Warning: Permanently added '[localhost]:52010' (ECDSA) to the list of known hosts. 2022/09/24 06:19:58 fuzzer started 2022/09/24 06:19:58 dialing manager at localhost:38881 syzkaller login: [ 36.244672] cgroup: Unknown subsys name 'net' [ 36.347258] cgroup: Unknown subsys name 'rlimit' 2022/09/24 06:20:12 syscalls: 2215 2022/09/24 06:20:12 code coverage: enabled 2022/09/24 06:20:12 comparison tracing: enabled 2022/09/24 06:20:12 extra coverage: enabled 2022/09/24 06:20:12 setuid sandbox: enabled 2022/09/24 06:20:12 namespace sandbox: enabled 2022/09/24 06:20:12 Android sandbox: enabled 2022/09/24 06:20:12 fault injection: enabled 2022/09/24 06:20:12 leak checking: enabled 2022/09/24 06:20:12 net packet injection: enabled 2022/09/24 06:20:12 net device setup: enabled 2022/09/24 06:20:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/24 06:20:12 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/24 06:20:12 USB emulation: enabled 2022/09/24 06:20:12 hci packet injection: enabled 2022/09/24 06:20:12 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/24 06:20:12 802.15.4 emulation: enabled 2022/09/24 06:20:12 fetching corpus: 50, signal 26313/28103 (executing program) 2022/09/24 06:20:13 fetching corpus: 100, signal 37175/40568 (executing program) 2022/09/24 06:20:13 fetching corpus: 150, signal 41425/46369 (executing program) 2022/09/24 06:20:13 fetching corpus: 200, signal 54268/60414 (executing program) 2022/09/24 06:20:13 fetching corpus: 250, signal 59060/66582 (executing program) 2022/09/24 06:20:13 fetching corpus: 300, signal 65114/73805 (executing program) 2022/09/24 06:20:13 fetching corpus: 350, signal 68478/78414 (executing program) 2022/09/24 06:20:13 fetching corpus: 400, signal 73224/84236 (executing program) 2022/09/24 06:20:13 fetching corpus: 450, signal 76868/88968 (executing program) 2022/09/24 06:20:14 fetching corpus: 500, signal 81580/94648 (executing program) 2022/09/24 06:20:14 fetching corpus: 550, signal 84926/98983 (executing program) 2022/09/24 06:20:14 fetching corpus: 600, signal 87413/102500 (executing program) 2022/09/24 06:20:14 fetching corpus: 650, signal 91711/107543 (executing program) 2022/09/24 06:20:14 fetching corpus: 700, signal 97040/113527 (executing program) 2022/09/24 06:20:14 fetching corpus: 750, signal 99757/117086 (executing program) 2022/09/24 06:20:14 fetching corpus: 800, signal 101662/119967 (executing program) 2022/09/24 06:20:14 fetching corpus: 850, signal 103951/123055 (executing program) 2022/09/24 06:20:15 fetching corpus: 900, signal 106041/125967 (executing program) 2022/09/24 06:20:15 fetching corpus: 950, signal 108881/129398 (executing program) 2022/09/24 06:20:15 fetching corpus: 1000, signal 110518/131833 (executing program) 2022/09/24 06:20:15 fetching corpus: 1050, signal 113633/135451 (executing program) 2022/09/24 06:20:15 fetching corpus: 1100, signal 116132/138498 (executing program) 2022/09/24 06:20:15 fetching corpus: 1150, signal 118502/141441 (executing program) 2022/09/24 06:20:15 fetching corpus: 1200, signal 121098/144470 (executing program) 2022/09/24 06:20:15 fetching corpus: 1250, signal 122585/146597 (executing program) 2022/09/24 06:20:16 fetching corpus: 1300, signal 123947/148682 (executing program) 2022/09/24 06:20:16 fetching corpus: 1350, signal 126531/151668 (executing program) 2022/09/24 06:20:16 fetching corpus: 1400, signal 128475/154077 (executing program) 2022/09/24 06:20:16 fetching corpus: 1450, signal 129445/155663 (executing program) 2022/09/24 06:20:16 fetching corpus: 1500, signal 130364/157256 (executing program) 2022/09/24 06:20:16 fetching corpus: 1550, signal 132794/159958 (executing program) 2022/09/24 06:20:16 fetching corpus: 1600, signal 133853/161570 (executing program) 2022/09/24 06:20:16 fetching corpus: 1650, signal 135059/163335 (executing program) 2022/09/24 06:20:16 fetching corpus: 1700, signal 136818/165464 (executing program) 2022/09/24 06:20:17 fetching corpus: 1750, signal 138165/167257 (executing program) 2022/09/24 06:20:17 fetching corpus: 1800, signal 140031/169418 (executing program) 2022/09/24 06:20:17 fetching corpus: 1850, signal 141413/171189 (executing program) 2022/09/24 06:20:17 fetching corpus: 1900, signal 142328/172647 (executing program) 2022/09/24 06:20:17 fetching corpus: 1950, signal 143741/174418 (executing program) 2022/09/24 06:20:17 fetching corpus: 2000, signal 144665/175828 (executing program) 2022/09/24 06:20:17 fetching corpus: 2050, signal 145901/177452 (executing program) 2022/09/24 06:20:17 fetching corpus: 2100, signal 147054/178939 (executing program) 2022/09/24 06:20:18 fetching corpus: 2150, signal 148295/180518 (executing program) 2022/09/24 06:20:18 fetching corpus: 2200, signal 149473/182014 (executing program) 2022/09/24 06:20:18 fetching corpus: 2250, signal 150286/183244 (executing program) 2022/09/24 06:20:18 fetching corpus: 2300, signal 151171/184547 (executing program) 2022/09/24 06:20:18 fetching corpus: 2350, signal 151775/185662 (executing program) 2022/09/24 06:20:18 fetching corpus: 2400, signal 152964/187119 (executing program) 2022/09/24 06:20:18 fetching corpus: 2450, signal 154532/188733 (executing program) 2022/09/24 06:20:18 fetching corpus: 2500, signal 155470/189901 (executing program) 2022/09/24 06:20:19 fetching corpus: 2550, signal 156938/191432 (executing program) 2022/09/24 06:20:19 fetching corpus: 2600, signal 157981/192727 (executing program) 2022/09/24 06:20:19 fetching corpus: 2650, signal 158733/193795 (executing program) 2022/09/24 06:20:19 fetching corpus: 2700, signal 159814/195060 (executing program) 2022/09/24 06:20:19 fetching corpus: 2750, signal 160720/196200 (executing program) 2022/09/24 06:20:19 fetching corpus: 2800, signal 162117/197610 (executing program) 2022/09/24 06:20:19 fetching corpus: 2850, signal 162823/198644 (executing program) 2022/09/24 06:20:20 fetching corpus: 2900, signal 164100/199924 (executing program) 2022/09/24 06:20:20 fetching corpus: 2950, signal 165032/200980 (executing program) 2022/09/24 06:20:20 fetching corpus: 3000, signal 166295/202213 (executing program) 2022/09/24 06:20:20 fetching corpus: 3050, signal 168328/203756 (executing program) 2022/09/24 06:20:20 fetching corpus: 3100, signal 169722/205024 (executing program) 2022/09/24 06:20:20 fetching corpus: 3150, signal 170786/206117 (executing program) 2022/09/24 06:20:20 fetching corpus: 3200, signal 171915/207326 (executing program) 2022/09/24 06:20:21 fetching corpus: 3250, signal 172786/208359 (executing program) 2022/09/24 06:20:21 fetching corpus: 3300, signal 173683/209314 (executing program) 2022/09/24 06:20:21 fetching corpus: 3350, signal 174753/210314 (executing program) 2022/09/24 06:20:21 fetching corpus: 3400, signal 175303/211125 (executing program) 2022/09/24 06:20:21 fetching corpus: 3450, signal 175952/211910 (executing program) 2022/09/24 06:20:21 fetching corpus: 3500, signal 176651/212723 (executing program) 2022/09/24 06:20:21 fetching corpus: 3550, signal 177348/213530 (executing program) 2022/09/24 06:20:21 fetching corpus: 3600, signal 179135/214740 (executing program) 2022/09/24 06:20:22 fetching corpus: 3650, signal 179860/215489 (executing program) 2022/09/24 06:20:22 fetching corpus: 3700, signal 180456/216205 (executing program) 2022/09/24 06:20:22 fetching corpus: 3750, signal 181310/217001 (executing program) 2022/09/24 06:20:22 fetching corpus: 3800, signal 181591/217591 (executing program) 2022/09/24 06:20:22 fetching corpus: 3850, signal 182908/218547 (executing program) 2022/09/24 06:20:22 fetching corpus: 3900, signal 183725/219271 (executing program) 2022/09/24 06:20:22 fetching corpus: 3950, signal 184463/219964 (executing program) 2022/09/24 06:20:22 fetching corpus: 4000, signal 185347/220721 (executing program) 2022/09/24 06:20:23 fetching corpus: 4050, signal 186256/221448 (executing program) 2022/09/24 06:20:23 fetching corpus: 4100, signal 186895/222053 (executing program) 2022/09/24 06:20:23 fetching corpus: 4150, signal 187450/222665 (executing program) 2022/09/24 06:20:23 fetching corpus: 4200, signal 188166/223266 (executing program) 2022/09/24 06:20:23 fetching corpus: 4250, signal 188688/223855 (executing program) 2022/09/24 06:20:23 fetching corpus: 4300, signal 189523/224490 (executing program) 2022/09/24 06:20:23 fetching corpus: 4350, signal 190118/225030 (executing program) 2022/09/24 06:20:23 fetching corpus: 4400, signal 190808/225609 (executing program) 2022/09/24 06:20:24 fetching corpus: 4450, signal 191867/226282 (executing program) 2022/09/24 06:20:24 fetching corpus: 4500, signal 192321/226746 (executing program) 2022/09/24 06:20:24 fetching corpus: 4550, signal 193084/227300 (executing program) 2022/09/24 06:20:24 fetching corpus: 4600, signal 194198/227922 (executing program) 2022/09/24 06:20:24 fetching corpus: 4650, signal 195341/228509 (executing program) 2022/09/24 06:20:24 fetching corpus: 4700, signal 196348/229058 (executing program) 2022/09/24 06:20:24 fetching corpus: 4750, signal 196783/229539 (executing program) 2022/09/24 06:20:25 fetching corpus: 4800, signal 197422/229990 (executing program) 2022/09/24 06:20:25 fetching corpus: 4850, signal 197827/230421 (executing program) 2022/09/24 06:20:25 fetching corpus: 4900, signal 198140/230818 (executing program) 2022/09/24 06:20:25 fetching corpus: 4950, signal 199849/231391 (executing program) 2022/09/24 06:20:25 fetching corpus: 5000, signal 200728/231883 (executing program) 2022/09/24 06:20:25 fetching corpus: 5050, signal 201435/232283 (executing program) 2022/09/24 06:20:25 fetching corpus: 5100, signal 202602/232742 (executing program) 2022/09/24 06:20:25 fetching corpus: 5150, signal 203379/233162 (executing program) 2022/09/24 06:20:26 fetching corpus: 5200, signal 203756/233510 (executing program) 2022/09/24 06:20:26 fetching corpus: 5250, signal 204365/233850 (executing program) 2022/09/24 06:20:26 fetching corpus: 5300, signal 204977/234224 (executing program) 2022/09/24 06:20:26 fetching corpus: 5350, signal 205520/234505 (executing program) 2022/09/24 06:20:26 fetching corpus: 5400, signal 205972/234805 (executing program) 2022/09/24 06:20:26 fetching corpus: 5450, signal 206558/235117 (executing program) 2022/09/24 06:20:26 fetching corpus: 5500, signal 207288/235430 (executing program) 2022/09/24 06:20:26 fetching corpus: 5550, signal 207947/235692 (executing program) 2022/09/24 06:20:27 fetching corpus: 5600, signal 208270/235919 (executing program) 2022/09/24 06:20:27 fetching corpus: 5650, signal 208635/236184 (executing program) 2022/09/24 06:20:27 fetching corpus: 5700, signal 209563/236477 (executing program) 2022/09/24 06:20:27 fetching corpus: 5750, signal 210125/236721 (executing program) 2022/09/24 06:20:27 fetching corpus: 5800, signal 210701/236948 (executing program) 2022/09/24 06:20:27 fetching corpus: 5850, signal 211149/237080 (executing program) 2022/09/24 06:20:27 fetching corpus: 5900, signal 211846/237104 (executing program) 2022/09/24 06:20:27 fetching corpus: 5950, signal 212494/237105 (executing program) 2022/09/24 06:20:27 fetching corpus: 6000, signal 212977/237110 (executing program) 2022/09/24 06:20:28 fetching corpus: 6050, signal 213339/237125 (executing program) 2022/09/24 06:20:28 fetching corpus: 6100, signal 213822/237133 (executing program) 2022/09/24 06:20:28 fetching corpus: 6106, signal 213971/237133 (executing program) 2022/09/24 06:20:28 fetching corpus: 6106, signal 213971/237133 (executing program) 2022/09/24 06:20:30 starting 8 fuzzer processes 06:20:30 executing program 0: ptrace$getsig(0x4202, 0xffffffffffffffff, 0x9, &(0x7f0000000000)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=0x0) ptrace$getsig(0x4202, r0, 0xfff00000000000, &(0x7f00000000c0)) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) ptrace$getsig(0x4202, r1, 0x10000, &(0x7f0000000180)) r2 = getpgrp(0xffffffffffffffff) ptrace$getsig(0x4202, r2, 0x80, &(0x7f0000000200)) sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000440)={&(0x7f00000002c0)={0x164, 0x0, 0x4, 0x70bd2a, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}]}, 0x164}, 0x1, 0x0, 0x0, 0x890}, 0x20000006) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000c1}, 0xc, &(0x7f00000006c0)={&(0x7f0000000500)={0x1bc, 0x0, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8}, {0x6, 0x11, 0x3978}, {0x8, 0x15, 0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xffff}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x400000}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x81}, {0x6, 0x11, 0xff}, {0x8, 0x15, 0x9}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0xffff}, {0x8, 0x15, 0xffff}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x58e2}, {0x8, 0x15, 0xb00}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xfffffffd}, {0x6, 0x11, 0x1f}, {0x8, 0x15, 0x7}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xffff}, {0x6, 0x11, 0xff81}, {0x8, 0x15, 0x3}}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x20044000}, 0x40080) ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000740)={0x2, 0x6, 0x4, 0xfff, 0x4, 0xb}) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000780), &(0x7f00000007c0)=0x30) ptrace$getsig(0x4202, r1, 0x6, &(0x7f0000000800)) r4 = pidfd_getfd(0xffffffffffffffff, r3, 0x0) bind$bt_sco(r4, &(0x7f0000000880)={0x1f, @none}, 0x8) ioctl$FIONREAD(r4, 0x541b, &(0x7f00000008c0)) sendmsg$IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x50, 0x0, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa1}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_STATUS={0x5}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x50}, 0x1, 0x0, 0x0, 0x4040001}, 0x4000000) getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f0000000a40)=""/41, &(0x7f0000000a80)=0x29) ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000ac0)={0x5, 0x6, 0xfffa, 0x83, 0x4, 0x9}) ioctl$BTRFS_IOC_START_SYNC(r4, 0x80089418, &(0x7f0000000b00)) 06:20:30 executing program 1: keyctl$update(0x2, 0x0, 0x0, 0x0) keyctl$setperm(0x5, 0x0, 0x20008) r0 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='\x00', 0xfffffffffffffffc) keyctl$KEYCTL_MOVE(0x1e, 0x0, r0, 0xfffffffffffffffa, 0x1) keyctl$setperm(0x5, r0, 0x20010000) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000140)="990c28df2fcb087afbbf4d24e0544f3f84f12901cb9216082c3f2a29a4604f75b84ddd009e06242ed46bed896cb23334659a757c72beb6b3446cf7d8b503e562a9398eb00e07bc1d825d1444e80d76a2274612b18563263faa3f8184115ab05e92d2da5279f5a0fe46e2a30ed48e7295b25e58cb51cc88d76566cef0246be1ca315c15acdfaf321bfb8f9813f82d442e", 0x90, 0x0) keyctl$get_security(0x11, r1, &(0x7f0000000200)=""/39, 0x27) r2 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, r0) keyctl$get_security(0x11, r0, &(0x7f00000002c0)=""/173, 0xad) keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000000380)={r0, 0xda, 0x14}, 0x0, &(0x7f00000003c0)="b79269e85b5805480bcea56252c4593bf2061f2fa42bcdd2d4e847551dc2798f2e0e4fd79d9a4b03a367da2e388446fbf36ceb07413bf6ef162e72fc14ba39389ed4b129294b02434146bf5954beec4bd1499b3a48cc3b80dec3865cd39cec6cf59a518c0bde943fc163941f03748b6c5e4ab6cb27a21c73dc4192ecf9ee0b11355cf3ca23a64e525db813ff3c983b70b72a7f0f769f1eb728be7da3f1acfa14ba6cc4031f2123d2ff02d2e936ca894953fed9a24e7dfd31b8cea4ca265ca28f6d8f5c0f6497faff5614cb9ffc03c57c58faeabc24c038098a65", &(0x7f00000004c0)=""/20) r3 = request_key(&(0x7f0000000500)='id_resolver\x00', &(0x7f0000000540)={'syz', 0x3}, &(0x7f0000000580)='keyring\x00', r2) r4 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x0}, 0x0, 0x0, r2) r5 = add_key(&(0x7f0000000640)='.dead\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)="d4b75e021d2d09953e2d4252b9bac4c3dc338b7057786c461ae32be57e4c60af74", 0x21, r3) keyctl$KEYCTL_MOVE(0x1e, r0, r4, r5, 0x1) add_key(&(0x7f0000000700)='id_legacy\x00', &(0x7f0000000740)={'syz', 0x0}, &(0x7f0000000780)="d6b27f7b100b4db9afca3f19e2702328d7d826786c34844a5a523647b5b3c1de2ae160cd9062c9aa5d5801ce49b4e28f33c894d3e6fcd5c7a38daa0a0ce2440dbd2551cb4937a6d5063fedc68a5432ecd80825a3d531ea0bc2c890978a70eb47c48b3855cfeac0a3ba3cf0168c4f63faf1b52d20edb6e8072e1114606fea99c8b626804e1c0355e7a310b7afc954c3a2f5f784e109b9b60a593896d4b9c961bba4234bd5cf3fc6a8e839fc5908c7b859e13be1df90", 0xb5, r3) r6 = request_key(&(0x7f0000000840)='cifs.spnego\x00', &(0x7f0000000880)={'syz', 0x0}, &(0x7f00000008c0)=':\x00', r5) keyctl$get_security(0x11, r6, &(0x7f0000000900)=""/61, 0x3d) add_key$keyring(&(0x7f0000000940), &(0x7f0000000980)={'syz', 0x3}, 0x0, 0x0, r6) request_key(&(0x7f00000009c0)='id_legacy\x00', &(0x7f0000000a00)={'syz', 0x2}, &(0x7f0000000a40)='id_resolver\x00', 0xffffffffffffffff) keyctl$unlink(0x9, r4, 0xfffffffffffffffa) 06:20:30 executing program 2: syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040), 0x7fff, 0x50c40) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x4, 0x70bd2b, 0x25dfdbfe, {{}, {}, {0x1c, 0x18, {0x4, @bearer=@l2={'ib', 0x3a, 'veth0_to_batadv\x00'}}}}, ["", "", "", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x240008c1}, 0x4884) recvmmsg$unix(r0, &(0x7f00000007c0)=[{{&(0x7f0000000180), 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000200)=""/188, 0xbc}, {&(0x7f00000002c0)=""/44, 0x2c}, {&(0x7f0000000300)=""/17, 0x11}, {&(0x7f0000000340)=""/227, 0xe3}, {&(0x7f0000000440)=""/172, 0xac}, {&(0x7f0000000500)=""/159, 0x9f}], 0x6, &(0x7f0000000640)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}, {{&(0x7f0000000700)=@abs, 0x6e, &(0x7f0000000780)}}], 0x2, 0x2002, &(0x7f0000000840)={0x77359400}) finit_module(r3, &(0x7f0000000880)='*\x00', 0x5) r5 = syz_open_dev$mouse(&(0x7f00000008c0), 0x6af1, 0x400000) setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000940)={0x1, &(0x7f0000000900)=[{0x1000, 0x80, 0xe0, 0x4}]}, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000009c0), r5) sendmsg$NL80211_CMD_SET_PMK(r4, &(0x7f0000000ac0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x50, r6, 0x200, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "e848cf17eb34a848fe2d92c409c5f51e"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "15e1e0fb861bff3091bed892959588be"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x0) r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) read(r7, &(0x7f0000000b00)=""/171, 0xab) r8 = syz_open_dev$vcsa(&(0x7f0000000bc0), 0x0, 0x303c80) ioctl$AUTOFS_DEV_IOCTL_VERSION(r8, 0xc0189371, &(0x7f0000000c00)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) lremovexattr(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)=@random={'btrfs.', '/dev/input/mouse#\x00'}) r9 = openat(r7, &(0x7f0000000cc0)='./file0\x00', 0x4040, 0x180) ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x40082404, &(0x7f0000000d00)=0x7) r10 = signalfd(r1, &(0x7f0000000d40)={[0x8]}, 0x8) r11 = syz_genetlink_get_family_id$nl80211(0xfffffffffffffffe, r8) sendmsg$NL80211_CMD_CONNECT(r10, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x28, r11, 0x800, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PREV_BSSID={0xa, 0x4f, @from_mac=@broadcast}]}, 0x28}}, 0x2000c004) setsockopt$packet_fanout_data(r10, 0x107, 0x16, &(0x7f0000000ec0)={0x1, &(0x7f0000000e80)=[{0x9, 0x40, 0x3, 0x5}]}, 0x10) 06:20:30 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x2) sendmsg$NFT_BATCH(r0, &(0x7f0000000800)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xffffffffffffffff}]}, @NFT_MSG_DELSET={0x2fc, 0xb, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_DESC={0x2c8, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x144, 0x2, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x40}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10001}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3f}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x198f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9948}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xe1e}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10000}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xca}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x200}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x95e5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3d8a}]}]}, @NFTA_SET_DESC_CONCAT={0x5c, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfff000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff9}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10000}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xffffffc1}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3f}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_DESC_CONCAT={0x104, 0x2, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1000}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fff}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffd44}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x81}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc89}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x70b}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xdb85}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc7a}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x800}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1ff}, @NFTA_SET_FIELD_LEN={0x8}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x5}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x22}]}, @NFT_MSG_DELFLOWTABLE={0x300, 0x18, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK={0x160, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_HOOK_DEVS={0xa4, 0x3, 0x0, 0x1, [{0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'veth1_to_batadv\x00'}, {0x14, 0x1, 'geneve0\x00'}, {0x14, 0x1, 'bridge_slave_1\x00'}, {0x14, 0x1, 'macvlan0\x00'}, {0x14, 0x1, 'syz_tun\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'virt_wifi0\x00'}, {0x14, 0x1, 'macvlan0\x00'}, {0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'syzkaller1\x00'}, {0x14, 0x1, 'batadv_slave_1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HOOK={0xc4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_macvtap\x00'}, {0x14, 0x1, 'syz_tun\x00'}, {0x14, 0x1, 'veth0_to_hsr\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14}, {0x14, 0x1, 'xfrm0\x00'}, {0x14}, {0x14, 0x1, 'batadv_slave_0\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x88, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syzkaller1\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14}, {0x14, 0x1, 'lo\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x400}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWTABLE={0x60, 0x0, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x18, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}]}], {0x14}}, 0x72c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000840), &(0x7f0000000880)=0x4) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x64, 0x2, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x6}, [@CTA_PROTOINFO={0x50, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0x4c, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0x9}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0xffff}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0x80000000}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0x1}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0xfffffffffffffff9}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x8000000) r1 = accept$packet(r0, 0x0, &(0x7f0000000ac0)) ioctl$sock_TIOCOUTQ(r1, 0x5411, &(0x7f0000000b00)) pwrite64(r0, &(0x7f0000000b40)="2a57bfc368ff153eeab90cac1c207ad7b3be13e38742a4840acc1d0e526f4a726ce0a4b8a538452d47b21e9757d0fe96be7034b88d7788752eb76595db20c47e73882d6dc87ce2cc1bc849fc733390d25c815db5c4870cca758293bb55abc2e01743296d29903d16a71f221874d2b3a1ef6f4e2bc7d03cbff998c38734d9", 0x7e, 0x468f) r2 = io_uring_setup(0x30f9, &(0x7f0000000bc0)={0x0, 0x2829, 0x4, 0x3, 0x269, 0x0, r0}) ioctl$FIOCLEX(r2, 0x5451) recvmsg$unix(r0, &(0x7f0000000e80)={&(0x7f0000000c40)=@abs, 0x6e, &(0x7f0000000d40)=[{&(0x7f0000000cc0)=""/97, 0x61}], 0x1, &(0x7f0000000d80)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}, 0x10020) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r5, 0x29, 0x41, &(0x7f0000000ec0)={'security\x00', 0x2, [{}, {}]}, 0x48) sendmsg$IPSET_CMD_DEL(r6, &(0x7f00000010c0)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001080)={&(0x7f0000000f80)={0xd0, 0xa, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_ADT={0x34, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x36}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x59}}, {0x18, 0x7, 0x0, 0x1, @IPSET_ATTR_IFACE={0x14, 0x17, 'netdevsim0\x00'}}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x20}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PROTO={0x5}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_ADT={0x3c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0xd4}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x101}}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004814) ioctl$LOOP_CHANGE_FD(r8, 0x4c06, r7) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r10, 0xc0502100, &(0x7f0000001180)={0x0, 0x0}) perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x59, 0xe9, 0x80, 0x3, 0x0, 0x4, 0x4000a, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0xfff, 0x3}, 0x8c00, 0x2, 0x4a, 0x8, 0x8001, 0x6, 0x8001, 0x0, 0xd289, 0x0, 0x400}, r11, 0x6, r4, 0x3) getpeername$packet(r3, &(0x7f0000001200)={0x11, 0x0, 0x0}, &(0x7f0000001240)=0x14) sendmsg$NFQNL_MSG_VERDICT_BATCH(r4, &(0x7f0000001340)={&(0x7f0000001280), 0xc, &(0x7f0000001300)={&(0x7f00000012c0)={0x3c, 0x3, 0x3, 0x401, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0x8000}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x7fffffff}, @NFQA_VERDICT_HDR={0xc, 0x2, {0x0, 0xc896}}, @NFQA_MARK={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4001) r13 = openat$cgroup_ro(r9, &(0x7f00000013c0)='cpuset.effective_mems\x00', 0x0, 0x0) sendmsg$GTP_CMD_GETPDP(r5, &(0x7f00000014c0)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001480)={&(0x7f0000001400)={0x64, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_TID={0xc}, @GTPA_VERSION={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @GTPA_LINK={0x8, 0x1, r12}, @GTPA_LINK={0x8, 0x1, r12}, @GTPA_NET_NS_FD={0x8, 0x7, r13}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_TID={0xc, 0x3, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x8045) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r13, 0xc0502100, &(0x7f0000001500)) [ 68.503367] audit: type=1400 audit(1664000430.784:6): avc: denied { execmem } for pid=283 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 06:20:30 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x2, 0x70bd2c, 0x25dfdbfc, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x801) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, 0x0, 0x20, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40050}, 0x20000000) sendmsg$NFNL_MSG_ACCT_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x38, 0x1, 0x7, 0x5, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x2}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x3ec}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x8800}, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000380)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r1, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x80, r2, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x40) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_NETNS_FD={0x8}]}, 0x1c}}, 0x800) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r5, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x58, 0x0, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x14}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x20000) r6 = syz_open_dev$vcsn(&(0x7f0000000700), 0xd, 0x20080) sendmsg$TIPC_CMD_SHOW_PORTS(r6, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, 0x0, 0x400, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x4040) sendmsg$NLBL_CALIPSO_C_ADD(r5, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}}, 0x1) r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000980), r5) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14, r7, 0x4, 0x70bd2c, 0x25dfdbfd}, 0x14}}, 0x4040000) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000a80)='/proc/sysvipc/shm\x00', 0x0, 0x0) sendmsg$NL80211_CMD_SET_MPATH(r8, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x8c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x3}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4}, 0x24000000) sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x50, r2, 0x100, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x280000000}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_IFTYPE={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000890}, 0x4820) 06:20:30 executing program 4: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x57]}, 0x8, 0x800) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x5) ftruncate(r0, 0x6) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r2, 0x400, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x9, 0x14}}}}, [@NL80211_ATTR_DISABLE_HT={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x810) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0, {0x1f, 0x20}}, './file0\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f0000000280)={0x1c0, r2, 0x300, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0x38, 0x2a, [@ht={0x2d, 0x1a, {0x8000, 0x1, 0x0, 0x0, {0x9, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, 0x1, 0xe3, 0x81}}, @peer_mgmt={0x75, 0x16, {0x6, 0x5, @void, @val=0x2f, @val="b90776c0ee81beb0e056ddb394171ab9"}}]}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}, @fils_params=[@NL80211_ATTR_FILS_ERP_REALM={0x56, 0xfa, "d8800687e377de9c84a977aa12e5e5760a3c12302869b71bc58aadf2bc77ea17db9a7f6fe30dbb988a4e48b9d23ac3b4b33240a3685974df05bb63b3b0ccc36f514b75da0c24a08c5b3153fabb8f91a3e1ef"}, @NL80211_ATTR_FILS_ERP_REALM={0xf4, 0xfa, "6fe026ddaf07e3be11995b0c8c0eb5910d989253d029cf87fa0a5eb378e4387e35cf9819fd21d07a89f0d58c65ab08d85094ba401963a94f5e65ff9e4a9cae6eee5ec1a1939234930b192f86cacddd6815f352e3ea30b2b76d17f0ddd1b32b4ebdf79240d38d172de551d5572881e6f5853c13f855d7c594cf0fda2cfcb88c84033583dba8a603eba60406e7d309831a4bb87f5d615369952e42dc488242e3be0c09a7a66e59fb4f643cfd9ae44d0102502f09f35d10bf99fe7a44eeb3dd7e7c7ce4fdc18c146592bbba1fecde886816578b69b96fbcd6457b6b16c93f7a4cef7169245cb8263e352a73717b53982690"}], @NL80211_ATTR_USE_MFP={0x8}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x1}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x6}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x20000040}, 0x20040004) finit_module(r0, &(0x7f00000004c0)='}\x00', 0x0) close(0xffffffffffffffff) sendfile(r0, r0, &(0x7f0000000500)=0x2, 0x200) sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd26, 0x25dfdbff, {{}, {}, {0x8, 0x2, 0x8}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x20000810) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f0000000640)={'raw\x00', 0x0, [0x4, 0x8, 0x1, 0x1fa2, 0x7fff]}, &(0x7f00000006c0)=0x54) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r3, 0x40047211, &(0x7f0000000700)=0x2) openat(r0, &(0x7f0000000740)='./file0\x00', 0x2000, 0x6a) r4 = dup(0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r4, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, r1, 0x200, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x48880) r5 = syz_open_dev$hidraw(&(0x7f0000000880), 0x5, 0x0) ioctl$INCFS_IOC_PERMIT_FILL(r5, 0x40046721, &(0x7f0000000900)) 06:20:30 executing program 6: ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000000)={{0x3, 0x7}, 0x100, './file0\x00'}) symlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00') r0 = syz_open_dev$char_usb(0xc, 0xb4, 0xb470) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f00000001c0)) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000200)='.log\x00', 0x81000, 0x2) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000240)={r1, 0x4, 0xfffffffffffffeff, 0x5}) r3 = open(&(0x7f0000000280)='./file0\x00', 0x400080, 0x186) ioctl$KDGKBLED(r3, 0x4b64, &(0x7f00000002c0)) ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000300)={0x0, 0x9, 0x800}) epoll_pwait(r2, &(0x7f0000000340)=[{}, {}, {}, {}, {}], 0x5, 0x80000000, &(0x7f0000000380)={[0x9]}, 0x8) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000003c0), 0x20100, 0x0) ioctl$TIOCSWINSZ(r4, 0x5414, &(0x7f0000000400)={0xfffc, 0x36, 0x8000, 0x2}) ioctl$TIOCL_SCROLLCONSOLE(r3, 0x541c, &(0x7f0000000440)={0xd, 0x8001}) pwritev(r2, &(0x7f0000000500)=[{&(0x7f0000000480)="8c637defbd76f35f937633ae1e40fb63738dcc7a9d7384c81d3346efa7355a4d52579a82e1f20562a5c15ca79d696aa0ee80f6f014e053d2d60117a9b8f6ca69b79b159cf4ea9e1232d7d8556de2b77a8f6c243a4319b9f745c47c4b2748e2119bb1ee3962", 0x65}], 0x1, 0x8e, 0x0) r5 = accept4(r4, &(0x7f0000001880)=@ethernet={0x0, @broadcast}, &(0x7f0000001900)=0x80, 0x800) r6 = socket$inet_udplite(0x2, 0x2, 0x88) r7 = syz_open_dev$mouse(&(0x7f0000001940), 0x5, 0x2000) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000001980)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000019c0)={{{@in6=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@initdev}}, &(0x7f0000001ac0)=0xe8) sendmsg$unix(r3, &(0x7f0000001d40)={&(0x7f0000000540)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001840)=[{&(0x7f00000005c0)="b8858b87970cb8409927d470e2330be0f32e6b1319dc90a9856d0fcc5cc96d3b30c89e72d2bf056dff53f4dbeb14f8ae1d105463a0e3bc1eae23bc86991fa4aee02877ed6362db3ae617754a3ea2db1269847c22ff392abffbdb312502d0ae3c34f44a39e0d37f30019f352bcdb27f0f8ff8ef857bea39a6f18009eec815d89c334e98fe3fd9a235e7f53ed489f51cfcdc0657f84c91015e4ef93065f7", 0x9d}, {&(0x7f0000000680)="1dfa54f2e9a1aacd5a2414f5818ac77ad8d1cf875cfd6bb2373c741ccc4d194ddaf6f5a6cbaaa3ade053172128f0df22c96f31f516123dae586b3467aa54a76f3b7b07f9d0ef6114802e8607374142b80f9cb3ee58906d9d26f2d96cc07f69535dde6b696b4ac4c229d6f221d168f8339f51c520e03ee2f47a58e68b65e4d0c603b8a7681003bda9bfc00c31b7e4e840f62f493c307b08fefd9a60e92dba6caceea24d9721fae36bb0242bc8474c583bf2c18aca04d042f530d645d3c6bc4f8e5fcf3723ecc0398ba620bd3f4a57175c2754aa5bdda5eb671e58f6c5dc2dd372b68750b752d34e4f0b36e5e0f0d7e7df71074dc1792bfb1acf799651088b89e8d820a006d79c167385871ccc8a7a7d249d3092b457b1ac098932fd1f3027132d6a93bd28272f7d03f26dbb38ea0a4d859a60f65b332e28936b564677b49e238e41096b9568a4deb84cccf0fd84dd9b961770d5554c2889e4f57333e9acf89de955790754dcd9865db20646ab43c196120c53a8d521075f60b614740553a8414ea0810940b04d621c379412ded12a601bee4b9bb904c1f1f70c76b0cda897191d00dc761715911251a040883e6b2afb1e1f6dfa701d44b760e8755b9f6230e910c17d4821d7bc10db1d04472707d29d43bdcbe251007d6abff8b6ed1a08b8934824c6c77d1ae312ebbb1334e1dad4dcf1820aeaf19b0ef2fc73c8bd7eff9585c707e9f5b0245466e23245c4d4f3e49ef36c55439f40025b114fb7ad1f9d39b6b219e7697288d6e2aea8be5ecbd2b037a2255918391360d56e84fb5c844ec3a680d4325e3635d5631089a92bd06dd19bff949802b72669022db17d31e7b8821db9906b63bff6f6f6e4080968b574747276bb25006351488bbe99262312f95d0f710901fa7380c5b43fb3ce369df533cb0abed1762053edfcbb876cfbbc33789a9b97f5456ba866d57226937ee80eeb4f29b9b4cbcfa7822e384379ad48bed57e58fc8bd766bae106e137da962c085b638962869d295fb9b08b340390ac0bd799a0fb6533f354be27298004e7a4fff1f88a776e03f7f823e20f851bfc629b4681ca93d0a20bec7f7aa3219e9004cb58d1778991b3f981674a96b977198a914273fdc2a3792f60798d02320df6f876b596de07c4424718743e01069f843af8a622ed2976116a0c61b0e0a569dc4d5b36a2188821f4d86130f033891ffa345cf7b97420359fda533cdd88b5ce49bc6135a7bbe92220ba71a2ff7f17062999dd87a1dc09794e2893ce4c7e2b555f0e1c47e3a9d1005d2da2a8591f96fa45ea3b19c10c142a66dfc432a5498878698099ce0fb10c6c4a9194324acbe55a7c2be0abd5a5a2c109a8a82ddfe03f8925f00a54e78aaca460f86d1942bcf5acdfe9d549a9030a6cc74d77c1d5e81f46e262d76bf287ec971e38b545b533a030d2903c180ef966ed8518880a7582500e59688d9765a0388e40bf4fa3df62187c3ef334b56992f4d1b38ab59143679b009f205d2e8531c8a5f479adcb3885b82027ffb00afdbba5ce415d2b2a60f9153b805e0fd597a5f81467ac79fe5d23a962e8dce2e0fda9017dd2192cc71323794df3ee18faea25c963d5dfdcaf4e2d3f63ede6f618e8c1a35295a8915350a83d75d1fb49142ac73622b26189683dd07988d9add1c3c7b7dc3036920206b8e2c9c2cab3bbd61956a517e28d49c75f57c6ba5f2102b787a01d6f2b41888a1752d44e0ff1a0532291cba2255af134ec7907629c1f4d19c6f18ca618e1be2259f58a2b49d51da05468d5818c1a3b747d5d541b0315db7107897d3202c79e8bb7dbc61f19e07c8c41c8ad32bd2d9ab742b9fcfd56173d0bf0612c0ff4fba05684173daea9464e983ecb1992fb1244661d776b2badaaf7f6cf8196fc994937d4f4b88aa0c526f1a9947429a8c539810d3ae614119d1ca590a02b759a20542bf3a17fc23967b434b358863bb5765380765ecc9a92d884308cf8adc9429335596ab1813a365c649c8cf7ef85e69aad1dcf545747c2afcaa16c02533d478dbfc33949e33a56d534e373dc4fd9d00897c3f23a4201c4f626aa754a398b44f236ca264f15250f76c157aa7371c23d2a9de388092e59fee7ed78412f2b0a1acab8293db217ce6670b86630c397f1e9d3bb891742f0f0d01684eedeac68923c60504de0bd05d5be9b9de4ea2313f6c8c497fae9569d35434af98c5132e489b6db665a7a98814221ee616c25969c068c086214e2127ac31d987e90f89c4937e0df73d4194f3cbe4d8d8416ea7ebc18b5354e8eed0894e95d31013fffa2fb62afc04e43f6908af46e7a2ab40a31d9b9b65970f70b56b9fb002d9c699d454c58ef402ce5c3def9cd3ab336b3b6bdc153bdbc410092f069a162360c6e99479dbec643c5d77dc96a92c820bfa03912fa68a5f406be215df2462332b715e11dddccace9345fd615b490f5b20e21959a149d6024cee518548f7912f66dda3f6b16c358e6bbf0343047a32af93101a308664dbd7c5420670e2ca0a814417c2de89fc8277bd6c142fa0cb2ba83d25b0835518075caaa18ad3783bf35e09e546c8a418322094c21113b2aeb4534ea4daee3fe86ae11cc9a46f3a0e4de413c7b331622431f6dc6856ed89da60cf2b51ee46172cbc3fb1ae75177a457c26369f61e73fbee1b7dd4d946c8ceb3023dae8e81c8502e1fdc5b0686af8d884b86b736a46b5de8aeb1fac67b229368a4477c34a8695fde54018493023b49247ae5aa2c823854beec06f315f54a7b0a668927b6030d714584ffc5d31263de7b30e5c6504064879489f920fa60a0202cadd7676b6d68599243ff6aabbea2b047687ae39b1943635730967d3996998fc6d57693f9d22ff0fc5d05038b458c780953f49b9d03f646aedb7d3f8d6a4a498275dcf8b4587dc270d0bf3ec9fb84fcd0a8e12e47a641c19672ab94d168c25d9336f73848c8dd4d7eadbfedd42b3f9428d232ad2c7cdaed1851663b0a4c5ec2065597a76d3ecb080c17daf7dec75ec86dbc90e194cb4df3af2c1449fba5564d62f35f47531a316ac4b2b377bd2fe3fe12fefccaffc0655107098537d69f08f2af77acf3ddcc4072eaf111c6dcd9f6e5b00022d774d1f2a040bec7d59de23ffa97b2fefb94ab3e5109f33a95e01d8934d83c67c92758fe702006d343bb639d574cf65b99d081191e3eeef9f02c51199c205a494104b1bac148d370e52e89b76feafa9f2d9a58da96211371970f29003af1fce2e52c416fedb73f23dd8054af1f402a1294d4affe5feba2e23b60eb5d906cb52cf2dad2364a6e5a051f15dfb015f183b702c3e2bade22ba4190ac25f73c6f8aa3d277b3dea0a56568b0210572e3bf2203345035e328ab94a587a21879ff6a1b9614d556de933087ed9b39d9d41082f18fece9c91dcd6879d62df6332916834391b4b4de5bb48ccdffd588f959cf4346e94979e3bfec0018d6207ec93fecd1f0b42726f4ee849158b89634b5769cf1a3b541bbd543be643cd9af27158696bcfa1bf51a08a72d6d86c813dca9ec3d3716eaf64befa82d90fc62d9ca6bf026a2d3ae913e3bdf02cdefe8c06c4ee5814067d67eea6e109915495703e769d3dceacfa4cbafd3ad99832807878c5aa40ba17b2398e83ab2b572b605f6efe4322b4f26f063d5393793e8e5c3dd9b010b8a3e441c9760422bc98e6ec5b1ddb78ff77d6b67521b0745120fb8387a2746b4bd11e61d9da5a7a4dafeaa68f3f5ad7d7c36b3bea138477b910328d433f2ed62fc7447134b6d52184f64f0c6b697bed5a4b86420d7922b8bb340140ea795b990bd4c7a7bd97c912bda624cbad400c88e82a176f415c653d0d73e6754e06ddd8b464169972166f1fcfa9b6b50965e937de45882844a0d09c9f3ea7985d4547e62e9891b426f0f4b726be020fe8543c0a7fe3b34e0eab7b141b03616333879d25e9f9d4fc78b5e7faecaf3deb6c59962349682633f4b50dd0e5058dd1ff5e526636a8fe9cb3977ee24b78cbdbee8a5168f7d4709444af1e7aad2bb45fac0598d3b7f21abc0c1e4ef587581e1d5ef2eb59d2ce4878621491b04739cfe53f33b95277af11c9902abf69d6725815048a42781a6baf4cb4ade14955b1a2288e948a5ccbea74948935036a76733e564341f507eceb1a139ee1da39d87aa690fdb9547d3c7287066e4b94c09ad6e81a4bbcd8cf50047f04df38d5a32d13fcafcdcda73ab4da5a5ab454ba97b7c6ce4eff7f9e6dcf562d87d6c7745852c828806897032a300d6e86e6e142ad7326cc1a67c087e95e52d1ad0f64d6a00ff39dff5877f9d8feb45257d5acd769d42c80c36b101b8bf308f5176ee7f4d033f23ac74ea7b0ffe263938a5fb20949b738d318c470a6cbd2065aadee5411e1b923d55d19b929153c69331ff8f3a9a143acf1d1ec42c4ab3de53d03dfefdc4f225656aa1423e1337de94bb06708f59b51abdf3013b5c0e71124a95e849d5588f208f2d09dca349322221dd8cb48491ca07121f1877cd7ad11ce598ac1dcc88ca8f4cf6c200362bdbbc13ce399a31496c2bf66f1bed93253e513390c282ebff5e1966a6fbcb01814a07e6658df29a3135317ca8bef28a57efe2016346e38cc73a7fa54018e2e45be2503c7624eabf9094e91c493f9e4845d75c64f6bf01999fde17467a693b35993be260a8f44d887944624cf3b4f64f0d1f3162393a44ad9e4ddca91deda38f8dff01992773dddf7c489eab7343d37ef8f457a9be82b204ea8786ed1206e1c56c56473ca81aed31b48afbb33cdb145b3a8f8ffa741cb6407b4a4a50035697978aea512d1a5b9b7dab8fe5041b303ba572a9b941d306564d9eaa0df7dde8e762c07900fb16cf5f37fa0f1cde4e15aef232c67a2b66287e9b2f64854c0ce0720509faf2c7a559910c25fd4b7122e6f1b5d357c04399ef82b535bc082949625682bba02f6ecc926e798966849bb6efa0f3822804fbb2af6c07308c4f53049106985616972b49f6961a332e6e6409753732622a93f17664428e5c183e532c25d5e51b0cffcccbda784ea34c4d98eb3636c82b9983d2ad9b81a7ba4b842d49d08e69fb5bc5d60d7e85ee291abac09914e6896b8361da1793eb2265a9cb27b1fdb30521f9ca3f182c96dcdb1cf447938e0e5f5a5283610c9f685732b4c3dba9c35ab2eb25d5b478cee92ddebd135787b5575057bb79a2a408dbe880ebb2927906ab4ba399e3f2e6ce27eae912373e8424f3531fe0deabd9fc107e528c4d72b0e9a83f46f95aac2bf66318b06a34a36bd10cbcb8e74dc304a35656fe4b63b613652404ecb2eb7b4a097fdb6a4f7afc2b85bf64f3cdebc5571567c608aaf6b2a49292e925a549e2886734fed1389e6e6b7c5e806973fb2fd867c31ee4c37b652709ab620d1e3d612b10958bfa880eae6e19b9fa246d3f8f8e4dc677acbcb3f494b737b7133280e960a036b3dcebc72cec3c5ae659dd5d281cf10b4c28a8bffad87bf8416cbcc0d7fe02537bb64ec514665045f8dc7d5dc1ff19c535bbf3636fb0cfc4a89b3cb22b565927e19c9501b68f9f1268d21c870eefbc7c887bbb6730442a44e5505854a11681e858311f9625d54c84a43ffb42a17498d211716fff4a4565ea5fa9661c86c5c72ec5084e3f894dc545e2cfd5f4cec8e137df62fbbb37f9036997a70915671ea02102e5e44f7ee64e0a97aea6f3bf81a1571d86774657e412e77fddf4c90294b74c61d6258844c85285c5b0a0d1b00b060263625784ab4ede81677b5c3aa1896974e81c30349e4b18bf7fbacd62d751adc6ca4803b2", 0x1000}, {&(0x7f0000001680)="9c759b54db0c22fdc64fde315869e334aabadf172e3399cca7673f2c3fccbdf2d4b1fcf009a61fb30b3f7b960dc96f10ad5b6c00ad373b4090b094f5a1f23a3b356105dc4a289c77676882088b4ea5e697ef411f0f60c7d801e12d20c34a861e080ec497f3958d75aaa5a2357b00442ab4af69b1336b3401a34d01fc4647228851a69d0a3b5acd0a75ae2e66b792d954c545b22dc829252d1f6179cb29e84da7773107a48a6c9db20f159d755242ec5154c05220acb970fa89a1ed9777c9859299ad3092", 0xc4}, {&(0x7f0000001780)="a98b4030bdb6ca7cd8660660bc9fa2fea5359fee2397392e7092cbbe0a4cfca66e1eb2cd96fbf07d5b9b394fc81f3f44e0bf733480e64703701dab31a649ade1d0883019c2ffddddd02990438619332189c3cff9d5e3fcfc761ed06029fab69acdcb799fde9aab481c733d24f820e10de2d2f003f7fc35d21a73bb79aa62d948d1cc8b38a2a3100cf43659ce45", 0x8d}], 0x4, &(0x7f0000001c00)=[@rights={{0x20, 0x1, 0x1, [r2, r3, r1, r4]}}, @rights={{0x34, 0x1, 0x1, [r2, 0xffffffffffffffff, r5, r4, r1, r1, r1, r6, r0]}}, @rights={{0x24, 0x1, 0x1, [r2, 0xffffffffffffffff, r4, r7, r4]}}, @cred={{0x1c, 0x1, 0x2, {r8, r9, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff, 0xee01}}}, @rights={{0x2c, 0x1, 0x1, [r2, r2, r4, r0, r2, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}], 0x128, 0x200008c5}, 0x4000) 06:20:30 executing program 7: r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x88, r0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}}]}, 0x88}, 0x1, 0x0, 0x0, 0x4002800}, 0x4000000) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x188, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x98, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xe1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8350}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x75ae}]}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x976b}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xe7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}]}, @TIPC_NLA_SOCK={0x50, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x10000}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x553}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x40}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}]}]}, @TIPC_NLA_MEDIA={0x58, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff7}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x188}, 0x1, 0x0, 0x0, 0x885}, 0x20000801) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0), 0x8000, 0x0) sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000001480)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001440)={&(0x7f0000001340)={0xe4, r0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @handle=@pci={{0x8}, {0x11}}]}, 0xe4}, 0x1, 0x0, 0x0, 0x4000040}, 0x8000) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$FIOCLEX(r2, 0x5451) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x3c, 0x0, 0x300, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x28, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@broadcast}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9c5f}]}]}, 0x3c}}, 0x4010) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_DEL_SEC_DEV(r3, &(0x7f0000001680)={&(0x7f00000015c0), 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x14, 0x0, 0x200, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x80) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000001780)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001740)={&(0x7f0000001700)={0x40, 0x0, 0x500, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0xfffffffffffffff9}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x44) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000001800)='ns/net\x00') sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000001900)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000018c0)={&(0x7f0000001840)={0x50, 0x0, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, 0xffffffffffffffff}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000003}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r1}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x4) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r5, 0x8983, &(0x7f0000001940)={0x3, 'hsr0\x00', {0x9}}) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000001980)) getsockopt$IP_SET_OP_GET_FNAME(r2, 0x1, 0x53, &(0x7f00000019c0)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000001a00)=0x2c) syz_genetlink_get_family_id$ethtool(&(0x7f0000001a40), r1) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001ac0)={{{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f0000001bc0)=0xe8) sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000001c80)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x34, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x200}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4000010) [ 69.858445] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.861607] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.864074] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.865412] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.867431] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.868544] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.871121] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.871254] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.874563] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.879519] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.881497] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.884028] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.884288] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.887908] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.889607] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.915557] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.917751] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 69.919819] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.922422] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 69.924097] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 69.925738] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 69.927687] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 69.932430] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.934124] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.936063] Bluetooth: hci2: HCI_REQ-0x0c1a [ 69.942085] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 69.943509] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 69.944776] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 69.946084] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 69.947501] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.949543] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.953177] Bluetooth: hci0: HCI_REQ-0x0c1a [ 69.953545] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 69.955290] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 69.966288] Bluetooth: hci1: HCI_REQ-0x0c1a [ 69.967829] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 69.976445] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 69.977581] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 69.979292] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 69.983773] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 69.989125] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 69.990762] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 69.995143] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 69.996982] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 69.998510] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 69.999840] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.001588] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.003064] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 70.008856] Bluetooth: hci6: HCI_REQ-0x0c1a [ 70.009656] Bluetooth: hci5: HCI_REQ-0x0c1a [ 70.010310] Bluetooth: hci7: HCI_REQ-0x0c1a [ 70.011402] Bluetooth: hci4: HCI_REQ-0x0c1a [ 70.016553] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.018498] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.019929] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.025131] Bluetooth: hci3: HCI_REQ-0x0c1a [ 71.999530] Bluetooth: hci1: command 0x0409 tx timeout [ 71.999536] Bluetooth: hci0: command 0x0409 tx timeout [ 72.000362] Bluetooth: hci2: command 0x0409 tx timeout [ 72.063069] Bluetooth: hci6: command 0x0409 tx timeout [ 72.063801] Bluetooth: hci3: command 0x0409 tx timeout [ 72.064949] Bluetooth: hci4: command 0x0409 tx timeout [ 72.065665] Bluetooth: hci7: command 0x0409 tx timeout [ 72.066391] Bluetooth: hci5: command 0x0409 tx timeout [ 74.047000] Bluetooth: hci2: command 0x041b tx timeout [ 74.047953] Bluetooth: hci0: command 0x041b tx timeout [ 74.048480] Bluetooth: hci1: command 0x041b tx timeout [ 74.110979] Bluetooth: hci5: command 0x041b tx timeout [ 74.111526] Bluetooth: hci7: command 0x041b tx timeout [ 74.112086] Bluetooth: hci4: command 0x041b tx timeout [ 74.112594] Bluetooth: hci3: command 0x041b tx timeout [ 74.113161] Bluetooth: hci6: command 0x041b tx timeout [ 76.094986] Bluetooth: hci1: command 0x040f tx timeout [ 76.095601] Bluetooth: hci0: command 0x040f tx timeout [ 76.096187] Bluetooth: hci2: command 0x040f tx timeout [ 76.158957] Bluetooth: hci6: command 0x040f tx timeout [ 76.159531] Bluetooth: hci3: command 0x040f tx timeout [ 76.160085] Bluetooth: hci4: command 0x040f tx timeout [ 76.160608] Bluetooth: hci7: command 0x040f tx timeout [ 76.161178] Bluetooth: hci5: command 0x040f tx timeout [ 78.142953] Bluetooth: hci2: command 0x0419 tx timeout [ 78.143403] Bluetooth: hci0: command 0x0419 tx timeout [ 78.144294] Bluetooth: hci1: command 0x0419 tx timeout [ 78.206991] Bluetooth: hci5: command 0x0419 tx timeout [ 78.207546] Bluetooth: hci7: command 0x0419 tx timeout [ 78.208682] Bluetooth: hci4: command 0x0419 tx timeout [ 78.209220] Bluetooth: hci3: command 0x0419 tx timeout [ 78.209724] Bluetooth: hci6: command 0x0419 tx timeout 06:21:27 executing program 4: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') epoll_wait(0xffffffffffffffff, &(0x7f0000000300)=[{}, {}, {}], 0x3, 0x5) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r0) acct(&(0x7f00000001c0)='./file1\x00') openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/timers\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x6, 0x0, 0x0, 0x0) [ 124.876462] loop4: detected capacity change from 0 to 40 [ 124.895577] audit: type=1400 audit(1664000487.176:7): avc: denied { open } for pid=3865 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.897441] audit: type=1400 audit(1664000487.176:8): avc: denied { kernel } for pid=3865 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.913652] ------------[ cut here ]------------ [ 124.913677] [ 124.913681] ====================================================== [ 124.913686] WARNING: possible circular locking dependency detected [ 124.913691] 6.0.0-rc6-next-20220923 #1 Not tainted [ 124.913700] ------------------------------------------------------ [ 124.913704] syz-executor.4/3866 is trying to acquire lock: [ 124.913713] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 124.913763] [ 124.913763] but task is already holding lock: [ 124.913767] ffff88803fc82420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.913805] [ 124.913805] which lock already depends on the new lock. [ 124.913805] [ 124.913809] [ 124.913809] the existing dependency chain (in reverse order) is: [ 124.913813] [ 124.913813] -> #3 (&ctx->lock){....}-{2:2}: [ 124.913832] _raw_spin_lock+0x2a/0x40 [ 124.913858] __perf_event_task_sched_out+0x53b/0x18d0 [ 124.913879] __schedule+0xedd/0x2470 [ 124.913897] schedule+0xda/0x1b0 [ 124.913915] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.913931] syscall_exit_to_user_mode+0x19/0x40 [ 124.913948] do_syscall_64+0x48/0x90 [ 124.913971] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.913987] [ 124.913987] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 124.914006] _raw_spin_lock_nested+0x30/0x40 [ 124.914031] raw_spin_rq_lock_nested+0x1e/0x30 [ 124.914049] task_fork_fair+0x63/0x4d0 [ 124.914072] sched_cgroup_fork+0x3d0/0x540 [ 124.914091] copy_process+0x4183/0x6e20 [ 124.914105] kernel_clone+0xe7/0x890 [ 124.914118] user_mode_thread+0xad/0xf0 [ 124.914132] rest_init+0x24/0x250 [ 124.914147] arch_call_rest_init+0xf/0x14 [ 124.914171] start_kernel+0x4c1/0x4e6 [ 124.914192] secondary_startup_64_no_verify+0xe0/0xeb [ 124.914210] [ 124.914210] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 124.914229] _raw_spin_lock_irqsave+0x39/0x60 [ 124.914255] try_to_wake_up+0xab/0x1930 [ 124.914273] up+0x75/0xb0 [ 124.914291] __up_console_sem+0x6e/0x80 [ 124.914312] console_unlock+0x46a/0x590 [ 124.914334] do_con_write+0xc05/0x1d50 [ 124.914350] con_write+0x21/0x40 [ 124.914364] n_tty_write+0x4d4/0xfe0 [ 124.914382] file_tty_write.constprop.0+0x49c/0x8f0 [ 124.914399] vfs_write+0x9c3/0xd90 [ 124.914423] ksys_write+0x127/0x250 [ 124.914447] do_syscall_64+0x3b/0x90 [ 124.914469] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.914486] [ 124.914486] -> #0 ((console_sem).lock){....}-{2:2}: [ 124.914505] __lock_acquire+0x2a02/0x5e70 [ 124.914528] lock_acquire+0x1a2/0x530 [ 124.914550] _raw_spin_lock_irqsave+0x39/0x60 [ 124.914575] down_trylock+0xe/0x70 [ 124.914595] __down_trylock_console_sem+0x3b/0xd0 [ 124.914617] vprintk_emit+0x16b/0x560 [ 124.914639] vprintk+0x84/0xa0 [ 124.914661] _printk+0xba/0xf1 [ 124.914675] report_bug.cold+0x72/0xab [ 124.914697] handle_bug+0x3c/0x70 [ 124.914719] exc_invalid_op+0x14/0x50 [ 124.914742] asm_exc_invalid_op+0x16/0x20 [ 124.914758] group_sched_out.part.0+0x2c7/0x460 [ 124.914773] ctx_sched_out+0x8f1/0xc10 [ 124.914787] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.914804] __schedule+0xedd/0x2470 [ 124.914822] schedule+0xda/0x1b0 [ 124.914840] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.914854] syscall_exit_to_user_mode+0x19/0x40 [ 124.914871] do_syscall_64+0x48/0x90 [ 124.914893] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.914910] [ 124.914910] other info that might help us debug this: [ 124.914910] [ 124.914914] Chain exists of: [ 124.914914] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 124.914914] [ 124.914934] Possible unsafe locking scenario: [ 124.914934] [ 124.914937] CPU0 CPU1 [ 124.914940] ---- ---- [ 124.914943] lock(&ctx->lock); [ 124.914951] lock(&rq->__lock); [ 124.914959] lock(&ctx->lock); [ 124.914968] lock((console_sem).lock); [ 124.914976] [ 124.914976] *** DEADLOCK *** [ 124.914976] [ 124.914979] 2 locks held by syz-executor.4/3866: [ 124.914988] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 124.915028] #1: ffff88803fc82420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.915066] [ 124.915066] stack backtrace: [ 124.915070] CPU: 0 PID: 3866 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220923 #1 [ 124.915087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.915098] Call Trace: [ 124.915102] [ 124.915108] dump_stack_lvl+0x8b/0xb3 [ 124.915133] check_noncircular+0x263/0x2e0 [ 124.915155] ? format_decode+0x26c/0xb50 [ 124.915177] ? print_circular_bug+0x450/0x450 [ 124.915201] ? enable_ptr_key_workfn+0x20/0x20 [ 124.915223] ? format_decode+0x26c/0xb50 [ 124.915247] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 124.915271] __lock_acquire+0x2a02/0x5e70 [ 124.915301] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 124.915332] lock_acquire+0x1a2/0x530 [ 124.915355] ? down_trylock+0xe/0x70 [ 124.915378] ? lock_release+0x750/0x750 [ 124.915406] ? vprintk+0x84/0xa0 [ 124.915431] _raw_spin_lock_irqsave+0x39/0x60 [ 124.915457] ? down_trylock+0xe/0x70 [ 124.915479] down_trylock+0xe/0x70 [ 124.915500] ? vprintk+0x84/0xa0 [ 124.915523] __down_trylock_console_sem+0x3b/0xd0 [ 124.915547] vprintk_emit+0x16b/0x560 [ 124.915573] vprintk+0x84/0xa0 [ 124.915597] _printk+0xba/0xf1 [ 124.915612] ? record_print_text.cold+0x16/0x16 [ 124.915634] ? report_bug.cold+0x66/0xab [ 124.915659] ? group_sched_out.part.0+0x2c7/0x460 [ 124.915675] report_bug.cold+0x72/0xab [ 124.915700] handle_bug+0x3c/0x70 [ 124.915724] exc_invalid_op+0x14/0x50 [ 124.915748] asm_exc_invalid_op+0x16/0x20 [ 124.915765] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.915784] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.915800] RSP: 0018:ffff88801f30fc48 EFLAGS: 00010006 [ 124.915812] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.915823] RDX: ffff88801b581ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 124.915833] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 124.915843] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88803fc82400 [ 124.915854] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 124.915869] ? group_sched_out.part.0+0x2c7/0x460 [ 124.915895] ? group_sched_out.part.0+0x2c7/0x460 [ 124.915913] ctx_sched_out+0x8f1/0xc10 [ 124.915931] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.915953] ? lock_is_held_type+0xd7/0x130 [ 124.915971] ? __perf_cgroup_move+0x160/0x160 [ 124.915988] ? set_next_entity+0x304/0x550 [ 124.916014] ? update_curr+0x267/0x740 [ 124.916040] ? lock_is_held_type+0xd7/0x130 [ 124.916058] __schedule+0xedd/0x2470 [ 124.916081] ? io_schedule_timeout+0x150/0x150 [ 124.916103] ? rcu_read_lock_sched_held+0x3e/0x80 [ 124.916130] schedule+0xda/0x1b0 [ 124.916150] exit_to_user_mode_prepare+0x114/0x1a0 [ 124.916167] syscall_exit_to_user_mode+0x19/0x40 [ 124.916185] do_syscall_64+0x48/0x90 [ 124.916209] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.916226] RIP: 0033:0x7ff541967b19 [ 124.916238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.916253] RSP: 002b:00007ff53eedd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.916267] RAX: 0000000000000001 RBX: 00007ff541a7af68 RCX: 00007ff541967b19 [ 124.916278] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff541a7af6c [ 124.916288] RBP: 00007ff541a7af60 R08: 000000000000000e R09: 0000000000000000 [ 124.916298] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ff541a7af6c [ 124.916308] R13: 00007fffb8bc4fff R14: 00007ff53eedd300 R15: 0000000000022000 [ 124.916325] [ 124.991915] WARNING: CPU: 0 PID: 3866 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 124.992786] Modules linked in: [ 124.993095] CPU: 0 PID: 3866 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220923 #1 [ 124.993853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.994910] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.995425] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.997150] RSP: 0018:ffff88801f30fc48 EFLAGS: 00010006 [ 124.997660] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.998335] RDX: ffff88801b581ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 124.999015] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 124.999684] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88803fc82400 [ 125.000362] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 125.001044] FS: 00007ff53eedd700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 125.001799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.002357] CR2: 00007f5eae357620 CR3: 000000001d2ca000 CR4: 0000000000350ef0 [ 125.003027] Call Trace: [ 125.003274] [ 125.003496] ctx_sched_out+0x8f1/0xc10 [ 125.003890] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.004396] ? lock_is_held_type+0xd7/0x130 [ 125.004807] ? __perf_cgroup_move+0x160/0x160 [ 125.005241] ? set_next_entity+0x304/0x550 [ 125.005654] ? update_curr+0x267/0x740 [ 125.006039] ? lock_is_held_type+0xd7/0x130 [ 125.006449] __schedule+0xedd/0x2470 [ 125.006817] ? io_schedule_timeout+0x150/0x150 [ 125.007264] ? rcu_read_lock_sched_held+0x3e/0x80 [ 125.007731] schedule+0xda/0x1b0 [ 125.008074] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.008547] syscall_exit_to_user_mode+0x19/0x40 [ 125.008995] do_syscall_64+0x48/0x90 [ 125.009363] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.009855] RIP: 0033:0x7ff541967b19 [ 125.010208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.011905] RSP: 002b:00007ff53eedd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.012619] RAX: 0000000000000001 RBX: 00007ff541a7af68 RCX: 00007ff541967b19 [ 125.013274] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff541a7af6c [ 125.013944] RBP: 00007ff541a7af60 R08: 000000000000000e R09: 0000000000000000 [ 125.014613] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ff541a7af6c [ 125.015268] R13: 00007fffb8bc4fff R14: 00007ff53eedd300 R15: 0000000000022000 [ 125.015962] [ 125.016188] irq event stamp: 1624 [ 125.016513] hardirqs last enabled at (1623): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 125.017386] hardirqs last disabled at (1624): [] __schedule+0x1225/0x2470 [ 125.018159] softirqs last enabled at (1516): [] __irq_exit_rcu+0x11b/0x180 [ 125.018962] softirqs last disabled at (1509): [] __irq_exit_rcu+0x11b/0x180 [ 125.019761] ---[ end trace 0000000000000000 ]--- 06:21:27 executing program 1: shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x2000) r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000000)={{0x3, 0x0, 0x0, 0xee01}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x2000) shmctl$IPC_RMID(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x208, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') shmget(0x1, 0x3000, 0x20, &(0x7f0000ff9000/0x3000)=nil) pread64(r2, &(0x7f00000000c0)=""/98, 0x62, 0x7fff) 06:21:27 executing program 1: shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x2000) r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000000)={{0x3, 0x0, 0x0, 0xee01}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x2000) shmctl$IPC_RMID(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x208, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') shmget(0x1, 0x3000, 0x20, &(0x7f0000ff9000/0x3000)=nil) pread64(r2, &(0x7f00000000c0)=""/98, 0x62, 0x7fff) 06:21:27 executing program 1: shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x2000) r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000000)={{0x3, 0x0, 0x0, 0xee01}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x2000) shmctl$IPC_RMID(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x208, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') shmget(0x1, 0x3000, 0x20, &(0x7f0000ff9000/0x3000)=nil) pread64(r2, &(0x7f00000000c0)=""/98, 0x62, 0x7fff) [ 125.464564] loop4: detected capacity change from 0 to 40 [ 125.475390] Process accounting resumed [ 125.537630] Process accounting resumed 06:21:27 executing program 4: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') epoll_wait(0xffffffffffffffff, &(0x7f0000000300)=[{}, {}, {}], 0x3, 0x5) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r0) acct(&(0x7f00000001c0)='./file1\x00') openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/timers\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x6, 0x0, 0x0, 0x0) [ 125.625653] loop4: detected capacity change from 0 to 40 06:21:27 executing program 1: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') epoll_wait(0xffffffffffffffff, &(0x7f0000000300)=[{}, {}, {}], 0x3, 0x5) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r0) acct(&(0x7f00000001c0)='./file1\x00') openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/timers\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x6, 0x0, 0x0, 0x0) 06:21:27 executing program 7: shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x2000) r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000000)={{0x3, 0x0, 0x0, 0xee01}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x2000) shmctl$IPC_RMID(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x208, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') shmget(0x1, 0x3000, 0x20, &(0x7f0000ff9000/0x3000)=nil) pread64(r2, &(0x7f00000000c0)=""/98, 0x62, 0x7fff) [ 125.654839] loop1: detected capacity change from 0 to 40 [ 125.716583] Process accounting resumed [ 125.735855] Process accounting resumed 06:21:28 executing program 1: shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x2000) r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_SET(r1, 0x1, &(0x7f0000000000)={{0x3, 0x0, 0x0, 0xee01}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x2000) shmctl$IPC_RMID(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x208, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') shmget(0x1, 0x3000, 0x20, &(0x7f0000ff9000/0x3000)=nil) pread64(r2, &(0x7f00000000c0)=""/98, 0x62, 0x7fff) [ 130.239756] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 134.463050] Bluetooth: hci6: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 06:21:27 Registers: info registers vcpu 0 RAX=0000000000000029 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88801f30f698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000029 R11=0000000000000001 R12=0000000000000029 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ff53eedd700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f5eae357620 CR3=000000001d2ca000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 322e6f732e6c6462 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00322e6f732e6c64 62696c2f756e672d YMM03=0000000000000000 0000000000000000 78756e696c2d3436 5f3638782f62696c YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000080000000 RBX=ffff8880187a6900 RCX=0000000080000000 RDX=ffffffffffffffff RSI=ffffffff840e7774 RDI=ffff8880187a6900 RBP=dffffc0000000000 RSP=ffff88800e17fd20 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000100 R11=0000000000000001 R12=0000000000000100 R13=ffff88800e17fe50 R14=ffffffffffffffff R15=ffff8880187a6900 RIP=ffffffff81460afd RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f44614928c0 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000562e0404d0a0 CR3=000000001b228000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffff00000000ff00 YMM02=0000000000000000 0000000000000000 00000000000000ff 0000000000ff0000 YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973 YMM04=0000000000000000 0000000000000000 0000562e064f89e0 0000562e064f89c0 YMM05=0000000000000000 0000000000000000 ff00ff0001010202 0000000100000002 YMM06=0000000000000000 0000000000000000 0000000600000004 0000562e06518750 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 732f636f72702f00 6b63616d7300632e YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000002000000000 0000002000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000