Warning: Permanently added '[localhost]:9141' (ECDSA) to the list of known hosts. 2022/09/17 10:28:55 fuzzer started 2022/09/17 10:28:55 dialing manager at localhost:36051 syzkaller login: [ 35.353618] cgroup: Unknown subsys name 'net' [ 35.445871] cgroup: Unknown subsys name 'rlimit' 2022/09/17 10:29:08 syscalls: 2215 2022/09/17 10:29:08 code coverage: enabled 2022/09/17 10:29:08 comparison tracing: enabled 2022/09/17 10:29:08 extra coverage: enabled 2022/09/17 10:29:08 setuid sandbox: enabled 2022/09/17 10:29:08 namespace sandbox: enabled 2022/09/17 10:29:08 Android sandbox: enabled 2022/09/17 10:29:08 fault injection: enabled 2022/09/17 10:29:08 leak checking: enabled 2022/09/17 10:29:08 net packet injection: enabled 2022/09/17 10:29:08 net device setup: enabled 2022/09/17 10:29:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/17 10:29:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/17 10:29:08 USB emulation: enabled 2022/09/17 10:29:08 hci packet injection: enabled 2022/09/17 10:29:08 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220916) 2022/09/17 10:29:08 802.15.4 emulation: enabled 2022/09/17 10:29:08 fetching corpus: 50, signal 28908/30684 (executing program) 2022/09/17 10:29:08 fetching corpus: 100, signal 37643/41097 (executing program) 2022/09/17 10:29:08 fetching corpus: 150, signal 55490/60245 (executing program) 2022/09/17 10:29:08 fetching corpus: 200, signal 64627/70677 (executing program) 2022/09/17 10:29:08 fetching corpus: 250, signal 70245/77571 (executing program) 2022/09/17 10:29:08 fetching corpus: 300, signal 74285/82895 (executing program) 2022/09/17 10:29:08 fetching corpus: 350, signal 77555/87400 (executing program) 2022/09/17 10:29:09 fetching corpus: 400, signal 79987/91130 (executing program) 2022/09/17 10:29:09 fetching corpus: 450, signal 84165/96402 (executing program) 2022/09/17 10:29:09 fetching corpus: 500, signal 88221/101484 (executing program) 2022/09/17 10:29:09 fetching corpus: 550, signal 93195/107330 (executing program) 2022/09/17 10:29:09 fetching corpus: 600, signal 96105/111254 (executing program) 2022/09/17 10:29:09 fetching corpus: 650, signal 98733/114881 (executing program) 2022/09/17 10:29:09 fetching corpus: 700, signal 102713/119720 (executing program) 2022/09/17 10:29:10 fetching corpus: 750, signal 107048/124847 (executing program) 2022/09/17 10:29:10 fetching corpus: 800, signal 110422/129023 (executing program) 2022/09/17 10:29:10 fetching corpus: 850, signal 111611/131232 (executing program) 2022/09/17 10:29:10 fetching corpus: 900, signal 115169/135546 (executing program) 2022/09/17 10:29:10 fetching corpus: 950, signal 117400/138582 (executing program) 2022/09/17 10:29:10 fetching corpus: 1000, signal 120707/142520 (executing program) 2022/09/17 10:29:10 fetching corpus: 1050, signal 122712/145331 (executing program) 2022/09/17 10:29:11 fetching corpus: 1100, signal 124525/147947 (executing program) 2022/09/17 10:29:11 fetching corpus: 1150, signal 126418/150622 (executing program) 2022/09/17 10:29:11 fetching corpus: 1200, signal 128693/153593 (executing program) 2022/09/17 10:29:11 fetching corpus: 1250, signal 130442/156075 (executing program) 2022/09/17 10:29:11 fetching corpus: 1300, signal 132374/158691 (executing program) 2022/09/17 10:29:11 fetching corpus: 1350, signal 133899/160891 (executing program) 2022/09/17 10:29:11 fetching corpus: 1400, signal 134820/162598 (executing program) 2022/09/17 10:29:11 fetching corpus: 1450, signal 138169/166180 (executing program) 2022/09/17 10:29:11 fetching corpus: 1500, signal 139856/168490 (executing program) 2022/09/17 10:29:12 fetching corpus: 1550, signal 141467/170697 (executing program) 2022/09/17 10:29:12 fetching corpus: 1600, signal 143909/173519 (executing program) 2022/09/17 10:29:12 fetching corpus: 1650, signal 148002/177498 (executing program) 2022/09/17 10:29:12 fetching corpus: 1700, signal 149730/179673 (executing program) 2022/09/17 10:29:12 fetching corpus: 1750, signal 150831/181361 (executing program) 2022/09/17 10:29:12 fetching corpus: 1800, signal 152535/183461 (executing program) 2022/09/17 10:29:13 fetching corpus: 1850, signal 154728/186010 (executing program) 2022/09/17 10:29:13 fetching corpus: 1900, signal 156346/187981 (executing program) 2022/09/17 10:29:13 fetching corpus: 1950, signal 157435/189554 (executing program) 2022/09/17 10:29:13 fetching corpus: 2000, signal 158718/191282 (executing program) 2022/09/17 10:29:13 fetching corpus: 2050, signal 160290/193232 (executing program) 2022/09/17 10:29:13 fetching corpus: 2100, signal 161438/194816 (executing program) 2022/09/17 10:29:13 fetching corpus: 2150, signal 163522/197020 (executing program) 2022/09/17 10:29:13 fetching corpus: 2200, signal 164963/198779 (executing program) 2022/09/17 10:29:14 fetching corpus: 2250, signal 166641/200658 (executing program) 2022/09/17 10:29:14 fetching corpus: 2300, signal 167947/202303 (executing program) 2022/09/17 10:29:14 fetching corpus: 2350, signal 169430/204010 (executing program) 2022/09/17 10:29:14 fetching corpus: 2400, signal 170801/205584 (executing program) 2022/09/17 10:29:14 fetching corpus: 2450, signal 172132/207114 (executing program) 2022/09/17 10:29:14 fetching corpus: 2500, signal 173350/208599 (executing program) 2022/09/17 10:29:14 fetching corpus: 2550, signal 174817/210230 (executing program) 2022/09/17 10:29:15 fetching corpus: 2600, signal 176223/211802 (executing program) 2022/09/17 10:29:15 fetching corpus: 2650, signal 177279/213073 (executing program) 2022/09/17 10:29:15 fetching corpus: 2700, signal 177972/214196 (executing program) 2022/09/17 10:29:15 fetching corpus: 2750, signal 179273/215627 (executing program) 2022/09/17 10:29:15 fetching corpus: 2800, signal 180021/216669 (executing program) 2022/09/17 10:29:15 fetching corpus: 2850, signal 181048/217940 (executing program) 2022/09/17 10:29:15 fetching corpus: 2900, signal 182232/219331 (executing program) 2022/09/17 10:29:16 fetching corpus: 2950, signal 183417/220611 (executing program) 2022/09/17 10:29:16 fetching corpus: 3000, signal 184285/221673 (executing program) 2022/09/17 10:29:16 fetching corpus: 3050, signal 185253/222830 (executing program) 2022/09/17 10:29:16 fetching corpus: 3100, signal 186133/223921 (executing program) 2022/09/17 10:29:16 fetching corpus: 3150, signal 186822/224855 (executing program) 2022/09/17 10:29:16 fetching corpus: 3200, signal 187482/225813 (executing program) 2022/09/17 10:29:16 fetching corpus: 3250, signal 188691/227097 (executing program) 2022/09/17 10:29:16 fetching corpus: 3300, signal 190051/228380 (executing program) 2022/09/17 10:29:17 fetching corpus: 3350, signal 190647/229248 (executing program) 2022/09/17 10:29:17 fetching corpus: 3400, signal 191920/230422 (executing program) 2022/09/17 10:29:17 fetching corpus: 3450, signal 193032/231523 (executing program) 2022/09/17 10:29:17 fetching corpus: 3500, signal 193964/232519 (executing program) 2022/09/17 10:29:17 fetching corpus: 3550, signal 195151/233675 (executing program) 2022/09/17 10:29:17 fetching corpus: 3600, signal 195907/234604 (executing program) 2022/09/17 10:29:17 fetching corpus: 3650, signal 196441/235367 (executing program) 2022/09/17 10:29:18 fetching corpus: 3700, signal 197081/236192 (executing program) 2022/09/17 10:29:18 fetching corpus: 3750, signal 197896/237106 (executing program) 2022/09/17 10:29:18 fetching corpus: 3800, signal 198551/237940 (executing program) 2022/09/17 10:29:18 fetching corpus: 3850, signal 199319/238774 (executing program) 2022/09/17 10:29:18 fetching corpus: 3900, signal 200031/239557 (executing program) 2022/09/17 10:29:18 fetching corpus: 3950, signal 200972/240421 (executing program) 2022/09/17 10:29:18 fetching corpus: 4000, signal 202359/241512 (executing program) 2022/09/17 10:29:19 fetching corpus: 4050, signal 203120/242325 (executing program) 2022/09/17 10:29:19 fetching corpus: 4100, signal 204030/243114 (executing program) 2022/09/17 10:29:19 fetching corpus: 4150, signal 205019/243953 (executing program) 2022/09/17 10:29:19 fetching corpus: 4200, signal 205733/244680 (executing program) 2022/09/17 10:29:19 fetching corpus: 4250, signal 206311/245345 (executing program) 2022/09/17 10:29:19 fetching corpus: 4300, signal 207450/246212 (executing program) 2022/09/17 10:29:19 fetching corpus: 4350, signal 207922/246797 (executing program) 2022/09/17 10:29:19 fetching corpus: 4400, signal 208585/247461 (executing program) 2022/09/17 10:29:20 fetching corpus: 4450, signal 209465/248204 (executing program) 2022/09/17 10:29:20 fetching corpus: 4500, signal 210100/248857 (executing program) 2022/09/17 10:29:20 fetching corpus: 4550, signal 210888/249573 (executing program) 2022/09/17 10:29:20 fetching corpus: 4600, signal 211638/250242 (executing program) 2022/09/17 10:29:20 fetching corpus: 4650, signal 212298/250861 (executing program) 2022/09/17 10:29:20 fetching corpus: 4700, signal 212959/251434 (executing program) 2022/09/17 10:29:20 fetching corpus: 4750, signal 213815/252105 (executing program) 2022/09/17 10:29:20 fetching corpus: 4800, signal 214480/252751 (executing program) 2022/09/17 10:29:20 fetching corpus: 4850, signal 215066/253302 (executing program) 2022/09/17 10:29:21 fetching corpus: 4900, signal 215758/253855 (executing program) 2022/09/17 10:29:21 fetching corpus: 4950, signal 217088/254577 (executing program) 2022/09/17 10:29:21 fetching corpus: 5000, signal 217646/255139 (executing program) 2022/09/17 10:29:21 fetching corpus: 5050, signal 218551/255749 (executing program) 2022/09/17 10:29:21 fetching corpus: 5100, signal 219246/256248 (executing program) 2022/09/17 10:29:21 fetching corpus: 5150, signal 219794/256766 (executing program) 2022/09/17 10:29:22 fetching corpus: 5200, signal 220715/257369 (executing program) 2022/09/17 10:29:22 fetching corpus: 5250, signal 221354/257837 (executing program) 2022/09/17 10:29:22 fetching corpus: 5300, signal 222062/258343 (executing program) 2022/09/17 10:29:22 fetching corpus: 5350, signal 222581/258777 (executing program) 2022/09/17 10:29:22 fetching corpus: 5400, signal 223650/259332 (executing program) 2022/09/17 10:29:22 fetching corpus: 5450, signal 224077/259725 (executing program) 2022/09/17 10:29:22 fetching corpus: 5500, signal 224700/260154 (executing program) 2022/09/17 10:29:22 fetching corpus: 5550, signal 225474/260618 (executing program) 2022/09/17 10:29:23 fetching corpus: 5600, signal 225883/261013 (executing program) 2022/09/17 10:29:23 fetching corpus: 5650, signal 226947/261476 (executing program) 2022/09/17 10:29:23 fetching corpus: 5700, signal 227671/261876 (executing program) 2022/09/17 10:29:23 fetching corpus: 5750, signal 228339/262462 (executing program) 2022/09/17 10:29:23 fetching corpus: 5800, signal 228892/262837 (executing program) 2022/09/17 10:29:23 fetching corpus: 5850, signal 229407/263191 (executing program) 2022/09/17 10:29:23 fetching corpus: 5900, signal 229806/263514 (executing program) 2022/09/17 10:29:23 fetching corpus: 5950, signal 230457/263838 (executing program) 2022/09/17 10:29:24 fetching corpus: 6000, signal 231235/264213 (executing program) 2022/09/17 10:29:24 fetching corpus: 6050, signal 231750/264521 (executing program) 2022/09/17 10:29:24 fetching corpus: 6100, signal 232173/264855 (executing program) 2022/09/17 10:29:24 fetching corpus: 6150, signal 233020/265174 (executing program) 2022/09/17 10:29:24 fetching corpus: 6200, signal 233510/265435 (executing program) 2022/09/17 10:29:24 fetching corpus: 6250, signal 233975/265705 (executing program) 2022/09/17 10:29:24 fetching corpus: 6300, signal 235098/266005 (executing program) 2022/09/17 10:29:24 fetching corpus: 6350, signal 235487/266257 (executing program) 2022/09/17 10:29:25 fetching corpus: 6400, signal 236173/266595 (executing program) 2022/09/17 10:29:25 fetching corpus: 6450, signal 236730/266881 (executing program) 2022/09/17 10:29:25 fetching corpus: 6500, signal 237089/267134 (executing program) 2022/09/17 10:29:25 fetching corpus: 6550, signal 237777/267316 (executing program) 2022/09/17 10:29:25 fetching corpus: 6600, signal 238386/267321 (executing program) 2022/09/17 10:29:25 fetching corpus: 6650, signal 238844/267335 (executing program) 2022/09/17 10:29:25 fetching corpus: 6700, signal 239290/267341 (executing program) 2022/09/17 10:29:25 fetching corpus: 6750, signal 240033/267343 (executing program) 2022/09/17 10:29:26 fetching corpus: 6800, signal 240440/267349 (executing program) 2022/09/17 10:29:26 fetching corpus: 6850, signal 240958/267349 (executing program) 2022/09/17 10:29:26 fetching corpus: 6900, signal 241675/267361 (executing program) 2022/09/17 10:29:26 fetching corpus: 6950, signal 242170/267376 (executing program) 2022/09/17 10:29:26 fetching corpus: 7000, signal 242578/267376 (executing program) 2022/09/17 10:29:26 fetching corpus: 7050, signal 243100/267382 (executing program) 2022/09/17 10:29:26 fetching corpus: 7092, signal 243914/267384 (executing program) 2022/09/17 10:29:26 fetching corpus: 7092, signal 243914/267384 (executing program) 2022/09/17 10:29:29 starting 8 fuzzer processes 10:29:29 executing program 2: mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x2, &(0x7f0000ffc000/0x3000)=nil) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x4, &(0x7f0000ffb000/0x4000)=nil) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ffa000/0x2000)=nil) madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x13) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil) madvise(&(0x7f0000ff0000/0xf000)=nil, 0xf000, 0x12) r0 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffc000/0x4000)=nil) r1 = syz_io_uring_setup(0x432c, &(0x7f0000000000)={0x0, 0xfd0f, 0x8, 0x2, 0x3a0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0) io_uring_setup(0x4a81, &(0x7f0000000100)={0x0, 0x6b2c, 0x1, 0x2, 0x217, 0x0, r1}) mremap(&(0x7f0000ff4000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ff1000/0x3000)=nil) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ff9000/0x2000)=nil) mincore(&(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f0000000180)=""/27) mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ff5000/0x2000)=nil) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x14) mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ff9000/0x3000)=nil) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x2000) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ff3000/0x1000)=nil) 10:29:29 executing program 3: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x84, r0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2f}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffffffe0}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x32}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x6}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2a}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x40010}, 0x4004040) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000001c0), 0x20400, 0x0) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xc0, r0, 0x106, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x70, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@remote}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x29}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private2}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xb8e}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4040000}, 0x4000) r2 = creat(&(0x7f0000000380)='./file0\x00', 0x25) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000400)={'tunl0\x00', 0x0, 0x20, 0x20, 0x2, 0xfff, {{0x8, 0x4, 0x3, 0x33, 0x20, 0x66, 0x0, 0x73, 0x2f, 0x0, @multicast2, @broadcast, {[@generic={0x83, 0xc, "6d0b2507946096accca7"}]}}}}}) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r2, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4028000) socketpair(0x15, 0x4, 0xf3, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000640)={'syztnl2\x00', &(0x7f00000005c0)={'syztnl2\x00', r3, 0x4, 0x3, 0x9, 0x7, 0x2, @private1, @loopback, 0x7800, 0x7, 0xa843, 0x3}}) sendmsg$ETHTOOL_MSG_PAUSE_SET(r5, &(0x7f0000000780)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000740)={&(0x7f0000000680)={0x88, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}]}, 0x88}, 0x1, 0x0, 0x0, 0xc040}, 0x50) sendmsg$TIPC_NL_KEY_FLUSH(r5, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x54, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'veth1_to_hsr\x00'}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x84) setsockopt$inet6_IPV6_PKTINFO(r4, 0x29, 0x32, &(0x7f0000000900)={@mcast2, r6}, 0x14) sendmsg$BATADV_CMD_GET_GATEWAYS(r4, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x44, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1000}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x15}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x44}}, 0x40d0) sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000b40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x40, r0, 0x20, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc1ca}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7f}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) r7 = syz_open_dev$vcsn(&(0x7f0000000b80), 0x2, 0x44040) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000c00)={'gre0\x00', &(0x7f0000000bc0)={'syztnl1\x00', r3, 0x20, 0x8, 0xffff, 0x2, {{0x6, 0x4, 0x0, 0x3b, 0x18, 0x68, 0x4, 0x81, 0x2f, 0x0, @broadcast, @multicast1, {[@noop]}}}}}) ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, &(0x7f0000000c40)) r9 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r5, 0x89f4, &(0x7f0000000d00)={'syztnl0\x00', &(0x7f0000000c80)={'ip6_vti0\x00', r8, 0x29, 0x1f, 0x1, 0x1, 0x40, @mcast2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x700, 0x1, 0x4, 0x5}}) setsockopt$inet6_IPV6_PKTINFO(r9, 0x29, 0x32, &(0x7f0000000d40)={@private0, r10}, 0x14) 10:29:29 executing program 1: fdatasync(0xffffffffffffffff) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f0000000000)) ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000040)) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x60001, 0x0) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000540)={&(0x7f0000000140)={0x3f0, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x130, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x548f}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x437719de}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8001}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x10000}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8001}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}]}, @TIPC_NLA_LINK={0xb8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xea}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3c3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}]}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5b}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffffd}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x101}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1000}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffff7}]}, @TIPC_NLA_LINK={0xb4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x24b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa59}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x3f0}, 0x1, 0x0, 0x0, 0x4004}, 0x100080d0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f00000005c0)={0x8001, 0x8001, 0x1000, 0x7a69, 0x10000}) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) accept(r0, &(0x7f0000000600)=@nfc, &(0x7f0000000680)=0x80) getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, &(0x7f00000006c0)={0x6, 0x7, 'syz1\x00'}, &(0x7f0000000700)=0x28) r1 = syz_io_uring_setup(0x7a52, &(0x7f0000000740)={0x0, 0x1586, 0x4, 0x1, 0x8e, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000007c0)=0x0, &(0x7f0000000800)=0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000840)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x6) ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000880)) syz_open_dev$sg(&(0x7f00000008c0), 0x3, 0x10000) ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000900)={0x5, {0x8, 0x6fa, 0x5, 0x8, 0x8}}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$F_SET_FILE_RW_HINT(r4, 0x40e, &(0x7f0000000940)) syz_io_uring_setup(0x3dc4, &(0x7f0000000980)={0x0, 0xa486, 0x10, 0x0, 0xf4, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000a00), &(0x7f0000000a40)=0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000ac0)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x4, &(0x7f0000000a80)={0x0, 0x3938700}, 0x1, 0x0, 0x0, {0x0, r6}}, 0x8) 10:29:29 executing program 4: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0, 0x7f, 0x4, 0xff}) sendmsg$NL80211_CMD_SET_POWER_SAVE(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, 0x0, 0x20, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x3c}}, 0x80) write$binfmt_script(r0, &(0x7f0000000180)={'#! ', './file0', [{0x20, '}+\xf9#}+-*\'[^*@'}, {0x20, '/(!'}, {0x20, '\''}, {0x20, '.'}, {}, {0x20, '-'}, {0x20, '.'}], 0xa, "732c498f920965cdebdbee357b8708e0b76cb63bc6f092f97ad926b4d39503d3810358b5a0299b9b50c53fda5047af0bf86dddbcd41033e31a18f347425c05a47b87b8591184b1c9c733b9d2f251d1ac075735bd15a402215c0e3255aa91529f84150251c4f74a88687027a4faacfc1e6fe31ae636f2208dd9f8ec661c1c025013b42cf0f3886612"}, 0xae) r3 = accept4(r2, 0x0, &(0x7f0000000240), 0x80800) sendmsg$IPVS_CMD_SET_CONFIG(r3, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x810}, 0xc, &(0x7f0000000400)={&(0x7f00000002c0)={0x108, 0x0, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffff35}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfffffffa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x8}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}]}, @IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'virt_wifi0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@local}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffff}, @IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x108}, 0x1, 0x0, 0x0, 0x4000008}, 0x80) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x30, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {{}, {}, {0x14, 0x19, {0x3, 0x9, 0x7fff, 0x5}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x20040040}, 0x20000040) sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bridge0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x5000}, 0x20000094) r4 = syz_open_dev$vcsn(&(0x7f00000006c0), 0x7ff, 0x482080) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), r2) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000840)={&(0x7f0000000780)={0x98, r5, 0x800, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xc000000000000000}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x66}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK={0x50, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x40}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1710}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x141}, 0x80) r6 = openat$cgroup_ro(r2, &(0x7f00000008c0)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(r6, &(0x7f00000009c0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x24, 0x0, 0x20, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xa9c, 0x24}}}}, [@NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x24}}, 0x0) r7 = open(&(0x7f0000000a00)='./file0\x00', 0x200002, 0xc) sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f0000000c80)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000a80)={0x1b4, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x100}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}, @NL80211_ATTR_FRAME_MATCH={0xd3, 0x5b, "059cf731f5812dd46600f5fe18d911a5db4ef0baae1312fa439fd4dd3c2150c933c90da42b96bd25f52c6fd401d951296d9f71d34444316ce2716e84097d66e990ec8ff998dc39bbd9f4c47d51667f5d920d51be60607a219d378503848a7eec5844c9bb5f3c81c842e0e4630d6c184bf2c207f2508db8a188e8ebe7a31456a88b86efeafc035d78aebdee0066b80392883540e7eaca2e9fef1a957cc4aa02ffb564d9a7fd7f51535e1b7580cc08e7b8815217313f674db40b616f64ee254853030d4323d32d4bac57a65f5a2a9cb8"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x7f}, @NL80211_ATTR_FRAME_MATCH={0xaa, 0x5b, "986843e95d33b095647f22a0d2ca69d6a65023bf2d75b24b85c615cd5134a93c62018d9cbf68d6b5ee2b66cc79cc1635e044108ebe34861a7502cfdc7fba8626ec88b5d9ada3587b38d3fcde882bfdfd55f045d075f265abb914aec7e5b0b1a9f4c24421a1189d06cea47ba46eeaf088aa1131297588978f130c6d7074d864c3ad2c646ce00199d9eb68e3a7dfb250b52be93838dedb01e889764ddd928b90ca3e47ba1fe7cc"}]}, 0x1b4}, 0x1, 0x0, 0x0, 0x40}, 0x40880) r8 = signalfd4(r7, &(0x7f0000000cc0)={[0xdb]}, 0x8, 0x80800) openat(r8, &(0x7f0000000d00)='./file0\x00', 0x101, 0x84) r9 = socket$inet_icmp(0x2, 0x2, 0x1) r10 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000e80), 0x8000, 0x0) io_submit(0x0, 0x6, &(0x7f0000001240)=[&(0x7f0000000d80)={0x0, 0x0, 0x0, 0x5, 0x7, r1, &(0x7f0000000d40)="849063fe831f8036256017919c84a076e0770d9d436e79e02b69668c8efb5e55db9110c3b6f1ad", 0x27, 0x5, 0x0, 0x1, r8}, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x1, 0x2, r9, &(0x7f0000000dc0)="f37861a26e5b6c0b6b9cad99ef18c5eeaa062f414e993d6b61fc271e88ea5e074d0141a80151630cb57687d3767076aa57580c3ab82c2b5629e82022d6bcfdacb0b53f29643324b2654d12a20692903772ebc110c852ed9ae74866b3ba1579a2b126d2be65", 0x65, 0x24000, 0x0, 0x2}, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x2, 0x3ff, r10, &(0x7f0000000ec0)="0af951726ab9796436ea882e0759aa64bf3d91bf2320cf44485aff0af7c32bf8d3df3509fc3d637f151cd624ecb1a211be1863edc538a970d8937141a6f3ae81d2b7bdf0f7af3c2f2df527f29b31a57d14e65ebb1a94975cf0e5b61a3027d9cd849603ef703f88468e97dbf588b6f08e6f1ab2b7cc702b17a2953fe57acd5e4a537df39037ca792449977238157ab025f809ff38c563c8690f403a3e7ce2a4afd7e7bc26aee5007d89360993feb3d173c666ef27cefe9f63e63f05f0ced1d480b1bff1d1", 0xc4, 0x5, 0x0, 0x2, r6}, &(0x7f00000010c0)={0x0, 0x0, 0x0, 0x8, 0x7f, r1, &(0x7f0000001000)="d68487817780d2ba136c2ac87d6bfa86c79ed98af7493728d24551703e04ed517d3f15f2a13043313c10d53d49813e2c92dc88a2b1b0de600ccb99306c6bdb266dc6991dcbc34c3a69a4205401eb7d5528ec152df0304e3dd5c3bce422811fd54240110e85f81556210fb058539e821c1596d2d152f3f43e8cbae15bdd3cf621357cc6d6a65ae71813744a079c23cb9b524d2f4cc0fd90ee7cfc3bf4f5bb7ba0", 0xa0, 0x2, 0x0, 0x3, r2}, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x2, 0x47be, r7, &(0x7f0000001100)="36deedf51ab67c9b03bd06eaa19a1b6e8dfe689da5dcc34f", 0x18, 0x5c9c3c49}, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x8, 0x3, r8, &(0x7f0000001180)="29778510a649c60824bb4a2c165e58fdf2ed2a29121fa7e2f5a9c1236ee8c0b046f4f6e8de126eb6a363b6539e8fe11c853267b51cfe219e90371c2574f99043b72a538f87", 0x45, 0x60, 0x0, 0x3}]) 10:29:29 executing program 0: prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x7fffd) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x2) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x4) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x4) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x2) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x4) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x4) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x7fffa) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x2) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x7fff8) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x2) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x7fff8) 10:29:29 executing program 6: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000000)={'macvtap0\x00', {0x2, 0x0, @local}}) syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000080)) r1 = dup3(r0, r0, 0x0) fsetxattr$security_ima(r1, &(0x7f00000000c0), &(0x7f0000000100)=@v1={0x2, '~~'}, 0x3, 0x0) r2 = openat(r1, &(0x7f0000000140)='./file0\x00', 0x40a00, 0x5b) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000180)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) shutdown(r2, 0x0) close_range(r2, r2, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000200)={[0x7]}, 0x8, 0x80800) ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000240)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000280), &(0x7f0000000300)=0x68) ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000380)={0x7, 0x10, [0x7f, 0x3, 0x7, 0x7ff], &(0x7f0000000340)=[0x0, 0x0]}) umount2(&(0x7f00000003c0)='./file0\x00', 0x2) r4 = syz_open_dev$vcsu(&(0x7f0000000400), 0x521a, 0x0) setsockopt$inet_udp_int(r4, 0x11, 0xa, &(0x7f0000000440)=0x4, 0x4) ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x80049367, &(0x7f0000000480)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000004c0)={0x101a}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r3, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x10) 10:29:29 executing program 7: r0 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x8040, 0x0, 0xd}, 0x18) name_to_handle_at(r0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@reiserfs_6={0x18, 0x6, {0x5, 0x8, 0xfffffff9, 0x7fffffff, 0x8001, 0x1}}, &(0x7f0000000100), 0x0) setxattr$incfs_id(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)={'0000000000000000000000000000000', 0x31}, 0x20, 0x1) inotify_add_watch(r0, &(0x7f0000000200)='./file0/file0\x00', 0x800) inotify_add_watch(r0, &(0x7f0000000240)='./file0/file0\x00', 0x48) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@private0, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private1}, 0x0, @in6=@remote}}, &(0x7f0000000400)=0xe8) lsetxattr$system_posix_acl(&(0x7f0000000280)='./file0/file0\x00', &(0x7f00000002c0)='system.posix_acl_default\x00', &(0x7f0000000440)={{}, {0x1, 0x6}, [{0x2, 0x0, 0xffffffffffffffff}, {0x2, 0x7, r1}, {0x2, 0x7}, {0x2, 0x0, 0xee00}], {0x4, 0x1}, [{0x8, 0x5, 0xee01}, {0x8, 0x5, 0xffffffffffffffff}], {0x10, 0x2}, {0x20, 0x3}}, 0x54, 0x3) r2 = inotify_add_watch(r0, &(0x7f00000004c0)='./file0\x00', 0x800) inotify_rm_watch(r0, r2) truncate(&(0x7f0000000500)='./file0\x00', 0x100) r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x42, 0x15d, 0x14}, 0x18) fspick(r3, &(0x7f00000005c0)='./file0/file0\x00', 0x1) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000600)={{0x1, 0x1, 0x18, r3, {0x7f}}, './file0\x00'}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r4, 0xc0406619, &(0x7f0000000640)={@desc={0x1, 0x0, @auto="2cad48c41b94cc95"}}) r5 = fsmount(r4, 0x1, 0x74) r6 = openat(r5, &(0x7f0000000680)='./file0/file0\x00', 0x0, 0x28) mkdir(&(0x7f00000006c0)='./file0\x00', 0x102) getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000cc0)={{{@in=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@loopback}}, &(0x7f0000000dc0)=0xe8) syz_mount_image$nfs(&(0x7f0000000700), &(0x7f0000000740)='./file0\x00', 0x7ff, 0x9, &(0x7f0000000bc0)=[{&(0x7f0000000780)="6986c08028948961353cf3c7cba2a04deab2d99e6c7c6561589f", 0x1a, 0x5}, {&(0x7f00000007c0), 0x0, 0x80000001}, {&(0x7f0000000800)="fc3bb9bf3c07c94b49e961bd2124dc6e3ce2201aa7260bdc6bc4142ce56b7e69cedd3e36bcafbe06f9678546f8927c1fb50789684f240b72b075f8c4f8d4680cb7858e88c2abbf1464e6a122434860b51a3d77", 0x53, 0xc72d}, {&(0x7f0000000880)="46f60809eadb91e808", 0x9, 0x7}, {&(0x7f00000008c0)="d7a5ca10c0b2beaf7418bab27dbe16e1e4e93b3fc9cbd98b8c5b8d5294693455c151322cd01e22361b0a4c", 0x2b, 0x8}, {&(0x7f0000000900)="6128e226823b2913b85753ecea7a04a24de46feadc3e975de8988c17be9ffdab9f8b40de75a14e1e8f19d099956d9e4abec374f3e0c6cb083bfcfdf8ac104ecc706f19f4b05752b1ca0a42f1dd7f4a6bd4c84f3b6cbe6e70a1ca534495f3f983a74f523a7a232921c6944f8a2b62dcd6f4d7a7771ea24273e50961ef", 0x7c, 0x100}, {&(0x7f0000000980)="d8775dd190f020d1ea379e1a8798cfbf29e5afa59b2ce8197b89fd645d03a03887318c525ef407f66b257944812ab3e250813c549b233788828bb04e67717182adf01725c78ef5b2ae6224e6950c9227a7a9014b5e3e933e6743cf3e7416fb570f0947270ca878da9a1eee16c93339156608a6a2881c9da0636b2a4149895122e69e24f8f1a1cfa1bb30b1eef427de782392c1b86b4c199bba035e5d004ae8831c4bc6449f3f961a2f6243d379f18dbe234eaac5697d05c24a994c9382de09bf76380ef9236540cb14fe0f8c5791a95443c4b3fd393c", 0xd6, 0x8}, {&(0x7f0000000a80)="83c283048bb85cf42b18ba12efaa91ed86f71dc208b76a3d0da9b64682d8643f58f507546a6652f6890b51f316b1a946f187193f5f37ddfa247a8106272a66e52a381daadcbf4e1117914a721a58a78c71f916bd80f1bf497ff888ccbe22b5fd4166bbab9bcb25b659", 0x69, 0xfffffffffffffffa}, {&(0x7f0000000b00)="18988e895bdb3af374603117300124cbc841e6ada268d0a43726ba86f9d6c7dc66206282babd1fd1a14c43a6d574a451f6e4d47a6c8d44ab5fe501188668b8eff0f25fbe25fc5ffe55d8e7b139bbd8cfb8c681a72e2c7e2fe644725fcd6f1eb30897f8350679c15e5577ff199d839c45ca184b7edbfc59d3b15b839ccc7964a101", 0x81, 0x4}], 0x2000020, &(0x7f0000000e00)={[{'0000000000000000000000000000000'}, {'user.incfs.id\x00'}, {'user.incfs.id\x00'}, {'0000000000000000000000000000000'}, {'@'}, {'\x00'}], [{@smackfstransmute={'smackfstransmute', 0x3d, '\x00'}}, {@context={'context', 0x3d, 'user_u'}}, {@euid_gt={'euid>', r7}}]}) syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0/file0\x00', 0x100000001, 0x3, &(0x7f00000010c0)=[{&(0x7f0000000f40)="411fec01f9cc71fcf3b62197f78b1a7d8aa156ac8444f5c1a7f9c7ec1d3fde47850fd4aa5a64a3b2f9", 0x29, 0x10001}, {&(0x7f0000000f80)="a5cb5bb715c9e5d46e57f10feb5bebcb5ac45e98d031b89af48bf22696523d94b9beb2afb7eb56d96814ee52efd419b227c70c72bceb579f5834476510cf08b07b33e271b167edd92a729de276e3ec8b54b0033a0c98cfc86af7607082f28d6b116e4e88429d4185190b18a1405c12223938ef95ee2f67b6d65a3121f2216418f77314c6aede15", 0x87, 0x1}, {&(0x7f0000001040)="76a0dcec78dc587f545f4df537773f0fe8586ac0e1bd8f133cee44d87d4ce1a6138f7e26191afb9108275f891fe816a6014e4099eeb1a124c37ae1f1aff4e156c8c891ba4a1aaf4ddeb26d8ee5a220ef627e5e1815e88c5e667778a59c82437771b5ba10bf73ee87af2df1e5ae25f7488493b98af1dd3c07f2", 0x79, 0x7c4}], 0x40412, &(0x7f0000001140)={[{@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_mixed}, {@utf8no}, {@rodir}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@fat=@allow_utime}, {@uni_xlateno}, {@shortname_winnt}], [{@measure}, {@appraise}, {@seclabel}, {@context={'context', 0x3d, 'user_u'}}]}) [ 68.893549] audit: type=1400 audit(1663410569.229:6): avc: denied { execmem } for pid=284 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 10:29:29 executing program 5: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7fff}}, './file0\x00'}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000000), r0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000100)={0x310, r1, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x58, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x800}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x818}]}, @TIPC_NLA_BEARER={0x180, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x5d, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3}}, {0x14, 0x2, @in={0x2, 0x4e24, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x11}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x400, @remote, 0x3ff}}, {0x14, 0x2, @in={0x2, 0x4e23, @empty}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x800, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6596}}, {0x14, 0x2, @in={0x2, 0x4e24, @empty}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0xffffff01, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x80}}, {0x14, 0x2, @in={0x2, 0x4e20, @rand_addr=0x64010102}}}}]}, @TIPC_NLA_NODE={0xac, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x87, 0x3, "d65e2bd0b2eb26a9090ac49ba799b30a7a5962c0c68f05df78fc8f6eb3b9e36063833eab8f0c69cbadc5ab0fbffc1a4f02d44e85960eef1f0c592fa9888e379652812cffdf926b0c06378233d7f8d0840878aa03498c429bf08cba13c37211c317116e109f99cb55422141d85c194ec75cc05568f00ba2c831ecd9c3733f0271dbca57"}, @TIPC_NLA_NODE_ID={0x18, 0x3, "0f1cae63b7652172e2a6b6eb00231aff8f8b3b04"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}]}]}, 0x310}, 0x1, 0x0, 0x0, 0x20004085}, 0x8800) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r0, {0x8, 0x8}}, './file0\x00'}) sendmsg$IPCTNL_MSG_CT_GET_STATS(r2, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x5, 0x1, 0x5, 0x0, 0x0, {0x5, 0x0, 0x8}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x8014) sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x60, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x38, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff8001}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2d18}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7fffffff}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) sendmsg$IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x74, 0x0, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x5}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x4}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xffff}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa1}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x5}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa2}]}, 0x74}}, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000008c0), r0) sendmsg$TIPC_NL_NET_GET(r2, &(0x7f0000000bc0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000b80)={&(0x7f0000000900)={0x270, r3, 0x100, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x64, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6803}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5a}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffe}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffb}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xb066}]}, @TIPC_NLA_MEDIA={0x74, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf47d9a55}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x800}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x40}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffa}]}, @TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x39d}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}]}, @TIPC_NLA_SOCK={0x50, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x61dc}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x450}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}]}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x800}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3b9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x14}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffffff01}]}, @TIPC_NLA_SOCK={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x822}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_REF={0x8}]}]}, 0x270}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) ftruncate(r0, 0x7) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000c40)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x1c, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000800) sendmsg$TIPC_NL_NET_GET(r2, &(0x7f0000001040)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001000)={&(0x7f0000000d80)={0x27c, r3, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x70, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x40}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffffff81}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x200}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x35033e6c}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xe440}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xb3b6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x84}]}, @TIPC_NLA_NODE={0x28, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x1e, 0x3, "d4cbe5f754ac51a1121636cb13f6bc1600c6acbb07efac3eac01"}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3523}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x101}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffff}]}, @TIPC_NLA_NODE={0x84, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "5fe19d352b908ebd3bfbe914f0ac36749f2686b4ae4575be46c58f"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_ID={0xe, 0x3, "5c98e62efaef55742389"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffffffff}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ID={0x10, 0x3, "d8307bedb8aff45d9b781472"}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8d1}]}, @TIPC_NLA_LINK={0xb4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x27c}, 0x1, 0x0, 0x0, 0x11}, 0x2004c000) sendmsg$NLBL_CALIPSO_C_ADD(r4, &(0x7f0000001140)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x34, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8875}, 0x10) sendmsg$DEVLINK_CMD_SB_POOL_GET(r2, &(0x7f0000001240)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001200)={&(0x7f00000011c0)={0x14, 0x0, 0x4, 0x70bd2c, 0x25dfdbfc}, 0x14}}, 0x40041) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000012c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_SET(r2, &(0x7f0000001380)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x20, r6, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_WOL_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20000054) [ 70.222114] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.224845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.227627] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.239301] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.250990] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.252395] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.258410] Bluetooth: hci0: HCI_REQ-0x0c1a [ 70.280734] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.283245] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.284587] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.296443] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.301922] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.303402] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.304595] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.308386] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.310134] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.311157] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.313150] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.316483] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.334119] Bluetooth: hci2: HCI_REQ-0x0c1a [ 70.336389] Bluetooth: hci1: HCI_REQ-0x0c1a [ 70.392627] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 70.408526] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 70.409944] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.411789] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.413180] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 70.418098] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 70.419669] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 70.425523] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.429821] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 70.431470] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 70.434231] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 70.436255] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.439581] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.441696] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.442990] Bluetooth: hci6: HCI_REQ-0x0c1a [ 70.470047] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.481614] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.484318] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 70.491927] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.504978] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 70.506520] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 70.508375] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.509959] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.511535] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 70.513335] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.518961] Bluetooth: hci5: HCI_REQ-0x0c1a [ 70.529617] Bluetooth: hci4: HCI_REQ-0x0c1a [ 70.540777] Bluetooth: hci3: HCI_REQ-0x0c1a [ 72.309427] Bluetooth: hci0: command 0x0409 tx timeout [ 72.372810] Bluetooth: hci1: command 0x0409 tx timeout [ 72.372850] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 72.373910] Bluetooth: hci2: command 0x0409 tx timeout [ 72.500803] Bluetooth: hci6: command 0x0409 tx timeout [ 72.564796] Bluetooth: hci3: command 0x0409 tx timeout [ 72.564800] Bluetooth: hci4: command 0x0409 tx timeout [ 72.564909] Bluetooth: hci5: command 0x0409 tx timeout [ 74.356875] Bluetooth: hci0: command 0x041b tx timeout [ 74.420765] Bluetooth: hci2: command 0x041b tx timeout [ 74.420779] Bluetooth: hci1: command 0x041b tx timeout [ 74.548810] Bluetooth: hci6: command 0x041b tx timeout [ 74.612768] Bluetooth: hci3: command 0x041b tx timeout [ 74.612802] Bluetooth: hci5: command 0x041b tx timeout [ 74.613222] Bluetooth: hci4: command 0x041b tx timeout [ 75.801093] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.804335] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.810691] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.833016] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 75.839007] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 75.843725] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 75.855808] Bluetooth: hci7: HCI_REQ-0x0c1a [ 76.404946] Bluetooth: hci0: command 0x040f tx timeout [ 76.468807] Bluetooth: hci1: command 0x040f tx timeout [ 76.469378] Bluetooth: hci2: command 0x040f tx timeout [ 76.597803] Bluetooth: hci6: command 0x040f tx timeout [ 76.660764] Bluetooth: hci3: command 0x040f tx timeout [ 76.660789] Bluetooth: hci5: command 0x040f tx timeout [ 76.662559] Bluetooth: hci4: command 0x040f tx timeout [ 77.876854] Bluetooth: hci7: command 0x0409 tx timeout [ 78.452802] Bluetooth: hci0: command 0x0419 tx timeout [ 78.516770] Bluetooth: hci2: command 0x0419 tx timeout [ 78.517211] Bluetooth: hci1: command 0x0419 tx timeout [ 78.644806] Bluetooth: hci6: command 0x0419 tx timeout [ 78.708910] Bluetooth: hci4: command 0x0419 tx timeout [ 78.709430] Bluetooth: hci5: command 0x0419 tx timeout [ 78.710914] Bluetooth: hci3: command 0x0419 tx timeout [ 79.924743] Bluetooth: hci7: command 0x041b tx timeout [ 81.972749] Bluetooth: hci7: command 0x040f tx timeout [ 84.020766] Bluetooth: hci7: command 0x0419 tx timeout 10:30:24 executing program 3: r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0x6}, @ETHTOOL_A_COALESCE_RX_USECS={0x8}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ={0x8, 0x9, 0xf247}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8, 0x12, 0x7f}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5}, @ETHTOOL_A_COALESCE_TX_USECS={0x8, 0x6, 0x5}, @ETHTOOL_A_COALESCE_HEADER={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4004040}, 0x0) ioperm(0x0, 0x31, 0x2) syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_mr_vif\x00') 10:30:24 executing program 3: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_io_uring_setup(0x7969, 0x0, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, &(0x7f0000000240)) llistxattr(0x0, &(0x7f0000000180)=""/33, 0x21) mount_setattr(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x1000, &(0x7f0000000440)={0x2, 0x0, 0xd0000, {r0}}, 0x20) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xff, 0x5, 0x7, 0x7, 0x0, 0x7, 0x23900, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000480), 0x8}, 0x132e1, 0x8, 0x7, 0x5, 0x9, 0x1f, 0x466, 0x0, 0x20, 0x0, 0x8000}, 0x0, 0x7, r0, 0x9) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x48, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c76657273696f6e3d3970323030302e4c6e3db870323030302cf7876e666f776e65723d00000000000000", @ANYRESDEC=r2, @ANYBLOB=',smackfshat=@:}}:^-{,subj_user=,!,defcontext=staff_u,\x00']) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x9}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0}, &(0x7f0000000640)=0x14) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000000a40)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="1300001b9b526a8484a398", @ANYRES16=0x0, @ANYBLOB="000429bd7000fcdbdf250000000008000100", @ANYRES16=r1, @ANYRES16=r3, @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYBLOB="44000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000110004006163746976656261636b7570000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400d692000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000900000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040001000000080007000000000008000100", @ANYRES32, @ANYBLOB="780002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYBLOB="08000100", @ANYRESHEX, @ANYBLOB="4800028044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001400040005001f0709000000070003810100000008000100", @ANYRES32=r4, @ANYBLOB="400002803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d0000"], 0x358}}, 0xc000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$vfat(0x0, &(0x7f0000000580)='./file0\x00', 0xae7, 0xfffffffffffffef5, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x531081, 0x0) r6 = inotify_init1(0x0) dup2(r6, r5) [ 124.004993] audit: type=1400 audit(1663410624.340:7): avc: denied { open } for pid=3765 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.012113] audit: type=1400 audit(1663410624.347:8): avc: denied { kernel } for pid=3765 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.038720] hrtimer: interrupt took 26680 ns [ 124.044932] ------------[ cut here ]------------ [ 124.044958] [ 124.044962] ====================================================== [ 124.044966] WARNING: possible circular locking dependency detected [ 124.044972] 6.0.0-rc5-next-20220916 #1 Not tainted [ 124.044981] ------------------------------------------------------ [ 124.044986] syz-executor.3/3766 is trying to acquire lock: [ 124.044994] ffffffff853fa878 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0xe/0x70 [ 124.045045] [ 124.045045] but task is already holding lock: [ 124.045048] ffff88800e7a4c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.045088] [ 124.045088] which lock already depends on the new lock. [ 124.045088] [ 124.045092] [ 124.045092] the existing dependency chain (in reverse order) is: [ 124.045097] [ 124.045097] -> #3 (&ctx->lock){....}-{2:2}: [ 124.045117] _raw_spin_lock+0x2a/0x40 [ 124.045142] __perf_event_task_sched_out+0x53b/0x18d0 [ 124.045160] __schedule+0xedd/0x2470 [ 124.045175] schedule+0xda/0x1b0 [ 124.045190] futex_wait_queue+0xf5/0x1e0 [ 124.045206] futex_wait+0x28e/0x690 [ 124.045220] do_futex+0x2ff/0x380 [ 124.045233] __x64_sys_futex+0x1c6/0x4d0 [ 124.045248] do_syscall_64+0x3b/0x90 [ 124.045268] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.045294] [ 124.045294] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 124.045314] _raw_spin_lock_nested+0x30/0x40 [ 124.045336] raw_spin_rq_lock_nested+0x1e/0x30 [ 124.045354] task_fork_fair+0x63/0x4d0 [ 124.045379] sched_cgroup_fork+0x3d0/0x540 [ 124.045399] copy_process+0x4183/0x6e20 [ 124.045414] kernel_clone+0xe7/0x890 [ 124.045428] user_mode_thread+0xad/0xf0 [ 124.045443] rest_init+0x24/0x250 [ 124.045467] arch_call_rest_init+0xf/0x14 [ 124.045484] start_kernel+0x4c1/0x4e6 [ 124.045498] secondary_startup_64_no_verify+0xe0/0xeb [ 124.045518] [ 124.045518] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 124.045538] _raw_spin_lock_irqsave+0x39/0x60 [ 124.045561] try_to_wake_up+0xab/0x1920 [ 124.045580] up+0x75/0xb0 [ 124.045596] __up_console_sem+0x6e/0x80 [ 124.045619] console_unlock+0x46a/0x590 [ 124.045642] vt_ioctl+0x2822/0x2ca0 [ 124.045660] tty_ioctl+0x7c4/0x1700 [ 124.045676] __x64_sys_ioctl+0x19a/0x210 [ 124.045698] do_syscall_64+0x3b/0x90 [ 124.045717] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.045742] [ 124.045742] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 124.045763] __lock_acquire+0x2a02/0x5e70 [ 124.045786] lock_acquire+0x1a2/0x530 [ 124.045809] _raw_spin_lock_irqsave+0x39/0x60 [ 124.045832] down_trylock+0xe/0x70 [ 124.045850] __down_trylock_console_sem+0x3b/0xd0 [ 124.045873] vprintk_emit+0x16b/0x560 [ 124.045897] vprintk+0x84/0xa0 [ 124.045920] _printk+0xba/0xf1 [ 124.045945] report_bug.cold+0x72/0xab [ 124.045963] handle_bug+0x3c/0x70 [ 124.045983] exc_invalid_op+0x14/0x50 [ 124.046003] asm_exc_invalid_op+0x16/0x20 [ 124.046027] group_sched_out.part.0+0x2c7/0x460 [ 124.046042] ctx_sched_out+0x8f1/0xc10 [ 124.046057] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.046075] __schedule+0xedd/0x2470 [ 124.046090] schedule+0xda/0x1b0 [ 124.046104] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.046132] syscall_exit_to_user_mode+0x19/0x40 [ 124.046157] do_syscall_64+0x48/0x90 [ 124.046177] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.046202] [ 124.046202] other info that might help us debug this: [ 124.046202] [ 124.046206] Chain exists of: [ 124.046206] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 124.046206] [ 124.046228] Possible unsafe locking scenario: [ 124.046228] [ 124.046231] CPU0 CPU1 [ 124.046235] ---- ---- [ 124.046238] lock(&ctx->lock); [ 124.046246] lock(&rq->__lock); [ 124.046255] lock(&ctx->lock); [ 124.046264] lock((console_sem).lock); [ 124.046273] [ 124.046273] *** DEADLOCK *** [ 124.046273] [ 124.046276] 2 locks held by syz-executor.3/3766: [ 124.046286] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 124.046325] #1: ffff88800e7a4c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.046366] [ 124.046366] stack backtrace: [ 124.046369] CPU: 1 PID: 3766 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220916 #1 [ 124.046388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.046399] Call Trace: [ 124.046404] [ 124.046410] dump_stack_lvl+0x8b/0xb3 [ 124.046431] check_noncircular+0x263/0x2e0 [ 124.046456] ? format_decode+0x26c/0xb50 [ 124.046478] ? print_circular_bug+0x450/0x450 [ 124.046503] ? enable_ptr_key_workfn+0x20/0x20 [ 124.046524] ? __lockdep_reset_lock+0x180/0x180 [ 124.046549] ? format_decode+0x26c/0xb50 [ 124.046572] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 124.046598] __lock_acquire+0x2a02/0x5e70 [ 124.046630] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 124.046664] lock_acquire+0x1a2/0x530 [ 124.046688] ? down_trylock+0xe/0x70 [ 124.046710] ? rcu_read_unlock+0x40/0x40 [ 124.046738] ? find_held_lock+0x2c/0x110 [ 124.046762] ? vprintk+0x84/0xa0 [ 124.046788] _raw_spin_lock_irqsave+0x39/0x60 [ 124.046812] ? down_trylock+0xe/0x70 [ 124.046832] down_trylock+0xe/0x70 [ 124.046851] ? vprintk+0x84/0xa0 [ 124.046876] __down_trylock_console_sem+0x3b/0xd0 [ 124.046902] vprintk_emit+0x16b/0x560 [ 124.046930] vprintk+0x84/0xa0 [ 124.046955] _printk+0xba/0xf1 [ 124.046981] ? record_print_text.cold+0x16/0x16 [ 124.047011] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 124.047031] ? lock_downgrade+0x6d0/0x6d0 [ 124.047057] ? report_bug.cold+0x66/0xab [ 124.047079] ? group_sched_out.part.0+0x2c7/0x460 [ 124.047096] report_bug.cold+0x72/0xab [ 124.047119] handle_bug+0x3c/0x70 [ 124.047139] exc_invalid_op+0x14/0x50 [ 124.047161] asm_exc_invalid_op+0x16/0x20 [ 124.047187] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.047207] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.047224] RSP: 0018:ffff888041acfc48 EFLAGS: 00010006 [ 124.047237] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.047249] RDX: ffff8880419c5040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 124.047260] RBP: ffff88801bd585c8 R08: 0000000000000005 R09: 0000000000000001 [ 124.047271] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800e7a4c00 [ 124.047282] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 124.047298] ? group_sched_out.part.0+0x2c7/0x460 [ 124.047318] ? group_sched_out.part.0+0x2c7/0x460 [ 124.047337] ctx_sched_out+0x8f1/0xc10 [ 124.047356] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.047379] ? lock_is_held_type+0xd7/0x130 [ 124.047406] ? __perf_cgroup_move+0x160/0x160 [ 124.047424] ? set_next_entity+0x304/0x550 [ 124.047450] ? update_curr+0x267/0x740 [ 124.047477] ? lock_is_held_type+0xd7/0x130 [ 124.047505] __schedule+0xedd/0x2470 [ 124.047525] ? io_schedule_timeout+0x150/0x150 [ 124.047548] schedule+0xda/0x1b0 [ 124.047565] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.047595] syscall_exit_to_user_mode+0x19/0x40 [ 124.047622] do_syscall_64+0x48/0x90 [ 124.047644] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.047670] RIP: 0033:0x7f97f6372b19 [ 124.047683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.047699] RSP: 002b:00007f97f38e8218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.047715] RAX: 0000000000000001 RBX: 00007f97f6485f68 RCX: 00007f97f6372b19 [ 124.047726] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f97f6485f6c [ 124.047737] RBP: 00007f97f6485f60 R08: 000000000000000e R09: 0000000000000000 [ 124.047748] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f97f6485f6c [ 124.047759] R13: 00007ffeba5bfc1f R14: 00007f97f38e8300 R15: 0000000000022000 [ 124.047778] [ 124.127712] WARNING: CPU: 1 PID: 3766 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 124.128636] Modules linked in: [ 124.128973] CPU: 1 PID: 3766 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220916 #1 [ 124.129776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.130892] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.131441] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.133253] RSP: 0018:ffff888041acfc48 EFLAGS: 00010006 [ 124.133792] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.134514] RDX: ffff8880419c5040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 124.135233] RBP: ffff88801bd585c8 R08: 0000000000000005 R09: 0000000000000001 [ 124.135949] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800e7a4c00 [ 124.136671] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 124.137412] FS: 00007f97f38e8700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 124.138226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.138816] CR2: 00007f9f7a4b1630 CR3: 000000001be62000 CR4: 0000000000350ee0 [ 124.139533] Call Trace: [ 124.139800] [ 124.140034] ctx_sched_out+0x8f1/0xc10 [ 124.140440] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.140978] ? lock_is_held_type+0xd7/0x130 [ 124.141429] ? __perf_cgroup_move+0x160/0x160 [ 124.141891] ? set_next_entity+0x304/0x550 [ 124.142331] ? update_curr+0x267/0x740 [ 124.142752] ? lock_is_held_type+0xd7/0x130 [ 124.143214] __schedule+0xedd/0x2470 [ 124.143614] ? io_schedule_timeout+0x150/0x150 [ 124.144102] schedule+0xda/0x1b0 [ 124.144466] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.144999] syscall_exit_to_user_mode+0x19/0x40 [ 124.145505] do_syscall_64+0x48/0x90 [ 124.145905] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.146450] RIP: 0033:0x7f97f6372b19 [ 124.146840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.148705] RSP: 002b:00007f97f38e8218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.149504] RAX: 0000000000000001 RBX: 00007f97f6485f68 RCX: 00007f97f6372b19 [ 124.150240] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f97f6485f6c [ 124.150973] RBP: 00007f97f6485f60 R08: 000000000000000e R09: 0000000000000000 [ 124.151716] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f97f6485f6c [ 124.152463] R13: 00007ffeba5bfc1f R14: 00007f97f38e8300 R15: 0000000000022000 [ 124.153222] [ 124.153479] irq event stamp: 3890 [ 124.153839] hardirqs last enabled at (3889): [] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 124.154848] hardirqs last disabled at (3890): [] __schedule+0x1225/0x2470 [ 124.155696] softirqs last enabled at (3878): [] __irq_exit_rcu+0x11b/0x180 [ 124.156577] softirqs last disabled at (2853): [] __irq_exit_rcu+0x11b/0x180 [ 124.157488] ---[ end trace 0000000000000000 ]--- [ 124.499533] ======================================================= [ 124.499533] WARNING: The mand mount option has been deprecated and [ 124.499533] and is ignored by this kernel. Remove the mand [ 124.499533] option from the mount to silence this warning. [ 124.499533] ======================================================= [ 124.502124] 9pnet: Unknown protocol version 9p2000.Ln=¸p2000 10:30:24 executing program 3: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_io_uring_setup(0x7969, 0x0, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, &(0x7f0000000240)) llistxattr(0x0, &(0x7f0000000180)=""/33, 0x21) mount_setattr(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x1000, &(0x7f0000000440)={0x2, 0x0, 0xd0000, {r0}}, 0x20) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xff, 0x5, 0x7, 0x7, 0x0, 0x7, 0x23900, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000480), 0x8}, 0x132e1, 0x8, 0x7, 0x5, 0x9, 0x1f, 0x466, 0x0, 0x20, 0x0, 0x8000}, 0x0, 0x7, r0, 0x9) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x48, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c76657273696f6e3d3970323030302e4c6e3db870323030302cf7876e666f776e65723d00000000000000", @ANYRESDEC=r2, @ANYBLOB=',smackfshat=@:}}:^-{,subj_user=,!,defcontext=staff_u,\x00']) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x9}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0}, &(0x7f0000000640)=0x14) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000000a40)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="1300001b9b526a8484a398", @ANYRES16=0x0, @ANYBLOB="000429bd7000fcdbdf250000000008000100", @ANYRES16=r1, @ANYRES16=r3, @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYBLOB="44000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000110004006163746976656261636b7570000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400d692000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000900000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040001000000080007000000000008000100", @ANYRES32, @ANYBLOB="780002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYBLOB="08000100", @ANYRESHEX, @ANYBLOB="4800028044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001400040005001f0709000000070003810100000008000100", @ANYRES32=r4, @ANYBLOB="400002803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d0000"], 0x358}}, 0xc000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$vfat(0x0, &(0x7f0000000580)='./file0\x00', 0xae7, 0xfffffffffffffef5, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x531081, 0x0) r6 = inotify_init1(0x0) dup2(r6, r5) 10:30:25 executing program 3: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_io_uring_setup(0x7969, 0x0, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, &(0x7f0000000240)) llistxattr(0x0, &(0x7f0000000180)=""/33, 0x21) mount_setattr(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x1000, &(0x7f0000000440)={0x2, 0x0, 0xd0000, {r0}}, 0x20) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xff, 0x5, 0x7, 0x7, 0x0, 0x7, 0x23900, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000480), 0x8}, 0x132e1, 0x8, 0x7, 0x5, 0x9, 0x1f, 0x466, 0x0, 0x20, 0x0, 0x8000}, 0x0, 0x7, r0, 0x9) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x48, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c76657273696f6e3d3970323030302e4c6e3db870323030302cf7876e666f776e65723d00000000000000", @ANYRESDEC=r2, @ANYBLOB=',smackfshat=@:}}:^-{,subj_user=,!,defcontext=staff_u,\x00']) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x9}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0}, &(0x7f0000000640)=0x14) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000000a40)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="1300001b9b526a8484a398", @ANYRES16=0x0, @ANYBLOB="000429bd7000fcdbdf250000000008000100", @ANYRES16=r1, @ANYRES16=r3, @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYBLOB="44000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000110004006163746976656261636b7570000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400d692000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000900000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040001000000080007000000000008000100", @ANYRES32, @ANYBLOB="780002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYBLOB="08000100", @ANYRESHEX, @ANYBLOB="4800028044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001400040005001f0709000000070003810100000008000100", @ANYRES32=r4, @ANYBLOB="400002803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d0000"], 0x358}}, 0xc000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$vfat(0x0, &(0x7f0000000580)='./file0\x00', 0xae7, 0xfffffffffffffef5, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x531081, 0x0) r6 = inotify_init1(0x0) dup2(r6, r5) 10:30:25 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1, 0x2a, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000800100000f000000000000000100000005000000000004000040000020000000d3f4655fd3f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32373131373433303500"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000079d64a30b19941939d5c6a24092e8c9a010040000c00000000000000d3f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000004400000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0300000004000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000018000f000300040000000000000000000f00c2b4", 0x20, 0x400000000000800}, {&(0x7f0000010500)="ff000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d3f4655fd3f4655fd3f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000d3f4655fd3f4655fd3f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000020000000", 0x40, 0x2400}, {&(0x7f0000011700)="200000004c7ddc8f4c7ddc8f00000000d3f4655f00"/32, 0x20, 0x2480}, {&(0x7f0000011800)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000040000000", 0x40, 0x2800}, {&(0x7f0000011900)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2880}, {&(0x7f0000011a00)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000050000000", 0x40, 0x2c00}, {&(0x7f0000011b00)="20000000000000000000000000000000d3f4655f001548000000000000000000", 0x20, 0x2c80}, {&(0x7f0000011c00)="c041000000380000d3f4655fd3f4655fd3f4655f00000000000002004000000000000800000000000af301000400000000000000000000000700000030000000", 0x40, 0x4800}, {&(0x7f0000011d00)="20000000000000000000000000000000d3f4655f000000000000000000000000000002ea00"/64, 0x40, 0x1}, {&(0x7f0000011e00)="ed4100003c000000d3f4655fd3f4655fd3f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c6531000000000000000000000000000000000000000000000000000000b65c7bf3000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x4c00}, {&(0x7f0000011f00)="ed8100001a040000d3f4655fd3f4655fd3f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000600000000000000000000000000000000000000000000000000000000000000000000000000000005a0e0125000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000", 0xa0, 0x5000}, {&(0x7f0000012000)="ffa1000026000000d3f4655fd3f4655fd3f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3237313137343330352f66696c65302f66696c653000000000000000000000000000000000000000000000b8e8b49f000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000", 0xa0, 0x5400}, {&(0x7f0000012100)="ed8100000a000000d3f4655fd3f4655fd3f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008b63b3ec000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000000002ea040700000000000000000000000000006461746106015403000000000600000000000000786174747231000006014c0300000000060000000000000078617474723200"/256, 0x100, 0x5800}, {&(0x7f0000012200)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000d3f4655fd3f4655fd3f4655f00000000000002004000000000000800010000000af30100040000000000000000000000050000007000000000000000000000000000000000000000000000000000000000000000000000000000000044cd9848000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000", 0xc0, 0x5be0}, {&(0x7f0000012300)="ed81000064000000d3f4655fd3f4655fd3f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c4794644c000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000000002ea04073403000000002800000000000000646174610000000000000000", 0xc0, 0x6000}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x63c0}, {&(0x7f0000012500)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000012600)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8070000", 0x20, 0x18000}, {&(0x7f0000012700)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x18800}, {&(0x7f0000012800)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x19000}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x19800}, {&(0x7f0000012a00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1a000}, {&(0x7f0000012b00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1a800}, {&(0x7f0000012c00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1b000}, {&(0x7f0000012d00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x20000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x20400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x20800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x20c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x21000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000200"/96, 0x60, 0x21400}, {&(0x7f0000013300)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x28000}, {&(0x7f0000013400)="0200"/32, 0x20, 0x28400}, {&(0x7f0000000040)="03000000000000000000000000004a946b6781c8807250000000000000000000000000000000000000f9306a811ee49ded0866b611c84635d071f07d5425f53018b80676a786990d929bdc2c37dea5cac84fbb1f339d7c49a94dc9ab9e9f79bc9eec25ed40555705bf9fea6f5e76279003f53aae8f53b959db4dce693c62bbbcd5c6c20f2514ec09cdd7e4982bab5553fd03729e6736178d59d5482ab006706bfb4d3d6c0b2c41daf12891776642550ea7b06e", 0xb3, 0x28800}, {&(0x7f0000013600)="0400"/32, 0x20, 0x28c00}, {&(0x7f0000013700)="0500"/32, 0x20, 0x29000}, {&(0x7f0000013800)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000200"/96, 0x60, 0x29400}, {&(0x7f0000013900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}], 0x0, &(0x7f0000013e00)) [ 124.847167] loop3: detected capacity change from 0 to 264192 [ 124.863809] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 124.864466] EXT4-fs (loop3): group descriptors corrupted! [ 124.884215] loop3: detected capacity change from 0 to 264192 [ 124.898845] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 124.900312] EXT4-fs (loop3): group descriptors corrupted! 10:30:25 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0x7ab681, 0x24) write(r0, &(0x7f0000000180)="6ffc25721cc9dc764319d54dac5b2ada2c5f6c9df78c125ee322784fa59e8d9ddc71996c417ec62000b6c3b9988a734588bc9336bd89d9f59d68d93b9a56c910436c7877860f050764a4d278b3711e6a88e58a1b7600a5c401c48b0f1cb5d6144d8e6c3aa7102222684bfc7c14f69dee4ab83475356a51a59b9a155244bb2e1ecab721b8f8e3924b938321b5e4334a44536eacd64ef97c4582005b866e58d9269fcbd907f32a4f7d021580305ced96f841f0c9c745610aea71374ccbd1e3", 0xbe) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000240)=0xffffffffffffffff, 0x4) r2 = syz_open_dev$tty1(0xc, 0x4, 0x4) sendfile(r1, r2, &(0x7f0000000480)=0xffff, 0x6) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000140)={'wlan1\x00', &(0x7f0000000040)=@ethtool_link_settings={0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], [0xb8, 0xab8d]}}) getsockopt$inet6_buf(r1, 0x29, 0x3d, &(0x7f0000000100)=""/77, &(0x7f0000000080)=0x4d) r4 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="00320000000000000730000000030a0207000700000000000000fce9000000000000070000000000000004000000000000000080000000000000c2040000000405a657b97768419d525786c9e7568d9ba4023cc1244226a0336fc87f771a65a51dcc4b7bf1eed45a75dd65afc4583989010195a508e6403f026911f0b91982e65a4ffb926ace2153aaccbf7453ac74c3b0f534460521ac393fe2752ecbaf63e56d91c33a71697c983e73d2206361db7b986fb4547a826764a1ea183ce9ae6dc7ab4cf0e16ef0a54f7f7f0d295ef0df8b868227e9a1fd967c6c0eabaaa23479ea22d2999e099948b838dc7319776f371d23b46906065d799af115c47bc087b7b444b1f004d679636618f99e1ff9db0e5acf56aa61952c75cf5251c576a61d22a4c51dbb5652c0efbb96cf406f2b13564ac5ae19c1c06accd40e881e61cb2ac5f4640b7a889f8161be99df860e239a8063f38660f40bf568b3ae62014e606025102391c8791386f80d6270272bdd16f4f0b757d8393e7cb9fcb35ce8458add7d040104c910fc0100000000000000030000000000010502824100000000"], 0x1a0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x100, 0x188) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) fcntl$dupfd(r4, 0x406, r6) setxattr$security_evm(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)=@v2={0x5, 0x2, 0x3, 0x5300000, 0x45, "6cfb400b08edaa6fa0c88ef1f317006ec5ca9889897b04026cf7de74390624aaa76508cadc066adf1e4bee47d2ab3688b6a48f2dfbe8d7aa3298bd8bbc8c1abdc1722ece3f"}, 0x4e, 0x3) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), r5) [ 125.354272] loop7: detected capacity change from 0 to 264192 [ 125.379509] loop7: detected capacity change from 0 to 264192 10:30:25 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x20, 0x4, 0x7, 0x0, 0x7ff, 0x400, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000000), 0xcd3cfc79f90c700d}, 0x1207, 0x1, 0x3, 0x7, 0x2, 0x0, 0x8, 0x0, 0x2a, 0x0, 0x9}, 0x0, 0xffffffffffffffff, r0, 0x13) 10:30:26 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0x7ab681, 0x24) write(r0, &(0x7f0000000180)="6ffc25721cc9dc764319d54dac5b2ada2c5f6c9df78c125ee322784fa59e8d9ddc71996c417ec62000b6c3b9988a734588bc9336bd89d9f59d68d93b9a56c910436c7877860f050764a4d278b3711e6a88e58a1b7600a5c401c48b0f1cb5d6144d8e6c3aa7102222684bfc7c14f69dee4ab83475356a51a59b9a155244bb2e1ecab721b8f8e3924b938321b5e4334a44536eacd64ef97c4582005b866e58d9269fcbd907f32a4f7d021580305ced96f841f0c9c745610aea71374ccbd1e3", 0xbe) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000240)=0xffffffffffffffff, 0x4) r2 = syz_open_dev$tty1(0xc, 0x4, 0x4) sendfile(r1, r2, &(0x7f0000000480)=0xffff, 0x6) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000140)={'wlan1\x00', &(0x7f0000000040)=@ethtool_link_settings={0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], [0xb8, 0xab8d]}}) getsockopt$inet6_buf(r1, 0x29, 0x3d, &(0x7f0000000100)=""/77, &(0x7f0000000080)=0x4d) r4 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="00320000000000000730000000030a0207000700000000000000fce9000000000000070000000000000004000000000000000080000000000000c2040000000405a657b97768419d525786c9e7568d9ba4023cc1244226a0336fc87f771a65a51dcc4b7bf1eed45a75dd65afc4583989010195a508e6403f026911f0b91982e65a4ffb926ace2153aaccbf7453ac74c3b0f534460521ac393fe2752ecbaf63e56d91c33a71697c983e73d2206361db7b986fb4547a826764a1ea183ce9ae6dc7ab4cf0e16ef0a54f7f7f0d295ef0df8b868227e9a1fd967c6c0eabaaa23479ea22d2999e099948b838dc7319776f371d23b46906065d799af115c47bc087b7b444b1f004d679636618f99e1ff9db0e5acf56aa61952c75cf5251c576a61d22a4c51dbb5652c0efbb96cf406f2b13564ac5ae19c1c06accd40e881e61cb2ac5f4640b7a889f8161be99df860e239a8063f38660f40bf568b3ae62014e606025102391c8791386f80d6270272bdd16f4f0b757d8393e7cb9fcb35ce8458add7d040104c910fc0100000000000000030000000000010502824100000000"], 0x1a0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x100, 0x188) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) fcntl$dupfd(r4, 0x406, r6) setxattr$security_evm(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)=@v2={0x5, 0x2, 0x3, 0x5300000, 0x45, "6cfb400b08edaa6fa0c88ef1f317006ec5ca9889897b04026cf7de74390624aaa76508cadc066adf1e4bee47d2ab3688b6a48f2dfbe8d7aa3298bd8bbc8c1abdc1722ece3f"}, 0x4e, 0x3) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), r5) VM DIAGNOSIS: 10:30:24 Registers: info registers vcpu 0 RAX=fffffbfff0b605e2 RBX=fffffbfff0b605e3 RCX=ffffffff815ac622 RDX=fffffbfff0b605e3 RSI=0000000000000008 RDI=ffffffff85b02f10 RBP=fffffbfff0b605e2 RSP=ffff888041aff7f0 R8 =0000000000000000 R9 =ffffffff85b02f17 R10=fffffbfff0b605e2 R11=0000000000000001 R12=4000000000000002 R13=4000000000000000 R14=000000000002d8fc R15=ffff888007c75000 RIP=ffffffff817890f5 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005598b75184c8 CR3=0000000017c22000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6f732e616d7a6c62 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00352e6f732e616d 7a6c62696c2f756e YMM03=0000000000000000 0000000000000000 672d78756e696c2d 34365f3638782f62 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b3251 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff888041acf698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000074 R11=0000000000000001 R12=0000000000000074 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b3240 RIP=ffffffff822b32a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f97f38e8700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9f7a4b1630 CR3=000000001be62000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 3d2030720a3a3320 6d6172676f727020 YMM02=0000000000000000 0000000000000000 2c307830202c6339 6666666666666666 YMM03=0000000000000000 0000000000000000 7465735f676e6972 755f6f695f7a7973 YMM04=0000000000000000 0000000000000000 3030303030306637 78302826202c3078 YMM05=0000000000000000 0000000000000000 3432303030303030 3066377830282620 YMM06=0000000000000000 0000000000000000 302f303030626666 3030303066377830 YMM07=0000000000000000 0000000000000000 3030306266663030 3030663778302826 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000