[ 32.129031] sshd (236) used greatest stack depth: 24776 bytes left Debian GNU/Linux 11 syzkaller ttyS0 syzkaller login: [ 36.458221] scp (255) used greatest stack depth: 24768 bytes left Warning: Permanently added '[localhost]:49719' (ECDSA) to the list of known hosts. 2022/09/17 03:49:27 fuzzer started 2022/09/17 03:49:27 dialing manager at localhost:36051 [ 38.672187] cgroup: Unknown subsys name 'net' [ 38.789410] cgroup: Unknown subsys name 'rlimit' 2022/09/17 03:49:41 syscalls: 2215 2022/09/17 03:49:41 code coverage: enabled 2022/09/17 03:49:41 comparison tracing: enabled 2022/09/17 03:49:41 extra coverage: enabled 2022/09/17 03:49:41 setuid sandbox: enabled 2022/09/17 03:49:41 namespace sandbox: enabled 2022/09/17 03:49:41 Android sandbox: enabled 2022/09/17 03:49:41 fault injection: enabled 2022/09/17 03:49:41 leak checking: enabled 2022/09/17 03:49:41 net packet injection: enabled 2022/09/17 03:49:41 net device setup: enabled 2022/09/17 03:49:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/17 03:49:41 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/17 03:49:41 USB emulation: enabled 2022/09/17 03:49:41 hci packet injection: enabled 2022/09/17 03:49:41 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220916) 2022/09/17 03:49:41 802.15.4 emulation: enabled 2022/09/17 03:49:41 fetching corpus: 50, signal 29744/31515 (executing program) 2022/09/17 03:49:41 fetching corpus: 100, signal 46162/49425 (executing program) 2022/09/17 03:49:42 fetching corpus: 150, signal 56503/61169 (executing program) 2022/09/17 03:49:42 fetching corpus: 200, signal 65676/71651 (executing program) 2022/09/17 03:49:42 fetching corpus: 250, signal 75170/82275 (executing program) 2022/09/17 03:49:42 fetching corpus: 300, signal 79640/87928 (executing program) 2022/09/17 03:49:42 fetching corpus: 350, signal 83655/93089 (executing program) 2022/09/17 03:49:42 fetching corpus: 400, signal 88271/98797 (executing program) 2022/09/17 03:49:42 fetching corpus: 450, signal 91742/103368 (executing program) 2022/09/17 03:49:42 fetching corpus: 500, signal 94082/106848 (executing program) 2022/09/17 03:49:42 fetching corpus: 550, signal 95725/109639 (executing program) 2022/09/17 03:49:43 fetching corpus: 600, signal 98641/113553 (executing program) 2022/09/17 03:49:43 fetching corpus: 650, signal 103140/118900 (executing program) 2022/09/17 03:49:43 fetching corpus: 700, signal 106048/122751 (executing program) 2022/09/17 03:49:43 fetching corpus: 750, signal 107782/125445 (executing program) 2022/09/17 03:49:43 fetching corpus: 800, signal 109376/128001 (executing program) 2022/09/17 03:49:43 fetching corpus: 850, signal 112405/131797 (executing program) 2022/09/17 03:49:43 fetching corpus: 900, signal 114329/134552 (executing program) 2022/09/17 03:49:44 fetching corpus: 950, signal 116264/137306 (executing program) 2022/09/17 03:49:44 fetching corpus: 1000, signal 119813/141369 (executing program) 2022/09/17 03:49:44 fetching corpus: 1050, signal 122068/144399 (executing program) 2022/09/17 03:49:44 fetching corpus: 1100, signal 124925/147836 (executing program) 2022/09/17 03:49:44 fetching corpus: 1150, signal 126607/150273 (executing program) 2022/09/17 03:49:44 fetching corpus: 1200, signal 128176/152550 (executing program) 2022/09/17 03:49:44 fetching corpus: 1250, signal 130703/155596 (executing program) 2022/09/17 03:49:45 fetching corpus: 1300, signal 131953/157623 (executing program) 2022/09/17 03:49:45 fetching corpus: 1350, signal 134451/160569 (executing program) 2022/09/17 03:49:45 fetching corpus: 1400, signal 136659/163309 (executing program) 2022/09/17 03:49:45 fetching corpus: 1450, signal 139082/166150 (executing program) 2022/09/17 03:49:45 fetching corpus: 1500, signal 140034/167837 (executing program) 2022/09/17 03:49:45 fetching corpus: 1550, signal 142247/170442 (executing program) 2022/09/17 03:49:45 fetching corpus: 1600, signal 143087/171961 (executing program) 2022/09/17 03:49:45 fetching corpus: 1650, signal 146185/175235 (executing program) 2022/09/17 03:49:46 fetching corpus: 1700, signal 148451/177821 (executing program) 2022/09/17 03:49:46 fetching corpus: 1750, signal 149827/179708 (executing program) 2022/09/17 03:49:46 fetching corpus: 1800, signal 151892/182046 (executing program) 2022/09/17 03:49:46 fetching corpus: 1850, signal 153834/184288 (executing program) 2022/09/17 03:49:46 fetching corpus: 1900, signal 155173/186070 (executing program) 2022/09/17 03:49:46 fetching corpus: 1950, signal 156243/187644 (executing program) 2022/09/17 03:49:46 fetching corpus: 2000, signal 157125/189077 (executing program) 2022/09/17 03:49:46 fetching corpus: 2050, signal 158485/190850 (executing program) 2022/09/17 03:49:46 fetching corpus: 2100, signal 160571/193002 (executing program) 2022/09/17 03:49:47 fetching corpus: 2150, signal 161894/194681 (executing program) 2022/09/17 03:49:47 fetching corpus: 2200, signal 163806/196735 (executing program) 2022/09/17 03:49:47 fetching corpus: 2250, signal 165793/198863 (executing program) 2022/09/17 03:49:47 fetching corpus: 2300, signal 167190/200534 (executing program) 2022/09/17 03:49:47 fetching corpus: 2350, signal 168347/201995 (executing program) 2022/09/17 03:49:47 fetching corpus: 2400, signal 169131/203200 (executing program) 2022/09/17 03:49:47 fetching corpus: 2450, signal 171272/205201 (executing program) 2022/09/17 03:49:48 fetching corpus: 2500, signal 172916/206935 (executing program) 2022/09/17 03:49:48 fetching corpus: 2550, signal 173257/207880 (executing program) 2022/09/17 03:49:48 fetching corpus: 2600, signal 175302/209810 (executing program) 2022/09/17 03:49:48 fetching corpus: 2650, signal 176011/210893 (executing program) 2022/09/17 03:49:48 fetching corpus: 2700, signal 177400/212341 (executing program) 2022/09/17 03:49:48 fetching corpus: 2750, signal 178558/213632 (executing program) 2022/09/17 03:49:48 fetching corpus: 2800, signal 179680/214888 (executing program) 2022/09/17 03:49:49 fetching corpus: 2850, signal 180324/215895 (executing program) 2022/09/17 03:49:49 fetching corpus: 2900, signal 181757/217340 (executing program) 2022/09/17 03:49:49 fetching corpus: 2950, signal 183923/219147 (executing program) 2022/09/17 03:49:49 fetching corpus: 3000, signal 184761/220227 (executing program) 2022/09/17 03:49:49 fetching corpus: 3050, signal 186002/221490 (executing program) 2022/09/17 03:49:49 fetching corpus: 3100, signal 187561/222893 (executing program) 2022/09/17 03:49:49 fetching corpus: 3150, signal 188388/223884 (executing program) 2022/09/17 03:49:49 fetching corpus: 3200, signal 189455/224983 (executing program) 2022/09/17 03:49:50 fetching corpus: 3250, signal 190583/226074 (executing program) 2022/09/17 03:49:50 fetching corpus: 3300, signal 191653/227114 (executing program) 2022/09/17 03:49:50 fetching corpus: 3350, signal 192440/228006 (executing program) 2022/09/17 03:49:50 fetching corpus: 3400, signal 193190/228924 (executing program) 2022/09/17 03:49:50 fetching corpus: 3450, signal 193682/229689 (executing program) 2022/09/17 03:49:50 fetching corpus: 3500, signal 194916/230777 (executing program) 2022/09/17 03:49:50 fetching corpus: 3550, signal 196418/231965 (executing program) 2022/09/17 03:49:51 fetching corpus: 3600, signal 196967/232656 (executing program) 2022/09/17 03:49:51 fetching corpus: 3650, signal 197982/233600 (executing program) 2022/09/17 03:49:51 fetching corpus: 3700, signal 198517/234284 (executing program) 2022/09/17 03:49:51 fetching corpus: 3750, signal 199334/235100 (executing program) 2022/09/17 03:49:51 fetching corpus: 3800, signal 199885/235802 (executing program) 2022/09/17 03:49:51 fetching corpus: 3850, signal 200287/236451 (executing program) 2022/09/17 03:49:51 fetching corpus: 3900, signal 202245/237746 (executing program) 2022/09/17 03:49:51 fetching corpus: 3950, signal 202959/238453 (executing program) 2022/09/17 03:49:52 fetching corpus: 4000, signal 203863/239190 (executing program) 2022/09/17 03:49:52 fetching corpus: 4050, signal 204971/240064 (executing program) 2022/09/17 03:49:52 fetching corpus: 4100, signal 205951/240878 (executing program) 2022/09/17 03:49:52 fetching corpus: 4150, signal 206401/241482 (executing program) 2022/09/17 03:49:52 fetching corpus: 4200, signal 207338/242224 (executing program) 2022/09/17 03:49:52 fetching corpus: 4250, signal 207916/242844 (executing program) 2022/09/17 03:49:52 fetching corpus: 4300, signal 208420/243425 (executing program) 2022/09/17 03:49:52 fetching corpus: 4350, signal 209013/244015 (executing program) 2022/09/17 03:49:53 fetching corpus: 4400, signal 210179/244823 (executing program) 2022/09/17 03:49:53 fetching corpus: 4450, signal 210840/245470 (executing program) 2022/09/17 03:49:53 fetching corpus: 4500, signal 211316/246011 (executing program) 2022/09/17 03:49:53 fetching corpus: 4550, signal 212092/246678 (executing program) 2022/09/17 03:49:53 fetching corpus: 4600, signal 212653/247218 (executing program) 2022/09/17 03:49:53 fetching corpus: 4650, signal 213362/247790 (executing program) 2022/09/17 03:49:53 fetching corpus: 4700, signal 214276/248442 (executing program) 2022/09/17 03:49:53 fetching corpus: 4750, signal 214890/248993 (executing program) 2022/09/17 03:49:54 fetching corpus: 4800, signal 215482/249516 (executing program) 2022/09/17 03:49:54 fetching corpus: 4850, signal 216023/250071 (executing program) 2022/09/17 03:49:54 fetching corpus: 4900, signal 216398/250521 (executing program) 2022/09/17 03:49:54 fetching corpus: 4950, signal 216934/251010 (executing program) 2022/09/17 03:49:54 fetching corpus: 5000, signal 218164/251633 (executing program) 2022/09/17 03:49:54 fetching corpus: 5050, signal 218719/252079 (executing program) 2022/09/17 03:49:54 fetching corpus: 5100, signal 219454/252595 (executing program) 2022/09/17 03:49:55 fetching corpus: 5150, signal 219813/253001 (executing program) 2022/09/17 03:49:55 fetching corpus: 5200, signal 220541/253550 (executing program) 2022/09/17 03:49:55 fetching corpus: 5250, signal 221310/253984 (executing program) 2022/09/17 03:49:55 fetching corpus: 5300, signal 222012/254416 (executing program) 2022/09/17 03:49:55 fetching corpus: 5350, signal 222480/254828 (executing program) 2022/09/17 03:49:55 fetching corpus: 5400, signal 223059/255257 (executing program) 2022/09/17 03:49:55 fetching corpus: 5450, signal 223735/255686 (executing program) 2022/09/17 03:49:56 fetching corpus: 5500, signal 224856/256122 (executing program) 2022/09/17 03:49:56 fetching corpus: 5550, signal 225444/256462 (executing program) 2022/09/17 03:49:56 fetching corpus: 5600, signal 226153/256900 (executing program) 2022/09/17 03:49:56 fetching corpus: 5650, signal 226669/257248 (executing program) 2022/09/17 03:49:56 fetching corpus: 5700, signal 227383/257620 (executing program) 2022/09/17 03:49:56 fetching corpus: 5750, signal 228109/258115 (executing program) 2022/09/17 03:49:56 fetching corpus: 5800, signal 228630/258462 (executing program) 2022/09/17 03:49:56 fetching corpus: 5850, signal 229308/258796 (executing program) 2022/09/17 03:49:57 fetching corpus: 5900, signal 230323/259180 (executing program) 2022/09/17 03:49:57 fetching corpus: 5950, signal 230831/259560 (executing program) 2022/09/17 03:49:57 fetching corpus: 6000, signal 231371/259831 (executing program) 2022/09/17 03:49:57 fetching corpus: 6050, signal 231933/260071 (executing program) 2022/09/17 03:49:57 fetching corpus: 6100, signal 232421/260371 (executing program) 2022/09/17 03:49:57 fetching corpus: 6150, signal 232948/260640 (executing program) 2022/09/17 03:49:57 fetching corpus: 6200, signal 233506/260899 (executing program) 2022/09/17 03:49:58 fetching corpus: 6250, signal 234342/261159 (executing program) 2022/09/17 03:49:58 fetching corpus: 6300, signal 235015/261380 (executing program) 2022/09/17 03:49:58 fetching corpus: 6350, signal 235519/261587 (executing program) 2022/09/17 03:49:58 fetching corpus: 6400, signal 235876/261797 (executing program) 2022/09/17 03:49:58 fetching corpus: 6450, signal 236146/261797 (executing program) 2022/09/17 03:49:58 fetching corpus: 6500, signal 236484/261814 (executing program) 2022/09/17 03:49:58 fetching corpus: 6550, signal 237016/261814 (executing program) 2022/09/17 03:49:58 fetching corpus: 6600, signal 237432/261814 (executing program) 2022/09/17 03:49:58 fetching corpus: 6650, signal 237873/261814 (executing program) 2022/09/17 03:49:58 fetching corpus: 6700, signal 238363/261924 (executing program) 2022/09/17 03:49:59 fetching corpus: 6750, signal 239162/261960 (executing program) 2022/09/17 03:49:59 fetching corpus: 6800, signal 240127/261974 (executing program) 2022/09/17 03:49:59 fetching corpus: 6850, signal 241119/262007 (executing program) 2022/09/17 03:49:59 fetching corpus: 6900, signal 241739/262013 (executing program) 2022/09/17 03:49:59 fetching corpus: 6950, signal 242621/262025 (executing program) 2022/09/17 03:49:59 fetching corpus: 7000, signal 243046/262025 (executing program) 2022/09/17 03:49:59 fetching corpus: 7042, signal 243492/262025 (executing program) 2022/09/17 03:49:59 fetching corpus: 7042, signal 243492/262025 (executing program) 2022/09/17 03:50:03 starting 8 fuzzer processes 03:50:03 executing program 0: ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1000, 0x40, 0x3f}, {0xf73, 0xde, 0x1, 0xffffffff}]}) sync_file_range(0xffffffffffffffff, 0x9, 0x67fe57e2, 0x3) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) r0 = fsopen(&(0x7f0000000080)='qnx6\x00', 0x1) ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f00000000c0)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0) ioctl$sock_inet6_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000140)) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f00000001c0)={'gretap0\x00'}) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000200)={0x400, 0x1000, 0x3f}) accept4(r1, &(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, &(0x7f00000002c0)=0x80, 0x80800) r3 = fsopen(&(0x7f0000000300)='sysv\x00', 0x0) r4 = signalfd4(r3, &(0x7f0000000340)={[0x2]}, 0x8, 0x800) r5 = signalfd(0xffffffffffffffff, &(0x7f0000000380)={[0x8001]}, 0x8) r6 = openat$full(0xffffffffffffff9c, &(0x7f00000003c0), 0x2240, 0x0) ioctl$GIO_SCRNMAP(r4, 0x4b40, &(0x7f0000000400)=""/227) accept$packet(r4, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000580)={@empty, r7}, 0x14) getsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f00000005c0), &(0x7f0000000600)=0x8) 03:50:03 executing program 1: ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'vcan0\x00'}) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'rose0\x00'}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000140)={0x0, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x21}}, {0x2, 0x4e24, @remote}, {0x2, 0x4e24, @loopback}, 0x81, 0x0, 0x0, 0x0, 0x3f, &(0x7f0000000100)='syz_tun\x00', 0x7, 0x82f1, 0xffe0}) sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x50, 0x0, 0x204, 0x70bd2d, 0x25dfdbfe, {}, [@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0xc000) r1 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000300), 0x80000) bind(r1, &(0x7f0000000340)=@generic={0x27, "b8f8829d798122ec91b5b2b14de3648e098099e637ceed0e5149afdf843ba5ca0ae3385646131ff79cdb22d3530a02859a39b0a4aa6049a25102b01a21f60929ec8968780b13a8a70fc36a813c12b7f70f4bceef7bbac58cfa5257ea718b271f3a845839c4a88d184d607b2eec336f16479055bed3dc7f1e829b5ad14a9e"}, 0x80) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'ip_vti0\x00', &(0x7f00000003c0)={'ip_vti0\x00', r0, 0x10, 0x8, 0x1, 0x5a, {{0x8, 0x4, 0x3, 0x16, 0x20, 0x67, 0x0, 0xb8, 0x2f, 0x0, @remote, @empty, {[@cipso={0x86, 0xa, 0x0, [{0x7, 0x4, '(,'}]}]}}}}}) bind$packet(0xffffffffffffffff, &(0x7f0000000440)={0x11, 0xf5, r2, 0x1, 0x7f}, 0x14) getsockopt$IP_SET_OP_VERSION(r1, 0x1, 0x53, &(0x7f0000000480), &(0x7f00000004c0)=0x8) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000500)={0x86, 0xfffffc00, 0x9, 0xffffffff}, 0x10) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000540)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={0xffffffffffffffff}) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f00000005c0)={0x800, 0x370, 0x3, 0x1, 0x7}) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f0000001640)={'nat\x00', 0x0, 0x4, 0x1000, [0x800, 0x5, 0x10001, 0xce, 0x0, 0x9], 0x2, &(0x7f0000000600)=[{}, {}], &(0x7f0000000640)=""/4096}, &(0x7f00000016c0)=0x78) sendto$inet6(0xffffffffffffffff, &(0x7f0000001700)="2fff1e97aeae6d164bed5332636802b6274f7808bce0d4bc675453c37e9e2de5d4b161820ae3f74f8da874c651", 0x2d, 0x20000011, &(0x7f0000001740)={0xa, 0x4e23, 0x3, @mcast2, 0x3ff}, 0x1c) setsockopt$inet_udp_encap(r4, 0x11, 0x64, &(0x7f0000001780)=0x5, 0x4) getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000017c0), 0x10) 03:50:03 executing program 2: r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14, 0x0) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x80400, 0x0) sendfile(r0, r2, 0x0, 0x696) ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f00000000c0)=0xfff) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000140)=0x9) getsockname$packet(r0, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001240)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000001280)={{{@in=@initdev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000001380)=0xe8) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r3, 0x89f6, &(0x7f0000001440)={'ip6tnl0\x00', &(0x7f00000013c0)={'ip6_vti0\x00', r1, 0x4, 0x49, 0x9, 0x9, 0x30, @mcast1, @mcast1, 0x7, 0x10, 0xc0000, 0x2}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r3, 0x89f7, &(0x7f0000001500)={'ip6_vti0\x00', &(0x7f0000001480)={'syztnl0\x00', r1, 0x2f, 0x2, 0x1, 0x80, 0x50, @mcast2, @empty, 0x708, 0x8, 0x81, 0x3}}) getsockname$packet(r0, &(0x7f0000001540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001580)=0x14) getpeername$packet(r0, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000001600)=0x14) sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000001dc0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001d80)={&(0x7f0000001640)={0x704, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {}, [{{0x8, 0x1, r1}, {0x250, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xffff}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xcfa}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffff7}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r1}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5a2}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}]}}, {{0x8, 0x1, r7}, {0x1a8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r1}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8000}}, {0x8, 0x6, r1}}}]}}, {{0x8, 0x1, r1}, {0x1e4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}]}, 0x704}, 0x1, 0x0, 0x0, 0x80}, 0x888d0) listxattr(&(0x7f0000001e00)='./file0\x00', &(0x7f0000001e40)=""/115, 0x73) perf_event_open(&(0x7f0000001f00)={0x4, 0x80, 0x3, 0x1, 0x3, 0x80, 0x0, 0x2, 0x2400, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000001ec0), 0x4}, 0x1901, 0x2, 0x8, 0x3, 0x0, 0x1, 0x1, 0x0, 0x5974, 0x0, 0x2}, 0x0, 0x2, r3, 0x4) sendfile(r0, r3, &(0x7f0000001f80)=0x6, 0xffff) getsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000002000)={@dev, 0x0}, &(0x7f0000002040)=0x14) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000002100)={'gre0\x00', &(0x7f0000002080)={'syztnl0\x00', 0x0, 0x80, 0x10, 0x9, 0xdd, {{0xd, 0x4, 0x1, 0x2, 0x34, 0x68, 0x0, 0xff, 0x2f, 0x0, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0x1f, 0x0, [{0x6, 0xa, "5f34de980ce083bd"}, {0x6, 0x5, "08e1fd"}, {0x1, 0x4, "e81f"}, {0x1, 0x6, "1c03681e"}]}]}}}}}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000002240)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000002200)={&(0x7f0000002140)={0xa8, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x24048000}, 0x4800) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000002340)={&(0x7f0000002280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000) [ 74.142525] audit: type=1400 audit(1663386603.067:6): avc: denied { execmem } for pid=288 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 03:50:03 executing program 3: sendmsg$NL80211_CMD_LEAVE_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2, 0x1a}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x24000004}, 0x4000) sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x5, 0x1, 0x401, 0x0, 0x0, {0xa, 0x0, 0x8}, ["", ""]}, 0x14}}, 0x4040) sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x2, 0x2, 0x301, 0x0, 0x0, {0xa}, [@CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x20000) sendmsg$IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa1}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x2}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa1}, @IEEE802154_ATTR_CAPABILITY={0x5, 0x11, 0x4}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0xe}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x1}, @IEEE802154_ATTR_CAPABILITY={0x5, 0x11, 0xe1}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x10}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000815}, 0x2004c0c0) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x30, 0x0, 0x20, 0x70bd26, 0x7, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x1e, 0x6f}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x401}]}, 0x30}, 0x1, 0x0, 0x0, 0x804}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000580)={0x480, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7, 0x1c}}}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17a}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x5e}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xf3}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x12}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x260}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xc}], @NL80211_ATTR_DURATION={0x8, 0x57, 0xfc0}, @NL80211_ATTR_FRAME={0x40a, 0x33, @probe_response={@wo_ht={{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7f}, @broadcast, @device_b, @from_mac=@broadcast, {0x2, 0x7}}, 0x40, @default, 0x2000, @void, @val={0x1, 0x8, [{0x0, 0x1}, {0xc}, {0x30}, {0x2}, {0x6c}, {0x3}, {0x6}, {0x9, 0x1}]}, @val={0x3, 0x1, 0x7}, @void, @void, @val={0x2d, 0x1a, {0x40, 0x2, 0x4, 0x0, {0x7, 0x40, 0x0, 0x3f, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x400, 0x1, 0x9e}}, @void, @void, [{0xdd, 0x48, "d885632e55a80b3fb26eb1110ed18f03de064be39b967f61794d3a5288f07358f94d3178cab8e2fd988ea6a03a80f82664e727eb8e4e892bde28e7b62d7d7da0b4569891853363c0"}, {0xdd, 0xa0, "8d6ea684f4319b6ebb79c2e7f4f7c39b8e07f4a128359310bf3b61463b6e194bc41fb4fd0bafd310e0431b8f6d2924c118179e09f3ddbf3b795284a3df70d1f6617eb5722b1397029a8286b098bba940c2944444c22a1982963080965f4a64859a89d4e91239cae3b7c50132545d81c400d5ce258ef900de30e0d766694970e86e76c4d12f0832e22727fb75bb3b4fb234bd88fe38fb3db0235dca348674ca92"}, {0xdd, 0xc3, "c7eb3e2b191900c2e326f93d5bb1d747bcfaefc37fdc2043ded50392edd17232496409c82e5f4693f896c20a30ed75a88d3ff350704e62600c65e6865bff43727166515672c7d04f04edf6c0e49fa5e23b49a2f050bdc19e1e948e80ec1c0a4f860427e65f3c340766aa1a6ffd57712ef68fb1484bb8150679d8962f40632dc6161643706af181844c8a0d465c82c5caabaf5f736b761c0f384357f50392cda344250fbce0f3e7210b5d76734cdd78b7e177143b7a31ebddff5f10b576745b9a3407b3"}, {0xdd, 0x37, "60188bdb7430ae86c231edd7594465cda8477e1ae31b56b99a52e24d262a2847a78a3a14b094f67e77ee308aa062562d972f090f2a5625"}, {0xdd, 0xe8, "7cf720fc256cee36fc88f4d1f58ff4b40b0aef09a2e18f3f4caba4dce86c9f6fb0fbc63c4bd10c5cd7298e84d69374aefa908c7cd11e3c13797124916dfdd0beb1004b029f7aa20b965d2fb61d8c1209e16f425934b60bf7a7e9690bc239db28ee1d5eb6cd77569978771d49bae69f0c3c5e898b14b5e540471819cb800b290031d596fc2be64e9568f326d081c854a11f0f6374e835a96481e519b3e69602bef11096875ff9c4a53b166c3eab310f4b44f87ba84d66264be1aa645f01bb83fcab121383f6f3f4d2d2f623ac437d68fdc36a9ac3386a24a754faf5c0f5cd3bc03c9caa6a24a9e937"}, {0xdd, 0xaf, "a4346d57a445c00c62a37bcb4b6aabe6a7f67433e91a4421a2fcd9b448c7c4b86b18b95a725ba611a39255ec849546ed796b7e64ddc744d5d3c168e3c293a92c69ddbe3ac5fdaafca46c2ca973c6209976f34d5746dd03c36fa3f81ab2cfb4c0d6c52a85cef7ac3dfb26fd45d7910b27c1f66404d9f4209b5c733579ee1ea127c4bd99819822dde1de93edba346e7b0a0b1b2d19e9714526b8ea5a49ddd6092349b9f6b4b6402525064a8e465bfb4e"}, {0xdd, 0x32, "c53bc5077065d63cb884ae5177a5fd528c793e079400e6452097e239c997595bb580954f6bdfdbe5816e8df6fc1962b773ea"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x800, 0x8000, 0x6]}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x480}, 0x1, 0x0, 0x0, 0x4004001}, 0x2000c810) r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x30, r0, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x40804) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x44, r1, 0x100, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_SEQ={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x14, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "c1b5a50fc89a6de0741b4f2359"}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000d40)={0x3, 'team0\x00', {0x2}, 0x1}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000dc0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000e00)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x70, r2, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x3}, @key_params=[@NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "a0b85e218f"}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "cdf22162f35184efe77965239f"}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_KEY_SEQ={0x7, 0xa, "eaa521"}], @NL80211_ATTR_MAC={0xa, 0x6, @random="2206dc908d85"}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x3}, @NL80211_ATTR_SSID={0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x20048091}, 0x4054) sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000001000)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x6cde58bf02add9eb}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x28, r2, 0x100, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x8, 0x76}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4008091}, 0x8004) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0xd4907ea6f9ef8377}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)={0x28, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3, 0x0, 0x2}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x840}, 0x20000050) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000001240)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001200)={&(0x7f0000001180)={0x64, 0x0, 0x8, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7ff, 0xd}}}}, [@NL80211_ATTR_HE_BSS_COLOR={0x18, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x23}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x24}]}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x1000}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x9}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x3}, @NL80211_ATTR_P2P_OPPPS={0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0}, 0x60040092) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000012c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001400)={&(0x7f0000001300)={0xcc, r1, 0x800, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_VENDOR_DATA={0xaf, 0xc5, "c9e9404e9f6c513a6638f4dc8e8ad9e3f5b98dbd9b2e37c8f0356855b2295532f830cc08a7128a90b1bf4b9959e04b5b2408fd149da59406ba9d78f780f60f45fcbf9071b00d9bf4aef7785b5f51b305044d3a94bca69c1dc111c7eb4ee5c14d90185d26987f75f69415859ca028025ce3fa130763ba146e64f39842c6b6fd7155da517fb4b27175a900c12d0ad95fe134fbb763abab67395e410e1b2b468164d4724247dafea2d986f5b4"}]}, 0xcc}, 0x1, 0x0, 0x0, 0x80}, 0x48884) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000007780)={&(0x7f0000007580)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000007740)={&(0x7f0000007600)={0x10c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x1ff, 0x73}}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x87}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x20}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2c4}], @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xe, 0xcd, [0x1ff, 0xfff, 0x1f, 0x8, 0x0]}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1c6}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}], @NL80211_ATTR_FRAME={0x3c, 0x33, @disassoc={@with_ht={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x3}, @device_b, @device_b, @initial, {0xe}}, @ver_80211n={0x0, 0x7, 0x3, 0x3, 0x0, 0x1, 0x1}}, 0x3f, @val={0x8c, 0x18, {0x165, "f5862f4738df", @long="dfe1588358a02badec4c8055c94cb243"}}}}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xc, 0xcd, [0x6b, 0xfa, 0x9, 0x80]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x9f8f8e0ea6ebe8b9}, 0x8800) 03:50:03 executing program 4: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000180)={0xffffffffffffffff, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x9c, r1, 0x100, 0x70bd28, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x24000040}, 0x40000) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000001c0)=@v2={0x2, @adiantum, 0x1, '\x00', @a}) r2 = accept$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000240)=0x1c) r3 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xc491) sendfile(r2, r3, &(0x7f0000000280)=0x401, 0x20000000000) r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000002c0), 0x133800, 0x0) sync_file_range(r4, 0x2, 0x10001, 0x7) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000340)=0x40) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, 0x0, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_TX_USECS={0x8, 0x6, 0xfffffffa}, @ETHTOOL_A_COALESCE_RX_USECS_HIGH={0x8, 0x13, 0x3}, @ETHTOOL_A_COALESCE_TX_USECS_HIGH={0x8, 0x15, 0x63e}]}, 0x2c}, 0x1, 0x0, 0x0, 0x85}, 0x4040) r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000780)={0xb8, 0x0, &(0x7f0000000600)=[@request_death, @register_looper, @acquire, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000480)={@fda={0x66646185, 0x6, 0x0, 0x10}, @fd={0x66642a85, 0x0, r6}, @flat=@weak_binder={0x77622a85, 0xa, 0x2}}, &(0x7f0000000500)={0x0, 0x20, 0x38}}}, @acquire_done={0x40106309, 0x3}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000540)={@flat=@handle={0x73682a85, 0x100, 0x2}, @fda={0x66646185, 0x8, 0x1, 0x1b}, @fda={0x66646185, 0x2, 0x0, 0x3d}}, &(0x7f00000005c0)={0x0, 0x18, 0x38}}}], 0xad, 0x0, &(0x7f00000006c0)="1018edb36d586f63f312c53ff53830b9970279d319d1e667192524a4b3befd0850c172531b8c16d7b83e2f1b5f07e619ed3d16858a0df97750b8ff4eed2d5c319dd501a0a4b362a17432b0796cb885052fc4e6e636961c0e9ffe98023e98d1e6580abf35353fd5b40d7e208c8c8a83e2481134a9f0672d70828ba8b6619df6936b1d3ebc2c8eb304d029660306ad496e7a803cb756693ca4abf44306bec0caf3e988e3ea80e576d83bdea89716"}) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000007c0)='yeah\x00', 0x5) ioctl$FIONCLEX(r5, 0x5450) r7 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000800), 0x3, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x2c, 0x0, 0x10, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x19}}}}, [@NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2400a804}, 0x851) copy_file_range(r7, 0x0, 0xffffffffffffffff, &(0x7f0000000940)=0x1, 0x4, 0x0) 03:50:03 executing program 5: ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000000000)) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)='system_u:object_r:syslogd_exec_t:s0\x00', 0x24, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000140)=@FILEID_NILFS_WITH_PARENT={0x20, 0x62, {0x4, 0x0, 0x0, 0x4, 0x8000}}, 0x10800) r0 = syz_open_dev$vcsn(&(0x7f0000000180), 0x7, 0x80) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e20, @private=0xa010100}, {0x306, @random="de17b30e1c4f"}, 0x6a, {0x2, 0x4e23, @empty}, 'hsr0\x00'}) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000240)={@private0={0xfc, 0x0, '\x00', 0x1}}, 0x14) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2) r3 = syz_io_uring_complete(0x0) ioctl$AUTOFS_IOC_SETTIMEOUT(r3, 0x80049367, &(0x7f0000000300)) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x9, 0xc2, 0x0, 0x6, 0x0, 0x6, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000340), 0x8}, 0x0, 0x7, 0x6, 0x0, 0x401, 0x5a2000, 0x3f, 0x0, 0x5, 0x0, 0x6}, 0x0, 0x8, r0, 0x3) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000400)={'TPROXY\x00'}, &(0x7f0000000440)=0x1e) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000480)=0x6) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r1, {0x8000, 0x101}}, './file0\x00'}) ioctl$VFAT_IOCTL_READDIR_BOTH(r4, 0x82307201, &(0x7f0000000500)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000740), 0x55d000, 0x0) write$cgroup_freezer_state(r5, &(0x7f0000000780)='THAWED\x00', 0x7) 03:50:03 executing program 6: syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, r0, 0x8, 0x9, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1ff, 0x26}}}}, [@NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d5cafe88fd2d70111d62dd45e5"}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000080}, 0x4c000) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, r0, 0x20, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x9aa}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x8, 0x401, 0x100]}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x393}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @NL80211_ATTR_CSA_C_OFFSETS_TX={0x8, 0xcd, [0xfff, 0xdf27]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x408c0}, 0x4000804) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r1, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0xa0, 0x0, 0x8, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x44011}, 0x20040061) r3 = socket$nl_route(0x10, 0x3, 0x0) close_range(r3, r1, 0x2) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000500), r1) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r4, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r5 = syz_open_dev$vcsu(&(0x7f0000000600), 0x8, 0x900) setsockopt$bt_BT_POWER(r5, 0x112, 0x9, &(0x7f0000000640)=0xab, 0x1) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r1) sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r6, 0x200, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4093}, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x8}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20040008}, 0x20008800) r7 = open_tree(0xffffffffffffffff, &(0x7f0000000900)='./file1\x00', 0x8000) syz_genetlink_get_family_id$wireguard(&(0x7f00000008c0), r7) sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000940), 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x2c, 0xc, 0x6, 0x301, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x200000c0) sendmsg$NL80211_CMD_SET_PMK(r7, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000a80)={0xc4, r0, 0x2, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "4c3ee70f18037644653a79ed06145a88"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "1cc892daf6787671e7a2e8170966f2fb"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "f184a1d5ad81c38e2a5c62677b41c554"}, @NL80211_ATTR_PMK={0x14, 0xfe, "642922ea2d596c38313c56e870f2c74b"}, @NL80211_ATTR_PMK={0x14, 0xfe, "60c601154a5baae1e0ec41312028738c"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "f3d50a3d893175356d651353fe2a12b3"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "2603df84176c4a2d05398d3d726b9562"}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x0) 03:50:03 executing program 7: r0 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x800, 0x70bd25, 0x25dfdbfe, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x24040851) sendmsg$NLBL_MGMT_C_PROTOCOLS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, 0x0, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010101}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x44004) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_PROTOCOLS(r1, &(0x7f0000000300)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0x0, 0x10, 0x70bd25, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}]}, 0x1c}, 0x1, 0x0, 0x0, 0x161de1a293634e0b}, 0x4000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r1) sendmsg$NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, r3, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x28000844}, 0x4004810) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000004c0)={'wpan4\x00', 0x0}) sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8) sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x1c, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40005}, 0x20040000) sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x14, 0x0, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x50}, 0xc, &(0x7f0000000940)={&(0x7f0000000840)={0xcc, r6, 0x300, 0x70bd28, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x6bd69a90}, {0x6, 0x11, 0x6}, {0x8, 0x15, 0x101}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x6}, {0x8, 0x15, 0x2a}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0x6}, {0x8, 0x15, 0x3}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0xa0001000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x48, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x48}, 0x1, 0x0, 0x0, 0x400c041}, 0x84) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x38, 0x0, 0x20, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xaab}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xc91}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40001}, 0x8000) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_INTERFACE(r7, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x4000018}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x1c, 0x0, 0x301, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$NLBL_UNLABEL_C_ACCEPT(r4, &(0x7f0000000e40)={&(0x7f0000000d00), 0xc, &(0x7f0000000e00)={&(0x7f0000000d80)={0x4c, 0x0, 0x8, 0x70bd26, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0x80000001}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48000}, 0xc011) [ 75.494047] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.499171] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.503253] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.504783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.510158] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.518650] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.526122] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.528624] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.530471] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.532350] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.551211] Bluetooth: hci0: HCI_REQ-0x0c1a [ 75.558408] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.561771] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.564917] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.566065] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.567693] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.574194] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.575620] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.577482] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.579246] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.581334] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.582677] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 75.584405] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.587587] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.592535] Bluetooth: hci2: HCI_REQ-0x0c1a [ 75.593688] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 75.605214] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.607310] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.608391] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 75.609599] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.613475] Bluetooth: hci1: HCI_REQ-0x0c1a [ 75.613864] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 75.615189] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 75.618807] Bluetooth: hci4: HCI_REQ-0x0c1a [ 75.619040] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.620739] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.622069] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.637611] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.639379] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.645079] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.646623] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 75.648285] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.649500] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.651775] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.658015] Bluetooth: hci3: HCI_REQ-0x0c1a [ 75.661691] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 75.663383] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 75.664774] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 75.666290] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.668265] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.678323] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.680295] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 75.681557] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 75.691554] Bluetooth: hci6: HCI_REQ-0x0c1a [ 75.696020] Bluetooth: hci5: HCI_REQ-0x0c1a [ 75.700088] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.586358] Bluetooth: hci0: command 0x0409 tx timeout [ 77.649933] Bluetooth: hci4: command 0x0409 tx timeout [ 77.650007] Bluetooth: hci1: command 0x0409 tx timeout [ 77.650350] Bluetooth: hci2: command 0x0409 tx timeout [ 77.713936] Bluetooth: hci7: command 0x0409 tx timeout [ 77.713975] Bluetooth: hci3: command 0x0409 tx timeout [ 77.714736] Bluetooth: hci5: command 0x0409 tx timeout [ 77.779034] Bluetooth: hci6: command 0x0409 tx timeout [ 79.635263] Bluetooth: hci0: command 0x041b tx timeout [ 79.698949] Bluetooth: hci2: command 0x041b tx timeout [ 79.699435] Bluetooth: hci1: command 0x041b tx timeout [ 79.699844] Bluetooth: hci4: command 0x041b tx timeout [ 79.763124] Bluetooth: hci5: command 0x041b tx timeout [ 79.763580] Bluetooth: hci3: command 0x041b tx timeout [ 79.764034] Bluetooth: hci7: command 0x041b tx timeout [ 79.826957] Bluetooth: hci6: command 0x041b tx timeout [ 81.682977] Bluetooth: hci0: command 0x040f tx timeout [ 81.745996] Bluetooth: hci4: command 0x040f tx timeout [ 81.746479] Bluetooth: hci1: command 0x040f tx timeout [ 81.747809] Bluetooth: hci2: command 0x040f tx timeout [ 81.811002] Bluetooth: hci7: command 0x040f tx timeout [ 81.811466] Bluetooth: hci3: command 0x040f tx timeout [ 81.811957] Bluetooth: hci5: command 0x040f tx timeout [ 81.874971] Bluetooth: hci6: command 0x040f tx timeout [ 83.730934] Bluetooth: hci0: command 0x0419 tx timeout [ 83.794994] Bluetooth: hci2: command 0x0419 tx timeout [ 83.795443] Bluetooth: hci1: command 0x0419 tx timeout [ 83.795856] Bluetooth: hci4: command 0x0419 tx timeout [ 83.858994] Bluetooth: hci5: command 0x0419 tx timeout [ 83.859450] Bluetooth: hci3: command 0x0419 tx timeout [ 83.859865] Bluetooth: hci7: command 0x0419 tx timeout [ 83.922962] Bluetooth: hci6: command 0x0419 tx timeout [ 129.716312] audit: type=1400 audit(1663386658.641:7): avc: denied { open } for pid=3747 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 03:50:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYRES32]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x94001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0x3, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffff1) [ 129.857565] loop5: detected capacity change from 0 to 40 [ 129.910612] audit: type=1400 audit(1663386658.835:8): avc: denied { kernel } for pid=3758 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.950817] syz-executor.5: attempt to access beyond end of device [ 129.950817] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 129.952040] Buffer I/O error on dev loop5, logical block 10, lost async page write 03:50:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYRES32]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x94001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0x3, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffff1) [ 130.124939] loop5: detected capacity change from 0 to 40 [ 130.169851] syz-executor.5: attempt to access beyond end of device [ 130.169851] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 130.170829] Buffer I/O error on dev loop5, logical block 10, lost async page write 03:50:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYRES32]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x94001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0x3, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffff1) [ 130.313739] loop5: detected capacity change from 0 to 40 [ 130.383319] syz-executor.5: attempt to access beyond end of device [ 130.383319] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 130.384267] Buffer I/O error on dev loop5, logical block 10, lost async page write 03:50:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYRES32]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x94001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0x3, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffff1) [ 130.513918] loop5: detected capacity change from 0 to 40 [ 130.552542] ------------[ cut here ]------------ [ 130.552584] [ 130.552590] ====================================================== [ 130.552596] WARNING: possible circular locking dependency detected [ 130.552604] 6.0.0-rc5-next-20220916 #1 Not tainted [ 130.552616] ------------------------------------------------------ [ 130.552622] syz-executor.5/3796 is trying to acquire lock: [ 130.552635] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 130.552700] [ 130.552700] but task is already holding lock: [ 130.552705] ffff888041123c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.552757] [ 130.552757] which lock already depends on the new lock. [ 130.552757] [ 130.552762] [ 130.552762] the existing dependency chain (in reverse order) is: [ 130.552768] [ 130.552768] -> #3 (&ctx->lock){....}-{2:2}: [ 130.552795] _raw_spin_lock+0x2a/0x40 [ 130.552827] __perf_event_task_sched_out+0x53b/0x18d0 [ 130.552851] __schedule+0xedd/0x2470 [ 130.552876] schedule+0xda/0x1b0 [ 130.552895] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.552933] syscall_exit_to_user_mode+0x19/0x40 [ 130.552967] do_syscall_64+0x48/0x90 [ 130.552993] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.553027] [ 130.553027] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 130.553055] _raw_spin_lock_nested+0x30/0x40 [ 130.553084] raw_spin_rq_lock_nested+0x1e/0x30 [ 130.553108] task_fork_fair+0x63/0x4d0 [ 130.553140] sched_cgroup_fork+0x3d0/0x540 [ 130.553167] copy_process+0x4183/0x6e20 [ 130.553186] kernel_clone+0xe7/0x890 [ 130.553205] user_mode_thread+0xad/0xf0 [ 130.553224] rest_init+0x24/0x250 [ 130.553256] arch_call_rest_init+0xf/0x14 [ 130.553278] start_kernel+0x4c1/0x4e6 [ 130.553299] secondary_startup_64_no_verify+0xe0/0xeb [ 130.553327] [ 130.553327] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 130.553354] _raw_spin_lock_irqsave+0x39/0x60 [ 130.553384] try_to_wake_up+0xab/0x1920 [ 130.553410] up+0x75/0xb0 [ 130.553432] __up_console_sem+0x6e/0x80 [ 130.553461] console_unlock+0x46a/0x590 [ 130.553491] do_con_write+0xc05/0x1d50 [ 130.553513] con_write+0x21/0x40 [ 130.553532] n_tty_write+0x4d4/0xfe0 [ 130.553556] file_tty_write.constprop.0+0x49c/0x8f0 [ 130.553580] vfs_write+0x9c3/0xd90 [ 130.553613] ksys_write+0x127/0x250 [ 130.553646] do_syscall_64+0x3b/0x90 [ 130.553672] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.553706] [ 130.553706] -> #0 ((console_sem).lock){....}-{2:2}: [ 130.553733] __lock_acquire+0x2a02/0x5e70 [ 130.553764] lock_acquire+0x1a2/0x530 [ 130.553795] _raw_spin_lock_irqsave+0x39/0x60 [ 130.553824] down_trylock+0xe/0x70 [ 130.553848] __down_trylock_console_sem+0x3b/0xd0 [ 130.553879] vprintk_emit+0x16b/0x560 [ 130.553911] vprintk+0x84/0xa0 [ 130.553942] _printk+0xba/0xf1 [ 130.553974] report_bug.cold+0x72/0xab [ 130.553999] handle_bug+0x3c/0x70 [ 130.554024] exc_invalid_op+0x14/0x50 [ 130.554051] asm_exc_invalid_op+0x16/0x20 [ 130.554083] group_sched_out.part.0+0x2c7/0x460 [ 130.554104] ctx_sched_out+0x8f1/0xc10 [ 130.554122] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.554146] __schedule+0xedd/0x2470 [ 130.554166] schedule+0xda/0x1b0 [ 130.554185] futex_wait_queue+0xf5/0x1e0 [ 130.554206] futex_wait+0x28e/0x690 [ 130.554225] do_futex+0x2ff/0x380 [ 130.554243] __x64_sys_futex+0x1c6/0x4d0 [ 130.554262] do_syscall_64+0x3b/0x90 [ 130.554288] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.554322] [ 130.554322] other info that might help us debug this: [ 130.554322] [ 130.554327] Chain exists of: [ 130.554327] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 130.554327] [ 130.554356] Possible unsafe locking scenario: [ 130.554356] [ 130.554360] CPU0 CPU1 [ 130.554365] ---- ---- [ 130.554369] lock(&ctx->lock); [ 130.554380] lock(&rq->__lock); [ 130.554392] lock(&ctx->lock); [ 130.554404] lock((console_sem).lock); [ 130.554416] [ 130.554416] *** DEADLOCK *** [ 130.554416] [ 130.554419] 2 locks held by syz-executor.5/3796: [ 130.554433] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 130.554484] #1: ffff888041123c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.554538] [ 130.554538] stack backtrace: [ 130.554543] CPU: 0 PID: 3796 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220916 #1 [ 130.554568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.554582] Call Trace: [ 130.554588] [ 130.554596] dump_stack_lvl+0x8b/0xb3 [ 130.554625] check_noncircular+0x263/0x2e0 [ 130.554657] ? format_decode+0x26c/0xb50 [ 130.554686] ? print_circular_bug+0x450/0x450 [ 130.554719] ? enable_ptr_key_workfn+0x20/0x20 [ 130.554749] ? format_decode+0x26c/0xb50 [ 130.554780] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 130.554815] __lock_acquire+0x2a02/0x5e70 [ 130.554857] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 130.554901] lock_acquire+0x1a2/0x530 [ 130.554934] ? down_trylock+0xe/0x70 [ 130.554962] ? rcu_read_unlock+0x40/0x40 [ 130.554999] ? lock_is_held_type+0xd7/0x130 [ 130.555036] ? vprintk+0x84/0xa0 [ 130.555071] _raw_spin_lock_irqsave+0x39/0x60 [ 130.555102] ? down_trylock+0xe/0x70 [ 130.555128] down_trylock+0xe/0x70 [ 130.555154] ? vprintk+0x84/0xa0 [ 130.555187] __down_trylock_console_sem+0x3b/0xd0 [ 130.555221] vprintk_emit+0x16b/0x560 [ 130.555258] vprintk+0x84/0xa0 [ 130.555292] _printk+0xba/0xf1 [ 130.555329] ? record_print_text.cold+0x16/0x16 [ 130.555378] ? report_bug.cold+0x66/0xab [ 130.555407] ? group_sched_out.part.0+0x2c7/0x460 [ 130.555429] report_bug.cold+0x72/0xab [ 130.555460] handle_bug+0x3c/0x70 [ 130.555487] exc_invalid_op+0x14/0x50 [ 130.555516] asm_exc_invalid_op+0x16/0x20 [ 130.555551] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.555577] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.555599] RSP: 0018:ffff888041dd78f8 EFLAGS: 00010006 [ 130.555617] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.555632] RDX: ffff888018a2d040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 130.555647] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 130.555661] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff888041123c00 [ 130.555676] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 130.555698] ? group_sched_out.part.0+0x2c7/0x460 [ 130.555724] ? group_sched_out.part.0+0x2c7/0x460 [ 130.555750] ctx_sched_out+0x8f1/0xc10 [ 130.555775] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.555805] ? lock_is_held_type+0xd7/0x130 [ 130.555841] ? __perf_cgroup_move+0x160/0x160 [ 130.555865] ? set_next_entity+0x304/0x550 [ 130.555903] ? lock_is_held_type+0xd7/0x130 [ 130.555940] __schedule+0xedd/0x2470 [ 130.555967] ? io_schedule_timeout+0x150/0x150 [ 130.555991] ? futex_wait_setup+0x166/0x230 [ 130.556019] schedule+0xda/0x1b0 [ 130.556042] futex_wait_queue+0xf5/0x1e0 [ 130.556065] futex_wait+0x28e/0x690 [ 130.556090] ? futex_wait_setup+0x230/0x230 [ 130.556116] ? wake_up_q+0x8b/0xf0 [ 130.556141] ? do_raw_spin_unlock+0x4f/0x220 [ 130.556179] ? futex_wake+0x158/0x490 [ 130.556211] ? fd_install+0x1f9/0x640 [ 130.556242] do_futex+0x2ff/0x380 [ 130.556264] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 130.556295] __x64_sys_futex+0x1c6/0x4d0 [ 130.556320] ? __x64_sys_futex_time32+0x480/0x480 [ 130.556345] ? syscall_enter_from_user_mode+0x1d/0x50 [ 130.556381] ? syscall_enter_from_user_mode+0x1d/0x50 [ 130.556445] do_syscall_64+0x3b/0x90 [ 130.556474] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.556509] RIP: 0033:0x7faef422db19 [ 130.556525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.556547] RSP: 002b:00007faef17a3218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.556568] RAX: ffffffffffffffda RBX: 00007faef4340f68 RCX: 00007faef422db19 [ 130.556584] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faef4340f68 [ 130.556598] RBP: 00007faef4340f60 R08: 0000000000000000 R09: 0000000000000000 [ 130.556613] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faef4340f6c [ 130.556627] R13: 00007ffd892f713f R14: 00007faef17a3300 R15: 0000000000022000 [ 130.556652] [ 130.610112] syz-executor.5: attempt to access beyond end of device [ 130.610112] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 130.610434] WARNING: CPU: 0 PID: 3796 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 130.610727] Buffer I/O error on dev loop5, logical block 10, lost async page write [ 130.611535] Modules linked in: [ 130.611549] CPU: 0 PID: 3796 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220916 #1 [ 130.678018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.679651] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.680475] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.683121] RSP: 0018:ffff888041dd78f8 EFLAGS: 00010006 [ 130.683904] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.684959] RDX: ffff888018a2d040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 130.686005] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 130.687041] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff888041123c00 [ 130.688086] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 130.689133] FS: 00007faef17a3700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 130.690280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.691116] CR2: 00007ffa14cf16f4 CR3: 000000000d58c000 CR4: 0000000000350ef0 [ 130.692129] Call Trace: [ 130.692523] [ 130.692864] ctx_sched_out+0x8f1/0xc10 [ 130.693448] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.694210] ? lock_is_held_type+0xd7/0x130 [ 130.694849] ? __perf_cgroup_move+0x160/0x160 [ 130.695502] ? set_next_entity+0x304/0x550 [ 130.696135] ? lock_is_held_type+0xd7/0x130 [ 130.696788] __schedule+0xedd/0x2470 [ 130.697338] ? io_schedule_timeout+0x150/0x150 [ 130.698002] ? futex_wait_setup+0x166/0x230 [ 130.698639] schedule+0xda/0x1b0 [ 130.699135] futex_wait_queue+0xf5/0x1e0 [ 130.699715] futex_wait+0x28e/0x690 [ 130.700248] ? futex_wait_setup+0x230/0x230 [ 130.700894] ? wake_up_q+0x8b/0xf0 [ 130.701417] ? do_raw_spin_unlock+0x4f/0x220 [ 130.702073] ? futex_wake+0x158/0x490 [ 130.702623] ? fd_install+0x1f9/0x640 [ 130.703166] do_futex+0x2ff/0x380 [ 130.703698] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 130.704576] __x64_sys_futex+0x1c6/0x4d0 [ 130.705187] ? __x64_sys_futex_time32+0x480/0x480 [ 130.705912] ? syscall_enter_from_user_mode+0x1d/0x50 [ 130.706697] ? syscall_enter_from_user_mode+0x1d/0x50 [ 130.707490] do_syscall_64+0x3b/0x90 [ 130.708050] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.708837] RIP: 0033:0x7faef422db19 [ 130.709386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.712039] RSP: 002b:00007faef17a3218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.713131] RAX: ffffffffffffffda RBX: 00007faef4340f68 RCX: 00007faef422db19 [ 130.714178] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faef4340f68 [ 130.715226] RBP: 00007faef4340f60 R08: 0000000000000000 R09: 0000000000000000 [ 130.716271] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faef4340f6c [ 130.717330] R13: 00007ffd892f713f R14: 00007faef17a3300 R15: 0000000000022000 [ 130.718393] [ 130.718747] irq event stamp: 1978 [ 130.719255] hardirqs last enabled at (1977): [] syscall_enter_from_user_mode+0x1d/0x50 [ 130.720659] hardirqs last disabled at (1978): [] __schedule+0x1225/0x2470 [ 130.721869] softirqs last enabled at (1572): [] __irq_exit_rcu+0x11b/0x180 [ 130.723133] softirqs last disabled at (1563): [] __irq_exit_rcu+0x11b/0x180 [ 130.724393] ---[ end trace 0000000000000000 ]--- 03:51:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYRES32]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x94001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0x3, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xfffffff1) [ 131.299992] loop5: detected capacity change from 0 to 40 [ 131.451860] syz-executor.5: attempt to access beyond end of device [ 131.451860] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 131.452779] Buffer I/O error on dev loop5, logical block 10, lost async page write 03:51:00 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getdents(r0, &(0x7f0000000280)=""/76, 0x4c) mkdirat(r0, &(0x7f0000000080)='./file0\x00', 0xf9) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/249, 0xf9}], 0x1) 03:51:00 executing program 5: lsetxattr$trusted_overlay_opaque(&(0x7f0000000080)='./mnt\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0) getxattr(&(0x7f0000000000)='./mnt\x00', &(0x7f0000000140)=@known='trusted.overlay.opaque\x00', &(0x7f0000000180)=""/180, 0xb4) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getdents(r0, &(0x7f0000000280)=""/76, 0x4c) recvmsg$unix(r0, &(0x7f0000001940)={&(0x7f0000000240), 0x6e, &(0x7f0000001800)=[{&(0x7f00000002c0)=""/231, 0xe7}, {&(0x7f00000003c0)=""/185, 0xb9}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000001480)=""/219, 0xdb}, {&(0x7f0000000040)=""/55, 0x37}, {&(0x7f0000001580)=""/130, 0x82}, {&(0x7f0000001640)=""/116, 0x74}, {&(0x7f00000016c0)=""/195, 0xc3}, {&(0x7f00000017c0)=""/46, 0x2e}], 0x9, &(0x7f00000018c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x80}, 0x10000) 03:51:00 executing program 5: syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x161941, 0x0) openat2(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x11}, 0x18) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) epoll_create(0x4) ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000000300)={0x81, 0xc3, 0x2, 0x2, 0x4, 0x9}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x10000000000000, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x6}, 0x68111, 0x10000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000180)='./file1\x00', 0x3) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getdents(r1, &(0x7f0000000280)=""/76, 0x4c) r2 = eventfd2(0xffffff33, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0xe0002000}) [ 131.896490] audit: type=1400 audit(1663386660.821:9): avc: denied { block_suspend } for pid=3889 comm="syz-executor.5" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 VM DIAGNOSIS: 03:50:59 Registers: info registers vcpu 0 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b3251 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff888041dd7348 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000074 R11=0000000000000001 R12=0000000000000074 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b3240 RIP=ffffffff822b32a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007faef17a3700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffa14cf16f4 CR3=000000000d58c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=ffff88804072d040 RBX=ffffffff8135b390 RCX=0000000000000000 RDX=ffff88804072d040 RSI=ffff888041ec7690 RDI=ffffffff8135b390 RBP=ffff888041ec7660 RSP=ffff888041ec75c8 R8 =0000000000000000 R9 =ffffed1008142940 R10=0000000000000000 R11=0000000000000001 R12=ffff888041ec7690 R13=0000000000000000 R14=ffff88804072d040 R15=0000000000000dc0 RIP=ffffffff810ad76a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2a0e684610 CR3=00000000417ca000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000