Warning: Permanently added '[localhost]:47901' (ECDSA) to the list of known hosts. 2022/09/24 16:45:31 fuzzer started 2022/09/24 16:45:31 dialing manager at localhost:38881 syzkaller login: [ 44.201972] cgroup: Unknown subsys name 'net' [ 44.308557] cgroup: Unknown subsys name 'rlimit' 2022/09/24 16:45:45 syscalls: 2215 2022/09/24 16:45:45 code coverage: enabled 2022/09/24 16:45:45 comparison tracing: enabled 2022/09/24 16:45:45 extra coverage: enabled 2022/09/24 16:45:45 setuid sandbox: enabled 2022/09/24 16:45:45 namespace sandbox: enabled 2022/09/24 16:45:45 Android sandbox: enabled 2022/09/24 16:45:45 fault injection: enabled 2022/09/24 16:45:45 leak checking: enabled 2022/09/24 16:45:45 net packet injection: enabled 2022/09/24 16:45:45 net device setup: enabled 2022/09/24 16:45:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/24 16:45:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/24 16:45:45 USB emulation: enabled 2022/09/24 16:45:45 hci packet injection: enabled 2022/09/24 16:45:45 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/24 16:45:45 802.15.4 emulation: enabled 2022/09/24 16:45:45 fetching corpus: 50, signal 28119/29912 (executing program) 2022/09/24 16:45:45 fetching corpus: 100, signal 37017/40416 (executing program) 2022/09/24 16:45:45 fetching corpus: 150, signal 44715/49630 (executing program) 2022/09/24 16:45:45 fetching corpus: 200, signal 53067/59300 (executing program) 2022/09/24 16:45:45 fetching corpus: 250, signal 58277/65827 (executing program) 2022/09/24 16:45:45 fetching corpus: 300, signal 61743/70649 (executing program) 2022/09/24 16:45:46 fetching corpus: 350, signal 69626/79581 (executing program) 2022/09/24 16:45:46 fetching corpus: 400, signal 73615/84760 (executing program) 2022/09/24 16:45:46 fetching corpus: 450, signal 78073/90295 (executing program) 2022/09/24 16:45:46 fetching corpus: 500, signal 82068/95360 (executing program) 2022/09/24 16:45:46 fetching corpus: 550, signal 86462/100708 (executing program) 2022/09/24 16:45:46 fetching corpus: 600, signal 88514/103899 (executing program) 2022/09/24 16:45:46 fetching corpus: 650, signal 91722/107988 (executing program) 2022/09/24 16:45:46 fetching corpus: 700, signal 94251/111448 (executing program) 2022/09/24 16:45:47 fetching corpus: 750, signal 98264/116290 (executing program) 2022/09/24 16:45:47 fetching corpus: 800, signal 100580/119500 (executing program) 2022/09/24 16:45:47 fetching corpus: 850, signal 103539/123212 (executing program) 2022/09/24 16:45:47 fetching corpus: 900, signal 105301/125838 (executing program) 2022/09/24 16:45:47 fetching corpus: 950, signal 107548/128865 (executing program) 2022/09/24 16:45:47 fetching corpus: 1000, signal 109324/131465 (executing program) 2022/09/24 16:45:47 fetching corpus: 1050, signal 110311/133398 (executing program) 2022/09/24 16:45:47 fetching corpus: 1100, signal 111974/135837 (executing program) 2022/09/24 16:45:48 fetching corpus: 1150, signal 113142/137854 (executing program) 2022/09/24 16:45:48 fetching corpus: 1200, signal 114748/140235 (executing program) 2022/09/24 16:45:48 fetching corpus: 1250, signal 115661/142057 (executing program) 2022/09/24 16:45:48 fetching corpus: 1300, signal 117999/144919 (executing program) 2022/09/24 16:45:48 fetching corpus: 1350, signal 119284/147014 (executing program) 2022/09/24 16:45:48 fetching corpus: 1400, signal 119803/148460 (executing program) 2022/09/24 16:45:48 fetching corpus: 1450, signal 120666/150092 (executing program) 2022/09/24 16:45:48 fetching corpus: 1500, signal 123066/152909 (executing program) 2022/09/24 16:45:49 fetching corpus: 1550, signal 124505/155014 (executing program) 2022/09/24 16:45:49 fetching corpus: 1600, signal 126164/157208 (executing program) 2022/09/24 16:45:49 fetching corpus: 1650, signal 127948/159509 (executing program) 2022/09/24 16:45:49 fetching corpus: 1700, signal 129652/161670 (executing program) 2022/09/24 16:45:49 fetching corpus: 1750, signal 130492/163183 (executing program) 2022/09/24 16:45:49 fetching corpus: 1800, signal 132087/165249 (executing program) 2022/09/24 16:45:49 fetching corpus: 1850, signal 134240/167661 (executing program) 2022/09/24 16:45:49 fetching corpus: 1900, signal 135109/169144 (executing program) 2022/09/24 16:45:50 fetching corpus: 1950, signal 136779/171169 (executing program) 2022/09/24 16:45:50 fetching corpus: 2000, signal 137675/172624 (executing program) 2022/09/24 16:45:50 fetching corpus: 2050, signal 139066/174382 (executing program) 2022/09/24 16:45:50 fetching corpus: 2100, signal 140047/175872 (executing program) 2022/09/24 16:45:50 fetching corpus: 2150, signal 140838/177285 (executing program) 2022/09/24 16:45:50 fetching corpus: 2200, signal 142345/179060 (executing program) 2022/09/24 16:45:50 fetching corpus: 2250, signal 143093/180417 (executing program) 2022/09/24 16:45:50 fetching corpus: 2300, signal 144490/182160 (executing program) 2022/09/24 16:45:50 fetching corpus: 2350, signal 145671/183748 (executing program) 2022/09/24 16:45:50 fetching corpus: 2400, signal 146815/185225 (executing program) 2022/09/24 16:45:51 fetching corpus: 2450, signal 148441/187099 (executing program) 2022/09/24 16:45:51 fetching corpus: 2500, signal 149446/188515 (executing program) 2022/09/24 16:45:51 fetching corpus: 2550, signal 152053/190831 (executing program) 2022/09/24 16:45:51 fetching corpus: 2600, signal 153042/192158 (executing program) 2022/09/24 16:45:51 fetching corpus: 2650, signal 153535/193198 (executing program) 2022/09/24 16:45:51 fetching corpus: 2700, signal 155234/194860 (executing program) 2022/09/24 16:45:51 fetching corpus: 2750, signal 156607/196359 (executing program) 2022/09/24 16:45:51 fetching corpus: 2800, signal 158331/198014 (executing program) 2022/09/24 16:45:52 fetching corpus: 2850, signal 159849/199550 (executing program) 2022/09/24 16:45:52 fetching corpus: 2900, signal 161290/201085 (executing program) 2022/09/24 16:45:52 fetching corpus: 2950, signal 162197/202183 (executing program) 2022/09/24 16:45:52 fetching corpus: 3000, signal 162986/203260 (executing program) 2022/09/24 16:45:52 fetching corpus: 3050, signal 163749/204311 (executing program) 2022/09/24 16:45:52 fetching corpus: 3100, signal 164372/205292 (executing program) 2022/09/24 16:45:52 fetching corpus: 3150, signal 165434/206429 (executing program) 2022/09/24 16:45:52 fetching corpus: 3200, signal 166640/207664 (executing program) 2022/09/24 16:45:52 fetching corpus: 3250, signal 168146/209047 (executing program) 2022/09/24 16:45:53 fetching corpus: 3300, signal 168918/210046 (executing program) 2022/09/24 16:45:53 fetching corpus: 3350, signal 169317/210887 (executing program) 2022/09/24 16:45:53 fetching corpus: 3400, signal 171008/212229 (executing program) 2022/09/24 16:45:53 fetching corpus: 3450, signal 171823/213186 (executing program) 2022/09/24 16:45:53 fetching corpus: 3500, signal 172384/214050 (executing program) 2022/09/24 16:45:53 fetching corpus: 3550, signal 174813/215708 (executing program) 2022/09/24 16:45:53 fetching corpus: 3600, signal 175603/216595 (executing program) 2022/09/24 16:45:53 fetching corpus: 3650, signal 176196/217349 (executing program) 2022/09/24 16:45:53 fetching corpus: 3700, signal 177112/218292 (executing program) 2022/09/24 16:45:54 fetching corpus: 3750, signal 177826/219105 (executing program) 2022/09/24 16:45:54 fetching corpus: 3800, signal 178624/219959 (executing program) 2022/09/24 16:45:54 fetching corpus: 3850, signal 179604/220844 (executing program) 2022/09/24 16:45:54 fetching corpus: 3900, signal 180268/221642 (executing program) 2022/09/24 16:45:54 fetching corpus: 3950, signal 181043/222430 (executing program) 2022/09/24 16:45:54 fetching corpus: 4000, signal 182337/223414 (executing program) 2022/09/24 16:45:54 fetching corpus: 4050, signal 182883/224128 (executing program) 2022/09/24 16:45:55 fetching corpus: 4100, signal 184864/225259 (executing program) 2022/09/24 16:45:55 fetching corpus: 4150, signal 185505/225991 (executing program) 2022/09/24 16:45:55 fetching corpus: 4200, signal 186514/226778 (executing program) 2022/09/24 16:45:55 fetching corpus: 4250, signal 187461/227527 (executing program) 2022/09/24 16:45:55 fetching corpus: 4300, signal 187974/228145 (executing program) 2022/09/24 16:45:55 fetching corpus: 4350, signal 188536/228776 (executing program) 2022/09/24 16:45:55 fetching corpus: 4400, signal 189649/229587 (executing program) 2022/09/24 16:45:55 fetching corpus: 4450, signal 190192/230233 (executing program) 2022/09/24 16:45:56 fetching corpus: 4500, signal 190878/230869 (executing program) 2022/09/24 16:45:56 fetching corpus: 4550, signal 191313/231436 (executing program) 2022/09/24 16:45:56 fetching corpus: 4600, signal 192104/232077 (executing program) 2022/09/24 16:45:56 fetching corpus: 4650, signal 193040/232735 (executing program) 2022/09/24 16:45:56 fetching corpus: 4700, signal 193615/233271 (executing program) 2022/09/24 16:45:56 fetching corpus: 4750, signal 194808/233942 (executing program) 2022/09/24 16:45:56 fetching corpus: 4800, signal 195464/234495 (executing program) 2022/09/24 16:45:56 fetching corpus: 4850, signal 196171/235050 (executing program) 2022/09/24 16:45:57 fetching corpus: 4900, signal 197158/235659 (executing program) 2022/09/24 16:45:57 fetching corpus: 4950, signal 197593/236105 (executing program) 2022/09/24 16:45:57 fetching corpus: 5000, signal 197918/236584 (executing program) 2022/09/24 16:45:57 fetching corpus: 5050, signal 198639/237162 (executing program) 2022/09/24 16:45:57 fetching corpus: 5100, signal 199211/237631 (executing program) 2022/09/24 16:45:57 fetching corpus: 5150, signal 199571/238022 (executing program) 2022/09/24 16:45:57 fetching corpus: 5200, signal 199990/238460 (executing program) 2022/09/24 16:45:57 fetching corpus: 5250, signal 200410/238916 (executing program) 2022/09/24 16:45:57 fetching corpus: 5300, signal 200731/239351 (executing program) 2022/09/24 16:45:58 fetching corpus: 5350, signal 201791/239837 (executing program) 2022/09/24 16:45:58 fetching corpus: 5400, signal 202373/240243 (executing program) 2022/09/24 16:45:58 fetching corpus: 5450, signal 203219/240674 (executing program) 2022/09/24 16:45:58 fetching corpus: 5500, signal 203561/241085 (executing program) 2022/09/24 16:45:58 fetching corpus: 5550, signal 203851/241500 (executing program) 2022/09/24 16:45:58 fetching corpus: 5600, signal 204135/241879 (executing program) 2022/09/24 16:45:58 fetching corpus: 5650, signal 204921/242285 (executing program) 2022/09/24 16:45:58 fetching corpus: 5700, signal 205217/242659 (executing program) 2022/09/24 16:45:58 fetching corpus: 5750, signal 205666/242994 (executing program) 2022/09/24 16:45:59 fetching corpus: 5800, signal 206533/243373 (executing program) 2022/09/24 16:45:59 fetching corpus: 5850, signal 207057/243716 (executing program) 2022/09/24 16:45:59 fetching corpus: 5900, signal 207563/244035 (executing program) 2022/09/24 16:45:59 fetching corpus: 5950, signal 207931/244343 (executing program) 2022/09/24 16:45:59 fetching corpus: 6000, signal 208789/244659 (executing program) 2022/09/24 16:45:59 fetching corpus: 6050, signal 209661/244857 (executing program) 2022/09/24 16:45:59 fetching corpus: 6100, signal 210355/244857 (executing program) 2022/09/24 16:45:59 fetching corpus: 6150, signal 210846/244864 (executing program) 2022/09/24 16:45:59 fetching corpus: 6200, signal 211459/244864 (executing program) 2022/09/24 16:46:00 fetching corpus: 6250, signal 211907/244884 (executing program) 2022/09/24 16:46:00 fetching corpus: 6300, signal 212430/244887 (executing program) 2022/09/24 16:46:00 fetching corpus: 6350, signal 212948/244891 (executing program) 2022/09/24 16:46:00 fetching corpus: 6400, signal 213745/244989 (executing program) 2022/09/24 16:46:00 fetching corpus: 6450, signal 214260/244993 (executing program) 2022/09/24 16:46:00 fetching corpus: 6484, signal 214868/245002 (executing program) 2022/09/24 16:46:00 fetching corpus: 6484, signal 214868/245002 (executing program) 2022/09/24 16:46:03 starting 8 fuzzer processes 16:46:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x12) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'ip6tnl0\x00', 0x0, 0x2f, 0x8, 0x1, 0x8, 0x11, @mcast1, @private1, 0x80, 0x7, 0x7, 0x1}}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', 0x0}) sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x70, 0x0, 0x2, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000080}, 0x810) r3 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x19001) sendmsg$NL80211_CMD_DEL_TX_TS(r3, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x68, 0x0, 0x206, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x41}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TSID={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x68}, 0x1, 0x0, 0x0, 0x4044}, 0x41) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x87}}, './file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000480)={'ip6_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', r2, 0x29, 0x1, 0x20, 0x401, 0x20, @dev={0xfe, 0x80, '\x00', 0x36}, @mcast2, 0x700, 0x700, 0x7, 0x1}}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_LINK_TIMEOUT={0xf, 0x2, 0x0, 0x0, 0x0, &(0x7f00000004c0)}, 0x7fff) preadv2(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f0000000540)=""/33, 0x21}, {&(0x7f0000000580)=""/14, 0xe}, {&(0x7f00000005c0)=""/248, 0xf8}, {&(0x7f00000006c0)=""/183, 0xb7}], 0x4, 0x400, 0x0, 0x10) pipe(&(0x7f00000007c0)={0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000800)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r7 = timerfd_create(0x4, 0x80800) r8 = memfd_create(&(0x7f0000000900)='ip6tnl0\x00', 0x7) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000000940)={{0x1, 0x1, 0x18, r4, {0x2}}, './file0\x00'}) io_uring_register$IORING_REGISTER_FILES_UPDATE(r5, 0x6, &(0x7f00000009c0)={0x101, 0x0, &(0x7f0000000980)=[r6, r4, r0, r7, r8, r3, r9, r4]}, 0x8) sendfile(r3, r8, &(0x7f0000000a00)=0x401, 0x0) tee(r5, 0xffffffffffffffff, 0x4, 0x2) r10 = getuid() fsetxattr$security_capability(r5, &(0x7f0000000a40), &(0x7f0000000a80)=@v3={0x3000000, [{0x6, 0x8}, {0x40, 0x7f}], r10}, 0x18, 0x3) 16:46:03 executing program 1: ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000000)={'bridge0\x00'}) r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x80000) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x90, r1, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x2}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x9}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x9}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_LINKINFO_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x4048000}, 0x40015) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'sit0\x00', r2, 0x4, 0x40, 0x2, 0xa99, 0x13, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, 0x8, 0x10, 0x5, 0x25f}}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000840)={&(0x7f00000002c0), 0xc, &(0x7f0000000800)={&(0x7f0000000440)={0x3bc, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [{{0x8, 0x1, r2}, {0xf4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r2}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}]}}, {{0x8, 0x1, r2}, {0xa8, 0x2, 0x0, 0x1, [{0x6c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x3c, 0x4, [{0x2, 0x43}, {0x0, 0x7, 0xff, 0x80000000}, {0x1000, 0x7, 0xff, 0x8}, {0x0, 0x1, 0x0, 0x800}, {0x8, 0x3, 0x80, 0x1}, {0x6, 0x6, 0x7, 0x1}, {0xfff, 0x8, 0x1, 0x200}]}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r2}}}]}}, {{0x8, 0x1, r2}, {0x1f4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfb89}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r2}}}]}}]}, 0x3bc}, 0x1, 0x0, 0x0, 0x44044}, 0x10) bind$packet(r0, &(0x7f0000000880)={0x11, 0x17, r3, 0x1, 0x1, 0x6, @local}, 0x14) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x1c, r5, 0x130, 0x70bd25, 0x25dfdbff, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000020) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000a00), 0x4000, 0x0) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000a80), r0) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000ac0)={0x0, @qipcrtr={0x2a, 0x3, 0x7ffe}, @can={0x1d, r2}, @l2={0x1f, 0xcc4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xa2, 0x1}, 0x9, 0x0, 0x0, 0x0, 0xbb, 0x0, 0x101, 0x7, 0x2}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r6, &(0x7f0000000d00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000b40)={0x17c, r7, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}]}, @HEADER={0x4}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}]}]}, 0x17c}, 0x1, 0x0, 0x0, 0x4001000}, 0x44010) r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000d40), 0xc040, 0x0) sendmsg$IPVS_CMD_ZERO(r9, &(0x7f0000000ec0)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000dc0)={0x94, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x40, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x85}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_batadv\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@broadcast}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x20}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x24}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xb64}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x95) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_SCHED_SCAN(r10, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f40)={0x44, 0x0, 0x8, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x4}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x18, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0x14, 0x1, @random="8485874516cfd5453e60204add332393"}]}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x810}, 0x24000001) fcntl$getown(0xffffffffffffffff, 0x9) 16:46:03 executing program 2: ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000000)) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005640)=[{{&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/232, 0xe8}, {&(0x7f0000000200)=""/193, 0xc1}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000000380)=@abs, 0x6e, &(0x7f0000002500)=[{&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000002400)=""/242, 0xf2}], 0x3, &(0x7f0000002540)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x78}}, {{&(0x7f00000025c0), 0x6e, &(0x7f00000027c0)=[{&(0x7f0000002640)=""/68, 0x44}, {&(0x7f00000026c0)=""/61, 0x3d}, {&(0x7f0000002700)=""/47, 0x2f}, {&(0x7f0000002740)=""/88, 0x58}], 0x4, &(0x7f0000002800)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80}}, {{&(0x7f0000002880), 0x6e, &(0x7f0000002a40)=[{&(0x7f0000002900)=""/191, 0xbf}, {&(0x7f00000029c0)=""/114, 0x72}], 0x2, &(0x7f0000002a80)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xd0}}, {{0x0, 0x0, &(0x7f0000003ec0)=[{&(0x7f0000002b80)=""/122, 0x7a}, {&(0x7f0000002c00)=""/4096, 0x1000}, {&(0x7f0000003c00)=""/224, 0xe0}, {&(0x7f0000003d00)=""/136, 0x88}, {&(0x7f0000003dc0)=""/41, 0x29}, {&(0x7f0000003e00)=""/126, 0x7e}, {&(0x7f0000003e80)}], 0x7, &(0x7f0000003f40)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000004040)=@abs, 0x6e, &(0x7f0000004340)=[{&(0x7f00000040c0)=""/247, 0xf7}, {&(0x7f00000041c0)=""/121, 0x79}, {&(0x7f0000004240)=""/63, 0x3f}, {&(0x7f0000004280)=""/146, 0x92}], 0x4, &(0x7f0000004380)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f0000004480), 0x6e, &(0x7f0000005580)=[{&(0x7f0000004500)=""/4096, 0x1000}, {&(0x7f0000005500)=""/70, 0x46}], 0x2, &(0x7f00000055c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}}], 0x7, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000005880)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000005840)={&(0x7f0000005800)={0x24, 0x17, 0x800, 0x70bd2a, 0x25dfdbfc, {0x1a}, [@typed={0x8, 0x26, 0x0, 0x0, @u32=0x5a}, @typed={0x8, 0x4d, 0x0, 0x0, @uid=r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x48000) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r3, 0xf504, 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r1, 0x8008f512, &(0x7f00000058c0)) r13 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r13, 0xc028660f, &(0x7f0000005900)={0x0, r11, 0x100, 0x9, 0x8, 0x2}) ioctl$BTRFS_IOC_DEFRAG(r0, 0x50009402, 0x0) ioctl$TIOCGRS485(0xffffffffffffffff, 0x542e, &(0x7f0000005940)) fsetxattr$trusted_overlay_upper(r10, &(0x7f0000005980), &(0x7f00000059c0)={0x0, 0xfb, 0x9f, 0x1, 0x8, "8183b005580176ab5198258d4dfc6dd8", "0103e99d9b0e63daa0d8994725b1a058db7f63941badfca82622b2cfffaaadbab949bce7a07112c045daadb403bf4e3e7bdd8ccdd3233dd95beec85d5e5e3de9233a253d28174e68cb51bfe52c59e406bcf4c584ed79f924339cdd4e0143af76ad22637492f49cfa4ca368b17848aa870ac3f7491f6c6a191ff391356cc2a9ee4ff2cc951ccd617ea034"}, 0x9f, 0x2) r14 = pidfd_getfd(r10, r4, 0x0) ioctl$TIOCMBIC(r14, 0x5417, &(0x7f0000005a80)=0x9487) ioctl$FS_IOC_SETFSLABEL(r12, 0x41009432, &(0x7f0000005ac0)="9f3f4817017d1d1395a2b27279dccd856ff070d61667ea8e9feeb7ae670413b4055d0071df3861de30bbd40bc4064f62d02b346129d4fe5344add42347d29874d6884c96cdc0869ffef5412a925a6d9e3b30a2a61959b350b30d22a7cfd7421f8ebcb7723d2f57fad01ba87cc69a38cd6bd10cc2a3b202d2181c65207437e2e6b62130b7988063ad6e431ff1a64e4332d3562d7acb62cb76473d05237b2ccdafef6074b795f7ecf8dd1a80f2f0e7c08c5057475453764381003c6523f159539a672567b4b163d7ff4e99a18a3fba624e417e8c7c888aa0c1cc0be70780c97f5d0a6a9aef0e0ef2e23b5bf9feb488a7b6f083186c55255947a3632273cc141113") sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000005c80)={&(0x7f0000005bc0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000005c40)={&(0x7f0000005c00)={0x30, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x24}}}}, [@chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}]]}, 0x30}, 0x1, 0x0, 0x0, 0x8000004}, 0x80) finit_module(r6, &(0x7f0000005cc0)='trusted.overlay.upper\x00', 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000005d00)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x8000) ioctl$EXT4_IOC_CHECKPOINT(r5, 0x4004662b, &(0x7f0000005d40)=0x4) ioctl$F2FS_IOC_FLUSH_DEVICE(r7, 0x4008f50a, &(0x7f0000005d80)={0x400, 0x80000000}) r15 = syz_open_procfs(r8, &(0x7f0000005dc0)='attr/sockcreate\x00') ioctl$AUTOFS_DEV_IOCTL_VERSION(r14, 0xc0189371, &(0x7f0000005e00)={{0x1, 0x1, 0x18, r15}, './file0\x00'}) 16:46:03 executing program 3: ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000000)={0x6, 0x9}) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x2404}, {0xffffffffffffffff, 0x410}], 0x2, 0x8b0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fsetxattr$security_capability(r0, &(0x7f0000000080), &(0x7f00000000c0)=@v3={0x3000000, [{0xffff, 0x7}, {0x3fa, 0x9}]}, 0x18, 0x1) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) mq_notify(r1, &(0x7f0000000140)={0x0, 0x11}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2302, 0x0) ioctl$AUTOFS_IOC_SETTIMEOUT(r2, 0x80049367, &(0x7f00000001c0)=0x1) ioctl$AUTOFS_IOC_SETTIMEOUT(r2, 0x80049367, &(0x7f0000000200)=0x3ff) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000640)={0xb8, 0x0, &(0x7f00000004c0)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000340)={@ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/117, 0x75, 0x0, 0x1b}, @ptr={0x70742a85, 0x0, &(0x7f00000002c0)=""/126, 0x7e, 0x0, 0x12}, @fda={0x66646185, 0x8, 0x1, 0x24}}, &(0x7f00000003c0)={0x0, 0x28, 0x50}}, 0x40}, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000400)={@flat=@binder={0x73622a85, 0x1100, 0x2}, @flat=@binder={0x73622a85, 0x1101, 0x2}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000000480)={0x0, 0x18, 0x30}}, 0x400}, @free_buffer, @acquire_done={0x40106309, 0x1}], 0x81, 0x0, &(0x7f0000000580)="126aab474e7d0462fab779b3258410627080ec4d674f9ce23a2fb45be9faeb58474c07bb1027836d4f4e74a8b1024f449bd43c524764f6bd2e0bb5b44151c76360386d6f4b6f51dfc9ed8875b99a61e83e31143c86152172d498f3bd864c56bc7b7acdcb0e0389bef6389326390452f1fe32d3abb9e58532aa5ca45723a0d5400f"}) ioctl$KDSIGACCEPT(r2, 0x4b4e, 0x6) setsockopt$inet6_udp_int(r1, 0x11, 0x66, &(0x7f0000000680)=0x1, 0x4) r3 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f00000006c0)='./binderfs/binder-control\x00', 0x800, 0x0) ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000700)={0x7393, 0x4, 0x0, 0x8000, 0x2}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000740)={{0xa, 0x4e24, 0x5, @empty, 0xffffffff}, {0xa, 0x4e20, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, 0x80000000}, 0x70, [0x400, 0xf0, 0x7, 0x4, 0x6, 0x5, 0xff, 0x4]}, 0x5c) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f00000007c0)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff}}, './file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r1, 0x89f9, &(0x7f0000000880)={'syztnl2\x00', &(0x7f0000000800)={'ip6tnl0\x00', 0x0, 0x2f, 0x1f, 0x6, 0x2, 0x60, @remote, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x10, 0x3, 0x1000}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'ip6_vti0\x00', &(0x7f00000008c0)={'syztnl1\x00', r5, 0x2f, 0x8, 0x6b, 0x6, 0x2, @mcast2, @local, 0x40, 0x8000, 0xbeb6, 0x9}}) r7 = syz_io_uring_complete(0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000000a00)={'gre0\x00', &(0x7f0000000980)={'erspan0\x00', r6, 0x80, 0x7800, 0x8, 0x316, {{0xf, 0x4, 0x0, 0x9, 0x3c, 0x68, 0x0, 0x38, 0x2f, 0x0, @rand_addr=0x64010100, @loopback, {[@end, @timestamp_addr={0x44, 0x24, 0x4d, 0x1, 0x0, [{@rand_addr=0x64010102, 0x80000001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6}, {@loopback, 0x100}, {@private=0xa010102, 0x8}]}]}}}}}) 16:46:03 executing program 4: r0 = io_uring_setup(0x59f0, &(0x7f0000000000)={0x0, 0x6fea, 0x20, 0x1, 0x218}) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/class/power_supply', 0x1ac00, 0x1) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f00000000c0), 0x1) ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x10001) r2 = perf_event_open$cgroup(&(0x7f0000000180)={0x3, 0x80, 0x40, 0x5, 0x2, 0x7f, 0x0, 0x80000001, 0x48008, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2e1d, 0xe6402e5c2f78486, @perf_bp={&(0x7f0000000140), 0x6}, 0x80c0, 0x1000, 0x6, 0x5, 0x4, 0xff, 0x9, 0x0, 0x8001, 0x0, 0x5}, r1, 0x1, 0xffffffffffffffff, 0x3) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) r4 = open$dir(&(0x7f0000000240)='./file0\x00', 0x80002, 0x10) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000280)=[r2, r3, r0, r1, r4], 0x5) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r6 = syz_io_uring_setup(0x52, &(0x7f0000000300)={0x0, 0x1cd4, 0x4, 0x2, 0x388, 0x0, r5}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) r7 = getgid() syz_mount_image$tmpfs(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0xb, 0x6, &(0x7f0000000840)=[{&(0x7f0000000480)="a9a4d074c71d44", 0x7, 0x450a2843}, {&(0x7f00000004c0)="6723a483f09a3a2aff64835e5e7c3e6c59f66d2e088ec772aaf55e6ea8509a883fb1c7c361b99eef583f6c2396591ffe0f99673e5cc7cda99c59c3912ebb2947a8d1131cd4e2e742f2ad35a248173740be5f435c5a69b9c66a3cfc8aea389f9a0fbb906e701db93668a9fd1a2ba18a327054f7ebe695662a04fedf844af89307a6f105b5ef9744e14455b7715be20b7dcae63822b1bcd8a81bf5d870f00d6cda61922ee401f475f0e03cc5c3734767a40dac373dc34c80458e2f7a4f9dbe96c116877c99c7", 0xc5, 0x7}, {&(0x7f00000005c0)="e171ce3dd8935422696a38491888d3c57427963cbf63b6653ee23e84e11699000ca50be3b9dec8cbbca2012eee69ce05e93e37440704ebc539ae92d80e1b5ba366fcc8fb885bdf4d3ae5a7dd4fdd8c20299c723b3d973fa005ad7bb8e9ec8ab19fdaabcd2e903d5b5b902776a5b0bada2a20918d133ab221a52be3970f432dc70bafbbc725e6c695934e46d8", 0x8c, 0x3}, {&(0x7f0000000680)="7a0cca21f5f13812c0d664c1375b8603d43a6f836e3356f24fd93d4ae5d0b74821df96f0f75c662d8781f552f667e0ffd4df82fd60ec479601774e0a5bbaaeae86117cd3ca01c7fd79569795975a8624c6cbda", 0x53, 0x1}, {&(0x7f0000000700)="f5104dfc1abebf7aac047188c1f154f26c5c975d10767ca05d8a9032d44c7fc7832abc30cb4ddfe6535651d690fb516335f9b2ae0f54328e2a8f60225f9cfc21c9d90ed1deea8f3bc26ae52776a08076ac97cd95535f05338f2c99b91beea652b29892385bc34fe358240850f0343ec619cdd1822bf1bceb7587e967de0c74eecd58032a93726eace35c1d90de763949463d37e1d4c56201da58f76114b7d248840a93a78b7523eac96ab730cd79453db9a456827112ac7179f82983b8aabcb535d26988f60f43850233e527d1454b8f4560e03eefb558ba47d54cbe2a", 0xdd, 0x100000001}, {&(0x7f0000000800)="a8a5f29fd243d48989aeadf05372f1ee6ce655d82d34bb8d67b6522180cffa2134825c4966efad", 0x27, 0x7f}], 0x2000, &(0x7f0000000900)={[{@mode={'mode', 0x3d, 0x1}}, {@gid={'gid', 0x3d, r7}}, {@size={'size', 0x3d, [0x35, 0x30, 0x2d, 0x31, 0x25]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x6b, 0x0, 0x65, 0x29]}}, {@size={'size', 0x3d, [0x67]}}, {@mode={'mode', 0x3d, 0x241}}, {@huge_never}, {}], [{@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@context={'context', 0x3d, 'staff_u'}}, {@hash}]}) ioctl$BTRFS_IOC_START_SYNC(r6, 0x80089418, &(0x7f0000000a00)=0x0) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000ac0)={{r6}, r8, 0x6, @inherit={0x78, &(0x7f0000000a40)={0x1, 0x6, 0x6, 0xb581, {0x0, 0x1, 0x81, 0x5}, [0x10, 0x1, 0xffffffff, 0x6, 0x1, 0x100000001]}}, @devid}) r9 = epoll_create1(0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r9, 0xc0709411, &(0x7f0000001ac0)={{0x0, 0x81, 0xffff, 0x7, 0x1, 0x9, 0x1, 0x8, 0xc0, 0x2, 0x2, 0x2, 0x1641, 0x5, 0x9}, 0x38, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000006f80)=[{{&(0x7f0000001b80)=@abs, 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001c00)=""/228, 0xe4}], 0x1, &(0x7f0000001d40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x38}}, {{&(0x7f0000001d80)=@abs, 0x6e, &(0x7f0000002e00)=[{&(0x7f0000001e00)=""/4096, 0x1000}], 0x1, &(0x7f0000002e40)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48}}, {{0x0, 0x0, &(0x7f0000003100)=[{&(0x7f0000002ec0)=""/70, 0x46}, {&(0x7f0000002f40)=""/126, 0x7e}, {&(0x7f0000002fc0)=""/136, 0x88}, {&(0x7f0000003080)=""/110, 0x6e}], 0x4}}, {{&(0x7f0000003140)=@abs, 0x6e, &(0x7f0000005640)=[{&(0x7f00000031c0)=""/74, 0x4a}, {&(0x7f0000003240)=""/174, 0xae}, {&(0x7f0000003300)=""/36, 0x24}, {&(0x7f0000003340)=""/131, 0x83}, {&(0x7f0000003400)=""/150, 0x96}, {&(0x7f00000034c0)=""/4096, 0x1000}, {&(0x7f00000044c0)=""/238, 0xee}, {&(0x7f00000045c0)=""/4096, 0x1000}, {&(0x7f00000055c0)=""/17, 0x11}, {&(0x7f0000005600)=""/58, 0x3a}], 0xa, &(0x7f0000005700)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{&(0x7f00000057c0)=@abs, 0x6e, &(0x7f0000006a40)=[{&(0x7f0000005840)=""/204, 0xcc}, {&(0x7f0000005940)=""/4096, 0x1000}, {&(0x7f0000006940)=""/210, 0xd2}], 0x3}}, {{0x0, 0x0, &(0x7f0000006bc0)=[{&(0x7f0000006a80)}, {&(0x7f0000006ac0)=""/249, 0xf9}], 0x2}}, {{&(0x7f0000006c00), 0x6e, &(0x7f0000006f00)=[{&(0x7f0000006c80)=""/227, 0xe3}, {&(0x7f0000006d80)=""/97, 0x61}, {&(0x7f0000006e00)=""/17, 0x11}, {&(0x7f0000006e40)=""/161, 0xa1}], 0x4, &(0x7f0000006f40)=[@cred={{0x1c}}], 0x20}}], 0x7, 0x40000003, &(0x7f0000007140)={0x77359400}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000007180)={0x0, 0x0, 0x0}, &(0x7f00000071c0)=0xc) setresgid(r10, r7, r11) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000008240)) [ 76.139148] audit: type=1400 audit(1664037963.437:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:46:03 executing program 5: sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x94, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@handle=@pci={{0x8}, {0x11}}, @handle=@pci={{0x8}, {0x11}}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@pci={{0x8}, {0x11}}]}, 0x94}, 0x1, 0x0, 0x0, 0x20004011}, 0x800) r0 = creat(&(0x7f0000000180)='./file0\x00', 0xa6) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x7c, 0x0, 0x400, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x9, 0x3a}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x6}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xb}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x5}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x2}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x3}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x40) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0, {r0}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000380)={{0x1, 0x1, 0x18, r3, {0xfff}}, './file0\x00'}) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/timer_list\x00', 0x0, 0x0) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r5, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0xb0, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}]}, 0xb0}}, 0x4) write(0xffffffffffffffff, &(0x7f0000000580)="0bb4597d8a365f776b1675946b31918c4583cca58f002aa92f06b0f656bd25118e69e1bdf4d9e11c6793613ecb7996c02f0d0ecfed753c6b8be1918a4dcd282c8eb2dd8ac4e1f2f6dc56a6245634fffb1aafa53b3aa8e111064f7a49db0c594391b3414b60a884280844caf333e75642273f8fb5318da3a63a978342e9a47b14bd56a7f89c35f42f7cdc59fefdc2f9a1d66854a7f3649cbe4c70ef128708fa50a2a22ecabc04700318170d3965e6ee9ddd717d4d35b5cccec7bf16b7dcaf3362cf1487ab9d2fd55d5b5924a36d8d161b61129cb7d4e65bb0f4547e633685f815e667c18fff27bb1da692eda365ea7e236d0a036cf88b3c87b37af2", 0xfb) fsetxattr$security_capability(r5, &(0x7f0000000680), &(0x7f00000006c0)=@v3={0x3000000, [{0x3f, 0x1000}, {0x3, 0x8001}], 0xee00}, 0x18, 0x1) fstat(r2, &(0x7f0000000700)) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000780), 0x1cb41, 0x0) r7 = dup3(0xffffffffffffffff, r5, 0x0) r8 = accept4$inet(r4, &(0x7f00000007c0)={0x2, 0x0, @private}, &(0x7f0000000800)=0x10, 0x800) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000a80)={0x98, 0x0, &(0x7f0000000940)=[@enter_looper, @increfs, @free_buffer, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000880)={@fd={0x66642a85, 0x0, r7}, @fd={0x66642a85, 0x0, r8}, @ptr={0x70742a85, 0x1, &(0x7f0000000840)=""/48, 0x30, 0x2, 0x8}}, &(0x7f0000000900)={0x0, 0x18, 0x30}}}, @register_looper, @increfs={0x40046304, 0x3}, @free_buffer, @clear_death={0x400c630f, 0x2}, @acquire_done], 0x72, 0x0, &(0x7f0000000a00)="e09f0baf010acdd8bc764686af8b54065488e07891e4476750485cbe04f0fe5183de530d78838ed125ad3ed5ec1609f441abb40c0db28556295c1b8262a03945d11999583be9b9cc53a16b884a78b6b5cb7f900e5fd930e2a9f6491d477b674083a7902ff5cf9075489b071840c5bf2df3d3"}) r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000ac0), 0x264100, 0x0) getpeername$unix(r9, &(0x7f0000000b00)=@abs, &(0x7f0000000b80)=0x6e) sendmsg$NL80211_CMD_SET_PMK(r2, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x3c, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "fc29de9e63ffe2b18701b2761181e180"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "5325507d37e9dfaea43e2a47cdcd6a36"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) recvmmsg$unix(r9, &(0x7f0000002f40)=[{{&(0x7f0000000cc0)=@abs, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000d40)=""/89, 0x59}, {&(0x7f0000000dc0)=""/4, 0x4}, {&(0x7f0000000e00)=""/9, 0x9}, {&(0x7f0000000e40)=""/80, 0x50}, {&(0x7f0000000ec0)=""/72, 0x48}], 0x5, &(0x7f0000000fc0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xf0}}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f00000010c0)=""/64, 0x40}, {&(0x7f0000001100)=""/114, 0x72}], 0x2}}, {{&(0x7f00000011c0), 0x6e, &(0x7f0000002680)=[{&(0x7f0000001240)=""/113, 0x71}, {&(0x7f00000012c0)=""/78, 0x4e}, {&(0x7f0000001340)=""/130, 0x82}, {&(0x7f0000001400)=""/159, 0x9f}, {&(0x7f00000014c0)=""/238, 0xee}, {&(0x7f00000015c0)=""/70, 0x46}, {&(0x7f0000001640)=""/4096, 0x1000}, {&(0x7f0000002640)}], 0x8}}, {{&(0x7f0000002700)=@abs, 0x6e, &(0x7f00000027c0)=[{&(0x7f0000002780)=""/11, 0xb}], 0x1, &(0x7f0000002800)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0xb8}}, {{&(0x7f00000028c0)=@abs, 0x6e, &(0x7f0000002c80)=[{&(0x7f0000002940)=""/81, 0x51}, {&(0x7f00000029c0)=""/181, 0xb5}, {&(0x7f0000002a80)=""/59, 0x3b}, {&(0x7f0000002ac0)=""/191, 0xbf}, {&(0x7f0000002b80)=""/246, 0xf6}], 0x5, &(0x7f0000002d00)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x98}}, {{&(0x7f0000002dc0), 0x6e, &(0x7f0000002e80)=[{&(0x7f0000002e40)=""/61, 0x3d}], 0x1, &(0x7f0000002ec0)=[@cred={{0x1c}}, @rights={{0x10}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x6, 0x40000000, &(0x7f00000030c0)={0x77359400}) getpeername(0xffffffffffffffff, &(0x7f0000003140)=@l2={0x1f, 0x0, @none}, &(0x7f00000031c0)=0x80) 16:46:03 executing program 7: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005200)=[{{&(0x7f0000000040), 0x6e, &(0x7f0000001180)=[{&(0x7f00000000c0)=""/4096, 0x1000}, {&(0x7f00000010c0)=""/75, 0x4b}, {&(0x7f0000001140)=""/28, 0x1c}], 0x3, &(0x7f00000011c0)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}}, {{&(0x7f0000001240)=@abs, 0x6e, &(0x7f0000002740)=[{&(0x7f00000012c0)=""/88, 0x58}, {&(0x7f0000001340)=""/238, 0xee}, {&(0x7f0000001440)=""/45, 0x2d}, {&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000002480)=""/227, 0xe3}, {&(0x7f0000002580)=""/246, 0xf6}, {&(0x7f0000002680)=""/54, 0x36}, {&(0x7f00000026c0)=""/87, 0x57}], 0x8, &(0x7f00000027c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb8}}, {{&(0x7f0000002880)=@abs, 0x6e, &(0x7f0000003e40)=[{&(0x7f0000002900)=""/53, 0x35}, {&(0x7f0000002940)=""/87, 0x57}, {&(0x7f00000029c0)=""/137, 0x89}, {&(0x7f0000002a80)=""/195, 0xc3}, {&(0x7f0000002b80)=""/157, 0x9d}, {&(0x7f0000002c40)=""/65, 0x41}, {&(0x7f0000002cc0)=""/194, 0xc2}, {&(0x7f0000002dc0)=""/110, 0x6e}, {&(0x7f0000002e40)=""/4096, 0x1000}], 0x9, &(0x7f0000003f00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x38}}, {{0x0, 0x0, &(0x7f0000004300)=[{&(0x7f0000003f40)=""/150, 0x96}, {&(0x7f0000004000)=""/229, 0xe5}, {&(0x7f0000004100)=""/170, 0xaa}, {&(0x7f00000041c0)=""/119, 0x77}, {&(0x7f0000004240)=""/32, 0x20}, {&(0x7f0000004280)=""/70, 0x46}], 0x6, &(0x7f0000004380)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}}, {{&(0x7f00000043c0), 0x6e, &(0x7f00000045c0)=[{&(0x7f0000004440)=""/114, 0x72}, {&(0x7f00000044c0)=""/227, 0xe3}], 0x2, &(0x7f0000004600)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}}, {{&(0x7f0000004640), 0x6e, &(0x7f00000048c0)=[{&(0x7f00000046c0)=""/236, 0xec}, {&(0x7f00000047c0)=""/192, 0xc0}, {&(0x7f0000004880)=""/22, 0x16}], 0x3, &(0x7f0000004900)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000004940), 0x6e, &(0x7f0000005040)=[{&(0x7f00000049c0)=""/59, 0x3b}, {&(0x7f0000004a00)=""/134, 0x86}, {&(0x7f0000004ac0)=""/105, 0x69}, {&(0x7f0000004b40)=""/148, 0x94}, {&(0x7f0000004c00)=""/203, 0xcb}, {&(0x7f0000004d00)=""/220, 0xdc}, {&(0x7f0000004e00)=""/64, 0x40}, {&(0x7f0000004e40)=""/34, 0x22}, {&(0x7f0000004e80)=""/218, 0xda}, {&(0x7f0000004f80)=""/162, 0xa2}], 0xa, &(0x7f0000005100)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}}], 0x7, 0x40000021, 0x0) kcmp(r0, 0xffffffffffffffff, 0x6, r5, 0xffffffffffffffff) sendmsg$NL80211_CMD_START_NAN(r7, &(0x7f0000005480)={&(0x7f00000053c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000005440)={&(0x7f0000005400)={0x40, 0x0, 0x2, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x80, 0x18}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x81d7}, 0x80) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000005500), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(r8, &(0x7f00000055c0)={&(0x7f00000054c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000005580)={&(0x7f0000005540)={0x2c, r9, 0xc12, 0x70bd2a, 0x25dfdbfc, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1ff}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8088}, 0x8000) fspick(0xffffffffffffff9c, &(0x7f0000005600)='./file0\x00', 0x1) ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000005a40)={0x0, 0x1, 0xc, 0xe, 0x141, &(0x7f0000005640)="3a28c1b192b3c0b375a50e0aa916ca0fd9f25e311e1ed114a63a9ba72be05e75a668d35cf3025c4546bd57593f806a310bb8f453d62646fa1ed1f9ff3dccead29276ed2abf9de1b77e05d7cfc3ac993be20b4034247c8de32cf8a2c51b7a7be94434f0528156aabfcf8da42fa58e3999814e1976933b1709863648538a1f1c94bac72015fa49d82f7418ebca5886491d52bb5435435b057d77dac6f4097ffcc3d3e3487e07132bae651fe3e8fc55105e49661749b5905b260b45392447caad8b14390aca260adcf7745cc6c78e58be46261583c1ef1898f2e02712297e01b0822842d22c6cb0c61d2d1f84a12c0e94856a847699171a438b361c1b942a2f89492991d7687aff605b036999f346718ba40c0b71df937300c3240b64544ee37c864841f835e9ce7e8f59812eab6cba990088bdf7df696f8195f1604870d8aed2e1637b31aaa95ddbdd20a7fe0f1e9aea337ddad34fca617e90398ae52ad07e7913f3c60c61276f252ac9ad4fc6c1d1b7e85c7fff11f89770e3f9808dbc4061078ca2617cf32078bac902538899ef940585d3cf0ebaaee6dc4c42a8da08780efe0913e0c48bebb29a7d74607ba7d483bc2bd7a70da045d73a4d259cdd75f869f341dfc9eaad2a49b839778bc1c39201c5b27a25f7ddba787bb32ffdff17705652f378d1544003f08fd5e559ef03067fc0c75bbeb5ead3d0ab41804946f50b90986475565424549466234c4191c5e987fc429f34dc13164674a56ef0557fa86bb4ae33d50759376c90e8b2b6007af10c4b7bf85e40548916b0a78659c7b22715e969959c3eb9b91de2092ec0bfe3dd46e237785ece0e1a5486ed5c711c2fd048d6245b3e8c66028b15f33548958f409a8d520652f72a80f884cb6564547ba620465e5030dbf31455dcb6a050d9cc3cab93134597b452196673d99bfc53c565da6797fbc1f9cd588f9d5b5119789eb4114ae0155315e9087995c776162596224f6d0060c8f98ef7ef9709dac9cb820431037590f93f7ee941523f6fbfdf4ce3af9580799a3af12793a8f0cb1ac8579eba73a4afcd07979c096e06afac4ef883024393aaa43dbcfeff7f11606331434b1beee2cb8da00ab4b0bb71698566d9909712107caafe021ef33de90235b7e4d766b2dbc3b796f672d05e7010c5df7f7ba18e73beca8aac055034ddc70afaf3c1bb9a53ed0b3555d4fda919254954e91267900cc94fc6490e7bb08956f56563a15cede32fcc1e1fda034e39fe9a9ce473bd21d694fe87e0f9ff88dd4d9410c1364021cf1b470f446295eace16e8c1b27b0e8cf68e77415eaff5439380990b715f4f0de472cf10c42fd720d6e63744481c2d253ea621b53c592da45e74c5dde767da37ca805fd9f12668d3908a67860ce40bbea5d60cec5ff7a30b5592f759cee0e934694f8755e8d703dfea99a62240659dc487"}) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ac0), r4) sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000005b80)={&(0x7f0000005a80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000005b40)={&(0x7f0000005b00)={0x14, r10, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x200080c1) ioctl$TIOCMIWAIT(r6, 0x545c, 0x0) r11 = fcntl$dupfd(r3, 0x0, r2) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r11, 0xc018937e, &(0x7f0000005bc0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) sendmsg$NLBL_CALIPSO_C_REMOVE(r8, &(0x7f0000005cc0)={&(0x7f0000005c00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000005c80)={&(0x7f0000005c40)={0x24, 0x0, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x88}, 0x4000040) r12 = memfd_secret(0x0) sendmsg$ETHTOOL_MSG_WOL_GET(r12, &(0x7f0000005dc0)={&(0x7f0000005d00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000005d80)={&(0x7f0000005d40)={0x40, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4001) ioctl$TIOCL_PASTESEL(r4, 0x541c, &(0x7f0000005e00)) r13 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$EXT4_IOC_CHECKPOINT(r13, 0x4004662b, &(0x7f0000005e40)=0x3) 16:46:03 executing program 6: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_STOP_NAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r0, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x5, 0x4f}}}}, ["", "", "", "", "", "", ""]}, 0x20}}, 0x4084) r1 = socket$nl_generic(0x10, 0x3, 0x10) accept(r1, &(0x7f0000000200)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private2}}}, &(0x7f0000000280)=0x80) sendmsg$IPSET_CMD_DEL(r2, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xfc, 0xa, 0x6, 0x101, 0x0, 0x0, {0xc, 0x0, 0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x74, 0x7, 0x0, 0x1, [@IPSET_ATTR_NAME={0x9, 0x12, 'syz2\x00'}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz2\x00'}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz1\x00'}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x8}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_ADT={0x38, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz0\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x81}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x6, 0x1a, '+\x00'}}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR2={0x5, 0x15, 0x8}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x44041}, 0x20008401) getsockopt$IP_SET_OP_GET_BYINDEX(r1, 0x1, 0x53, &(0x7f0000000480)={0x7, 0x7, 0x4}, &(0x7f00000004c0)=0x28) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000500)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000005c0)={'wlan1\x00', 0x0}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000600)={{0x1, 0x1, 0x18, r1, {0x6}}, './file0\x00'}) r7 = gettid() r8 = getpgid(0x0) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r3, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x70, r4, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x40}, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x8, 0x39}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x47}, @NL80211_ATTR_NETNS_FD={0x8}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r6}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x7e}, @NL80211_ATTR_PID={0x8, 0x52, r7}, @NL80211_ATTR_PID={0x8, 0x52, r8}, @NL80211_ATTR_PID={0x8, 0x52, 0xffffffffffffffff}, @NL80211_ATTR_NETNS_FD={0x8}]}, 0x70}, 0x1, 0x0, 0x0, 0x84}, 0x8000) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r6) openat(r6, &(0x7f0000000780)='./file0\x00', 0x270200, 0x10c) r10 = openat$zero(0xffffffffffffff9c, &(0x7f00000007c0), 0x100000, 0x0) recvfrom(r10, &(0x7f0000000800)=""/202, 0xca, 0x2000, &(0x7f0000000900)=@x25, 0x80) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x74, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_NET={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1a6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x81}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x200}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x801}, 0x0) r11 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2c4540, 0x0) sendmsg$NL80211_CMD_FRAME(r11, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r9, 0x20, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) [ 77.394542] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.397868] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.399553] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.407045] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.409421] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.411878] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.418335] Bluetooth: hci0: HCI_REQ-0x0c1a [ 77.451460] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.458642] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.460401] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.463372] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.470927] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.475031] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.477237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.479582] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.480755] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.483541] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.484652] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.487678] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.488861] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.490541] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.507918] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.521132] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 77.525032] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.526584] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 77.528362] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.529799] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 77.531352] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.532597] Bluetooth: hci1: HCI_REQ-0x0c1a [ 77.540557] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 77.541669] Bluetooth: hci2: HCI_REQ-0x0c1a [ 77.542320] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 77.544816] Bluetooth: hci3: HCI_REQ-0x0c1a [ 77.544827] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 77.561586] Bluetooth: hci4: HCI_REQ-0x0c1a [ 77.577100] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 77.579419] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 77.581122] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 77.590604] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 77.594185] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 77.595574] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 77.600324] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.623469] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 77.627457] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 77.630578] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 77.635998] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 77.638043] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 77.639469] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 77.641589] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 77.646794] Bluetooth: hci6: HCI_REQ-0x0c1a [ 77.663017] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 77.665687] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 77.670968] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 77.675641] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 77.680072] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 77.700794] Bluetooth: hci5: HCI_REQ-0x0c1a [ 79.475220] Bluetooth: hci0: command 0x0409 tx timeout [ 79.602901] Bluetooth: hci7: command 0x0409 tx timeout [ 79.602989] Bluetooth: hci4: command 0x0409 tx timeout [ 79.603914] Bluetooth: hci3: command 0x0409 tx timeout [ 79.604468] Bluetooth: hci2: command 0x0409 tx timeout [ 79.605390] Bluetooth: hci1: command 0x0409 tx timeout [ 79.666813] Bluetooth: hci6: command 0x0409 tx timeout [ 79.730790] Bluetooth: hci5: command 0x0409 tx timeout [ 81.523869] Bluetooth: hci0: command 0x041b tx timeout [ 81.650750] Bluetooth: hci1: command 0x041b tx timeout [ 81.651208] Bluetooth: hci2: command 0x041b tx timeout [ 81.651627] Bluetooth: hci3: command 0x041b tx timeout [ 81.652063] Bluetooth: hci4: command 0x041b tx timeout [ 81.652442] Bluetooth: hci7: command 0x041b tx timeout [ 81.715770] Bluetooth: hci6: command 0x041b tx timeout [ 81.779798] Bluetooth: hci5: command 0x041b tx timeout [ 83.571809] Bluetooth: hci0: command 0x040f tx timeout [ 83.699905] Bluetooth: hci7: command 0x040f tx timeout [ 83.700379] Bluetooth: hci4: command 0x040f tx timeout [ 83.700826] Bluetooth: hci3: command 0x040f tx timeout [ 83.701230] Bluetooth: hci2: command 0x040f tx timeout [ 83.701631] Bluetooth: hci1: command 0x040f tx timeout [ 83.762743] Bluetooth: hci6: command 0x040f tx timeout [ 83.826749] Bluetooth: hci5: command 0x040f tx timeout [ 85.618826] Bluetooth: hci0: command 0x0419 tx timeout [ 85.746891] Bluetooth: hci1: command 0x0419 tx timeout [ 85.747580] Bluetooth: hci2: command 0x0419 tx timeout [ 85.748242] Bluetooth: hci3: command 0x0419 tx timeout [ 85.748888] Bluetooth: hci4: command 0x0419 tx timeout [ 85.749513] Bluetooth: hci7: command 0x0419 tx timeout [ 85.810836] Bluetooth: hci6: command 0x0419 tx timeout [ 85.874816] Bluetooth: hci5: command 0x0419 tx timeout 16:46:56 executing program 2: getgroups(0x2, &(0x7f0000000140)=[0x0, 0xee00]) setresgid(r0, 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffff29, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) setresgid(0xffffffffffffffff, 0x0, 0x0) setresgid(0x0, 0x0, 0x0) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)) [ 129.699774] audit: type=1400 audit(1664038016.998:7): avc: denied { open } for pid=3891 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.714906] loop4: detected capacity change from 0 to 264192 [ 129.761288] loop4: detected capacity change from 0 to 264192 16:46:57 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6802, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x10002, 0x8) perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x20, 0x3, 0xcc, 0x2, 0x0, 0x23d, 0x19000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9, 0x2, @perf_config_ext={0xffffffffffffff91, 0xf10}, 0x400, 0x4, 0x6, 0x6, 0x10001, 0x9, 0x8, 0x0, 0x8, 0x0, 0x100}, 0xffffffffffffffff, 0x0, r1, 0x1) r2 = socket$inet(0x2, 0x3, 0xfb) close_range(r2, 0xffffffffffffffff, 0x0) 16:46:57 executing program 4: keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000000)='%[.+,}*!$\x00', &(0x7f0000000040)) r0 = add_key$fscrypt_provisioning(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)={0x1, 0x0, @auto=[0x1b, 0x39, 0x1b, 0x17, 0x32, 0x2c, 0x21]}, 0xf, 0xfffffffffffffffd) keyctl$describe(0x6, r0, &(0x7f0000000140)=""/209, 0xd1) r1 = request_key(&(0x7f0000000340)='.request_key_auth\x00', &(0x7f0000000380)={'syz', 0x2}, &(0x7f00000003c0)='\\,\x00', 0xfffffffffffffffd) add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)="d2f333da308f231b0d5c731c1b0d4f690dec4e862af6e4101334b1ed331defcd70dc5b710b69ca90b4591a31c5b54a401f982ca279fbc94af0307e77cc61ee384543f6248477de65fec109943a0b68d33ede7ec2dd2f9c58d770ac398e8bbbf4ce8b86c22352da24622d01f5bff3", 0x6e, r1) r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000480)={0x0, "3ccaaa4c590a6ce914090e0413a062691f97fc2b4d6e4b3b3643ca9e593c23da96671869c7c1e8d82d503ef20afba8030f66c2eebd3e1b87fb0a07169c676490", 0x20}, 0x48, 0xfffffffffffffffc) keyctl$invalidate(0x15, r2) r3 = add_key(&(0x7f0000000500)='encrypted\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="b9a922563e3db0b6e21c8d7284221b0dc95b30eb20f5137b62428a79e4f069449c1e2f6b0846d2270f6665bf92844a7ebd24c72dde056d2df80411e4962188bcabcdec22e10f65a09604685aafff4a12a241340410d3ed9f1db52c39f06476131c772526eae296e2c369a57132d3522af3c06e2ad3f4a2", 0x77, r2) keyctl$describe(0x6, 0x0, &(0x7f0000000780)=""/92, 0x5c) keyctl$describe(0x6, r1, &(0x7f0000000800)=""/182, 0xb6) r4 = add_key$keyring(&(0x7f00000008c0), &(0x7f0000000900)={'syz', 0x2}, 0x0, 0x0, 0x0) add_key$fscrypt_provisioning(&(0x7f0000000a00), &(0x7f0000000a40)={'syz', 0x2}, &(0x7f0000000a80)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00abcdefghijklmnopqrstuvwxyz0123456'], 0x29, 0x0) keyctl$KEYCTL_MOVE(0x1e, r3, r4, 0xfffffffffffffffa, 0x0) r5 = add_key$fscrypt_v1(&(0x7f0000001480), &(0x7f00000014c0)={'fscrypt:', @desc3}, &(0x7f0000001500)={0x0, "6e63964dfe44d93ffcc8abfb1d6f2889bd8c4cb0be72502f9e310c6b43fa5f30a836fca399ccf1479d919b69f6541e7932c30c83e946ae941d47f0fafd1ea341"}, 0x48, 0xfffffffffffffffe) keyctl$setperm(0x5, r5, 0x0) request_key(&(0x7f0000000600)='id_legacy\x00', &(0x7f0000000640)={'syz', 0x2}, &(0x7f0000000680)='$\x00', r5) 16:46:57 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, @perf_bp={&(0x7f0000000480), 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x1) ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000040)) ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000240)={0x0, 0x8, [0x1, 0xebb, 0x7fffffff, 0x6, 0x0, 0x3]}) io_setup(0x3ff, &(0x7f0000000140)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00') write$P9_RREMOVE(0xffffffffffffffff, &(0x7f00000002c0)={0x7, 0x7b, 0x1}, 0x7) r4 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r4, 0x2284, &(0x7f0000000000)) io_submit(r2, 0x1, &(0x7f0000001340)=[&(0x7f0000001300)={0x0, 0x0, 0x0, 0x1, 0x105, r4, 0x0, 0x0, 0x0, 0x0, 0x2}]) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r3, 0xf502, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYBLOB]) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000003c0)) ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f00000004c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) getpgid(0xffffffffffffffff) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file0\x00'}) semget$private(0x0, 0x1, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x7}], 0x1) 16:46:57 executing program 4: keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000000)='%[.+,}*!$\x00', &(0x7f0000000040)) r0 = add_key$fscrypt_provisioning(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)={0x1, 0x0, @auto=[0x1b, 0x39, 0x1b, 0x17, 0x32, 0x2c, 0x21]}, 0xf, 0xfffffffffffffffd) keyctl$describe(0x6, r0, &(0x7f0000000140)=""/209, 0xd1) r1 = request_key(&(0x7f0000000340)='.request_key_auth\x00', &(0x7f0000000380)={'syz', 0x2}, &(0x7f00000003c0)='\\,\x00', 0xfffffffffffffffd) add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)="d2f333da308f231b0d5c731c1b0d4f690dec4e862af6e4101334b1ed331defcd70dc5b710b69ca90b4591a31c5b54a401f982ca279fbc94af0307e77cc61ee384543f6248477de65fec109943a0b68d33ede7ec2dd2f9c58d770ac398e8bbbf4ce8b86c22352da24622d01f5bff3", 0x6e, r1) r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc4}, &(0x7f0000000480)={0x0, "3ccaaa4c590a6ce914090e0413a062691f97fc2b4d6e4b3b3643ca9e593c23da96671869c7c1e8d82d503ef20afba8030f66c2eebd3e1b87fb0a07169c676490", 0x20}, 0x48, 0xfffffffffffffffc) keyctl$invalidate(0x15, r2) r3 = add_key(&(0x7f0000000500)='encrypted\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="b9a922563e3db0b6e21c8d7284221b0dc95b30eb20f5137b62428a79e4f069449c1e2f6b0846d2270f6665bf92844a7ebd24c72dde056d2df80411e4962188bcabcdec22e10f65a09604685aafff4a12a241340410d3ed9f1db52c39f06476131c772526eae296e2c369a57132d3522af3c06e2ad3f4a2", 0x77, r2) keyctl$describe(0x6, 0x0, &(0x7f0000000780)=""/92, 0x5c) keyctl$describe(0x6, r1, &(0x7f0000000800)=""/182, 0xb6) r4 = add_key$keyring(&(0x7f00000008c0), &(0x7f0000000900)={'syz', 0x2}, 0x0, 0x0, 0x0) add_key$fscrypt_provisioning(&(0x7f0000000a00), &(0x7f0000000a40)={'syz', 0x2}, &(0x7f0000000a80)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00abcdefghijklmnopqrstuvwxyz0123456'], 0x29, 0x0) keyctl$KEYCTL_MOVE(0x1e, r3, r4, 0xfffffffffffffffa, 0x0) r5 = add_key$fscrypt_v1(&(0x7f0000001480), &(0x7f00000014c0)={'fscrypt:', @desc3}, &(0x7f0000001500)={0x0, "6e63964dfe44d93ffcc8abfb1d6f2889bd8c4cb0be72502f9e310c6b43fa5f30a836fca399ccf1479d919b69f6541e7932c30c83e946ae941d47f0fafd1ea341"}, 0x48, 0xfffffffffffffffe) keyctl$setperm(0x5, r5, 0x0) request_key(&(0x7f0000000600)='id_legacy\x00', &(0x7f0000000640)={'syz', 0x2}, &(0x7f0000000680)='$\x00', r5) [ 129.994028] audit: type=1400 audit(1664038017.293:8): avc: denied { kernel } for pid=3919 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 130.006369] ------------[ cut here ]------------ [ 130.006390] [ 130.006392] ====================================================== [ 130.006396] WARNING: possible circular locking dependency detected [ 130.006400] 6.0.0-rc6-next-20220923 #1 Not tainted [ 130.006407] ------------------------------------------------------ [ 130.006410] syz-executor.2/3921 is trying to acquire lock: [ 130.006416] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 130.006456] [ 130.006456] but task is already holding lock: [ 130.006459] ffff88800f457c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.006488] [ 130.006488] which lock already depends on the new lock. [ 130.006488] [ 130.006491] [ 130.006491] the existing dependency chain (in reverse order) is: [ 130.006495] [ 130.006495] -> #3 (&ctx->lock){....}-{2:2}: [ 130.006508] _raw_spin_lock+0x2a/0x40 [ 130.006527] __perf_event_task_sched_out+0x53b/0x18d0 [ 130.006540] __schedule+0xedd/0x2470 [ 130.006553] schedule+0xda/0x1b0 [ 130.006566] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.006577] syscall_exit_to_user_mode+0x19/0x40 [ 130.006590] do_syscall_64+0x48/0x90 [ 130.006607] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.006619] [ 130.006619] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 130.006632] _raw_spin_lock_nested+0x30/0x40 [ 130.006650] raw_spin_rq_lock_nested+0x1e/0x30 [ 130.006663] task_fork_fair+0x63/0x4d0 [ 130.006680] sched_cgroup_fork+0x3d0/0x540 [ 130.006696] copy_process+0x4183/0x6e20 [ 130.006707] kernel_clone+0xe7/0x890 [ 130.006716] user_mode_thread+0xad/0xf0 [ 130.006726] rest_init+0x24/0x250 [ 130.006737] arch_call_rest_init+0xf/0x14 [ 130.006755] start_kernel+0x4c1/0x4e6 [ 130.006770] secondary_startup_64_no_verify+0xe0/0xeb [ 130.006785] [ 130.006785] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 130.006798] _raw_spin_lock_irqsave+0x39/0x60 [ 130.006816] try_to_wake_up+0xab/0x1930 [ 130.006829] up+0x75/0xb0 [ 130.006843] __up_console_sem+0x6e/0x80 [ 130.006858] console_unlock+0x46a/0x590 [ 130.006874] do_con_write+0xc05/0x1d50 [ 130.006886] con_write+0x21/0x40 [ 130.006896] n_tty_write+0x4d4/0xfe0 [ 130.006910] file_tty_write.constprop.0+0x49c/0x8f0 [ 130.006924] vfs_write+0x9c3/0xd90 [ 130.006945] ksys_write+0x127/0x250 [ 130.006962] do_syscall_64+0x3b/0x90 [ 130.006978] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.006990] [ 130.006990] -> #0 ((console_sem).lock){....}-{2:2}: [ 130.007003] __lock_acquire+0x2a02/0x5e70 [ 130.007020] lock_acquire+0x1a2/0x530 [ 130.007035] _raw_spin_lock_irqsave+0x39/0x60 [ 130.007054] down_trylock+0xe/0x70 [ 130.007068] __down_trylock_console_sem+0x3b/0xd0 [ 130.007083] vprintk_emit+0x16b/0x560 [ 130.007099] vprintk+0x84/0xa0 [ 130.007115] _printk+0xba/0xf1 [ 130.007126] report_bug.cold+0x72/0xab [ 130.007142] handle_bug+0x3c/0x70 [ 130.007157] exc_invalid_op+0x14/0x50 [ 130.007174] asm_exc_invalid_op+0x16/0x20 [ 130.007185] group_sched_out.part.0+0x2c7/0x460 [ 130.007196] ctx_sched_out+0x8f1/0xc10 [ 130.007206] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.007218] __schedule+0xedd/0x2470 [ 130.007231] schedule+0xda/0x1b0 [ 130.007243] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.007254] syscall_exit_to_user_mode+0x19/0x40 [ 130.007265] do_syscall_64+0x48/0x90 [ 130.007281] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.007293] [ 130.007293] other info that might help us debug this: [ 130.007293] [ 130.007296] Chain exists of: [ 130.007296] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 130.007296] [ 130.007311] Possible unsafe locking scenario: [ 130.007311] [ 130.007313] CPU0 CPU1 [ 130.007316] ---- ---- [ 130.007318] lock(&ctx->lock); [ 130.007324] lock(&rq->__lock); [ 130.007330] lock(&ctx->lock); [ 130.007336] lock((console_sem).lock); [ 130.007342] [ 130.007342] *** DEADLOCK *** [ 130.007342] [ 130.007344] 2 locks held by syz-executor.2/3921: [ 130.007351] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 130.007380] #1: ffff88800f457c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 130.007407] [ 130.007407] stack backtrace: [ 130.007410] CPU: 1 PID: 3921 Comm: syz-executor.2 Not tainted 6.0.0-rc6-next-20220923 #1 [ 130.007422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.007431] Call Trace: [ 130.007434] [ 130.007438] dump_stack_lvl+0x8b/0xb3 [ 130.007455] check_noncircular+0x263/0x2e0 [ 130.007471] ? format_decode+0x26c/0xb50 [ 130.007488] ? print_circular_bug+0x450/0x450 [ 130.007505] ? enable_ptr_key_workfn+0x20/0x20 [ 130.007521] ? format_decode+0x26c/0xb50 [ 130.007537] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 130.007555] __lock_acquire+0x2a02/0x5e70 [ 130.007576] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 130.007598] lock_acquire+0x1a2/0x530 [ 130.007615] ? down_trylock+0xe/0x70 [ 130.007631] ? lock_release+0x750/0x750 [ 130.007651] ? vprintk+0x84/0xa0 [ 130.007668] _raw_spin_lock_irqsave+0x39/0x60 [ 130.007687] ? down_trylock+0xe/0x70 [ 130.007703] down_trylock+0xe/0x70 [ 130.007718] ? vprintk+0x84/0xa0 [ 130.007734] __down_trylock_console_sem+0x3b/0xd0 [ 130.007751] vprintk_emit+0x16b/0x560 [ 130.007769] vprintk+0x84/0xa0 [ 130.007786] _printk+0xba/0xf1 [ 130.007797] ? record_print_text.cold+0x16/0x16 [ 130.007813] ? report_bug.cold+0x66/0xab [ 130.007830] ? group_sched_out.part.0+0x2c7/0x460 [ 130.007841] report_bug.cold+0x72/0xab [ 130.007860] handle_bug+0x3c/0x70 [ 130.007876] exc_invalid_op+0x14/0x50 [ 130.007894] asm_exc_invalid_op+0x16/0x20 [ 130.007906] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.007920] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.007933] RSP: 0018:ffff88801d8efc48 EFLAGS: 00010006 [ 130.007945] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.007953] RDX: ffff888017cc9ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 130.007960] RBP: ffff88801bcc0000 R08: 0000000000000005 R09: 0000000000000001 [ 130.007968] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800f457c00 [ 130.007976] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 130.007986] ? group_sched_out.part.0+0x2c7/0x460 [ 130.008000] ? group_sched_out.part.0+0x2c7/0x460 [ 130.008013] ctx_sched_out+0x8f1/0xc10 [ 130.008025] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.008041] ? lock_is_held_type+0xd7/0x130 [ 130.008054] ? __perf_cgroup_move+0x160/0x160 [ 130.008066] ? set_next_entity+0x304/0x550 [ 130.008083] ? update_curr+0x267/0x740 [ 130.008101] ? lock_is_held_type+0xd7/0x130 [ 130.008114] __schedule+0xedd/0x2470 [ 130.008131] ? io_schedule_timeout+0x150/0x150 [ 130.008147] ? rcu_read_lock_sched_held+0x3e/0x80 [ 130.008167] schedule+0xda/0x1b0 [ 130.008181] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.008193] syscall_exit_to_user_mode+0x19/0x40 [ 130.008206] do_syscall_64+0x48/0x90 [ 130.008223] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.008236] RIP: 0033:0x7fc2b0323b19 [ 130.008244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.008255] RSP: 002b:00007fc2ad899218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.008265] RAX: 0000000000000001 RBX: 00007fc2b0436f68 RCX: 00007fc2b0323b19 [ 130.008273] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc2b0436f6c [ 130.008280] RBP: 00007fc2b0436f60 R08: 000000000000000e R09: 0000000000000000 [ 130.008287] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc2b0436f6c [ 130.008295] R13: 00007ffe7027f05f R14: 00007fc2ad899300 R15: 0000000000022000 [ 130.008307] [ 130.061952] WARNING: CPU: 1 PID: 3921 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 130.062550] Modules linked in: [ 130.062765] CPU: 1 PID: 3921 Comm: syz-executor.2 Not tainted 6.0.0-rc6-next-20220923 #1 [ 130.063290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.064014] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.064372] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.065554] RSP: 0018:ffff88801d8efc48 EFLAGS: 00010006 [ 130.065906] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.066371] RDX: ffff888017cc9ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 130.066906] RBP: ffff88801bcc0000 R08: 0000000000000005 R09: 0000000000000001 [ 130.067441] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800f457c00 [ 130.067964] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 130.068565] FS: 00007fc2ad899700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 130.069134] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.069513] CR2: 00007fed24a5c368 CR3: 000000001f1f6000 CR4: 0000000000350ee0 [ 130.069994] Call Trace: [ 130.070169] [ 130.070328] ctx_sched_out+0x8f1/0xc10 [ 130.070595] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.070940] ? lock_is_held_type+0xd7/0x130 [ 130.071230] ? __perf_cgroup_move+0x160/0x160 [ 130.071538] ? set_next_entity+0x304/0x550 [ 130.071829] ? update_curr+0x267/0x740 [ 130.072098] ? lock_is_held_type+0xd7/0x130 [ 130.072392] __schedule+0xedd/0x2470 [ 130.072652] ? io_schedule_timeout+0x150/0x150 [ 130.072960] ? rcu_read_lock_sched_held+0x3e/0x80 [ 130.073291] schedule+0xda/0x1b0 [ 130.073525] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.073850] syscall_exit_to_user_mode+0x19/0x40 [ 130.074178] do_syscall_64+0x48/0x90 [ 130.074437] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.074778] RIP: 0033:0x7fc2b0323b19 [ 130.075025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.076191] RSP: 002b:00007fc2ad899218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.076686] RAX: 0000000000000001 RBX: 00007fc2b0436f68 RCX: 00007fc2b0323b19 [ 130.077152] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc2b0436f6c [ 130.077617] RBP: 00007fc2b0436f60 R08: 000000000000000e R09: 0000000000000000 [ 130.078090] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc2b0436f6c [ 130.078555] R13: 00007ffe7027f05f R14: 00007fc2ad899300 R15: 0000000000022000 [ 130.079028] [ 130.079189] irq event stamp: 794 [ 130.079412] hardirqs last enabled at (793): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 130.080014] hardirqs last disabled at (794): [] __schedule+0x1225/0x2470 [ 130.080555] softirqs last enabled at (520): [] __irq_exit_rcu+0x11b/0x180 [ 130.081109] softirqs last disabled at (287): [] __irq_exit_rcu+0x11b/0x180 [ 130.081667] ---[ end trace 0000000000000000 ]--- 16:46:57 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000340)={0x2, 0x4, 0x1, 0x8000, 0x5, [{0x7fff, 0xffff, 0x7f, '\x00', 0x800}, {0x1, 0xee16, 0x86, '\x00', 0x48a}, {0x8, 0x9, 0x9, '\x00', 0x3000}, {0x0, 0x10000, 0x7, '\x00', 0x3080}, {0x9, 0x8, 0x10000, '\x00', 0x3105}]}) sendmsg$nl_xfrm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="bd2b4961fdb44112d693500000d32e52633cd9c8790acb314a611e5c4b483a4d"], 0x1c}}, 0x0) perf_event_open(&(0x7f0000000540)={0x3, 0x80, 0xdb, 0x6, 0x0, 0xd, 0x0, 0xfa, 0x400, 0x5, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0xbec0, 0x4}, 0x0, 0x5, 0x0, 0x0, 0x9e1, 0x7, 0x6, 0x0, 0x7aa, 0x0, 0x400}, 0x0, 0x10, 0xffffffffffffffff, 0x8) bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfc, 0x20}, 0xc) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000004c0)={'macvlan1\x00'}) io_submit(0x0, 0x2, &(0x7f0000000480)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x8, 0xffffffffffffffff, &(0x7f0000000000)="aee60b9d3a16bf3a0d8f84f70adfb0d08dabbd09704165008be1315c6ce97074b640dda589f635ce9b68e9fb11261eb08eebe7583173caf4f348a65a57f974619ac98150491b3f637856cc6ba82696ed7f5e64b960518203f82de637e0a3d943372f48f716ae5f47a0d23a", 0x6b, 0x0, 0x0, 0x2}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2, 0x3, r0, &(0x7f0000000240)="35883ddb17a16d0a79de2b26aa8d9dea022651", 0x13, 0x7f}]) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000080)={@loopback}, &(0x7f00000001c0)=0x14) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0x2284, &(0x7f0000000000)) r4 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r4, 0x2284, &(0x7f0000000000)) fcntl$getown(r4, 0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) fallocate(r5, 0x3f, 0x2, 0x2) 16:46:57 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d5f4655fd5f4655f0100ffff53ef010001000000d4f4655f000000000000000001000000000000000b0000000004000008000000d2", 0x61, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000014a00)=ANY=[@ANYBLOB="80"]) r1 = openat(r0, &(0x7f0000000280)='./file0/file0\x00', 0x406102, 0x44) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) ioctl$CDROMREADAUDIO(r2, 0x530e, &(0x7f0000000180)={@msf, 0x1, 0x19, &(0x7f0000000140)=""/25}) ioctl$DVD_AUTH(r2, 0x5390, &(0x7f00000001c0)=@lsa={0x0, 0x2}) name_to_handle_at(r2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc, 0x3, {0x4, 0xfffffff8, 0x7}}, &(0x7f00000000c0), 0x1400) unlinkat(r0, &(0x7f0000000240)='./file0/file0\x00', 0x200) [ 130.133810] loop5: detected capacity change from 0 to 16 [ 130.136968] ext4: Unknown parameter '€' [ 130.178110] cdrom: dropping to single frame dma [ 130.210494] loop5: detected capacity change from 0 to 16 [ 130.211051] ext4: Unknown parameter '€' 16:46:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1d, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002000028020000028401001b0000000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e35393638303238373300"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000003bf48e55190e4cca80d5ddff88e7b6a1010000000c00000000000000d7f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000000000002600000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0000000000000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="030000000400000005000000d4000f000300040000000000000000000f00c7e0", 0x20, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d7f4655fd7f4655fd7f4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f00000000000004000200000000000000050000001500"/64, 0x40, 0x1600}, {&(0x7f0000010f00)="20000000d0fadacdd0fadacd00000000d7f4655f00"/32, 0x20, 0x1680}, {&(0x7f0000011000)="c0410000002c0000d7f4655fd7f4655fd7f4655f0000000000000200160000000000000000000000160000001700000018000000190000001a0000001b0000001c0000001d0000001e0000001f00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d7f4655f000000000000000000000000000002ea00"/192, 0xc0, 0x2800}, {&(0x7f0000011100)="ed4100003c000000d7f4655fd7f4655fd7f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c6531000000000000000000000000000000000000000000000000000000b7a4e9e000000000000000000000000000000000000000000000000020000000d0fadacdd0fadacdd0fadacdd7f4655fd0fadacd0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x2a00}, {&(0x7f0000011200)="ed8100001a040000d7f4655fd7f4655fd7f4655f00000000000001000400000000000000010000002100000022000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009f52167000000000000000000000000000000000000000000000000020000000d0fadacdd0fadacdd0fadacdd7f4655fd0fadacd0000000000000000", 0xa0, 0x2c00}, {&(0x7f0000011300)="ffa1000026000000d7f4655fd7f4655fd7f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3539363830323837332f66696c65302f66696c6530000000000000000000000000000000000000000000008d6390c800000000000000000000000000000000000000000000000020000000d0fadacdd0fadacdd0fadacdd7f4655fd0fadacd0000000000000000", 0xa0, 0x2e00}, {&(0x7f0000011400)="ed8100000a000000d7f4655fd7f4655fd7f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004d37571e00000000000000000000000000000000000000000000000020000000d0fadacdd0fadacdd0fadacdd7f4655fd0fadacd0000000000000000000002ea040700000000000000000000000000006461746106015401000000000600000000000000786174747231000006014c0100000000060000000000000078617474723200"/256, 0x100, 0x3000}, {&(0x7f0000011500)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000d7f4655fd7f4655fd7f4655f0000000000000200120000000000000001000000230000002400000025000000260000002700000028000000290000002a0000002b000000000000000000000000000000000000000000000000000000b964ab4600000000000000000000000000000000000000000000000020000000d0fadacdd0fadacdd0fadacdd7f4655fd0fadacd0000000000000000", 0xc0, 0x31e0}, {&(0x7f0000011600)="ed81000064000000d7f4655fd7f4655fd7f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cc2ee83da00000000000000000000000000000000000000000000000020000000d0fadacdd0fadacdd0fadacdd7f4655fd0fadacd0000000000000000000002ea04073401000000002800000000000000646174610000000000000000", 0xc0, 0x3400}, {&(0x7f0000011700)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x35c0}, {&(0x7f0000011800)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x5400}, {&(0x7f0000011900)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8030000", 0x20, 0x5800}, {&(0x7f0000011a00)="00000000000400"/32, 0x20, 0x5c00}, {&(0x7f0000011b00)="00000000000400"/32, 0x20, 0x6000}, {&(0x7f0000011c00)="00000000000400"/32, 0x20, 0x6400}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x6800}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x6c00}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x7000}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x7400}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0x7800}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0x7c00}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0x8000}, {&(0x7f0000012400)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x8400}], 0x0, &(0x7f0000012900)) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000340)=0xeed, 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket$nl_audit(0x10, 0x3, 0x9) connect(r0, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x0, 0x4, {0xa, 0x4e20, 0x3, @empty, 0x5}}}, 0x80) [ 130.298986] loop5: detected capacity change from 0 to 512 [ 130.320414] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 130.329583] audit: type=1400 audit(1664038017.628:9): avc: denied { write } for pid=3919 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 130.375411] EXT4-fs (loop5): unmounting filesystem. VM DIAGNOSIS: 16:46:57 Registers: info registers vcpu 0 RAX=ffff8880103a78e0 RBX=0000000000000001 RCX=0000000000000000 RDX=1ffff11002074e97 RSI=ffffffff816e8203 RDI=0000000000000001 RBP=ffff8880103a74c8 RSP=ffff8880103a73f0 R8 =ffffffff85edcc1c R9 =ffffffff85edcc20 R10=ffffed1002074e9b R11=ffff8880103a74b0 R12=ffff8880103a7538 R13=0000000000000000 R14=ffff8880103a7470 R15=0000000000092800 RIP=ffffffff8111a2e7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1d4d1878c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055de2e29d808 CR3=000000000dcf4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM01=0000000000000000 0000000000000000 6c6175747269762f 736563697665642f YMM02=0000000000000000 0000000000000000 ffffff0f0e0d0c0b 0a09080706050403 YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973 YMM04=0000000000000000 0000000000000000 000055de2e26e0f0 000055de2e26e0d0 YMM05=0000000000000000 0000000000000000 0000ffff02010101 0000000800000003 YMM06=0000000000000000 0000000000000000 0000000700000009 000055de2e2ad900 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 7269762f73656369 7665642f7379732f YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000020000000 0000000020000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88801d8ef698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000038 R11=0000000000000001 R12=0000000000000038 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc2ad899700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fed24a5c368 CR3=000000001f1f6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fc2b040a7c0 00007fc2b040a7c8 YMM02=0000000000000000 0000000000000000 00007fc2b040a7e0 00007fc2b040a7c0 YMM03=0000000000000000 0000000000000000 00007fc2b040a7c8 00007fc2b040a7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000