Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:19004' (ECDSA) to the list of known hosts. 2022/09/19 22:04:36 fuzzer started 2022/09/19 22:04:37 dialing manager at localhost:42121 syzkaller login: [ 35.929115] cgroup: Unknown subsys name 'net' [ 35.990921] cgroup: Unknown subsys name 'rlimit' 2022/09/19 22:04:51 syscalls: 2215 2022/09/19 22:04:51 code coverage: enabled 2022/09/19 22:04:51 comparison tracing: enabled 2022/09/19 22:04:51 extra coverage: enabled 2022/09/19 22:04:51 setuid sandbox: enabled 2022/09/19 22:04:51 namespace sandbox: enabled 2022/09/19 22:04:51 Android sandbox: enabled 2022/09/19 22:04:51 fault injection: enabled 2022/09/19 22:04:51 leak checking: enabled 2022/09/19 22:04:51 net packet injection: enabled 2022/09/19 22:04:51 net device setup: enabled 2022/09/19 22:04:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/19 22:04:51 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/19 22:04:51 USB emulation: enabled 2022/09/19 22:04:51 hci packet injection: enabled 2022/09/19 22:04:51 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220919) 2022/09/19 22:04:51 802.15.4 emulation: enabled 2022/09/19 22:04:51 fetching corpus: 50, signal 27111/28886 (executing program) 2022/09/19 22:04:51 fetching corpus: 100, signal 39927/43287 (executing program) 2022/09/19 22:04:51 fetching corpus: 150, signal 46394/51242 (executing program) 2022/09/19 22:04:51 fetching corpus: 200, signal 53800/60024 (executing program) 2022/09/19 22:04:51 fetching corpus: 250, signal 57423/65084 (executing program) 2022/09/19 22:04:51 fetching corpus: 300, signal 67205/75951 (executing program) 2022/09/19 22:04:51 fetching corpus: 350, signal 71952/81903 (executing program) 2022/09/19 22:04:52 fetching corpus: 400, signal 77161/88171 (executing program) 2022/09/19 22:04:52 fetching corpus: 450, signal 81677/93726 (executing program) 2022/09/19 22:04:52 fetching corpus: 500, signal 85143/98269 (executing program) 2022/09/19 22:04:52 fetching corpus: 550, signal 89790/103862 (executing program) 2022/09/19 22:04:52 fetching corpus: 600, signal 93794/108781 (executing program) 2022/09/19 22:04:52 fetching corpus: 650, signal 97470/113285 (executing program) 2022/09/19 22:04:52 fetching corpus: 700, signal 98790/115709 (executing program) 2022/09/19 22:04:52 fetching corpus: 750, signal 103417/121025 (executing program) 2022/09/19 22:04:53 fetching corpus: 800, signal 106677/125031 (executing program) 2022/09/19 22:04:53 fetching corpus: 850, signal 109033/128226 (executing program) 2022/09/19 22:04:53 fetching corpus: 900, signal 111037/131042 (executing program) 2022/09/19 22:04:53 fetching corpus: 950, signal 112447/133397 (executing program) 2022/09/19 22:04:53 fetching corpus: 1000, signal 114369/136098 (executing program) 2022/09/19 22:04:53 fetching corpus: 1050, signal 117333/139677 (executing program) 2022/09/19 22:04:53 fetching corpus: 1100, signal 120824/143635 (executing program) 2022/09/19 22:04:53 fetching corpus: 1150, signal 123605/146941 (executing program) 2022/09/19 22:04:53 fetching corpus: 1200, signal 125241/149289 (executing program) 2022/09/19 22:04:54 fetching corpus: 1250, signal 127993/152455 (executing program) 2022/09/19 22:04:54 fetching corpus: 1300, signal 129706/154782 (executing program) 2022/09/19 22:04:54 fetching corpus: 1350, signal 130995/156737 (executing program) 2022/09/19 22:04:54 fetching corpus: 1400, signal 132762/159076 (executing program) 2022/09/19 22:04:54 fetching corpus: 1450, signal 134394/161249 (executing program) 2022/09/19 22:04:54 fetching corpus: 1500, signal 136429/163680 (executing program) 2022/09/19 22:04:54 fetching corpus: 1550, signal 137348/165262 (executing program) 2022/09/19 22:04:54 fetching corpus: 1600, signal 138445/167007 (executing program) 2022/09/19 22:04:54 fetching corpus: 1650, signal 141255/169992 (executing program) 2022/09/19 22:04:55 fetching corpus: 1700, signal 142520/171760 (executing program) 2022/09/19 22:04:55 fetching corpus: 1750, signal 144173/173755 (executing program) 2022/09/19 22:04:55 fetching corpus: 1800, signal 145948/175836 (executing program) 2022/09/19 22:04:55 fetching corpus: 1850, signal 147510/177767 (executing program) 2022/09/19 22:04:55 fetching corpus: 1900, signal 149338/179902 (executing program) 2022/09/19 22:04:55 fetching corpus: 1950, signal 150225/181331 (executing program) 2022/09/19 22:04:55 fetching corpus: 2000, signal 151490/183009 (executing program) 2022/09/19 22:04:55 fetching corpus: 2050, signal 152723/184607 (executing program) 2022/09/19 22:04:56 fetching corpus: 2100, signal 154979/186934 (executing program) 2022/09/19 22:04:56 fetching corpus: 2150, signal 156364/188592 (executing program) 2022/09/19 22:04:56 fetching corpus: 2200, signal 157640/190164 (executing program) 2022/09/19 22:04:56 fetching corpus: 2250, signal 158844/191664 (executing program) 2022/09/19 22:04:56 fetching corpus: 2300, signal 161313/193953 (executing program) 2022/09/19 22:04:56 fetching corpus: 2350, signal 162534/195416 (executing program) 2022/09/19 22:04:56 fetching corpus: 2400, signal 163899/196960 (executing program) 2022/09/19 22:04:56 fetching corpus: 2450, signal 165067/198393 (executing program) 2022/09/19 22:04:57 fetching corpus: 2500, signal 166271/199782 (executing program) 2022/09/19 22:04:57 fetching corpus: 2550, signal 167658/201245 (executing program) 2022/09/19 22:04:57 fetching corpus: 2600, signal 168948/202645 (executing program) 2022/09/19 22:04:57 fetching corpus: 2650, signal 171429/204666 (executing program) 2022/09/19 22:04:57 fetching corpus: 2700, signal 172628/205987 (executing program) 2022/09/19 22:04:57 fetching corpus: 2750, signal 174355/207524 (executing program) 2022/09/19 22:04:58 fetching corpus: 2800, signal 174921/208420 (executing program) 2022/09/19 22:04:58 fetching corpus: 2850, signal 175651/209409 (executing program) 2022/09/19 22:04:58 fetching corpus: 2900, signal 176724/210599 (executing program) 2022/09/19 22:04:58 fetching corpus: 2950, signal 177612/211676 (executing program) 2022/09/19 22:04:58 fetching corpus: 3000, signal 179033/212967 (executing program) 2022/09/19 22:04:58 fetching corpus: 3050, signal 180220/214102 (executing program) 2022/09/19 22:04:58 fetching corpus: 3100, signal 180869/215005 (executing program) 2022/09/19 22:04:58 fetching corpus: 3150, signal 181815/216013 (executing program) 2022/09/19 22:04:59 fetching corpus: 3200, signal 182535/216902 (executing program) 2022/09/19 22:04:59 fetching corpus: 3250, signal 183420/217908 (executing program) 2022/09/19 22:04:59 fetching corpus: 3300, signal 183868/218644 (executing program) 2022/09/19 22:04:59 fetching corpus: 3350, signal 184549/219475 (executing program) 2022/09/19 22:04:59 fetching corpus: 3400, signal 185147/220274 (executing program) 2022/09/19 22:04:59 fetching corpus: 3450, signal 186264/221293 (executing program) 2022/09/19 22:04:59 fetching corpus: 3500, signal 186839/222031 (executing program) 2022/09/19 22:04:59 fetching corpus: 3550, signal 187223/222678 (executing program) 2022/09/19 22:04:59 fetching corpus: 3600, signal 188805/223781 (executing program) 2022/09/19 22:05:00 fetching corpus: 3650, signal 189561/224558 (executing program) 2022/09/19 22:05:00 fetching corpus: 3700, signal 190357/225371 (executing program) 2022/09/19 22:05:00 fetching corpus: 3750, signal 191885/226447 (executing program) 2022/09/19 22:05:00 fetching corpus: 3800, signal 192958/227271 (executing program) 2022/09/19 22:05:00 fetching corpus: 3850, signal 194405/228236 (executing program) 2022/09/19 22:05:00 fetching corpus: 3900, signal 195025/228923 (executing program) 2022/09/19 22:05:00 fetching corpus: 3950, signal 195704/229601 (executing program) 2022/09/19 22:05:01 fetching corpus: 4000, signal 196195/230228 (executing program) 2022/09/19 22:05:01 fetching corpus: 4050, signal 196815/230861 (executing program) 2022/09/19 22:05:01 fetching corpus: 4100, signal 197300/231408 (executing program) 2022/09/19 22:05:01 fetching corpus: 4150, signal 198139/232077 (executing program) 2022/09/19 22:05:01 fetching corpus: 4200, signal 198869/232720 (executing program) 2022/09/19 22:05:01 fetching corpus: 4250, signal 199363/233276 (executing program) 2022/09/19 22:05:01 fetching corpus: 4300, signal 200973/234176 (executing program) 2022/09/19 22:05:01 fetching corpus: 4350, signal 201721/234784 (executing program) 2022/09/19 22:05:02 fetching corpus: 4400, signal 202530/235407 (executing program) 2022/09/19 22:05:02 fetching corpus: 4450, signal 203545/236075 (executing program) 2022/09/19 22:05:02 fetching corpus: 4500, signal 204056/236555 (executing program) 2022/09/19 22:05:02 fetching corpus: 4550, signal 204724/237071 (executing program) 2022/09/19 22:05:02 fetching corpus: 4600, signal 205232/237538 (executing program) 2022/09/19 22:05:02 fetching corpus: 4650, signal 206984/238302 (executing program) 2022/09/19 22:05:02 fetching corpus: 4700, signal 207585/238747 (executing program) 2022/09/19 22:05:03 fetching corpus: 4750, signal 208274/239218 (executing program) 2022/09/19 22:05:03 fetching corpus: 4800, signal 209102/239748 (executing program) 2022/09/19 22:05:03 fetching corpus: 4850, signal 209684/240181 (executing program) 2022/09/19 22:05:03 fetching corpus: 4900, signal 210332/240638 (executing program) 2022/09/19 22:05:03 fetching corpus: 4950, signal 211023/241087 (executing program) 2022/09/19 22:05:03 fetching corpus: 5000, signal 211746/241534 (executing program) 2022/09/19 22:05:03 fetching corpus: 5050, signal 212546/241958 (executing program) 2022/09/19 22:05:04 fetching corpus: 5100, signal 213563/242375 (executing program) 2022/09/19 22:05:04 fetching corpus: 5150, signal 214124/242755 (executing program) 2022/09/19 22:05:04 fetching corpus: 5200, signal 214842/243137 (executing program) 2022/09/19 22:05:04 fetching corpus: 5250, signal 215533/243505 (executing program) 2022/09/19 22:05:04 fetching corpus: 5300, signal 216417/243955 (executing program) 2022/09/19 22:05:04 fetching corpus: 5350, signal 217252/244390 (executing program) 2022/09/19 22:05:04 fetching corpus: 5400, signal 218711/244808 (executing program) 2022/09/19 22:05:04 fetching corpus: 5450, signal 219266/245107 (executing program) 2022/09/19 22:05:05 fetching corpus: 5500, signal 220063/245414 (executing program) 2022/09/19 22:05:05 fetching corpus: 5550, signal 220952/245759 (executing program) 2022/09/19 22:05:05 fetching corpus: 5600, signal 221765/246110 (executing program) 2022/09/19 22:05:05 fetching corpus: 5650, signal 222876/246507 (executing program) 2022/09/19 22:05:05 fetching corpus: 5700, signal 223656/246782 (executing program) 2022/09/19 22:05:05 fetching corpus: 5750, signal 224494/247033 (executing program) 2022/09/19 22:05:05 fetching corpus: 5800, signal 225223/247282 (executing program) 2022/09/19 22:05:06 fetching corpus: 5850, signal 225575/247496 (executing program) 2022/09/19 22:05:06 fetching corpus: 5900, signal 226521/247769 (executing program) 2022/09/19 22:05:06 fetching corpus: 5950, signal 227084/247990 (executing program) 2022/09/19 22:05:06 fetching corpus: 6000, signal 227648/248151 (executing program) 2022/09/19 22:05:06 fetching corpus: 6050, signal 228449/248329 (executing program) 2022/09/19 22:05:06 fetching corpus: 6100, signal 229195/248481 (executing program) 2022/09/19 22:05:06 fetching corpus: 6150, signal 230044/248976 (executing program) 2022/09/19 22:05:06 fetching corpus: 6200, signal 230523/248980 (executing program) 2022/09/19 22:05:07 fetching corpus: 6250, signal 231055/248981 (executing program) 2022/09/19 22:05:07 fetching corpus: 6300, signal 231546/248995 (executing program) 2022/09/19 22:05:07 fetching corpus: 6350, signal 231978/248999 (executing program) 2022/09/19 22:05:07 fetching corpus: 6400, signal 232572/249081 (executing program) 2022/09/19 22:05:07 fetching corpus: 6450, signal 233613/249082 (executing program) 2022/09/19 22:05:07 fetching corpus: 6500, signal 234125/249084 (executing program) 2022/09/19 22:05:07 fetching corpus: 6550, signal 235230/249100 (executing program) 2022/09/19 22:05:07 fetching corpus: 6600, signal 235792/249101 (executing program) 2022/09/19 22:05:07 fetching corpus: 6650, signal 236291/249108 (executing program) 2022/09/19 22:05:08 fetching corpus: 6700, signal 236604/249109 (executing program) 2022/09/19 22:05:08 fetching corpus: 6732, signal 237057/249109 (executing program) 2022/09/19 22:05:08 fetching corpus: 6732, signal 237057/249109 (executing program) 2022/09/19 22:05:10 starting 8 fuzzer processes 22:05:10 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x48d44, 0x70) r1 = getuid() chown(&(0x7f0000000040)='./file0\x00', r1, 0xee00) bind(0xffffffffffffffff, &(0x7f0000000080)=@ethernet={0x6, @remote}, 0x80) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000100)) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) sendmsg$NL80211_CMD_START_P2P_DEVICE(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000040}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r2, 0x8, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x811}, 0x4040000) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), r0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'ip6_vti0\x00', 0x0, 0x2f, 0xff, 0xff, 0x7, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x8000, 0x5, 0x1}}) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x88, r3, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3f}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x41}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000094}, 0x0) geteuid() r5 = dup2(r0, r0) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000540), r0) sendmsg$TIPC_NL_SOCK_GET(r5, &(0x7f00000007c0)={&(0x7f0000000500), 0xc, &(0x7f0000000780)={&(0x7f0000000580)={0x1f4, r6, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0xb8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @rand_addr=0x64010100}}, {0x14, 0x2, @in={0x2, 0x4e24, @rand_addr=0x64010100}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth1_virt_wifi\x00'}}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xb186}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}]}, @TIPC_NLA_MEDIA={0xcc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2f07}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffd}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'batadv0\x00'}}]}]}, 0x1f4}}, 0xec9fef45035f34c3) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_inet_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000800)={'veth1_to_hsr\x00', {0x2, 0x0, @multicast2}}) socketpair(0x9, 0x0, 0x1, &(0x7f0000000840)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000d80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4000024}, 0xc, &(0x7f0000000d40)={&(0x7f0000000900)={0x428, r10, 0x800, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1464}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17d}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x100}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_FRAME={0x3d1, 0x33, @assoc_req={@wo_ht={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x2}, @device_b, @broadcast, @from_mac, {0x4, 0x25}}, 0x241, 0x40, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x3, 0x1}, {0x12}, {0x36, 0x1}, {0x4}, {0x18}, {0x5, 0x1}, {0x5}, {0x6}]}, @val={0x2d, 0x1a, {0x20, 0x0, 0x7, 0x0, {0x3a3, 0x7f, 0x0, 0x206, 0x0, 0x1, 0x1, 0x2}, 0x8, 0x4, 0x2}}, [{0xdd, 0x51, "ac35f5e143b12f3a78f02a76a325402155dfc3fdf55490f405eb7a41a1c1ac59877610f2212e1a10a9e70d4caa63853e1dee4a7c17e22dc0c41a8f41bcfcf1f544d3927587321ebc315c0e8bd650730f83"}, {0xdd, 0xd7, "7c7a108f42e479b156a0140c283d0cf7b4314bfa1ab7543e861fce94acc289c5b6655faa2aeadae1c41f6a0ca33150c08c4749fc2066ae49f11de7a363b426bd1d63dd5a7b291bf30e6c32f5e17b93384699ef93eaf71023ada7f37c478d86ec4361388ee4d04341c42f9c5e16557c2e648d21f0acc207150f73ab1fe953170ff09f0683fdaeeb6ad40cc91c4b17e4e9204bd2babd1ca205c9f976d7401aa1ed77e9d112e0da3870ba219448572d8c9942f59291f4b8eb7640a82de20a98928edfea5d748f68c1d38dfed81f82aada803f310cdfd3a882"}, {0xdd, 0x97, "90a718b7fba3913b4b70248f06b1b08ec258a0ba32b587884966a9df0400763026ec6df2bac249f729e6074958c295a1df0b7343d79014f60980ade69f5ce59c78eb56119551ee89d0dd756700b9740b22de2b76b6fc507ee41cd891ac6506d8dc1acb28245223505858210f6ba838b1afdc072ae7ba8229958af83d4cfe501fa592abeaaf2db2c6601d9cec98032e48716a3618a96d73"}, {0xdd, 0xbb, "bc473d9a971322d0969c79de0e8238b9ae818a265e04691c2ef3a03136e702202c8b2e0d63ab38469d42cb26fbf7e949cee28e97196fb81b09064ad7a9e1641b8e2afdf0ccade4a20115029f2a61b028a5ab12305ec92fc8265df7bedf84b78c9f55c12da7db908633ad3dca69f26060114c8ab8062511ba690c4a8118f8814487b704956b21378d4c958dd2c21ab7e230981a603b726ad22263d4fd747831a1d731bffbe7d6c335eb3640cce4a5ea0e6b2728401d91f500616704"}, {0xdd, 0xff, "997ac582b3ab1cf94a3fcd75f2cede7e3ea83668d36862f8ce20ed5e9eac85410d89b5309a42f8abc032af5afd633592b8d76e71eea29e642cced0b7e2645efec17bd5f02b1e23fddc1e2dc0dd5fd3d32a9a50962801ba0220c601e75c0526587e591f5dca7c4445a8ccd154b0be9514427d49477f3d7995a119c2307a12c0ea8bd340df053b3e0decffa98ff38d39e17049ecd16cc11f680bfbf77d44662c4b525ceaacc122a30ae8181b3d6ce75de607b53b8bbf953a71f7db9e18965e153bad1e7db45153b27cfc51d50bfac26aea0b611ec028beb7006a8fbad92ed0c754acac9a1c0f5a086955756bb5f1b4e8d1edc10a98044dfac0f546e0c5b780fe"}]}}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x428}, 0x1, 0x0, 0x0, 0x40844}, 0x80) recvmmsg$unix(r9, &(0x7f0000003080)=[{{&(0x7f0000000dc0)=@abs, 0x6e, &(0x7f0000000f00)=[{&(0x7f0000000e40)=""/19, 0x13}, {&(0x7f0000000e80)=""/14, 0xe}, {&(0x7f0000000ec0)=""/62, 0x3e}], 0x3, &(0x7f0000000f40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd0}}, {{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001040)=""/69, 0x45}, {&(0x7f00000010c0)=""/148, 0x94}, {&(0x7f0000001180)=""/46, 0x2e}, {&(0x7f00000011c0)=""/239, 0xef}, {&(0x7f00000012c0)=""/252, 0xfc}, {&(0x7f00000013c0)=""/218, 0xda}, {&(0x7f00000014c0)=""/235, 0xeb}, {&(0x7f00000015c0)=""/58, 0x3a}, {&(0x7f0000001600)=""/126, 0x7e}], 0x9, &(0x7f0000001740)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x88}}, {{&(0x7f0000001800), 0x6e, &(0x7f0000002a00)=[{&(0x7f0000001880)=""/42, 0x2a}, {&(0x7f00000018c0)=""/4096, 0x1000}, {&(0x7f00000028c0)=""/207, 0xcf}, {&(0x7f00000029c0)=""/40, 0x28}], 0x4, &(0x7f0000002a40)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002ac0)=@abs, 0x6e, &(0x7f0000002c00)=[{&(0x7f0000002b40)=""/132, 0x84}], 0x1, &(0x7f0000002c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}}, {{&(0x7f0000002c80)=@abs, 0x6e, &(0x7f0000002f40)=[{&(0x7f0000002d00)=""/3, 0x3}, {&(0x7f0000002d40)=""/57, 0x39}, {&(0x7f0000002d80)=""/112, 0x70}, {&(0x7f0000002e00)=""/232, 0xe8}, {&(0x7f0000002f00)=""/1, 0x1}], 0x5, &(0x7f0000002fc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xc0}}], 0x5, 0x21, 0x0) 22:05:10 executing program 1: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x200540, 0x0) write$sndseq(r0, &(0x7f0000000080)=[{0x9, 0x0, 0x81, 0x0, @time={0xd956, 0x80}, {0x20, 0xa8}, {0x0, 0x4}, @quote={{0x7, 0x6}, 0xeec, &(0x7f0000000040)={0xa1, 0x4, 0x20, 0x80, @time={0x6, 0xcf}, {0x80, 0x1}, {0x6, 0x80}, @addr={0x2, 0x1f}}}}, {0x2, 0x0, 0x3, 0x0, @time={0x3}, {0x1, 0x3f}, {0x2, 0x2}, @queue={0xff, {0x5, 0x8}}}, {0x8, 0xff, 0xe1, 0x3f, @tick=0x4, {0x5, 0xcb}, {0xe7}, @control={0xff, 0x4, 0xffff}}, {0x8, 0x5, 0x7f, 0x9, @time={0x6, 0x7}, {0x8, 0x7}, {0x3, 0x12}, @note={0x40, 0x9, 0x8, 0x4, 0x401}}], 0x70) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='hugetlb.1GB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0) ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f0000000180)={0xfff, 0x20, [0x7f, 0x400, 0x1000, 0x8], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0]}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {r0}}, './file0\x00'}) r3 = open_tree(r2, &(0x7f0000000200)='./file0\x00', 0xe218d4536293f89a) r4 = syz_open_dev$vcsn(&(0x7f0000000240), 0x4d73, 0x201) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000280)={0x0, 0x0}) fcntl$setown(r4, 0x8, r5) mknodat$loop(r0, &(0x7f0000000300)='./file0\x00', 0x4, 0x1) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r4, {0xee01}}, './file0\x00'}) write$P9_ROPEN(r6, &(0x7f0000000380)={0x18, 0x71, 0x1, {{0x80, 0x4, 0x3}, 0x3}}, 0x18) write$P9_RCLUNK(0xffffffffffffffff, &(0x7f00000003c0)={0x7, 0x79, 0x1}, 0x7) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000400)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3f}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000440)={'wlan0\x00'}) openat(r0, &(0x7f0000000480)='./file0\x00', 0x4000, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000004c0)) r8 = dup3(r3, r0, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO(r8, 0xc0389424, &(0x7f0000000700)={0x20, 0x40, '\x00', 0x1, &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 22:05:10 executing program 3: ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) linkat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{}, "8ff1a6ff81cb43e8", "aab444c6aa476b81360d376da206fa1bfc702d9eaa4876411c44db46409e3e37", "aee0ed48", "cdd06f7f75a9836d"}, 0x38) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x6e000000}}, '\x00'}) r2 = openat$cgroup_ro(r1, &(0x7f0000000140)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'ipvlan1\x00'}) r3 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x7fffffff, 0x5, &(0x7f0000000400)=[{&(0x7f0000000240)="906efed30e4b9037807ef9defb57eb13ac73fb4daed9d499006153d451992d1b", 0x20, 0x10001}, {&(0x7f0000000280)="58cd8468a3e4b29a0197578d0faffb777e5febbc641a5b468803eaa10d63b15367073b31cee93f0a3fa141aa919d7929fe4d85a5a722d2cf12e03d482fc6152e80f8966322d47870931fff532f9f074ce40ae0c724e49d66177a170707b5ca30c1b9b5985808bbb31560efa236c97faaa0e65c8aa00506731b70bb1ef7f754edce1ff74903e9dbc10757ca5bf89eb20e2eb23a4b0b014c7612166826ed0838c9b7bef390dcdb0da6e6b350872463ff9cbb705529ef837dc8", 0xb8, 0x8}, {&(0x7f0000000340)="6d26cc07d93a28d81b245216", 0xc, 0x400}, {&(0x7f0000000380)="29776302fa051d23c86485dd029e1d5ef40f17e5e93fab1f6abf5a40", 0x1c, 0xfffffffffffffffb}, {&(0x7f00000003c0)="87c5daed9dd657253a331f8a1e4d8b3c3a72e2e02546134bf3c5d3e4a217494b0ed4a743f70e015cd6", 0x29, 0x80000001}], 0x400000, &(0x7f0000000480)={[{@numtail}, {@nonumtail}], [{@seclabel}, {@obj_role}, {@obj_user={'obj_user', 0x3d, '&{*&'}}, {@fsmagic={'fsmagic', 0x3d, 0x5}}, {@seclabel}, {@euid_gt={'euid>', 0xee00}}, {@obj_type={'obj_type', 0x3d, 'blkio.bfq.io_wait_time\x00'}}]}) execveat(r3, &(0x7f0000000540)='./file0\x00', &(0x7f0000000700)=[&(0x7f0000000580)='+\'\x00', &(0x7f00000005c0)='/dev/hpet\x00', &(0x7f0000000600)='\\\x0f-:+\x00', &(0x7f0000000640)=',\x00', &(0x7f0000000680)='ipvlan1\x00', &(0x7f00000006c0)='[\x03\x00'], &(0x7f0000000780)=[&(0x7f0000000740)='ipvlan1\x00'], 0x800) fallocate(r0, 0xc, 0x3f, 0x200) execveat(r2, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000940)=[&(0x7f0000000800)='\'..\x00', &(0x7f0000000840)='-:{\x00', &(0x7f0000000880)='[)%(!\x8e*\f}&\'$/N\x00', &(0x7f00000008c0)='ipvlan1\x00', &(0x7f0000000900)='nnonumtail=1'], &(0x7f0000000a80)=[&(0x7f0000000980)='\\\x0f-:+\x00', &(0x7f00000009c0)='obj_user', &(0x7f0000000a00)='--{\x00', &(0x7f0000000a40)='\x00'], 0x1000) r4 = pidfd_getfd(r0, 0xffffffffffffffff, 0x0) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000b00)={{0x1, 0x1, 0x18, r5, {0x1}}, './file0\x00'}) setxattr$trusted_overlay_redirect(&(0x7f0000000b40)='./file0\x00', &(0x7f0000000b80), &(0x7f0000000bc0)='./file0/file0\x00', 0xe, 0x2) renameat(r0, &(0x7f0000000c00)='./file0/file0\x00', r5, &(0x7f0000000c40)='./file0/file0\x00') accept$packet(r0, &(0x7f0000000cc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000d00)=0x14) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000e40)={'syztnl0\x00', &(0x7f0000000d40)={'gretap0\x00', 0x0, 0x40, 0x8, 0x1, 0x40, {{0x30, 0x4, 0x0, 0xe, 0xc0, 0x66, 0x0, 0x3, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@timestamp_prespec={0x44, 0x4c, 0x15, 0x3, 0x3, [{@multicast1, 0x3}, {@multicast1, 0x6}, {@broadcast, 0x927}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}, {@multicast2}, {@empty, 0xffff8001}, {@broadcast, 0xa81}, {@multicast1, 0x6028}, {@multicast2, 0x4}]}, @noop, @lsrr={0x83, 0x27, 0x2c, [@empty, @broadcast, @dev={0xac, 0x14, 0x14, 0x29}, @broadcast, @local, @multicast2, @local, @local, @dev={0xac, 0x14, 0x14, 0xc}]}, @timestamp={0x44, 0x20, 0x19, 0x0, 0x4, [0x5, 0x3, 0x1, 0x0, 0x8d, 0x4, 0x4]}, @ra={0x94, 0x4}, @generic={0x82, 0x12, "b78e6dbc3b606ace07da2bb20f78f3df"}, @end]}}}}}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000000f40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x4300001}, 0xc, &(0x7f0000000f00)={&(0x7f0000000e80)={0x48, 0x0, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40414}, 0x20000080) renameat(r0, &(0x7f0000000f80)='./file0/file0\x00', 0xffffffffffffffff, &(0x7f00000011c0)='./file0/file0\x00') 22:05:10 executing program 2: r0 = gettid() r1 = clone3(&(0x7f00000002c0)={0x8200, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x20}, &(0x7f00000000c0)=""/167, 0xa7, &(0x7f0000000180)=""/229, &(0x7f0000000280)=[0x0, r0, 0xffffffffffffffff, 0xffffffffffffffff], 0x4}, 0x58) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)=0x0) rt_tgsigqueueinfo(r1, r3, 0x30, &(0x7f0000000380)={0x28, 0xe8d, 0x5}) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='net_prio.prioidx\x00', 0x0, 0x0) pidfd_send_signal(r4, 0x1f, &(0x7f0000000440)={0x9, 0x0, 0x2}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r2, {0x80000000}}, './file0\x00'}) r6 = signalfd(r4, &(0x7f0000000500)={[0x401]}, 0x8) pidfd_send_signal(r6, 0x8, &(0x7f0000000540)={0x37, 0xfffffd4d, 0x1}, 0x0) ioctl$KDDISABIO(r4, 0x4b37) openat$vcs(0xffffffffffffff9c, &(0x7f00000005c0), 0x902, 0x0) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000600), 0x84000, 0x0) pidfd_send_signal(r7, 0x6, &(0x7f0000000640)={0x0, 0x3, 0x4}, 0x0) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, &(0x7f00000006c0)) r8 = creat(&(0x7f0000000700)='./file0/file0\x00', 0x40) ioctl$PIO_UNIMAP(r8, 0x4b67, &(0x7f0000000780)={0x1, &(0x7f0000000740)=[{0x4, 0x73f7}]}) recvmsg$unix(r6, &(0x7f0000000b00)={&(0x7f00000007c0)=@abs, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000840)=""/216, 0xd8}, {&(0x7f0000000940)=""/191, 0xbf}], 0x2, &(0x7f0000000a40)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90}, 0x40000000) get_robust_list(r9, &(0x7f0000000c80)=&(0x7f0000000c40)={&(0x7f0000000b80)={&(0x7f0000000b40)}, 0x0, &(0x7f0000000c00)={&(0x7f0000000bc0)}}, &(0x7f0000000cc0)=0x18) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000e40)=0x0) clone3(&(0x7f0000000ec0)={0x10001000, &(0x7f0000000d00), &(0x7f0000000d40), &(0x7f0000000d80), {0x5}, &(0x7f0000000dc0)=""/17, 0x11, &(0x7f0000000e00)=""/25, &(0x7f0000000e80)=[r10], 0x1, {r8}}, 0x58) 22:05:10 executing program 4: syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x230, &(0x7f0000000000)={[{0xf7, 0x4e00, "8750201c5e95b38a1657603698678a900138fa47af697761a9118a08daf362bf2da841bf9976c7c30679b9de24b3734f3a489447f7f6f3bf996cc9445c5425acf98abc9d0a9a37a03ed403ffc1ce9d3de61fe65cec65be3a9fcdbbfbe47f7e3c1b8d3044e7db267a94bacda902b10e1a121c9ff35c73a7e3d29f2024a38484c4e1f415f50b718e9c9ead491df3bcaddcaa9f708e7411855ed8b6d98e5276b04541243684406511d0a90a4fa2ab61c8fc0a0b400835f70098be81409a5111cc1279ed792927713b5d82a1ff03746a130887a32ebbaa2108cc8bd7a1bffc22bed5ea6783336fc7e2f4ab35dcfda35dd93bdd58c097f0e56c"}, {0xd9, 0x4e00, "c4616dd04bea0e4759e75d0979c84c2f6f1f5b008686943e99517c4917f727c8b7e1b93679597bb0f3ac41db986c421d6f3baa1587a16ab6e2ddb14fb0594f0621aacd4f6f5d2ebf94ba482f429c0724fd1ecbac0bcbac1cc074bedcad9bc272a8a8e4aa0a91c52646a4ce23cdfc212b434c7fa076bc71f612f042580cecef309e6c72bdde07b04bc3dfdc79853994cf9497261089a600f6254b006c5bea61aec989968b3ac8cef369f6709f490edde93d13d73def158a4e6df147263deb9865b0df9387821e6ee943b70bcf7741b8a3d1582977696e370ea3"}, {0x34, 0x4e00, "6a39f0896a7afb5b3af92a69f09024b50f635e793d4858004130e5cd8ca8c044d44f5580df57c33abb14d6a80015a442bc82f8e6"}, {0x18, 0x4e00, "f05ae5efb487745001d16ada215daea4722dc5d414c893ab"}]}) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000002c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x12, &(0x7f0000000340)=@conn_svc_rsp={0x0, 0x0, 0xa, "0352fc3d", {0x3, 0x1a017cd38062afd1, 0x0, 0x1, 0x9, 0x3, 0x3f}}) r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000380)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x10, &(0x7f0000000400)=@ready={0x0, 0x0, 0x8, "35a08ab2", {0x1, 0x400, 0x6, 0x6, 0x8e}}) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000440)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wpan3\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x5c, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0302}}}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0102}}}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40084}, 0x4) syz_usb_ep_write(r1, 0x6, 0x8c, &(0x7f0000000680)="8155cd6e51c77cca374f42c36a6ce891eff0d83b41ec4eba26ea4bb7ff69fb8c15bba6af4b86aa6168eca4dd4c156d6061ae136ceccbf7e9213a126ed51413b6cc00835eecd6b3283a196e7469d01f65860045e15261ff719f0237676fd1de977356f5ef9ef592a7e9b0d27faef2f723d96f122d224308c10ae5103be71ebfa517c04d45e8f56965b198b80b") r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000780), r2) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x24, r6, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7ff}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x80}]}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x20040840) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r7, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x1c, r8, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4081) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000a80)={'ip6_vti0\x00', &(0x7f0000000a00)={'ip6_vti0\x00', 0x0, 0x2f, 0x9, 0x6, 0x0, 0x4, @remote, @private1, 0x40, 0x80, 0x7ff, 0x10001}}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f0000000f80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000b80)={0x39c, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x320, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x1a0, 0x3, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'nl802154\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '),-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb9f7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x81}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x14, 0x2, '(+]@&.\')+\'#\'*%(\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'nl802154\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '))-\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '[\x19$(\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\\$%\\\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wpan3\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, ')\'#.#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wpan1\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '*{%\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wpan1\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'nl802154\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x40}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x903}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x94, 0x3, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '^\'/$/\\+\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffffaf}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wpan1\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}]}, {0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xe96}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xaf}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '!\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8c}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0xdf, 0x4, "0eea6c12184ba395e3c19749e7dbdf0d9a26d85d523b678306de166dcf2f2dcd7db706d8a3f68d4685a32af22b72534ef4e031d57e6afe9d9851bc04e9a9c33a3e1cca143c8591bf3021245a2b7feedbd450a026918234f765bdcbd9011bdd294b0e0c5f0b259759ce7628fcfe0ee6b649b7bd48418ebd1cf6ddd9c742acb77ec9b3f69cfe4b41a1319c3aae9cd860df5cd8ae602a4bd574902107bde14cd9a007e9fcc7c3140b0b988b1889cde9318ea408aac8315b8a360f57cc91b9ab09b408c70a32da8d22835ba2f86fbcd9a6f08a29bb36f3c5f8d6c87710"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}]}, 0x39c}, 0x1, 0x0, 0x0, 0x20050000}, 0x4004) 22:05:10 executing program 5: ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000080)={0x100, 0x40, [0x9, 0xea, 0x8], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$TIOCSRS485(r0, 0x542f, &(0x7f00000000c0)={0x1, 0x9}) ioctl$KDSETLED(r0, 0x4b32, 0x101) r1 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000001c0)) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000200)) r2 = syz_open_pts(0xffffffffffffffff, 0x61a801) ioctl$TIOCGPTPEER(r2, 0x5441, 0x20) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$KDGKBSENT(r3, 0x4b48, &(0x7f0000000280)={0x8f, "4c2052efc58b62c4a90d51bbd828c23b3e12b937d8c2b8344907fbe4753bd5fff8afc49031599b798bd764d15225e12419f20f022ffd103dcc4ab5c9083c32ebffe5cdaba6ec301af7cd3f5c032d59e24a7b65dd37ea584521926271e2d30236fabe47e58432f1c3910f8f7875b1f42f10e368f9937e4dcf499c8e90778ba50c2d663e984f414fb5687448ec5cc0e76bb8c5f5a1182cba7d37b42b1813f860ae2fa3b06d3f32f63b92549b6bfd688b8d7ac2a6926a3d463711f1efba22b920aa340f5639226e202bbbf1e0887a8a569f0ebb16b530097a31d961bfed79bae5caa8843d569af33d5bf5caa5599ede3cf6ce6d0832af4888c12acf3f1227c3d36b91aa48f733a31d88d17a81b23ce057f871ee55338c146aade97a628c565522716ebfd9ee3a0725a87d8182c04048433e33c7da7f4175bef5e5a53764db1bb60cb27b1eb9d8f32648f479fc57f8a52f1ffdf41dbd2f2caa83e1b1352297858dd49d95d25c50c47adeb78e42dd3645a0c3c2148266ad51ceb2643a5d52f20b5e1f747b2a27c931059cf1af3493fd36bc3bf8624ca3fd94f2e0fad381f9a5a2728b9f1a6e0b2cbc418b57f0f5694e8e0f03af2124d8136603e24523974827819d40046ebe1eb3bf2383c8a2e44d67d06452ae13c971502358cba2b08d148accde30615c05303ba086b90266efc271428331cf17003b77c9a3bd8e132c7b87548784"}) r4 = openat(r3, &(0x7f00000004c0)='./file0\x00', 0x80, 0x111) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000500)=0x3, 0x4) ioctl$KDGKBENT(r4, 0x4b46, &(0x7f0000000540)={0xd4, 0x0, 0x200}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f0000000580)={{0x1, 0x1, 0x18, r4, {0x1f}}, './file0\x00'}) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f00000005c0), 0x84101, 0x0) ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000600)={0x7, 0x2, 0x3}) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000640), &(0x7f0000000680)=0x14) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000700)=0x16) [ 69.688667] audit: type=1400 audit(1663625110.998:6): avc: denied { execmem } for pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:05:11 executing program 6: ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x70}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x40000) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x198, r1, 0x200, 0x70bd26, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x10, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "2acc0ab477c457a0"}]}, @NL80211_ATTR_REKEY_DATA={0x4}, @NL80211_ATTR_REKEY_DATA={0x28, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x11}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="5236e8755a561079471822ab59295439139d47085ef0c931"}]}, @NL80211_ATTR_REKEY_DATA={0x10, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "8ea0c14f7fc30dc0"}]}, @NL80211_ATTR_REKEY_DATA={0x20, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="7dc1dd9980544f87dc276eb1e0be7c44"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3}]}, @NL80211_ATTR_REKEY_DATA={0x18, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="4bc40e4a55e0669b43febf8812a02b17"}]}, @NL80211_ATTR_REKEY_DATA={0x40, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xd833}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="58eae1ec8497850b110b49bbac6b60054c6821b92a125a2b6e05c126d4f23247"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x800}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x2}]}, @NL80211_ATTR_REKEY_DATA={0xc0, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="352c34193562a9e73a3c4d62be4a79831f2acf941395173c80ae944346a3ea30"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="ac9f1ae7716067b44cd552708c0006eae919d9988323cd0502c1d99abacff7fa"}, @NL80211_REKEY_DATA_AKM={0x8}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "971f8c8e1f17e5db"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "7af6034ab6518bd7"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="16fb47f80d6726df416aaf9ddeb5bb994fd28afd73e7f40f"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="f099137268048c4a44c2db3c96cc4ff4bbf3d0652e85ae353688f28a78680481"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "0ebe164a6b7f522c"}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x844}, 0x40040) r2 = socket(0x9, 0x2, 0x6) sendmsg$ETHTOOL_MSG_EEE_GET(r2, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x448d0}, 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r2, {0x5}}, './file0\x00'}) ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000600)={0x9, 0x8, 0x4}) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x1c, 0x0, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x8001) r4 = socket$netlink(0x10, 0x3, 0x13) sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000a00)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000009c0)={&(0x7f0000000780)={0x20c, 0x7, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFTA_RULE_EXPRESSIONS={0x1e0, 0x4, 0x0, 0x1, [{0x124, 0x1, 0x0, 0x1, [@cmp={{0x8}, @val={0xa8, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xa4, 0x3, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VALUE={0x85, 0x1, "bd03d558c9f6d684883df1e818c32aab937a1c4a60233fb6133865a832bba1b7fdfd1eb4860ec7a4391718d6cf492a5190cba14725e04359c3646c1e083db15699d94e00782cb92de53f9a7e4ad5b124c53f858f5039c5d81103035a2966d0193f72ea24807f41a8cfeff90f48fb1ba5fee4428f50690c9234326940669dd6f195"}]}]}}, @byteorder={{0xe}, @void}, @reject={{0xb}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_REJECT_ICMP_CODE={0x5}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x96}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x9}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x5}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x69}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0xff}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x80}]}}]}, {0x14, 0x1, 0x0, 0x1, [@immediate={{0xe}, @void}]}, {0x94, 0x1, 0x0, 0x1, [@tproxy={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_TPROXY_REG_PORT={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}]}}, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}, @log={{0x8}, @void}, @quota={{0xa}, @void}, @socket={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}]}}, @dup_ipv4={{0x8}, @void}]}, {0x10, 0x1, 0x0, 0x1, [@objref={{0xb}, @void}]}]}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}]}, 0x20c}, 0x1, 0x0, 0x0, 0x81}, 0x20040000) sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f0000000c00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a80)={0x124, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x5c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @multicast1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3f}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x101}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}]}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x41}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fff}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}]}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve1\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x8011}, 0x8002) kcmp(0x0, 0x0, 0x1, r4, r4) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000c40)={{0x1, 0x1, 0x18, r3, {0xfcaa}}, './file0\x00'}) ioctl$TIOCGRS485(r5, 0x542e, &(0x7f0000000c80)) ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000cc0)) openat(r3, &(0x7f0000000d00)='./file0/file0\x00', 0x1, 0x4) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000d40), &(0x7f0000000d80)={'U+', 0xffffffffffffffe1}, 0x16, 0x2) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r2, 0x89fa, &(0x7f0000000e80)={'syztnl1\x00', &(0x7f0000000e00)={'ip6_vti0\x00', 0x0, 0x29, 0x8, 0x1, 0x2, 0x40, @private2={0xfc, 0x2, '\x00', 0x1}, @private1, 0x7, 0x1, 0x3, 0x6}}) sendmsg$ETHTOOL_MSG_FEATURES_GET(r5, &(0x7f0000001640)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001600)={&(0x7f00000013c0)={0x204, 0x0, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}]}, 0x204}, 0x1, 0x0, 0x0, 0x8000}, 0x20000042) 22:05:11 executing program 7: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x94, r0, 0x100, 0x201, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0xfffffff8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@private=0xa010100}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0xe}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x40) socketpair(0x1d, 0x80006, 0xd3d, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$netlink_NETLINK_CAP_ACK(r2, 0x10e, 0xa, &(0x7f0000000200)=0x7fffffff, 0x4) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x78, r0, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xb7}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x72}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x6bb9e7e71fd75b99}, 0x40800) clock_gettime(0x0, &(0x7f0000001d00)={0x0, 0x0}) recvmmsg$unix(r1, &(0x7f0000001c80)=[{{&(0x7f0000000380), 0x6e, &(0x7f00000016c0)=[{&(0x7f0000000400)=""/10, 0xa}, {&(0x7f0000000440)=""/110, 0x6e}, {&(0x7f00000004c0)=""/186, 0xba}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/167, 0xa7}, {&(0x7f0000001640)=""/114, 0x72}], 0x6}}, {{&(0x7f0000001740)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f00000017c0)=""/7, 0x7}, {&(0x7f0000001800)=""/128, 0x80}, {&(0x7f0000001880)=""/43, 0x2b}, {&(0x7f00000018c0)=""/171, 0xab}, {&(0x7f0000001980)=""/244, 0xf4}, {&(0x7f0000001a80)=""/198, 0xc6}], 0x6, &(0x7f0000001c00)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}], 0x2, 0x100, &(0x7f0000001d40)={r3, r4+60000000}) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r9, 0x8983, &(0x7f0000001d80)) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001e00), r6) sendmsg$NL80211_CMD_STOP_AP(r5, &(0x7f0000001ec0)={&(0x7f0000001dc0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001e80)={&(0x7f0000001e40)={0x14, r10, 0x800, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x240040d4) r11 = syz_io_uring_complete(0x0) getsockopt$IP_VS_SO_GET_SERVICE(r11, 0x0, 0x483, &(0x7f0000001f00), &(0x7f0000001f80)=0x68) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r8, 0xc018937e, &(0x7f0000001fc0)={{0x1, 0x1, 0x18, r7, @in_args={0x6}}, './file0\x00'}) ioctl$BTRFS_IOC_TREE_SEARCH(r12, 0xd0009411, &(0x7f0000002000)={{0x0, 0x7, 0x0, 0x7, 0x1, 0xc159, 0x4, 0x1, 0x7, 0x4, 0x10000, 0x9, 0x800, 0xabde, 0x3}}) r13 = dup3(r1, r12, 0x0) r14 = syz_genetlink_get_family_id$tipc(&(0x7f0000003040), r9) sendmsg$TIPC_CMD_GET_NETID(r13, &(0x7f0000003100)={&(0x7f0000003000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000030c0)={&(0x7f0000003080)={0x1c, r14, 0x4, 0x70bd2b, 0x25dfdbfb, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008014) ioctl$int_out(r1, 0x0, &(0x7f0000003140)) ioctl$AUTOFS_IOC_SETTIMEOUT(r9, 0x80049367, &(0x7f0000003180)=0x80000001) open_tree(0xffffffffffffff9c, &(0x7f00000031c0)='./file0\x00', 0x0) [ 70.864374] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.866030] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.867578] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.872003] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.874407] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.875978] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.880699] Bluetooth: hci0: HCI_REQ-0x0c1a [ 70.994123] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.996747] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.998367] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.999766] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.000950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.006120] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.014944] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.019523] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.023961] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.025414] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.028285] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.033639] Bluetooth: hci2: HCI_REQ-0x0c1a [ 71.039785] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.059557] Bluetooth: hci1: HCI_REQ-0x0c1a [ 71.133087] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.147719] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.149028] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.157361] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.162293] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 71.165141] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 71.170367] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 71.173328] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 71.176691] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 71.183651] Bluetooth: hci6: HCI_REQ-0x0c1a [ 71.186584] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 71.189018] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 71.190215] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 71.218562] Bluetooth: hci7: HCI_REQ-0x0c1a [ 72.952825] Bluetooth: hci0: command 0x0409 tx timeout [ 73.080884] Bluetooth: hci2: command 0x0409 tx timeout [ 73.081493] Bluetooth: hci1: command 0x0409 tx timeout [ 73.081911] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 73.083544] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 73.084307] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 73.272496] Bluetooth: hci7: command 0x0409 tx timeout [ 73.273102] Bluetooth: hci6: command 0x0409 tx timeout [ 75.000634] Bluetooth: hci0: command 0x041b tx timeout [ 75.128538] Bluetooth: hci1: command 0x041b tx timeout [ 75.129380] Bluetooth: hci2: command 0x041b tx timeout [ 75.320538] Bluetooth: hci6: command 0x041b tx timeout [ 75.321383] Bluetooth: hci7: command 0x041b tx timeout [ 77.056534] Bluetooth: hci0: command 0x040f tx timeout [ 77.091823] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 77.095284] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 77.101895] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 77.106335] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 77.107260] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 77.108435] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 77.111204] Bluetooth: hci4: HCI_REQ-0x0c1a [ 77.176505] Bluetooth: hci2: command 0x040f tx timeout [ 77.176976] Bluetooth: hci1: command 0x040f tx timeout [ 77.368579] Bluetooth: hci7: command 0x040f tx timeout [ 77.370600] Bluetooth: hci6: command 0x040f tx timeout [ 79.033655] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 79.096586] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 79.097505] Bluetooth: hci0: command 0x0419 tx timeout [ 79.161533] Bluetooth: hci4: command 0x0409 tx timeout [ 79.224515] Bluetooth: hci1: command 0x0419 tx timeout [ 79.224919] Bluetooth: hci2: command 0x0419 tx timeout [ 79.428482] Bluetooth: hci6: command 0x0419 tx timeout [ 79.430745] Bluetooth: hci7: command 0x0419 tx timeout [ 81.208568] Bluetooth: hci4: command 0x041b tx timeout [ 81.735835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.741621] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.743517] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.745874] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.753442] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 81.754173] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.758486] Bluetooth: hci3: HCI_REQ-0x0c1a [ 81.998935] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 82.000622] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 82.014622] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 82.035030] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 82.035949] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 82.039989] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 82.060716] Bluetooth: hci5: HCI_REQ-0x0c1a [ 83.256577] Bluetooth: hci4: command 0x040f tx timeout [ 83.769501] Bluetooth: hci3: command 0x0409 tx timeout [ 84.088502] Bluetooth: hci5: command 0x0409 tx timeout [ 85.304507] Bluetooth: hci4: command 0x0419 tx timeout [ 85.816577] Bluetooth: hci3: command 0x041b tx timeout [ 86.136507] Bluetooth: hci5: command 0x041b tx timeout [ 87.864496] Bluetooth: hci3: command 0x040f tx timeout [ 88.184554] Bluetooth: hci5: command 0x040f tx timeout [ 89.912529] Bluetooth: hci3: command 0x0419 tx timeout [ 90.232529] Bluetooth: hci5: command 0x0419 tx timeout 22:06:00 executing program 5: request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)="e2", 0x1, 0x0) add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000000c0)="325bd90ddd92b9edac18b3a0d8c03fea9de9d4713896f557fe1d5df61ebe6e2e7f03bbd1f1b2d47f853f6e6e0435122a7f29e312e20146d2d9d51ae7b2688f5769e7ab1230e59c3c03e45a2151bf80569e3ae9571c9a", 0x56, 0xfffffffffffffff8) request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key(&(0x7f0000000140)='rxrpc\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="b88b71549760409de382d0dc7010a0c8b451955c35967164c55d3e60f7e872993f268522496c17bae01e9f3f89c16a958370f7b33ed9cef3bfc3646dcb2f8bc04508b243b176456873b3005c49795f4e06e62a7e3eb0ffc12ce7cc2edfe2f3303d554d4c23624be3fe72e2ff501f", 0x6e, 0x0) 22:06:00 executing program 5: request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)="e2", 0x1, 0x0) add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000000c0)="325bd90ddd92b9edac18b3a0d8c03fea9de9d4713896f557fe1d5df61ebe6e2e7f03bbd1f1b2d47f853f6e6e0435122a7f29e312e20146d2d9d51ae7b2688f5769e7ab1230e59c3c03e45a2151bf80569e3ae9571c9a", 0x56, 0xfffffffffffffff8) request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key(&(0x7f0000000140)='rxrpc\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="b88b71549760409de382d0dc7010a0c8b451955c35967164c55d3e60f7e872993f268522496c17bae01e9f3f89c16a958370f7b33ed9cef3bfc3646dcb2f8bc04508b243b176456873b3005c49795f4e06e62a7e3eb0ffc12ce7cc2edfe2f3303d554d4c23624be3fe72e2ff501f", 0x6e, 0x0) 22:06:00 executing program 5: request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)="e2", 0x1, 0x0) add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000000c0)="325bd90ddd92b9edac18b3a0d8c03fea9de9d4713896f557fe1d5df61ebe6e2e7f03bbd1f1b2d47f853f6e6e0435122a7f29e312e20146d2d9d51ae7b2688f5769e7ab1230e59c3c03e45a2151bf80569e3ae9571c9a", 0x56, 0xfffffffffffffff8) request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key(&(0x7f0000000140)='rxrpc\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="b88b71549760409de382d0dc7010a0c8b451955c35967164c55d3e60f7e872993f268522496c17bae01e9f3f89c16a958370f7b33ed9cef3bfc3646dcb2f8bc04508b243b176456873b3005c49795f4e06e62a7e3eb0ffc12ce7cc2edfe2f3303d554d4c23624be3fe72e2ff501f", 0x6e, 0x0) 22:06:00 executing program 5: request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)="e2", 0x1, 0x0) add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000000c0)="325bd90ddd92b9edac18b3a0d8c03fea9de9d4713896f557fe1d5df61ebe6e2e7f03bbd1f1b2d47f853f6e6e0435122a7f29e312e20146d2d9d51ae7b2688f5769e7ab1230e59c3c03e45a2151bf80569e3ae9571c9a", 0x56, 0xfffffffffffffff8) request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key(&(0x7f0000000140)='rxrpc\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="b88b71549760409de382d0dc7010a0c8b451955c35967164c55d3e60f7e872993f268522496c17bae01e9f3f89c16a958370f7b33ed9cef3bfc3646dcb2f8bc04508b243b176456873b3005c49795f4e06e62a7e3eb0ffc12ce7cc2edfe2f3303d554d4c23624be3fe72e2ff501f", 0x6e, 0x0) 22:06:00 executing program 5: request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)="e2", 0x1, 0x0) add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000000c0)="325bd90ddd92b9edac18b3a0d8c03fea9de9d4713896f557fe1d5df61ebe6e2e7f03bbd1f1b2d47f853f6e6e0435122a7f29e312e20146d2d9d51ae7b2688f5769e7ab1230e59c3c03e45a2151bf80569e3ae9571c9a", 0x56, 0xfffffffffffffff8) request_key(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='cyz', 0x0) add_key(&(0x7f0000000140)='rxrpc\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="b88b71549760409de382d0dc7010a0c8b451955c35967164c55d3e60f7e872993f268522496c17bae01e9f3f89c16a958370f7b33ed9cef3bfc3646dcb2f8bc04508b243b176456873b3005c49795f4e06e62a7e3eb0ffc12ce7cc2edfe2f3303d554d4c23624be3fe72e2ff501f", 0x6e, 0x0) 22:06:00 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000001200)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000840)=[{&(0x7f00000005c0)="03ab", 0x2}], 0x1}}, {{&(0x7f00000008c0)={0x2, 0xfffe, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x6}]}}}], 0xfffffffffffffe20}}], 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000140)={@private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast1, 0x0, 0x7f}) recvfrom(r1, &(0x7f0000000080)=""/179, 0xb3, 0x2020, &(0x7f0000000140)=@nfc={0x27, 0x1, 0x2}, 0x80) 22:06:00 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x8, 0x1, 0x400}) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r2, &(0x7f0000000080)="01", 0x292e9) [ 119.520632] audit: type=1400 audit(1663625160.830:7): avc: denied { open } for pid=3666 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.524059] audit: type=1400 audit(1663625160.830:8): avc: denied { kernel } for pid=3666 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.549273] ------------[ cut here ]------------ [ 119.549293] [ 119.549296] ====================================================== [ 119.549299] WARNING: possible circular locking dependency detected [ 119.549304] 6.0.0-rc6-next-20220919 #1 Not tainted [ 119.549310] ------------------------------------------------------ [ 119.549314] syz-executor.6/3668 is trying to acquire lock: [ 119.549320] ffffffff853fa838 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 119.549360] [ 119.549360] but task is already holding lock: [ 119.549362] ffff88800e820820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.549390] [ 119.549390] which lock already depends on the new lock. [ 119.549390] [ 119.549393] [ 119.549393] the existing dependency chain (in reverse order) is: [ 119.549397] [ 119.549397] -> #3 (&ctx->lock){....}-{2:2}: [ 119.549411] _raw_spin_lock+0x2a/0x40 [ 119.549429] __perf_event_task_sched_out+0x53b/0x18d0 [ 119.549441] __schedule+0xedd/0x2470 [ 119.549455] schedule+0xda/0x1b0 [ 119.549465] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.549489] syscall_exit_to_user_mode+0x19/0x40 [ 119.549506] do_syscall_64+0x48/0x90 [ 119.549520] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.549538] [ 119.549538] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 119.549552] _raw_spin_lock_nested+0x30/0x40 [ 119.549566] raw_spin_rq_lock_nested+0x1e/0x30 [ 119.549580] task_fork_fair+0x63/0x4d0 [ 119.549596] sched_cgroup_fork+0x3d0/0x540 [ 119.549610] copy_process+0x4183/0x6e20 [ 119.549620] kernel_clone+0xe7/0x890 [ 119.549630] user_mode_thread+0xad/0xf0 [ 119.549640] rest_init+0x24/0x250 [ 119.549656] arch_call_rest_init+0xf/0x14 [ 119.549669] start_kernel+0x4c1/0x4e6 [ 119.549679] secondary_startup_64_no_verify+0xe0/0xeb [ 119.549693] [ 119.549693] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 119.549707] _raw_spin_lock_irqsave+0x39/0x60 [ 119.549722] try_to_wake_up+0xab/0x1920 [ 119.549735] up+0x75/0xb0 [ 119.549746] __up_console_sem+0x6e/0x80 [ 119.549762] console_unlock+0x46a/0x590 [ 119.549777] vprintk_emit+0x1bd/0x560 [ 119.549793] devkmsg_emit.constprop.0+0xbb/0xf4 [ 119.549814] devkmsg_write.cold+0x83/0xd9 [ 119.549831] do_iter_readv_writev+0x211/0x3c0 [ 119.549848] do_iter_write+0x18b/0x700 [ 119.549864] vfs_writev+0x1ae/0x630 [ 119.549880] do_writev+0x133/0x300 [ 119.549895] do_syscall_64+0x3b/0x90 [ 119.549908] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.549925] [ 119.549925] -> #0 ((console_sem).lock){....}-{2:2}: [ 119.549938] __lock_acquire+0x2a02/0x5e70 [ 119.549955] lock_acquire+0x1a2/0x530 [ 119.549970] _raw_spin_lock_irqsave+0x39/0x60 [ 119.549985] down_trylock+0xe/0x70 [ 119.549997] __down_trylock_console_sem+0x3b/0xd0 [ 119.550012] vprintk_emit+0x16b/0x560 [ 119.550028] vprintk+0x84/0xa0 [ 119.550043] _printk+0xba/0xf1 [ 119.550059] report_bug.cold+0x72/0xab [ 119.550072] handle_bug+0x3c/0x70 [ 119.550085] exc_invalid_op+0x14/0x50 [ 119.550098] asm_exc_invalid_op+0x16/0x20 [ 119.550114] group_sched_out.part.0+0x2c7/0x460 [ 119.550124] ctx_sched_out+0x8f1/0xc10 [ 119.550134] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.550146] __schedule+0xedd/0x2470 [ 119.550156] schedule+0xda/0x1b0 [ 119.550165] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.550183] syscall_exit_to_user_mode+0x19/0x40 [ 119.550200] do_syscall_64+0x48/0x90 [ 119.550213] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.550229] [ 119.550229] other info that might help us debug this: [ 119.550229] [ 119.550232] Chain exists of: [ 119.550232] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 119.550232] [ 119.550247] Possible unsafe locking scenario: [ 119.550247] [ 119.550249] CPU0 CPU1 [ 119.550252] ---- ---- [ 119.550254] lock(&ctx->lock); [ 119.550260] lock(&rq->__lock); [ 119.550266] lock(&ctx->lock); [ 119.550272] lock((console_sem).lock); [ 119.550278] [ 119.550278] *** DEADLOCK *** [ 119.550278] [ 119.550280] 2 locks held by syz-executor.6/3668: [ 119.550287] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 119.550313] #1: ffff88800e820820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.550341] [ 119.550341] stack backtrace: [ 119.550344] CPU: 1 PID: 3668 Comm: syz-executor.6 Not tainted 6.0.0-rc6-next-20220919 #1 [ 119.550357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.550365] Call Trace: [ 119.550368] [ 119.550372] dump_stack_lvl+0x8b/0xb3 [ 119.550387] check_noncircular+0x263/0x2e0 [ 119.550403] ? format_decode+0x26c/0xb50 [ 119.550418] ? print_circular_bug+0x450/0x450 [ 119.550435] ? enable_ptr_key_workfn+0x20/0x20 [ 119.550450] ? format_decode+0x26c/0xb50 [ 119.550466] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 119.550483] __lock_acquire+0x2a02/0x5e70 [ 119.550504] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 119.550526] lock_acquire+0x1a2/0x530 [ 119.550542] ? down_trylock+0xe/0x70 [ 119.550557] ? lock_release+0x750/0x750 [ 119.550577] ? vprintk+0x84/0xa0 [ 119.550594] _raw_spin_lock_irqsave+0x39/0x60 [ 119.550609] ? down_trylock+0xe/0x70 [ 119.550623] down_trylock+0xe/0x70 [ 119.550636] ? vprintk+0x84/0xa0 [ 119.550652] __down_trylock_console_sem+0x3b/0xd0 [ 119.550669] vprintk_emit+0x16b/0x560 [ 119.550688] vprintk+0x84/0xa0 [ 119.550704] _printk+0xba/0xf1 [ 119.550722] ? record_print_text.cold+0x16/0x16 [ 119.550743] ? report_bug.cold+0x66/0xab [ 119.550758] ? group_sched_out.part.0+0x2c7/0x460 [ 119.550769] report_bug.cold+0x72/0xab [ 119.550784] handle_bug+0x3c/0x70 [ 119.550797] exc_invalid_op+0x14/0x50 [ 119.550812] asm_exc_invalid_op+0x16/0x20 [ 119.550829] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.550842] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d 5b 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.550853] RSP: 0018:ffff88803ff27c48 EFLAGS: 00010006 [ 119.550862] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.550870] RDX: ffff888035fa1ac0 RSI: ffffffff81566077 RDI: 0000000000000005 [ 119.550878] RBP: ffff8880414685c8 R08: 0000000000000005 R09: 0000000000000001 [ 119.550886] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800e820800 [ 119.550894] R13: ffff88806cf3d140 R14: ffffffff8547c780 R15: 0000000000000002 [ 119.550905] ? group_sched_out.part.0+0x2c7/0x460 [ 119.550918] ? group_sched_out.part.0+0x2c7/0x460 [ 119.550931] ctx_sched_out+0x8f1/0xc10 [ 119.550943] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.550958] ? lock_is_held_type+0xd7/0x130 [ 119.550976] ? __perf_cgroup_move+0x160/0x160 [ 119.550988] ? set_next_entity+0x304/0x550 [ 119.551005] ? update_curr+0x267/0x740 [ 119.551023] ? lock_is_held_type+0xd7/0x130 [ 119.551042] __schedule+0xedd/0x2470 [ 119.551055] ? io_schedule_timeout+0x150/0x150 [ 119.551068] ? __x64_sys_futex_time32+0x480/0x480 [ 119.551082] schedule+0xda/0x1b0 [ 119.551093] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.551113] syscall_exit_to_user_mode+0x19/0x40 [ 119.551131] do_syscall_64+0x48/0x90 [ 119.551145] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.551162] RIP: 0033:0x7f321e454b19 [ 119.551171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.551182] RSP: 002b:00007f321b9ca218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.551193] RAX: 0000000000000001 RBX: 00007f321e567f68 RCX: 00007f321e454b19 [ 119.551201] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f321e567f6c [ 119.551208] RBP: 00007f321e567f60 R08: 000000000000000e R09: 0000000000000000 [ 119.551215] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f321e567f6c [ 119.551223] R13: 00007ffea683a52f R14: 00007f321b9ca300 R15: 0000000000022000 [ 119.551236] [ 119.607006] WARNING: CPU: 1 PID: 3668 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 119.607653] Modules linked in: [ 119.607892] CPU: 1 PID: 3668 Comm: syz-executor.6 Not tainted 6.0.0-rc6-next-20220919 #1 [ 119.608472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.609261] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.609644] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d 5b 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.610914] RSP: 0018:ffff88803ff27c48 EFLAGS: 00010006 [ 119.611293] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.611799] RDX: ffff888035fa1ac0 RSI: ffffffff81566077 RDI: 0000000000000005 [ 119.612307] RBP: ffff8880414685c8 R08: 0000000000000005 R09: 0000000000000001 [ 119.612812] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800e820800 [ 119.613314] R13: ffff88806cf3d140 R14: ffffffff8547c780 R15: 0000000000000002 [ 119.613817] FS: 00007f321b9ca700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 119.614387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.614799] CR2: 0000001b2df21000 CR3: 000000001f1c0000 CR4: 0000000000350ee0 [ 119.615304] Call Trace: [ 119.615490] [ 119.615656] ctx_sched_out+0x8f1/0xc10 [ 119.615941] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.616321] ? lock_is_held_type+0xd7/0x130 [ 119.616639] ? __perf_cgroup_move+0x160/0x160 [ 119.616960] ? set_next_entity+0x304/0x550 [ 119.617271] ? update_curr+0x267/0x740 [ 119.617559] ? lock_is_held_type+0xd7/0x130 [ 119.617874] __schedule+0xedd/0x2470 [ 119.618145] ? io_schedule_timeout+0x150/0x150 [ 119.618477] ? __x64_sys_futex_time32+0x480/0x480 [ 119.618824] schedule+0xda/0x1b0 [ 119.619073] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.619437] syscall_exit_to_user_mode+0x19/0x40 [ 119.619782] do_syscall_64+0x48/0x90 [ 119.620055] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.620439] RIP: 0033:0x7f321e454b19 [ 119.620706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.621962] RSP: 002b:00007f321b9ca218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.622497] RAX: 0000000000000001 RBX: 00007f321e567f68 RCX: 00007f321e454b19 [ 119.623004] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f321e567f6c [ 119.623503] RBP: 00007f321e567f60 R08: 000000000000000e R09: 0000000000000000 [ 119.624004] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f321e567f6c [ 119.624506] R13: 00007ffea683a52f R14: 00007f321b9ca300 R15: 0000000000022000 [ 119.625010] [ 119.625188] irq event stamp: 948 [ 119.625444] hardirqs last enabled at (947): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 119.626138] hardirqs last disabled at (948): [] __schedule+0x1225/0x2470 [ 119.626745] softirqs last enabled at (744): [] __irq_exit_rcu+0x11b/0x180 [ 119.627381] softirqs last disabled at (541): [] __irq_exit_rcu+0x11b/0x180 [ 119.628015] ---[ end trace 0000000000000000 ]--- 22:06:00 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000001200)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000840)=[{&(0x7f00000005c0)="03ab", 0x2}], 0x1}}, {{&(0x7f00000008c0)={0x2, 0xfffe, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x6}]}}}], 0xfffffffffffffe20}}], 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000140)={@private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast1, 0x0, 0x7f}) recvfrom(r1, &(0x7f0000000080)=""/179, 0xb3, 0x2020, &(0x7f0000000140)=@nfc={0x27, 0x1, 0x2}, 0x80) [ 119.892633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.898560] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.912601] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.917328] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.924083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.951828] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.955826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.956884] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.590356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.591065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.591219] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.592406] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.135677] loop3: detected capacity change from 0 to 264192 [ 122.136983] FAT-fs (loop3): Unrecognized mount option "nnonumtail=1" or missing value VM DIAGNOSIS: 22:06:01 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=ffffffff8135b65c RCX=ffff8880414a77c0 RDX=1ffff11008294eef RSI=ffff8880414a77b8 RDI=ffffffff8135b65c RBP=ffffffff8135b65c RSP=ffff8880414a76d0 R8 =ffffffff85e2e682 R9 =ffffffff85e2e686 R10=ffffed1008294ef1 R11=ffff8880414a7760 R12=ffff8880414a77e8 R13=0000000000000000 R14=ffff88803e959ac0 R15=ffff888007c75000 RIP=ffffffff811d60b2 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9e147e5310 CR3=0000000022422000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b2e71 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff88803ff27698 R8 =0000000000000001 R9 =000000000000000a R10=000000000000002e R11=0000000000000001 R12=000000000000002e R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b2e60 RIP=ffffffff822b2ec9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f321b9ca700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2df21000 CR3=000000001f1c0000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000 YMM01=0000000000000000 0000000000000000 2323232323232323 2323232323232323 YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000