp(0x2, 0x1, 0x0) connect(r6, &(0x7f0000000ac0)=@pppoe={0x18, 0x0, {0x3, @broadcast, 'batadv_slave_0\x00'}}, 0x80) shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ffa000/0x3000)=nil) shmget$private(0x0, 0x1000, 0x2, &(0x7f0000ffd000/0x1000)=nil) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000cc0)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_MESH_CONFIG={0x2c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x9}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0xd5}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0x87}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x2}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x1}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x20004004}, 0x81) 06:03:51 executing program 6: sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000040)={0x270, 0x0, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1000}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffff}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0xc4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x40}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x40}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x401}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x200}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffff}]}, @TIPC_NLA_SOCK={0x6c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x24}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x401}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}]}]}, @TIPC_NLA_MEDIA={0xc8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x86800000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8327}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x800000}]}]}]}, 0x270}, 0x1, 0x0, 0x0, 0x24004045}, 0x800) sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x3c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2, 0x71}}}}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="601724203aed"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44805}, 0x40814) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x64, r0, 0x300, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x5b}}}}, [@NL80211_ATTR_BSSID={0xa, 0xf5, @random="ace2f7175628"}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x100}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x9}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0xb4}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x4}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0xfffffff7}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x2}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000600), 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x30, 0x0, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040000}, 0x80) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000c80)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000780)={0x4bc, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_TAGLST={0x54, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}, {0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2e43f079}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSCATLST={0xcc, 0xc, 0x0, 0x1, [{0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4c8ff65a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6e50}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8276}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5b5}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7379}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6d04f6f4}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4a75347f}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfd9d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9d5c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5896}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4a91b48d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1795}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4f09fbef}]}, {0x54, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x212e53ee}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x36cfc64c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3b7bb1d3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x65fa14c9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7cdd03be}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5c681411}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xaf835ae}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf4b9}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9d6a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8d6f}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x174, 0xc, 0x0, 0x1, [{0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4a6b450d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x17e2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5f9a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd7bd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe29d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4a205afa}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2314b234}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x406252e2}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe106adf}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9e76}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6a88cfca}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x378c3cde}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfdaf}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8ab6}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5c41d930}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7e98}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa3ff}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3f5f09e1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf117}]}, {0x54, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5abc3e8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x207e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5f70}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2e4b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe0ade0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf7eb}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3f}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x621e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5e81c7fd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5506}]}, {0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xed4a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x40b24fb9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x41c499e9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x77cedcdb}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6792464e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x19db}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc30b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x51a8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xca10}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3f07}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x388eaa45}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x63d75488}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3142}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x50, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9359}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xc5908ad}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x401f}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf95f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe5b4562}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x26a99abb}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x53dc2694}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x51d4}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x1a4, 0xc, 0x0, 0x1, [{0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7511}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x198854fc}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5d1096f7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf9d2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x782ea8f6}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6638d8e8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2de47490}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd992}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5d261e53}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6fb6f46d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb8df}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x653b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x551ecb29}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7bb309ca}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xef39}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe186}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x32737388}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2f2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf621}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x32a8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbfe9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x20ea47f9}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9c16}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x401f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xa5d001b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x46138427}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x10f3ca96}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x346e0445}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x64ce}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x82cc}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x23bd}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1b101c14}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb9d6}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x21b805bf}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x88df}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x873b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x71589c18}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9346}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc9a0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1cf60466}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x56bd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3ee4}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x328cf028}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x247dda6b}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x781dd150}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x699c9b19}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5297}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x67b1}]}]}]}, 0x4bc}, 0x1, 0x0, 0x0, 0x40000}, 0x81) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000cc0)={[0xbe]}, 0x8, 0x80000) sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000e80)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000d40)={0xec, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xb1d4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3ff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100000000}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x35}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x50}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1f}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x200}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x4}, 0x40) pipe2(&(0x7f0000000ec0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r5 = syz_genetlink_get_family_id$team(&(0x7f0000000f40), r2) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000001200)={'ip6tnl0\x00', &(0x7f0000001180)={'syztnl0\x00', 0x0, 0x4, 0x81, 0x9, 0x7, 0x58, @local, @mcast1, 0x8, 0x1, 0xe4, 0xfffffff9}}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f00000013c0)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001380)={&(0x7f0000001240)={0x108, r5, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [{{0x8, 0x1, r6}, {0xec, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x59}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}]}}]}, 0x108}, 0x1, 0x0, 0x0, 0x8801}, 0x20044401) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000001440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000001540)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001500)={&(0x7f0000001480)={0x58, r0, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x10) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001580)='net/ip_tables_targets\x00') sendmsg$NFNL_MSG_CTHELPER_DEL(r8, &(0x7f0000001680)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x30, 0x2, 0x9, 0x801, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFCTH_STATUS={0x8}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_TUPLE={0xc, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x30}}, 0x8000) r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000001700), r2) sendmsg$TIPC_CMD_SHOW_STATS(r4, &(0x7f00000017c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x1c, r9, 0x20, 0x70bd27, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x1) 06:03:51 executing program 7: fcntl$setpipe(0xffffffffffffffff, 0x407, 0xc7bc) fadvise64(0xffffffffffffffff, 0x2, 0x18a0, 0x0) sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x3e9, 0x2, 0x70bd26, 0x25dfdbfd, {0xa, 0x1, 0x0, 0x0, 0x3, 0xffff, 0x17, 0x20, 0x0, 0x3e}, ["", "", "", "", "", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x24000005}, 0x24000004) r0 = socket$netlink(0x10, 0x3, 0x5) getsockopt(r0, 0x7, 0x5, &(0x7f0000000100)=""/54, &(0x7f0000000140)=0x36) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x408080, 0x0) sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x98, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7ff, 0x1a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_PMK={0x14, 0xfe, "ffc3d5a94f68df4646ec9de6c93cf807"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x1}, @NL80211_ATTR_SSID={0x1c, 0x34, @random="849e98dd662703726db25e8b7df0ee7d5602d3b1d5f26877"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0xb}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PMKID={0x14, 0x55, "230d9d811ec2e43aa90aa413df9b0191"}, @NL80211_ATTR_MAC={0xa}]}, 0x98}}, 0x8000) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000440)={'sit0\x00', &(0x7f00000003c0)={'ip6tnl0\x00', 0x0, 0x2f, 0x2a, 0x1, 0x101, 0x2, @empty, @mcast1, 0x7, 0x780f, 0x6, 0xf8e}}) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x38, r2, 0x800, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x38}, 0x1, 0x0, 0x0, 0x84}, 0x4) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000540), 0x8000, 0x0) ioctl$MON_IOCQ_URB_LEN(r4, 0x9201) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000580)={0xfffffff8, 0x18b2, 0x4, 0xef8f, 0x1f}, 0x14) r5 = dup(r0) read$usbmon(r5, &(0x7f00000005c0)=""/221, 0xdd) fcntl$F_SET_RW_HINT(r5, 0x40c, &(0x7f00000006c0)=0x4) fcntl$getown(0xffffffffffffffff, 0x9) ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000000700)={0x0, 0x6}) r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001700), 0x500, 0x0) pidfd_getfd(r6, r5, 0x0) 06:03:51 executing program 3: pwrite64(0xffffffffffffffff, &(0x7f0000000000)="df5574c067c40091d4a3da425ba8dd9486db701955cd5a1ca783d8d5276b44722ec36d7f88b1c311be91d4ba1cf95657d78190819e630679d529956d1855f29e3ac7d17f96846a37d98ce81200592efd2248f1f210823259209b399e1eaabb81f1af7db834483009852deaf534ef286628106c3977d8cc928e7b51a85ae2d103ec5bca0a1088210dea3567011b841c7ba770941a2d2b1b8324605ebfdc86a0387427bede8b68312f4d383a47b864d3d52b63c7b976513434efac403c91b85c015f6454aa3f21176f03b73da65157ff9044bc940acd65b24120da08fe041485add169bfe95efb5ad88ff258f3b1d825609cec8e4b662b4e14078890882e5ea5f70e6e24214b0926418ca8b1cd8c97740b2c4f8fd76863fd006c8339ec5d484f173acb667f1439cdfac22bab50c17588b5bc7e202e1138081c8b1c4984312a15060baf1b241c4088e917fab7394d04eb39a2ae022cad66710d42a99c932d437c8e5b1649bf2e0af633ecb76a0b53b49b259b7443408936221e892a2a7e320766add1d984357a33bd5295f6703aa986b0e141d9d17fa4721589181fcef2cd122935b9098b60ac54412f16a0ddbc941bdbf3ef424aead158f72d4e3063f4cdda6db35806df2a304947845a0742877b8317d7985631fe95056f7cbbf9fe9d6bd18eb310f6e465aea3c9b7bca7e9af73056cfd84846ecdbb00f8d46c8ea0f4550a2d7752f88fa5a755bc9db76761309bcd4f3530f78f3a23491e29fc2175a927fe9cf316937db8bfe82890987db881f26bd783ab5597a5ec394e4a2d9b7e10aecac621cb114d9a93011e0b3852e96475d4d44f0161b4e50bd23f060704118de8b956cb8e166f69f1adf746b11decf83b0bd70369cb309f8d88279eb7c48d92779726cae909f3ccf24c48e0af5ee54677885e3e2e615a239980ac937c2a64898f9c24eaa9125868040ea9ef160132cf4cfc104c7eabfb9ce3dfad61cb4f3ffc664f9dcda36dfb7e3302617c5b392698e4f64096c3c53f5602fddbd500acb09d694c87043362614187b61359b223fa1922884c3524a4101190ca26ed171a67c535133ee0254363f936ec2f460da7d6585829e058db19b105f7db8aab49f8a4f2e8f8cfae9a85a2ce5c3ab822e13ac7c601278ee1afab9e4a1e7229496aa17bbc967719a8ec6a3ff6a04712de3c858e30e8d42b630d595cb4c5e1152594c9db18c31acce3bd258300ee3113cbaeb8d19d245cc5831a1eeed7cceead63caea0a49408b2212ced04b45d85a83e9c962154e08ff4ce24809370405fa68d4fdf9e216708d8f69ed49867764216ac38d3364b18d7bd6c699ab3e06ce761cec98b3955f12c98b6c62c76b29a7d9139919365b92b002743841e6ae85b55520eaa785b7589f4ba3126f48fab989c04f71cc71e65923192ec8dd05e205b39c402b798116c82c4bbd063fb005bd66d2f93d8ef4d6fbe111062e236f2d35512d197e76709ca433c6dc395fba44e14f3e5fe5b38c7f1f7600d06705cb8337d4cbb7741be0d8339890da9ed793104dede729e6f05350efc202759d2d5a37faf6991c7f6ddd79e43b154c7d5b9dff040a817ecd8df5f977e61250fcdb4c60a7490c5b10ec2462f89cc14fdc1798d6adbff47e46e1836cfcb4170ece686576387f27a4b1844873c319cf2118f496a3cb062305a127e75e57eb45dc90cba12f9149a32771c79fc04c6be44665dd081430b3c5bccd0984abd16aeaccf5389366f8b2ce77ca5ea6c9d22ad6cc5d4235b3a0d1fd36d0488ccb2fe1fd89d173ca6b933a3554cb9b30fa76f64704d8db356de7145d8c572dab5162c43d973bb13b4de89d1434c58ccdf03d4b7edea99b1eed6037b2a974b89c08809a745c9ffe9e1146de2a1460916329e86cfd0403ca660d0beee7256a9815f9fabbe5c6ff43e7a5a11714d540005719850200e29ae091546ee626df29264436d20d1b6e28970ca3f7df942dc8c531e7e26fb5c1ea817d1abce2022f3c4ab4ea641f2aa2ff87b5e2f51fe93ee9e75d3f0274cdc0fb39a75c16809106e13713795b9844322e72504b69ac1c49996a02ff2172b72899b64ea21dc35c6fd629993de5a930676183cbe0e11e612987b814cdeb5c8dfd9ac584d83f5235b7412d73f5d1d277b91567793ab89a3ad133c92ba33cbc7067761bf941cfb5a4f9e1ff00e287f2cc0e9d831a3b3b5d3049240ac20a632b4fa9fa031c65f4c2b0ae4dfbe860a13fbfb7209049a4a3b6589d50f970f5a7cb3d86cce7f9589a072e9ce0d178bd4c019bc6e109ad6cc1a82f139eecaede264679eb06af49a40b7311516335d753fb97082e050a0ec6a59b00a55599c2e86998ea54cde3dbedf2353f7ae15444515ee23f1dc6b605b5ef879a774a1d23e883f4fac979939702d0dc48cf2e3d374c0104e96bee5671a153b09c1074beb0f7b471e4c18dcc715455eb2ae9d68e6479e633c2b404e516f6eb2a1f6d5bfb8c92d9a7f90c7ff95978a0d69da80b0a251082036b5c66003cbd5766f7e73c8aa0360ea0f38fadab0b4440db9fdcf81a27828e81980133184a8b8b73dd15c181c04c4d6c3831eba5984aef0119fe53a9b693754ef845e28e6a1417c23a7a0cf3c4ba8b770b1df95543e976a0ec28e6ddc59fd6a5540ffa97538c92d05bfa3711cbeeb3940673a1177694801f348641493d10a263deb59d41fc314120a7d6de3126159e7a75b2ca24f86ffe5845745ef2a24382ddf489526cf422cc1d4a9f0b447d2cbe5ce743e82dc310a3d7ad040f60161da368bbfa0d6138391ae5b188d08657bd4e02e7844c7faadf88798fc637b8f48305cfdf0c599a6f6834ea19f2ae077646e89cf5ac368100d3d8ee595bb810e6f0b20349f89434dc4f988a14878f684a278550c467950e5d533de96dd81e4f03fccf52d32201fef774f15c243946fb1a48f546aa32b882ba674fe8e2b43f5bbea5f57ed49ab4b6857a69512ba1b76777a1f0034c920a6666a9674d7a7ca87fe8968c02302185738ffc84b07220f11180015c470ccb2af3d9224236ca3df938f353e17fa2a3f7bb53b2f1b16858910354a13cf20dd8b8baa6f1f3f2cef4d2c691c7545e31954213c89b2557f5966ecee7490ec064c1714bc48e2afbb92b708402ca2e5922c94c959985b8d3ea4bf0bd3e3d631d54c1a9560544ac2b3715bda8d952545731ed8e5a46507a881fe560faa05e1bef23adf03588629e7364fa47f359d42928b9bb623c36ef5b7265a378dbf869e5accdc38b2b37ad2be15a43c4c7b54c2c6ebcb2bd06b0b003dafae197cf46b86db31460ee73534c5f1c46fac7aa74007cb7fbae17cf78a5926e553dafcbed974def8b53940e2f265006f937abdc78f9a55c5fb3934723be0f5f34b70648b6f7378092decd90b8cfd7238d6b3a19930f83f4483fe3747f6495204c8bbeba8441bf1ab08e498f0542b40bb0bc014797c9ef3437ef6722cfbdb42e6ddae897801c3f607b2beb86fd3e3c117fdc73336ebdee63cf5e58c4d8575f85f5f13c3c73b55f34cdc3e0c3291aa4ed5a2c952dcee1a041d2f102a687476454011546e3bd77ccca09fb1287c945a8c0fd7dd7023d233b1079761ae457547fe813703fc51f1730106ba1e9264cdac7087674038ff89bd1a1a7da24c4655192dd6a2ac91c84044e14f3083267e5382a92a032998b524c874dc06efb5edc8737780ff5023ef15c9d7264322f17a25094ebca0d4e95bc9f9b96e71f87705dc8b0658d89a0f504fd4a69c3f5c1f09a61a87c3752060a44854a0aa294dcc405a92cfc5dd466556289562d2600c19edcce4c78d48be77d607abf93b46544cf0a6e94e0ac682378e988cd3cc74256cdcb360a2faa1559d12d0d1f7082009f7a8281efaf3271edf435ca05fb2efa5232e71b8d29c3ef29308f543402d8c57e33761bcb0d46eb2fe9ce0ad4ad1a8aaba9987b393249d3dcd7ab12d6fe604c0fdb22ef9c9e566b4cbe4c4ce4a0d1eac2de73824f391383f441904e7153dab83782ac05aeb254673142cc5cb8256250302a09117cc9f228d3a26ed95b8001826379b760c14977012c3ae96d3babfab0a383c07afb9b7356e85c121a84562ec66e6607fdc2f98f43e846fea14c6859734bbf1e89a90aa852505541316c061c80fb71a09d3ba25dcf214dc3b2395f6b91082f1165c573f7247fdb56df4051db3ecf3a446f3ca1b58457d414ad694be7497374f55a758e1858449c728fe42def5b8a798cdb953fe6b05e0fc8648db14e4f91584a59a57c1b6d8b8103b8bf4d3a126fd1967d3bdab582a9ae714f6ee590215484762b267cc94733c7b3be3f0b9d82ad7a664ca9a60c316a5cf4ea73522a4bd20d195f011c7ac99fba7c3ab0b3fe2aae9a35d207452b50bf67f6ef833f16ba7c609d51f208dee99500236d9e8b1765f7b8716d667edf390b911a3ba4657b14092dbf6020bec64f036a5d257db4211495fbd740630e0cb21b0873432bf0f817edba41cf05396d93d2e1e1d043f3427e38b011b0661335726ed55a90465f0e4fe8e1aacb30dbd4f75b73994afffacd66f0e4b648ddd468f9627037f351a4840b56728ad85a06af03191474af43516a6fb9d13ca5c00217b84d4999bcf9a822b14b24db3558cd91ecbba395126f30452a1396017755025082c2ed0a5ae6e64efcb04ca0e3f510669cff092931e3234ad5f05ef30b0cd2e4edc01d4f80fb074ef35079b1717b53bc6602986a135af553c9c6558e090e338d67bed5848135dfad515d95b6c3fccb3454804fbc2bf15b0495eef27c685e38f40dd2630af71bb916c20f9033aba0af51bb11b7a4f03a05b28bef2c1c5bff772a120e4fb741c54f9fe3f3087d2779779201f3ab57e59605a82f9a99c0f08159a19fd59f3e9af5a54472a841c28d7a593b0814ddafb51048e271c9a0426b14a8dd013145e1d5f6faab71e9b05fb2e4512b5056758abc4a7f6bf2725e6f4dd1e949984a18b6c1179dc4b62ed75ae6af6954680e8f7b05c216291e22ecc116d7b69db3397e55ce72dac24d5924fbc7ea4c27cf5d18cc4aacc1241e36f5bbdc85ab94bd7113b7927cca6cbe4ae5b96899242a298933ad34adeb62d86ddc5547b161041a76cbfdf8c5a944e42110ae348629a019e9c18e44cf70f11d22f312f19db14dde03f19e2a10827c5919651ea2e5288028d585224a03b83bc33d76dcdd52ade1bc1805a1184265518498098b1d787941cacd8a8a67f5c47a4d7e29da856ca5c75269ea9bda24adc0259037eab3f85f42369ff80ddc250d0b3c2a19af280c5992479a2f18541b8c5cec9e8801632adbf7e06c8f6a5e8a170e406cc1f1c2c0f0034659c9b9b6ad439758acb42d75873f7d1c792ce8f9b5591bfc673f88c0f9e5dbc33d681fc165d1651100cdb8f1f2acadf827d3c954c83f41b232106cd99c52468a40950c1eef30cd7b90c1cd15e334aeaed1e6c3fae4e739268f868b7a6ab1dc787323f0a6dcd09caefd4811ad15434ec0bd0bde6c280bd3587b23880436d7ac6306f31c742a1e6da269c2d70702034e4ce82c22814d5b576db70c702a75c916414524061d5252ab8b3defe858310e13e3558219fc0d952e18d927129a5006e1ff9f520cc046a315d7e334edd650a1f948a125158d352842ae180ca049ebed6d159aaaef28963cd01acc5ec54fd75e15a3fe3f205359cd184b18bbe400da55ee053023d130ae29fb0248eae96b3a53f1f7f2b0af50bb567331f26da4aece28df52bcb8c6de9ffaccc33e29cd031a35eef0a0ec1d300948432fb24238cc99cfaedf3d08a8bf4e73b12a62", 0x1000, 0x3) fdatasync(0xffffffffffffffff) mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x7fff) move_pages(0xffffffffffffffff, 0x1, &(0x7f0000001000)=[&(0x7f0000ff8000/0x4000)=nil], 0x0, &(0x7f0000001040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000001080)) ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f00000010c0)=0x1) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000001100)={0x9, 0x2, {0x0, 0x3, 0x20, 0x1, 0x6f2ca625}, 0x7ff}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000001180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) r1 = syz_open_dev$vcsn(&(0x7f00000011c0), 0x4, 0x4000) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000001200)=0x1, 0x4) read$hiddev(r0, &(0x7f0000001240)=""/255, 0xff) r2 = syz_open_dev$vcsn(&(0x7f0000001340), 0x4, 0x80403) ioctl$HIDIOCGFIELDINFO(r2, 0xc038480a, &(0x7f0000001380)={0x3, 0xffffffff, 0x10000, 0x1, 0x9, 0x7, 0x5, 0x1, 0x1d52, 0xdd, 0x9, 0x4, 0x282, 0x4}) socket$nl_audit(0x10, 0x3, 0x9) write$selinux_attr(r2, &(0x7f00000013c0)='system_u:object_r:hald_cache_t:s0\x00', 0x22) r3 = openat$incfs(r0, &(0x7f0000001400)='.log\x00', 0x100, 0x8) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r3, 0xc0605345, &(0x7f0000001440)={0x7, 0x1, {0x0, 0x2, 0x9e98, 0x0, 0x9}, 0x8}) shmat(0xffffffffffffffff, &(0x7f0000ff8000/0x4000)=nil, 0x1000) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f00000014c0)={'veth0_macvtap\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000078cc0)={0xf3, [], 0x7, "232da857cda83e"}) [ 66.106597] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.110525] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.112312] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.131391] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.132949] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.135156] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.140118] Bluetooth: hci0: HCI_REQ-0x0c1a [ 66.245516] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 66.247733] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 66.250583] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 66.258340] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 66.259779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 66.263677] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 66.266658] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 66.270263] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 66.271549] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 66.272913] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 66.273583] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.286283] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 66.291253] Bluetooth: hci4: HCI_REQ-0x0c1a [ 66.292273] Bluetooth: hci3: HCI_REQ-0x0c1a [ 66.328824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 66.330835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 66.336328] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 66.344104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.346264] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.350587] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 66.353449] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.361235] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 66.362622] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 66.369229] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 66.372620] Bluetooth: hci2: HCI_REQ-0x0c1a [ 66.382466] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 66.384948] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 66.404096] Bluetooth: hci6: HCI_REQ-0x0c1a [ 68.194735] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 68.196132] Bluetooth: hci0: command 0x0409 tx timeout [ 68.322106] Bluetooth: hci3: command 0x0409 tx timeout [ 68.322141] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 68.323407] Bluetooth: hci4: command 0x0409 tx timeout [ 68.386207] Bluetooth: hci2: command 0x0409 tx timeout [ 68.387259] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 68.450448] Bluetooth: hci6: command 0x0409 tx timeout [ 70.243107] Bluetooth: hci0: command 0x041b tx timeout [ 70.370138] Bluetooth: hci4: command 0x041b tx timeout [ 70.370540] Bluetooth: hci3: command 0x041b tx timeout [ 70.434061] Bluetooth: hci2: command 0x041b tx timeout [ 70.498126] Bluetooth: hci6: command 0x041b tx timeout [ 71.269685] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.272152] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.273799] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.277680] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.279793] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.281854] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.286856] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.290075] Bluetooth: hci0: command 0x040f tx timeout [ 72.418111] Bluetooth: hci3: command 0x040f tx timeout [ 72.418130] Bluetooth: hci4: command 0x040f tx timeout [ 72.482087] Bluetooth: hci2: command 0x040f tx timeout [ 72.547248] Bluetooth: hci6: command 0x040f tx timeout [ 73.314089] Bluetooth: hci1: command 0x0409 tx timeout [ 73.378135] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 73.443069] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 74.339106] Bluetooth: hci0: command 0x0419 tx timeout [ 74.466058] Bluetooth: hci4: command 0x0419 tx timeout [ 74.467191] Bluetooth: hci3: command 0x0419 tx timeout [ 74.530051] Bluetooth: hci2: command 0x0419 tx timeout [ 74.594058] Bluetooth: hci6: command 0x0419 tx timeout [ 75.363067] Bluetooth: hci1: command 0x041b tx timeout [ 75.941135] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.942127] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.943149] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.944692] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 75.945729] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 75.946707] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 75.949259] Bluetooth: hci5: HCI_REQ-0x0c1a [ 76.097461] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 76.098703] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 76.099387] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 76.100869] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 76.101772] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 76.102452] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 76.126801] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.411104] Bluetooth: hci1: command 0x040f tx timeout [ 77.987083] Bluetooth: hci5: command 0x0409 tx timeout [ 78.179129] Bluetooth: hci7: command 0x0409 tx timeout [ 79.459055] Bluetooth: hci1: command 0x0419 tx timeout [ 80.035183] Bluetooth: hci5: command 0x041b tx timeout [ 80.227399] Bluetooth: hci7: command 0x041b tx timeout [ 82.082055] Bluetooth: hci5: command 0x040f tx timeout [ 82.274134] Bluetooth: hci7: command 0x040f tx timeout [ 84.130134] Bluetooth: hci5: command 0x0419 tx timeout [ 84.322083] Bluetooth: hci7: command 0x0419 tx timeout [ 115.789764] audit: type=1400 audit(1665036281.758:7): avc: denied { open } for pid=3656 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 06:04:41 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) socketpair(0x1, 0x3, 0x1, &(0x7f0000000000)={0xffffffffffffffff}) bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x20, @none, 0xff, 0x2}, 0x0) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x8, @none, 0x5, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, 0x0, 0x0) 06:04:41 executing program 1: syz_read_part_table(0x0, 0x3, &(0x7f0000000880)=[{&(0x7f0000000580)="69eaa864bd3d0f025f84b7455c2a0b9b940a5d3cb3df2679c0252f4021cd9738fb5a1ee9e77578876b54dbfa4461c77d7267536010c8562898f9a00a93dfdc0bd59050500b31071aec10e84592ab392779a1df0db1158ec3aa79", 0x5a, 0x9}, {&(0x7f0000000600)="711c50", 0x3, 0x80000000}, {0x0}]) syz_read_part_table(0x3, 0x7, &(0x7f0000000400)=[{&(0x7f0000000000)="1f3279bc14b2f3c522586d84be2b34dd077cea17f493b090b7d0c7abd52c77779f4d53b331ea22da5bcf", 0x2a, 0xffffffffffff84ef}, {&(0x7f0000000040)="70ca56fd987fd9b7e3d1f2558b3173361540514aa2328049351e271514038d45fd8341d8edc3445c1965e5f3f8e3ece63528e71ab88c676be0c277a85045911756a5f80d88b64b8f059c8665d4bb30ecadf575467492a344814fa77ccee464f7e0f748648799bbfd5f5a9deeee0f6d9d7ae853b11fc96cb92d28c6eb1686c985d2ce74489946f4a8ffa26accc6aca79aa8eb5176e72902df99ed2af7939f0e317bdabc61c5e157726bb822660a9a87519dbb77d7c49fad18939943bfe1c8d147e8ab10e7cf93245ed1f8ef4d64bd6bbd2575", 0xd2, 0x9}, {&(0x7f0000000140)="73387a0b5635c4802a21d8ae7f2c1536a4ede6e14e8a5ff21acbe524bb88c142f23b9a0a66b436c20765112698a1160a977aa2703ef0d44fb5ee7238385c94b491baf36c5733028349ed47d40312a3a992dbf73f1c4b9b3efc3014445a02b0d50e0da3", 0x63}, {&(0x7f00000001c0)="94ba7834e7829af5a0b4c38d1fce75d9996a0acc52f6d2f1cf874dd89e7609aa2fa9f34826", 0x25, 0x6}, {&(0x7f0000000200)="c09fa7e7876aa1e170e8b2676bc0ad42321fcb09122831ad4435654ae74ec78f47c13394f0b5fb7090997a2e225e52f3a4486bb4418be53985658b5df3a3f8557bc6ab935dc6ed9ce668b5e1e89fa9489597becd28e6d0d327c34cb9020e658e6b7312fc988caebe272aaf0228bd541294818dd86595b268", 0x78, 0x1000}, {&(0x7f0000000280)="b6330831df2cb582853066bd006b6d44e77a4330b6478cd37e7a0ac70545ec328d43105db9b0f99f794ccf32f8e72b19d0033323ca8c4797bfd4c334af800926c8a5a15bcc922e4781b10ec50f34affb2cf6cdf8bf19877a28755c6157d42d4a2b97dd45111ce8ed780e12652e6895fee92472721843c2af24e9287d01fb84eedfc7534d62293d7d4448c4be1cda737544e07fd54baffdfbd5cda6604eac94775a07e5c29f8f9d8e06ad0e9a2de0dfe5ecb9411ca6018a75", 0xb8, 0x800}, {&(0x7f0000000340)="beb129d32f2abad50c082bd807f035730f101af682ebfc4006a4d0f80c46c27eea70edf1538a00508a38d088d7ea613ae75b95de8157bdca947bc8d465eebb7fd303c08e979202556421d36d97ea98937295cd13379e203ba797715888bc0b005e5107cf63601f6dc23aec90d68dd4dd9e2adff1dd0fcb97699a33f063a4518f31eee27b9a62aa0bf74ecf8ae5458a50e97e50daf8a864eb6e98", 0x9a, 0x7fffffff}]) 06:04:42 executing program 5: pipe2(&(0x7f0000000840)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt$inet_opts(r0, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x6c, 0x0, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_REG_RULES={0x58, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xfffffff9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xd080}, @NL80211_ATTR_FREQ_RANGE_END={0x8}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x2}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x7fff}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x22ba}]}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4008004}, 0x4000000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200000, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) flock(r1, 0x2) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) dup2(r2, r1) pipe2(&(0x7f0000000840)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt$inet_opts(r3, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)={0x194, 0x0, 0x20, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x44, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}]}, @TIPC_NLA_BEARER={0x74, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x40, @loopback, 0xfff}}, {0x14, 0x2, @in={0x2, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @local}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x7ff}}}}]}, @TIPC_NLA_NODE={0x1c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}]}, @TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast1}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x8000, @loopback, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x800}]}, @TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4c5b04f0}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80000001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xc73}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffff7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9e47}]}]}, 0x194}, 0x1, 0x0, 0x0, 0x40}, 0x4000) [ 116.052945] audit: type=1400 audit(1665036282.021:8): avc: denied { kernel } for pid=3685 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 116.063607] ------------[ cut here ]------------ [ 116.063631] [ 116.063635] ====================================================== [ 116.063638] WARNING: possible circular locking dependency detected [ 116.063642] 6.0.0-next-20221005 #1 Not tainted [ 116.063649] ------------------------------------------------------ [ 116.063652] syz-executor.5/3686 is trying to acquire lock: [ 116.063658] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 116.063700] [ 116.063700] but task is already holding lock: [ 116.063703] ffff88800da58420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 116.063730] [ 116.063730] which lock already depends on the new lock. [ 116.063730] [ 116.063733] [ 116.063733] the existing dependency chain (in reverse order) is: [ 116.063737] [ 116.063737] -> #3 (&ctx->lock){....}-{2:2}: [ 116.063750] _raw_spin_lock+0x2a/0x40 [ 116.063762] __perf_event_task_sched_out+0x53b/0x18d0 [ 116.063774] __schedule+0xedd/0x2470 [ 116.063789] schedule+0xda/0x1b0 [ 116.063803] exit_to_user_mode_prepare+0x114/0x1a0 [ 116.063815] syscall_exit_to_user_mode+0x19/0x40 [ 116.063829] do_syscall_64+0x48/0x90 [ 116.063839] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 116.063853] [ 116.063853] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 116.063866] _raw_spin_lock_nested+0x30/0x40 [ 116.063878] raw_spin_rq_lock_nested+0x1e/0x30 [ 116.063891] task_fork_fair+0x63/0x4d0 [ 116.063908] sched_cgroup_fork+0x3d0/0x540 [ 116.063923] copy_process+0x4183/0x6e20 [ 116.063935] kernel_clone+0xe7/0x890 [ 116.063944] user_mode_thread+0xad/0xf0 [ 116.063955] rest_init+0x24/0x250 [ 116.063967] arch_call_rest_init+0xf/0x14 [ 116.063987] start_kernel+0x4c6/0x4eb [ 116.064007] secondary_startup_64_no_verify+0xe0/0xeb [ 116.064021] [ 116.064021] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 116.064035] _raw_spin_lock_irqsave+0x39/0x60 [ 116.064046] try_to_wake_up+0xab/0x1930 [ 116.064059] up+0x75/0xb0 [ 116.064074] __up_console_sem+0x6e/0x80 [ 116.064090] console_unlock+0x46a/0x590 [ 116.064107] do_con_write+0xc05/0x1d50 [ 116.064118] con_write+0x21/0x40 [ 116.064127] n_tty_write+0x4d4/0xfe0 [ 116.064141] file_tty_write.constprop.0+0x455/0x8a0 [ 116.064153] vfs_write+0x9c3/0xd90 [ 116.064170] ksys_write+0x127/0x250 [ 116.064185] do_syscall_64+0x3b/0x90 [ 116.064195] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 116.064208] [ 116.064208] -> #0 ((console_sem).lock){....}-{2:2}: [ 116.064221] __lock_acquire+0x2a02/0x5e70 [ 116.064239] lock_acquire+0x1a2/0x530 [ 116.064255] _raw_spin_lock_irqsave+0x39/0x60 [ 116.064266] down_trylock+0xe/0x70 [ 116.064282] __down_trylock_console_sem+0x3b/0xd0 [ 116.064298] vprintk_emit+0x16b/0x560 [ 116.064314] vprintk+0x84/0xa0 [ 116.064330] _printk+0xba/0xf1 [ 116.064343] report_bug.cold+0x72/0xab [ 116.064360] handle_bug+0x3c/0x70 [ 116.064369] exc_invalid_op+0x14/0x50 [ 116.064379] asm_exc_invalid_op+0x16/0x20 [ 116.064392] group_sched_out.part.0+0x2c7/0x460 [ 116.064410] ctx_sched_out+0x8f1/0xc10 [ 116.064427] __perf_event_task_sched_out+0x6d0/0x18d0 [ 116.064438] __schedule+0xedd/0x2470 [ 116.064452] schedule+0xda/0x1b0 [ 116.064466] exit_to_user_mode_prepare+0x114/0x1a0 [ 116.064477] syscall_exit_to_user_mode+0x19/0x40 [ 116.064490] do_syscall_64+0x48/0x90 [ 116.064499] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 116.064513] [ 116.064513] other info that might help us debug this: [ 116.064513] [ 116.064515] Chain exists of: [ 116.064515] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 116.064515] [ 116.064530] Possible unsafe locking scenario: [ 116.064530] [ 116.064532] CPU0 CPU1 [ 116.064535] ---- ---- [ 116.064537] lock(&ctx->lock); [ 116.064543] lock(&rq->__lock); [ 116.064549] lock(&ctx->lock); [ 116.064555] lock((console_sem).lock); [ 116.064561] [ 116.064561] *** DEADLOCK *** [ 116.064561] [ 116.064563] 2 locks held by syz-executor.5/3686: [ 116.064570] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 116.064600] #1: ffff88800da58420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 116.064626] [ 116.064626] stack backtrace: [ 116.064629] CPU: 0 PID: 3686 Comm: syz-executor.5 Not tainted 6.0.0-next-20221005 #1 [ 116.064642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.064648] Call Trace: [ 116.064651] [ 116.064656] dump_stack_lvl+0x8b/0xb3 [ 116.064675] check_noncircular+0x263/0x2e0 [ 116.064692] ? format_decode+0x26c/0xb50 [ 116.064710] ? print_circular_bug+0x450/0x450 [ 116.064727] ? simple_strtoul+0x30/0x30 [ 116.064744] ? format_decode+0x26c/0xb50 [ 116.064762] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 116.064780] __lock_acquire+0x2a02/0x5e70 [ 116.064802] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 116.064825] lock_acquire+0x1a2/0x530 [ 116.064842] ? down_trylock+0xe/0x70 [ 116.064860] ? lock_release+0x750/0x750 [ 116.064881] ? vprintk+0x84/0xa0 [ 116.064899] _raw_spin_lock_irqsave+0x39/0x60 [ 116.064911] ? down_trylock+0xe/0x70 [ 116.064928] down_trylock+0xe/0x70 [ 116.064945] ? vprintk+0x84/0xa0 [ 116.064963] __down_trylock_console_sem+0x3b/0xd0 [ 116.064980] vprintk_emit+0x16b/0x560 [ 116.065000] vprintk+0x84/0xa0 [ 116.065025] _printk+0xba/0xf1 [ 116.065037] ? record_print_text.cold+0x16/0x16 [ 116.065054] ? report_bug.cold+0x66/0xab [ 116.065073] ? group_sched_out.part.0+0x2c7/0x460 [ 116.065092] report_bug.cold+0x72/0xab [ 116.065112] handle_bug+0x3c/0x70 [ 116.065122] exc_invalid_op+0x14/0x50 [ 116.065133] asm_exc_invalid_op+0x16/0x20 [ 116.065147] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 116.065167] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 116.065179] RSP: 0018:ffff88803febfc48 EFLAGS: 00010006 [ 116.065188] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.065196] RDX: ffff88801b575040 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 116.065204] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 116.065211] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88800da58400 [ 116.065219] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 116.065230] ? group_sched_out.part.0+0x2c7/0x460 [ 116.065250] ? group_sched_out.part.0+0x2c7/0x460 [ 116.065269] ctx_sched_out+0x8f1/0xc10 [ 116.065289] __perf_event_task_sched_out+0x6d0/0x18d0 [ 116.065303] ? lock_is_held_type+0xd7/0x130 [ 116.065317] ? __perf_cgroup_move+0x160/0x160 [ 116.065328] ? set_next_entity+0x304/0x550 [ 116.065345] ? update_curr+0x267/0x740 [ 116.065364] ? lock_is_held_type+0xd7/0x130 [ 116.065378] __schedule+0xedd/0x2470 [ 116.065396] ? io_schedule_timeout+0x150/0x150 [ 116.065413] ? rcu_read_lock_sched_held+0x3e/0x80 [ 116.065434] schedule+0xda/0x1b0 [ 116.065449] exit_to_user_mode_prepare+0x114/0x1a0 [ 116.065462] syscall_exit_to_user_mode+0x19/0x40 [ 116.065476] do_syscall_64+0x48/0x90 [ 116.065486] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 116.065501] RIP: 0033:0x7ff6eb24eb19 [ 116.065509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.065520] RSP: 002b:00007ff6e87c4218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 116.065530] RAX: 0000000000000001 RBX: 00007ff6eb361f68 RCX: 00007ff6eb24eb19 [ 116.065538] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff6eb361f6c [ 116.065545] RBP: 00007ff6eb361f60 R08: 000000000000000e R09: 0000000000000000 [ 116.065552] R10: 0000000000000005 R11: 0000000000000246 R12: 00007ff6eb361f6c [ 116.065559] R13: 00007ffc6517c95f R14: 00007ff6e87c4300 R15: 0000000000022000 [ 116.065572] [ 116.066666] loop1: detected capacity change from 0 to 264192 [ 116.066821] WARNING: CPU: 0 PID: 3686 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 116.122137] Modules linked in: [ 116.122355] CPU: 0 PID: 3686 Comm: syz-executor.5 Not tainted 6.0.0-next-20221005 #1 [ 116.122862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.123397] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 116.123759] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 2b 08 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 116.124941] RSP: 0018:ffff88803febfc48 EFLAGS: 00010006 [ 116.125303] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.125772] RDX: ffff88801b575040 RSI: ffffffff81566da7 RDI: 0000000000000005 [ 116.126251] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 116.126735] R10: 0000000000000000 R11: ffffffff865b601b R12: ffff88800da58400 [ 116.127208] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 116.127682] FS: 00007ff6e87c4700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 116.128213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.128597] CR2: 000055555617e708 CR3: 0000000021484000 CR4: 0000000000350ef0 [ 116.129061] Call Trace: [ 116.129231] [ 116.129388] ctx_sched_out+0x8f1/0xc10 [ 116.129657] __perf_event_task_sched_out+0x6d0/0x18d0 [ 116.130003] ? lock_is_held_type+0xd7/0x130 [ 116.130291] ? __perf_cgroup_move+0x160/0x160 [ 116.130583] ? set_next_entity+0x304/0x550 [ 116.130865] ? update_curr+0x267/0x740 [ 116.131134] ? lock_is_held_type+0xd7/0x130 [ 116.131420] __schedule+0xedd/0x2470 [ 116.131675] ? io_schedule_timeout+0x150/0x150 [ 116.131978] ? rcu_read_lock_sched_held+0x3e/0x80 [ 116.132301] schedule+0xda/0x1b0 [ 116.132532] exit_to_user_mode_prepare+0x114/0x1a0 [ 116.132856] syscall_exit_to_user_mode+0x19/0x40 [ 116.133176] do_syscall_64+0x48/0x90 [ 116.133419] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 116.133754] RIP: 0033:0x7ff6eb24eb19 [ 116.133996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.135153] RSP: 002b:00007ff6e87c4218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 116.135639] RAX: 0000000000000001 RBX: 00007ff6eb361f68 RCX: 00007ff6eb24eb19 [ 116.136095] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff6eb361f6c [ 116.136552] RBP: 00007ff6eb361f60 R08: 000000000000000e R09: 0000000000000000 [ 116.137018] R10: 0000000000000005 R11: 0000000000000246 R12: 00007ff6eb361f6c [ 116.137469] R13: 00007ffc6517c95f R14: 00007ff6e87c4300 R15: 0000000000022000 [ 116.137928] [ 116.138084] irq event stamp: 924 [ 116.138306] hardirqs last enabled at (923): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 116.138922] hardirqs last disabled at (924): [] __schedule+0x1225/0x2470 [ 116.139465] softirqs last enabled at (644): [] __irq_exit_rcu+0x11b/0x180 [ 116.140030] softirqs last disabled at (629): [] __irq_exit_rcu+0x11b/0x180 [ 116.140588] ---[ end trace 0000000000000000 ]--- [ 116.151758] loop1: detected capacity change from 0 to 264192 06:04:42 executing program 1: syz_read_part_table(0x0, 0x3, &(0x7f0000000880)=[{&(0x7f0000000580)="69eaa864bd3d0f025f84b7455c2a0b9b940a5d3cb3df2679c0252f4021cd9738fb5a1ee9e77578876b54dbfa4461c77d7267536010c8562898f9a00a93dfdc0bd59050500b31071aec10e84592ab392779a1df0db1158ec3aa79", 0x5a, 0x9}, {&(0x7f0000000600)="711c50", 0x3, 0x80000000}, {0x0}]) syz_read_part_table(0x3, 0x7, &(0x7f0000000400)=[{&(0x7f0000000000)="1f3279bc14b2f3c522586d84be2b34dd077cea17f493b090b7d0c7abd52c77779f4d53b331ea22da5bcf", 0x2a, 0xffffffffffff84ef}, {&(0x7f0000000040)="70ca56fd987fd9b7e3d1f2558b3173361540514aa2328049351e271514038d45fd8341d8edc3445c1965e5f3f8e3ece63528e71ab88c676be0c277a85045911756a5f80d88b64b8f059c8665d4bb30ecadf575467492a344814fa77ccee464f7e0f748648799bbfd5f5a9deeee0f6d9d7ae853b11fc96cb92d28c6eb1686c985d2ce74489946f4a8ffa26accc6aca79aa8eb5176e72902df99ed2af7939f0e317bdabc61c5e157726bb822660a9a87519dbb77d7c49fad18939943bfe1c8d147e8ab10e7cf93245ed1f8ef4d64bd6bbd2575", 0xd2, 0x9}, {&(0x7f0000000140)="73387a0b5635c4802a21d8ae7f2c1536a4ede6e14e8a5ff21acbe524bb88c142f23b9a0a66b436c20765112698a1160a977aa2703ef0d44fb5ee7238385c94b491baf36c5733028349ed47d40312a3a992dbf73f1c4b9b3efc3014445a02b0d50e0da3", 0x63}, {&(0x7f00000001c0)="94ba7834e7829af5a0b4c38d1fce75d9996a0acc52f6d2f1cf874dd89e7609aa2fa9f34826", 0x25, 0x6}, {&(0x7f0000000200)="c09fa7e7876aa1e170e8b2676bc0ad42321fcb09122831ad4435654ae74ec78f47c13394f0b5fb7090997a2e225e52f3a4486bb4418be53985658b5df3a3f8557bc6ab935dc6ed9ce668b5e1e89fa9489597becd28e6d0d327c34cb9020e658e6b7312fc988caebe272aaf0228bd541294818dd86595b268", 0x78, 0x1000}, {&(0x7f0000000280)="b6330831df2cb582853066bd006b6d44e77a4330b6478cd37e7a0ac70545ec328d43105db9b0f99f794ccf32f8e72b19d0033323ca8c4797bfd4c334af800926c8a5a15bcc922e4781b10ec50f34affb2cf6cdf8bf19877a28755c6157d42d4a2b97dd45111ce8ed780e12652e6895fee92472721843c2af24e9287d01fb84eedfc7534d62293d7d4448c4be1cda737544e07fd54baffdfbd5cda6604eac94775a07e5c29f8f9d8e06ad0e9a2de0dfe5ecb9411ca6018a75", 0xb8, 0x800}, {&(0x7f0000000340)="beb129d32f2abad50c082bd807f035730f101af682ebfc4006a4d0f80c46c27eea70edf1538a00508a38d088d7ea613ae75b95de8157bdca947bc8d465eebb7fd303c08e979202556421d36d97ea98937295cd13379e203ba797715888bc0b005e5107cf63601f6dc23aec90d68dd4dd9e2adff1dd0fcb97699a33f063a4518f31eee27b9a62aa0bf74ecf8ae5458a50e97e50daf8a864eb6e98", 0x9a, 0x7fffffff}]) [ 116.199102] loop1: detected capacity change from 0 to 264192 [ 116.209399] loop1: detected capacity change from 0 to 264192 06:04:42 executing program 1: syz_read_part_table(0x0, 0x3, &(0x7f0000000880)=[{&(0x7f0000000580)="69eaa864bd3d0f025f84b7455c2a0b9b940a5d3cb3df2679c0252f4021cd9738fb5a1ee9e77578876b54dbfa4461c77d7267536010c8562898f9a00a93dfdc0bd59050500b31071aec10e84592ab392779a1df0db1158ec3aa79", 0x5a, 0x9}, {&(0x7f0000000600)="711c50", 0x3, 0x80000000}, {0x0}]) syz_read_part_table(0x3, 0x7, &(0x7f0000000400)=[{&(0x7f0000000000)="1f3279bc14b2f3c522586d84be2b34dd077cea17f493b090b7d0c7abd52c77779f4d53b331ea22da5bcf", 0x2a, 0xffffffffffff84ef}, {&(0x7f0000000040)="70ca56fd987fd9b7e3d1f2558b3173361540514aa2328049351e271514038d45fd8341d8edc3445c1965e5f3f8e3ece63528e71ab88c676be0c277a85045911756a5f80d88b64b8f059c8665d4bb30ecadf575467492a344814fa77ccee464f7e0f748648799bbfd5f5a9deeee0f6d9d7ae853b11fc96cb92d28c6eb1686c985d2ce74489946f4a8ffa26accc6aca79aa8eb5176e72902df99ed2af7939f0e317bdabc61c5e157726bb822660a9a87519dbb77d7c49fad18939943bfe1c8d147e8ab10e7cf93245ed1f8ef4d64bd6bbd2575", 0xd2, 0x9}, {&(0x7f0000000140)="73387a0b5635c4802a21d8ae7f2c1536a4ede6e14e8a5ff21acbe524bb88c142f23b9a0a66b436c20765112698a1160a977aa2703ef0d44fb5ee7238385c94b491baf36c5733028349ed47d40312a3a992dbf73f1c4b9b3efc3014445a02b0d50e0da3", 0x63}, {&(0x7f00000001c0)="94ba7834e7829af5a0b4c38d1fce75d9996a0acc52f6d2f1cf874dd89e7609aa2fa9f34826", 0x25, 0x6}, {&(0x7f0000000200)="c09fa7e7876aa1e170e8b2676bc0ad42321fcb09122831ad4435654ae74ec78f47c13394f0b5fb7090997a2e225e52f3a4486bb4418be53985658b5df3a3f8557bc6ab935dc6ed9ce668b5e1e89fa9489597becd28e6d0d327c34cb9020e658e6b7312fc988caebe272aaf0228bd541294818dd86595b268", 0x78, 0x1000}, {&(0x7f0000000280)="b6330831df2cb582853066bd006b6d44e77a4330b6478cd37e7a0ac70545ec328d43105db9b0f99f794ccf32f8e72b19d0033323ca8c4797bfd4c334af800926c8a5a15bcc922e4781b10ec50f34affb2cf6cdf8bf19877a28755c6157d42d4a2b97dd45111ce8ed780e12652e6895fee92472721843c2af24e9287d01fb84eedfc7534d62293d7d4448c4be1cda737544e07fd54baffdfbd5cda6604eac94775a07e5c29f8f9d8e06ad0e9a2de0dfe5ecb9411ca6018a75", 0xb8, 0x800}, {&(0x7f0000000340)="beb129d32f2abad50c082bd807f035730f101af682ebfc4006a4d0f80c46c27eea70edf1538a00508a38d088d7ea613ae75b95de8157bdca947bc8d465eebb7fd303c08e979202556421d36d97ea98937295cd13379e203ba797715888bc0b005e5107cf63601f6dc23aec90d68dd4dd9e2adff1dd0fcb97699a33f063a4518f31eee27b9a62aa0bf74ecf8ae5458a50e97e50daf8a864eb6e98", 0x9a, 0x7fffffff}]) [ 116.286636] loop1: detected capacity change from 0 to 264192 [ 116.306899] loop1: detected capacity change from 0 to 264192 VM DIAGNOSIS: 06:04:42 Registers: info registers vcpu 0 RAX=000000000000006e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bda91 RDI=ffffffff8765c9a0 RBP=ffffffff8765c960 RSP=ffff88803febf650 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006e R11=0000000000000001 R12=000000000000006e R13=ffffffff8765c960 R14=0000000000000010 R15=ffffffff823bda80 RIP=ffffffff823bdae9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ff6e87c4700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055555617e708 CR3=0000000021484000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007ff6eb3357c000007ff6eb3357c8 XMM02=00007ff6eb3357e000007ff6eb3357c0 XMM03=00007ff6eb3357c800007ff6eb3357c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=000000000000000f RCX=dffffc0000000000 RDX=0000000000000001 RSI=dffffc0000000000 RDI=ffffffff84e045c1 RBP=ffff88801dd03a08 RSP=ffff888020ebf8d8 R8 =0000000000000005 R9 =0000000000000003 R10=0000000000000001 R11=0000000000000001 R12=00007f8e94485fff R13=ffff88801dd03a0c R14=ffff888008523f00 R15=0000000000000000 RIP=ffffffff840e7b62 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007faab10238e0 CR3=000000003fd52000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=2e6f747079726362696c2f756e672d78 XMM02=00312e312e6f732e6f74707972636269 XMM03=6c2f756e672d78756e696c2d34365f36 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000