Warning: Permanently added '[localhost]:13084' (ECDSA) to the list of known hosts. 2022/09/25 11:04:06 fuzzer started 2022/09/25 11:04:06 dialing manager at localhost:38881 syzkaller login: [ 44.037561] cgroup: Unknown subsys name 'net' [ 44.138031] cgroup: Unknown subsys name 'rlimit' 2022/09/25 11:04:20 syscalls: 2215 2022/09/25 11:04:20 code coverage: enabled 2022/09/25 11:04:20 comparison tracing: enabled 2022/09/25 11:04:20 extra coverage: enabled 2022/09/25 11:04:20 setuid sandbox: enabled 2022/09/25 11:04:20 namespace sandbox: enabled 2022/09/25 11:04:20 Android sandbox: enabled 2022/09/25 11:04:20 fault injection: enabled 2022/09/25 11:04:20 leak checking: enabled 2022/09/25 11:04:20 net packet injection: enabled 2022/09/25 11:04:20 net device setup: enabled 2022/09/25 11:04:20 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/25 11:04:20 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/25 11:04:20 USB emulation: enabled 2022/09/25 11:04:20 hci packet injection: enabled 2022/09/25 11:04:20 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/25 11:04:20 802.15.4 emulation: enabled 2022/09/25 11:04:20 fetching corpus: 50, signal 26669/28466 (executing program) 2022/09/25 11:04:20 fetching corpus: 100, signal 37213/40601 (executing program) 2022/09/25 11:04:20 fetching corpus: 150, signal 43525/48494 (executing program) 2022/09/25 11:04:21 fetching corpus: 200, signal 50839/57213 (executing program) 2022/09/25 11:04:21 fetching corpus: 250, signal 54516/62350 (executing program) 2022/09/25 11:04:21 fetching corpus: 300, signal 61387/70466 (executing program) 2022/09/25 11:04:21 fetching corpus: 350, signal 65896/76229 (executing program) 2022/09/25 11:04:21 fetching corpus: 400, signal 70117/81671 (executing program) 2022/09/25 11:04:21 fetching corpus: 450, signal 72605/85427 (executing program) 2022/09/25 11:04:21 fetching corpus: 500, signal 75978/89949 (executing program) 2022/09/25 11:04:21 fetching corpus: 550, signal 79378/94449 (executing program) 2022/09/25 11:04:22 fetching corpus: 600, signal 81065/97369 (executing program) 2022/09/25 11:04:22 fetching corpus: 650, signal 85305/102489 (executing program) 2022/09/25 11:04:22 fetching corpus: 700, signal 88643/106749 (executing program) 2022/09/25 11:04:22 fetching corpus: 750, signal 91634/110704 (executing program) 2022/09/25 11:04:22 fetching corpus: 800, signal 95369/115201 (executing program) 2022/09/25 11:04:22 fetching corpus: 850, signal 99674/120160 (executing program) 2022/09/25 11:04:22 fetching corpus: 900, signal 101772/123169 (executing program) 2022/09/25 11:04:23 fetching corpus: 950, signal 103558/125897 (executing program) 2022/09/25 11:04:23 fetching corpus: 1000, signal 105722/128883 (executing program) 2022/09/25 11:04:23 fetching corpus: 1050, signal 107318/131431 (executing program) 2022/09/25 11:04:23 fetching corpus: 1100, signal 108568/133631 (executing program) 2022/09/25 11:04:23 fetching corpus: 1150, signal 111408/137100 (executing program) 2022/09/25 11:04:23 fetching corpus: 1200, signal 112969/139563 (executing program) 2022/09/25 11:04:23 fetching corpus: 1250, signal 115907/143043 (executing program) 2022/09/25 11:04:23 fetching corpus: 1300, signal 116905/144943 (executing program) 2022/09/25 11:04:24 fetching corpus: 1350, signal 118774/147520 (executing program) 2022/09/25 11:04:24 fetching corpus: 1400, signal 121860/150972 (executing program) 2022/09/25 11:04:24 fetching corpus: 1450, signal 122810/152741 (executing program) 2022/09/25 11:04:24 fetching corpus: 1500, signal 123801/154582 (executing program) 2022/09/25 11:04:24 fetching corpus: 1550, signal 125191/156681 (executing program) 2022/09/25 11:04:24 fetching corpus: 1600, signal 126949/159046 (executing program) 2022/09/25 11:04:24 fetching corpus: 1650, signal 128607/161263 (executing program) 2022/09/25 11:04:24 fetching corpus: 1700, signal 129966/163243 (executing program) 2022/09/25 11:04:24 fetching corpus: 1750, signal 131314/165182 (executing program) 2022/09/25 11:04:24 fetching corpus: 1800, signal 132787/167196 (executing program) 2022/09/25 11:04:25 fetching corpus: 1850, signal 135018/169716 (executing program) 2022/09/25 11:04:25 fetching corpus: 1900, signal 135977/171356 (executing program) 2022/09/25 11:04:25 fetching corpus: 1950, signal 138156/173829 (executing program) 2022/09/25 11:04:25 fetching corpus: 2000, signal 139855/175967 (executing program) 2022/09/25 11:04:25 fetching corpus: 2050, signal 140975/177662 (executing program) 2022/09/25 11:04:25 fetching corpus: 2100, signal 142164/179386 (executing program) 2022/09/25 11:04:25 fetching corpus: 2150, signal 143481/181134 (executing program) 2022/09/25 11:04:25 fetching corpus: 2200, signal 144719/182847 (executing program) 2022/09/25 11:04:25 fetching corpus: 2250, signal 146087/184592 (executing program) 2022/09/25 11:04:26 fetching corpus: 2300, signal 148602/187100 (executing program) 2022/09/25 11:04:26 fetching corpus: 2350, signal 149475/188496 (executing program) 2022/09/25 11:04:26 fetching corpus: 2400, signal 150213/189808 (executing program) 2022/09/25 11:04:26 fetching corpus: 2450, signal 151422/191411 (executing program) 2022/09/25 11:04:26 fetching corpus: 2500, signal 152563/192895 (executing program) 2022/09/25 11:04:26 fetching corpus: 2550, signal 153466/194208 (executing program) 2022/09/25 11:04:26 fetching corpus: 2600, signal 154667/195669 (executing program) 2022/09/25 11:04:26 fetching corpus: 2650, signal 155330/196880 (executing program) 2022/09/25 11:04:27 fetching corpus: 2700, signal 156486/198314 (executing program) 2022/09/25 11:04:27 fetching corpus: 2750, signal 157286/199516 (executing program) 2022/09/25 11:04:27 fetching corpus: 2800, signal 158250/200828 (executing program) 2022/09/25 11:04:27 fetching corpus: 2850, signal 159100/202039 (executing program) 2022/09/25 11:04:27 fetching corpus: 2900, signal 159693/203152 (executing program) 2022/09/25 11:04:27 fetching corpus: 2950, signal 161185/204731 (executing program) 2022/09/25 11:04:27 fetching corpus: 3000, signal 162417/206107 (executing program) 2022/09/25 11:04:27 fetching corpus: 3050, signal 163527/207514 (executing program) 2022/09/25 11:04:27 fetching corpus: 3100, signal 164930/208952 (executing program) 2022/09/25 11:04:28 fetching corpus: 3150, signal 165629/210062 (executing program) 2022/09/25 11:04:28 fetching corpus: 3200, signal 166280/211117 (executing program) 2022/09/25 11:04:28 fetching corpus: 3250, signal 166965/212164 (executing program) 2022/09/25 11:04:28 fetching corpus: 3300, signal 167730/213213 (executing program) 2022/09/25 11:04:28 fetching corpus: 3350, signal 168380/214194 (executing program) 2022/09/25 11:04:28 fetching corpus: 3400, signal 169518/215435 (executing program) 2022/09/25 11:04:28 fetching corpus: 3450, signal 170587/216565 (executing program) 2022/09/25 11:04:28 fetching corpus: 3500, signal 171329/217566 (executing program) 2022/09/25 11:04:28 fetching corpus: 3550, signal 172843/218911 (executing program) 2022/09/25 11:04:29 fetching corpus: 3600, signal 173322/219774 (executing program) 2022/09/25 11:04:29 fetching corpus: 3650, signal 174674/220977 (executing program) 2022/09/25 11:04:29 fetching corpus: 3700, signal 175416/221950 (executing program) 2022/09/25 11:04:29 fetching corpus: 3750, signal 176235/222851 (executing program) 2022/09/25 11:04:29 fetching corpus: 3800, signal 176702/223662 (executing program) 2022/09/25 11:04:29 fetching corpus: 3850, signal 177325/224508 (executing program) 2022/09/25 11:04:29 fetching corpus: 3900, signal 178357/225523 (executing program) 2022/09/25 11:04:29 fetching corpus: 3950, signal 178972/226330 (executing program) 2022/09/25 11:04:30 fetching corpus: 4000, signal 179510/227154 (executing program) 2022/09/25 11:04:30 fetching corpus: 4050, signal 180295/228050 (executing program) 2022/09/25 11:04:30 fetching corpus: 4100, signal 180789/228837 (executing program) 2022/09/25 11:04:30 fetching corpus: 4150, signal 181335/229633 (executing program) 2022/09/25 11:04:30 fetching corpus: 4200, signal 182473/230593 (executing program) 2022/09/25 11:04:30 fetching corpus: 4250, signal 183521/231601 (executing program) 2022/09/25 11:04:30 fetching corpus: 4300, signal 183849/232269 (executing program) 2022/09/25 11:04:30 fetching corpus: 4350, signal 184377/232999 (executing program) 2022/09/25 11:04:30 fetching corpus: 4400, signal 185844/233971 (executing program) 2022/09/25 11:04:30 fetching corpus: 4450, signal 186624/234747 (executing program) 2022/09/25 11:04:31 fetching corpus: 4500, signal 187193/235459 (executing program) 2022/09/25 11:04:31 fetching corpus: 4550, signal 187630/236143 (executing program) 2022/09/25 11:04:31 fetching corpus: 4600, signal 188872/236992 (executing program) 2022/09/25 11:04:31 fetching corpus: 4650, signal 189374/237656 (executing program) 2022/09/25 11:04:31 fetching corpus: 4700, signal 190157/238413 (executing program) 2022/09/25 11:04:31 fetching corpus: 4750, signal 190828/239099 (executing program) 2022/09/25 11:04:31 fetching corpus: 4800, signal 191302/239744 (executing program) 2022/09/25 11:04:31 fetching corpus: 4850, signal 191755/240384 (executing program) 2022/09/25 11:04:31 fetching corpus: 4900, signal 192153/240942 (executing program) 2022/09/25 11:04:32 fetching corpus: 4950, signal 193143/241661 (executing program) 2022/09/25 11:04:32 fetching corpus: 5000, signal 194418/242398 (executing program) 2022/09/25 11:04:32 fetching corpus: 5050, signal 194905/242974 (executing program) 2022/09/25 11:04:32 fetching corpus: 5100, signal 195894/243630 (executing program) 2022/09/25 11:04:32 fetching corpus: 5150, signal 196343/244243 (executing program) 2022/09/25 11:04:32 fetching corpus: 5200, signal 196821/244806 (executing program) 2022/09/25 11:04:32 fetching corpus: 5250, signal 197432/245356 (executing program) 2022/09/25 11:04:32 fetching corpus: 5300, signal 197840/245867 (executing program) 2022/09/25 11:04:33 fetching corpus: 5350, signal 198941/246545 (executing program) 2022/09/25 11:04:33 fetching corpus: 5400, signal 199582/247098 (executing program) 2022/09/25 11:04:33 fetching corpus: 5450, signal 200059/247614 (executing program) 2022/09/25 11:04:33 fetching corpus: 5500, signal 200919/248150 (executing program) 2022/09/25 11:04:33 fetching corpus: 5550, signal 201657/248685 (executing program) 2022/09/25 11:04:33 fetching corpus: 5600, signal 202097/249175 (executing program) 2022/09/25 11:04:33 fetching corpus: 5650, signal 202569/249616 (executing program) 2022/09/25 11:04:33 fetching corpus: 5700, signal 203180/250068 (executing program) 2022/09/25 11:04:33 fetching corpus: 5750, signal 203529/250526 (executing program) 2022/09/25 11:04:34 fetching corpus: 5800, signal 203973/250972 (executing program) 2022/09/25 11:04:34 fetching corpus: 5850, signal 204575/251390 (executing program) 2022/09/25 11:04:34 fetching corpus: 5900, signal 205191/251816 (executing program) 2022/09/25 11:04:34 fetching corpus: 5950, signal 205787/252263 (executing program) 2022/09/25 11:04:34 fetching corpus: 6000, signal 206138/252693 (executing program) 2022/09/25 11:04:34 fetching corpus: 6050, signal 206997/253110 (executing program) 2022/09/25 11:04:34 fetching corpus: 6100, signal 207479/253506 (executing program) 2022/09/25 11:04:34 fetching corpus: 6150, signal 207779/253927 (executing program) 2022/09/25 11:04:34 fetching corpus: 6200, signal 208322/254300 (executing program) 2022/09/25 11:04:35 fetching corpus: 6250, signal 208964/254668 (executing program) 2022/09/25 11:04:35 fetching corpus: 6300, signal 209235/254943 (executing program) 2022/09/25 11:04:35 fetching corpus: 6350, signal 209703/254943 (executing program) 2022/09/25 11:04:35 fetching corpus: 6400, signal 210368/254946 (executing program) 2022/09/25 11:04:35 fetching corpus: 6450, signal 210863/254947 (executing program) 2022/09/25 11:04:35 fetching corpus: 6500, signal 211417/254955 (executing program) 2022/09/25 11:04:35 fetching corpus: 6550, signal 211873/254955 (executing program) 2022/09/25 11:04:35 fetching corpus: 6600, signal 212627/254995 (executing program) 2022/09/25 11:04:35 fetching corpus: 6650, signal 213191/254995 (executing program) 2022/09/25 11:04:36 fetching corpus: 6700, signal 213668/254998 (executing program) 2022/09/25 11:04:36 fetching corpus: 6750, signal 213992/255001 (executing program) 2022/09/25 11:04:36 fetching corpus: 6800, signal 214466/255001 (executing program) 2022/09/25 11:04:36 fetching corpus: 6850, signal 214711/255001 (executing program) 2022/09/25 11:04:36 fetching corpus: 6900, signal 215605/255029 (executing program) 2022/09/25 11:04:36 fetching corpus: 6947, signal 215984/255029 (executing program) 2022/09/25 11:04:36 fetching corpus: 6947, signal 215984/255029 (executing program) 2022/09/25 11:04:38 starting 8 fuzzer processes 11:04:38 executing program 0: ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000000)={0x80000000, 0x80000000, 0x7fffffff, 0x1, 0x80000001, 0x3ff}) r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/exec\x00', 0x2, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000080)=0xc3, 0x7f) r1 = dup(r0) fcntl$setlease(r1, 0x400, 0x2) write$selinux_attr(r0, &(0x7f00000000c0)='system_u:object_r:klogd_exec_t:s0\x00', 0x22) ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000100)) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000180)={0x354, 0x0, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_BEARER={0x130, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc46}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7ff}}, {0x14, 0x2, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00', 0x7fffffff}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x4, @remote, 0x2}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}]}, @TIPC_NLA_SOCK={0x50, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8579}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7ff}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}]}, @TIPC_NLA_NET={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x400}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x10000}]}, @TIPC_NLA_MEDIA={0x74, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa422}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}]}, @TIPC_NLA_NET={0x50, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x40}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK={0x64, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1a11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x354}, 0x1, 0x0, 0x0, 0x44801}, 0x80) r2 = pidfd_getfd(r1, r0, 0x0) write$selinux_attr(r2, &(0x7f0000000580)='system_u:object_r:wtmp_t:s0\x00', 0x1c) write$selinux_attr(r0, &(0x7f00000005c0)='system_u:object_r:klogd_var_run_t:s0\x00', 0x25) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x2c, 0x3, 0x8, 0x5, 0x0, 0x0, {0x5, 0x0, 0x4}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40800}, 0x200448c0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000700)=0x1) openat(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x100, 0x0) r3 = socket$netlink(0x10, 0x3, 0x15) sendmsg$NFT_MSG_GETGEN(r3, &(0x7f0000000840)={&(0x7f0000000780), 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x14, 0x10, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x5}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000010) ioctl$PTP_PEROUT_REQUEST(r1, 0x40383d03, &(0x7f0000000880)={{0x0, 0x50000000}, {0x8, 0x5}, 0x7d6, 0x1}) pipe(&(0x7f00000008c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000940), r1) sendmsg$NL80211_CMD_TDLS_OPER(r4, &(0x7f0000000a40)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x80010800}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x60, r5, 0x100, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_TDLS_OPERATION={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000090}, 0x88c1) 11:04:38 executing program 1: r0 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80a00) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=0xc) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x8000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@aname}, {@access_user}, {@privport}, {@nodevmap}, {@version_L}, {@version_u}, {@nodevmap}], [{@uid_lt={'uid<', r1}}, {@smackfshat={'smackfshat', 0x3d, '-\'@'}}, {@dont_appraise}]}}) r2 = open_tree(r0, &(0x7f0000000240)='./file0\x00', 0x80100) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000280)) r3 = openat$cgroup_ro(r0, &(0x7f0000000480)='blkio.bfq.sectors\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f00000004c0)={0x5000001e}) setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000500)=0xffffffffffffffff, 0x4) openat(r0, &(0x7f0000000540)='./file0\x00', 0x40000, 0x90) sendfile(r2, r3, 0x0, 0xffff) recvmmsg$unix(r0, &(0x7f0000005d40)=[{{&(0x7f0000000580)=@abs, 0x6e, &(0x7f0000003700)=[{&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/66, 0x42}, {&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000003680)=""/126, 0x7e}], 0x5, &(0x7f0000003780)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}}, {{&(0x7f0000003800), 0x6e, &(0x7f0000004b40)=[{&(0x7f0000003880)=""/243, 0xf3}, {&(0x7f0000003980)=""/165, 0xa5}, {&(0x7f0000003a40)=""/200, 0xc8}, {&(0x7f0000003b40)=""/4096, 0x1000}], 0x4, &(0x7f0000004b80)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{0x0, 0x0, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/129, 0x81}, {&(0x7f0000004c80)=""/54, 0x36}, {&(0x7f0000004cc0)=""/151, 0x97}, {&(0x7f0000004d80)=""/229, 0xe5}, {&(0x7f0000004e80)=""/37, 0x25}], 0x5, &(0x7f0000004f40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x68}}, {{0x0, 0x0, &(0x7f0000005480)=[{&(0x7f0000004fc0)=""/230, 0xe6}, {&(0x7f00000050c0)=""/206, 0xce}, {&(0x7f00000051c0)=""/225, 0xe1}, {&(0x7f00000052c0)=""/196, 0xc4}, {&(0x7f00000053c0)=""/158, 0x9e}], 0x5, &(0x7f0000005500)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd0}}, {{&(0x7f0000005600), 0x6e, &(0x7f0000005980)=[{&(0x7f0000005680)=""/173, 0xad}, {&(0x7f0000005740)=""/99, 0x63}, {&(0x7f00000057c0)=""/5, 0x5}, {&(0x7f0000005800)=""/156, 0x9c}, {&(0x7f00000058c0)=""/94, 0x5e}, {&(0x7f0000005940)=""/23, 0x17}], 0x6, &(0x7f0000005a00)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f0000005b00)=@abs, 0x6e, &(0x7f0000005cc0)=[{&(0x7f0000005b80)=""/63, 0x3f}, {&(0x7f0000005bc0)=""/219, 0xdb}], 0x2, &(0x7f0000005d00)=[@cred={{0x1c}}], 0x20}}], 0x6, 0x2000, &(0x7f0000005ec0)) openat(r5, &(0x7f0000005f00)='./file0\x00', 0x220400, 0x22) preadv2(r4, &(0x7f00000060c0)=[{&(0x7f0000005f40)=""/200, 0xc8}, {&(0x7f0000006040)=""/80, 0x50}], 0x2, 0x5, 0x7, 0x0) r8 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r8, 0xc038943b, &(0x7f0000006140)={0x7, 0x8, '\x00', 0x1, &(0x7f0000006100)=[0x0]}) setsockopt$inet6_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000006180)=0xffffffffffffffff, 0x4) clock_gettime(0x0, &(0x7f0000008d40)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000008c40)=[{{&(0x7f00000061c0), 0x6e, &(0x7f0000007440)=[{&(0x7f0000006240)}, {&(0x7f0000006280)=""/183, 0xb7}, {&(0x7f0000006340)=""/124, 0x7c}, {&(0x7f00000063c0)=""/127, 0x7f}, {&(0x7f0000006440)=""/4096, 0x1000}], 0x5, &(0x7f00000074c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000007540)=@abs, 0x6e, &(0x7f00000086c0)=[{&(0x7f00000075c0)=""/4096, 0x1000}, {&(0x7f00000085c0)=""/106, 0x6a}, {&(0x7f0000008640)=""/81, 0x51}], 0x3, &(0x7f0000008700)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000008740), 0x6e, &(0x7f0000008940)=[{&(0x7f00000087c0)=""/21, 0x15}, {&(0x7f0000008800)=""/227, 0xe3}, {&(0x7f0000008900)=""/34, 0x22}], 0x3, &(0x7f0000008980)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb8}}, {{0x0, 0x0, &(0x7f0000008bc0)=[{&(0x7f0000008a40)=""/244, 0xf4}, {&(0x7f0000008b40)=""/18, 0x12}, {&(0x7f0000008b80)=""/57, 0x39}], 0x3, &(0x7f0000008c00)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}], 0x4, 0x10002, &(0x7f0000008d80)={r9, r10+60000000}) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r11, 0x6, 0x16, &(0x7f0000008dc0)=[@window={0x3, 0x3, 0x1ff}], 0x1) dup(r7) 11:04:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r2) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x10, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000801}, 0x4040000) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x70, r1, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xfffe}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xffff}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SHORT_ADDR={0x6}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x70}, 0x1, 0x0, 0x0, 0x40000}, 0x890) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000300), r3) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_LEVEL={0xc, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xba}]}, @NL802154_ATTR_SEC_LEVEL={0x34, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x3}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x9}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x60}, 0x1, 0x0, 0x0, 0x8050}, 0x404801d) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), r2) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000500)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r3, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x40, r6, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_MAX_BE={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7f}]}, 0x40}}, 0x20004010) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r8, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x24, r1, 0x20, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_MIN_BE={0x5, 0x11, 0x2}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4840) syz_genetlink_get_family_id$net_dm(&(0x7f0000000700), r3) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000740)={'wpan1\x00'}) 11:04:38 executing program 3: ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, 0xffffffffffffffff}}, './file0\x00'}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x300, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x1) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x700, 0x10, 0x3, 0x7ff, {{0xa, 0x4, 0x0, 0x6, 0x28, 0x68, 0x0, 0x7f, 0x29, 0x0, @empty, @multicast1, {[@cipso={0x86, 0x12, 0x1, [{0x7, 0xc, "52bb1a3136d6f6f54eb3"}]}]}}}}}) sendmsg$BATADV_CMD_GET_DAT_CACHE(r4, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x4c, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc51}, 0x8044) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0), r4) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000001900)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000018c0)={&(0x7f0000000500)={0x139c, r6, 0x110, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x1254, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xa7, 0x3, "3855599db99ec2455fe846d82de0ea275364f05cc744e44d0212256bead2337892409875a5d4f1af268f245b4810b9807c301e5316da128d3c6ee4e286c5b4473e081fb1f3bf5081dc4280b12bdb7c9c74990b09d4a47b332955177128352cf2a83d46ba3fb5faed6f27069843c8e08e0b66b29f6853b38f08bc84a3054394d2126bc6fcbf9cb7f8ce4b4c0d3ffd51c6c3a176835eacc41973d0f975012d77d3de3797"}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "79d85c14767dacb24175fa626a0704fd18e83c5ce338ab91ac2edb"}}, @TIPC_NLA_NODE_ID={0x71, 0x3, "f5de45449c0da5695fcdaae25485211952175dbe83c6483c75a1859d6e8d070d4cfadae5338efcb456260974860a30e079163cccb7894dafb1e928f46904f2ea551ac04ce98eccf3ee83f3c1c506814fb51bcadefeccbb0a0883de0597135fd1453862bee8dee3ec597ea0177b"}, @TIPC_NLA_NODE_ID={0x1004, 0x3, "fa17d02badcde49312d7fb96d8743344f6f868e683e75bce3b86bb4f9cb4bda4d930e67f957a50e07ecdfb1158bd4bccfcb4258827c9cd90cb182d329b1ef8e7bf66b903c288e99ee9bc234a0ad006d4d50d0a22b0c9bab58012f4e206d850d7c30f16b51a847671eb1cae16644a504393454f9f4066d1bd2906bf7da4699f87d2c05cdb6ab1a9755d456a419c6aa4578e1a0ea186fbe2843478270d9b934c23bfd19231cd37f64fe691be00ff71c4a45e24d58df9dfcd2d0a77b5c452d59e8d166572b43fbae2970e9d9194611e5220c7bd7df013a642d522d9c693549ca7a4afa226a53a4ec0fada6c6ae2181e825d4fa21f60672726134f3d13eb986c1ff1960a6521ab27b0a8813fec9953a63f0050fecf7a12ca4189bf4d45008ed266d67c4b5106a022aaa02d23cc937d7c9ee4f73d214347d95f9de290f366fc2bf1c45e3d4d9a2efcbb7cb75a3d897bacd77864f0840c199d9b76db58a006d0cf854e13de2dbc156f193b91c392a60ee255ed4c5d1b1f8abe00aa9a40341f3e9a7643ecd08c09dff661be2c500d58c06c4a2e923873fc43bd65387d19ca0e46dfff766af9e00b6122b2da527fc4344d99e412e66147168f79fb0fc2b78b33022de8988396bb7867580b5a78999e2f9daee9150bc318b429391d4c9e129baa7d9e7a3658724f291fef1cf5a08199348832e2ec40bd47900408f9a34f608d8434307c40e116ea5bd609adc381dc4521379346052424061978d231242e8b6fcd126ae30cb7da4c7e2cfbf336f3c33f2f56a892b3c00a1745f424156b6533a51b4899477de3c4f82b4ccab86535f6efc5ab348dafad3d2139f4ad9cd2f78eff34ff3982d28f341b32d9fe30ad4dd7ee787a04137b467cc4b1a4703d54c24c132f5acb862e1d33ddb099da9f7e7895528cdd8a6673f71158b4d3ac862cd75a82a876b95409954b3c35842d5c4ef4a164d4df4db4d484741c91d41bd833ed4762ca0c9d70a822fd17619b05eae62c70ceef7d52717cded235fcde39163560381742983d35bcd5679e8366d3ae7a920954371422f608506714d6240273506dc78f35c8d456a2bdd3ee15c8fa57df340d608cf5f9d4da64b6a3e43ba436b73a37a197f6d6205c6a97d945d45a693fc2c020d1eb658aaaca34cb5f246ed11510ba5694ccfe4c4255e7af5293b51ef0d7d015bd39cbf6961f0224605372dd08a248e18831cb2523b9125ecd61a4551e12e32752da3f39d3d15faf2dfc1b88f0fa93d77d4be1db8fc6988264d34e116b788ee090abf9af7e6c3e77248af978810e6bfc4eb7ce4fc5b144ac86b08e293e8615e3fe544e32b8f91a5856d320a337a695a734a3649bc8b2b2313201ee576af780ed70ac618abd063d1ca1209bb0852660900c89f4965d4c6adc15f23ff843856d91d7afe26bc7f54863e240cb0b2c945c189a1714996002317276f8d7ddc6d031fbdcceace73d0404e97d8ec30a1a97c04163b9de915770202f0b3c47feaf51d8663e46e0eb2c1f834c037ef1a608525d6a9e70659be31c1a5eea4f41647197a9eedfc6afea8d009d78b45a8c586d5064544aedb60bd7ad0a5dfb6901355fe5e869191c77d14a48bf2cd79f92c983aa82b03abcbe4cf0ad1ddddb29f0517bb43ac32d25dd959b9adedd7788e9ba769f1da92929f2769242656ac3ef425ead78fe30a783457dfd03d37ea1334d6120cc8549e337d720c2ed154c325403cdf10e950e2239b7e0e1447763d5a23f4319b70aaf483b3390a8f0e3edb67bbf19281a78ed6e97f0678d6fa51fafc1796bcf9e0816079103ec0113327ee80f9c1a00cdf830f7e7cce91ed51fc24791d10bca0d33fc087a3f55093a1b66848379aa378b65b0beb52a5a7029a61c0d45537c5fe8681afe7b7b9dc193be06b2d62c6c3911a6957fc0666eec4b31f083edc392d13826deb6b41d51a760eeb240afb26c8d7ab1f14943c191708e50ee99a0a0b87096868060ef3dd43ce22105013108d18b44cb549c9f47681725797d024afa0662350bce902c7120eb824a30702ca6d99146b4dae3f42089969467c6be35cc4b01f559876173a868370f62a0df45896b7304f3d8242370aaf1219c42494edcf4c884e61259031447a779c7db3724b4aabba7979a5a42ebb2fce6670877aff441289316c7a43de7b619d21b2ccf3eeab7f2e582066b55c3bbe51b6c885208b3d3c096752dd45c83949cd00651c335e93b024afba4a96904fc5b4656bc861f33fed0971b713ab34b88a7db06bb0e4d3d9701cd7940c9e1e743930af7a0477de15900952a41ac935ac6711dbea7e95bca8963033402ad639c5b55ac496c4103b9cc034ebc14ab28d5180191bd5c2be09e500949fcc5c641db69f4bf2e2483f3d81123e8af69c4023b2b85318363cc44ae6b9d0b23eb953f16ff2088fafe8bfd85132af69bffc899fff836a1f26330bf6b2c30ea5f73a3d944f3b0f73c393f720f0d16f6b52e95e27061580fff776c39a057a8034813383799afe285573e6420df2a49d851c0c44db97df562502af7ba0ea1b927c4be4ae9bbe4baec51bc601ca00b83782e663d427686a8fa689fdc56d6a4e256a497668c3c65d91334dcf4037803f20cf944dfddf9aded3f340d3846385c1949858a092b1ad9f74dfab57d88b80d3509e381d1cccde857c589e0b0e397e226f9c62229797d789b90df0539ba66959796003c7cecb9a5957013cdf0baadf05768fe7bcad5824542a8adcba17f5cfd397263fb4042df9cfcb3c6e1fab05f1122ca7d2e2a2b702776b621075190d67fa4c3eada9fb391be5f0f3b3aae3e69128edbe7e5428a2a708687908b03d077dcc2b76ac063e0ae80d6d2fc3e6a48439a51e14a51cddc4a8787d18c01c1663f028db3d2d840aa5784322cb6c86b0afa7071feb334b4e4d650125c280e60c305109713ae2632f352f2f41c8c3002e988140f77515389aeed67a7453db1edb94a9f29c869fd9b7ad3e3dfa0ef6c01a8ad33aa8aa75486cb90f6935547abbc2c8761f0301129c7f0e134ac127ac9f4683fabf2b8104fd69588b304c44ddbe963b758789c279a7fac0d1949a2e2a33a22f569df923aaaa581e914ecec2d99ec23b97e8873da382e165d2a204864bc18de165ecbb3b22ddc288572a6f4540d5fdc0960a64d0b2ac285f1e244345d0b621b193983d8c6973d3b0ee66aa87c7c3e670b6d614af0920d18a22c0144e4bc6ba2218125bf7c30023e4aa24004f6803142596783004b0e530908d0b90b35594670d2dc0eb09e671756a9780d2c2b42c5f01e24670cfe7bcdb4dc0df104c058ceccf036faf78652ff76e603e93055cca312f79f0ac5a5e635f9104577a7bda9ea8d11f3a271dca135352ab66936de538ce0d2f70cfc4a6ca13f488558e4803e65cbce4188b4ee5b1383d59b20fdcfdae69473c323201e4d914d1b31ae6d632a31c0089aaf1d348e26bb11e62c7e7fd6a6b325e876d9d61a889f2ed65420f966e02580d3c80dfee36449ef55771bfee144d1eb4c68ae3483f9aa11dd372fd404f0f7bf305a6d6f34a43ffd8d73243996c5c9b0b1d084154383f6e1a3577d766c37ec5863d55fc6ba68905ee5d4af0f853bc8a05bf388babc73e1da475606e6f03090537c32002f7639c4307e86db1286e91cef76a0f88b3e1aa81508884867da802f03ad004ff24006f8256395828fc32945a8b2ed65b8e933aef7bcd5e66ebf15e6ac4880541673c38081971604a97f102a909ea7744a1c4b8cb95ce31ffe495e865144f6c030ff51788f5be281f3e0026bdb655437da204e6675c9b8ad2ed2c46fa8823b7474a8fc7eb4c376eb1e50e37b5f3262181acf09fa9ff0871cea807e54e6d0721e2d5de51896c22b9bcbb69267877003d937c6d4457d9b68f2e4f349837cde0478fe0b19825d15a1840abe67a84f37cd8207eee0b159463055c774b9bb3290430b2ebbc56c0bcd9085176390f16ae1d6af98f4d0c6bb7f2e396c286452266b0ea6b597e5f953803baa1345cd3af1fac93d2bf2fb2ba775b2e4e675a20356734f6690c97a298f80b105c4a6418b9c64f8f0e2ff59a92427a8793efb664ac7cd726996ba277d5037c1cb66a0026e4e2f49cc636a7dcb503aa34b5eefefe2069e4f45dc6173f405c6890f62c43a7dabb851f43cfeb42e85815fa2d9c1adf2a1d65ddb8ada9735695ffa0d79d1e4bb0eb247e05ba9a10dc42c6a349509def56e02a33eb94f0433b10827656f7660514bf3ccbd8ace9c2e9deea6acd9318261a81024f1354b49a9e19e9937cccb87bd47a0fe23c68f5934b40b8204af3b7e7042ff5401102eaaf29886c4af2b6e27dea3a8691a25b65af4435fed89ebf88910c433efd593fc3dc01c329a2d1bb0f9509f8f1a4329af41f6d68ab010ae043c8c6b4b673971cf32f9b91a99ec7bab3e52b427f764a914bf5bcde7fd2771fc929aef72c3beab4b90b78ef9d6b8fe7ac306a6bb562c26099b02c4a63ea7bc963156eb803079429d2ead49d715b5d2480bde58a697db84f70a88fd8e0ff0e9e2f43d2aac08433542f6d9911a04ee66030755a58f3b15c5be888ff23e4569cd8eb891048e075e541f2a23a4da3014b3a5336e941577ee5b05dcbe90942825afcefdb29542b3fdbcdb472c897f709a8ddc9c5ec7fd48fe1284b1be72994bc70a913a3040821573cbc30e0df82bf7a15593b7dda2a5186fd11a294ae31fa2ae2faac20eaf16c696770bcef0b66ffbb93f7e5f1080c70d269b6842ba5c84257f206434762ea407184f42329e0c770fbace16ad8cc438cd6f2852818b3fe96f6160356771e3f832251f6f81cb295d6d158a02edfd7cc5225cb27c124b36bd3242e062cdea72b4610cc30b02ef83005151ec89d12251b5be5c6b3ec8d622fcbcfc2a744b6252a70d27a4fe209a08ae93d4972b6e91a1239cea438eeb1b01399343eacc4ecf2317f9d1cfed3bd9c7b40aac09d0fd06c04d5b6ac8d1ea7b5e48268e03a2873a0de45b534fcefae28519a38aeaea4ba86be736effb7109cdaee9214a5b3ace3e3424d8d2d8aab91b1e6da7c598ef4d48e38763701c6dd0d33a635f8cab338825e046e3d2bfd64dda530a85122590fb0e017cd35165143a6cdf5d1bd5eac1df0820a5b94272e4112458f5bcf14aa8227b172dc7cea8a877e6aa8f7cbef64d86ef8b1939de9ed3451a1104989bcf87130b194c1358dc7a63c42b17e6580d1313b2306b9bb558f03c2e7ed1eb4df3dab36d7a8cf88bbb0401d87a3310ff5628163c6eb9ef302c9d3782f0bbe837a769c70089490cb73c645aed8206d505d029c65d0364e14836d3467914d8f192beadd2f48a79431fda6bef0080055bc6423a26e987f0c79e07f77f345374fdf8d60f81e0e1a4bfe04b5a57f770940a8d6dde277654732a6c31f24b9be7b2d8874d638f74ce703a9d906039ac5a64d67453508051d7eae6b88f479075ad6a771231dfa21d3b57343fd79c94de6f7c3035e022429151b479902cad40c4eb4ff7a8b1871fa60568a4ccc624a384bda4bcc68384d962fe2ca09291b7b67012a130d251ad2b2995a3890af8c71d2839b3b3c8459295c321e0e38b63aa6a193426d026d66d24947a3d92361d9aab98b2a3500cb22851e11182a447ceeea30e5089eddf1503b5da753b281782ad29776b601d496c0fdaaaf9bb6f2b26bd2f834aef1c5f08be27422325c094c4481e7d37471bd2f58b9845a8ec85072bdd5a7200d1574850145d779e454d32dcd0cda2310f70286c2271d388eecc63de6cf55fa50468a1b8dc70c899f15e6dfb1c0e4cd57bf5"}, @TIPC_NLA_NODE_ID={0x8f, 0x3, "c7420a8acc3901606410df445157419f3255af8a7ac2eebdd4f87bb4b919af0197ab840dd17f19f712071b1f2bcbad7888a47502367aeead0d9953e380c654cbde3b7c76803fc1f1656955b6d0cdbcea619dbdff618af0d3712ddc05dad30b6f787548e046a27033bfc5d85841a1973ff532499f9e164a7750fbbbe8b67545393380041a2fbe048e6e949a"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "c8c83a7b04fcedd0801af4f60c144ca589825b9a31472a"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1e280000}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1f}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_LINK={0xd0, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x88fe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffff862}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x10000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x81ff}]}]}, 0x139c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4040800) fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) r7 = openat$cgroup_ro(r0, &(0x7f0000001940)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) sendmsg$FOU_CMD_ADD(r7, &(0x7f0000001a80)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001a40)={&(0x7f00000019c0)={0x74, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @rand_addr=0xfc0}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x74}, 0x1, 0x0, 0x0, 0x11}, 0x8080) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r7, 0xc018937b, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, r0, {r1, r2}}, './file0\x00'}) sendmsg$TIPC_NL_NET_SET(r8, &(0x7f0000001c40)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001c00)={&(0x7f0000001b40)={0xa0, r6, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x8c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x6, @private1, 0xfadf}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4000}, 0x80) r9 = openat(0xffffffffffffffff, &(0x7f0000001c80)='./file0\x00', 0x0, 0x80) perf_event_open(&(0x7f0000001cc0)={0x4, 0x80, 0x9, 0x8, 0x81, 0x1f, 0x0, 0x64, 0x10410, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6, @perf_config_ext={0x20, 0x8}, 0x1008, 0x8, 0x6, 0x2, 0x3, 0xffff, 0x5, 0x0, 0x9, 0x0, 0x9}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x2) ioctl$AUTOFS_DEV_IOCTL_FAIL(r8, 0xc0189377, &(0x7f0000001d40)={{0x1, 0x1, 0x18, r0, {0x8, 0xc0}}, './file0\x00'}) r10 = openat$cgroup_ro(r9, &(0x7f0000001d80)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001e00), 0xffffffffffffffff) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r10, &(0x7f0000001f00)={&(0x7f0000001dc0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001ec0)={&(0x7f0000001e40)={0x80, r11, 0x20, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x29}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x48}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x26}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x62}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x4a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x30}]}, 0x80}}, 0x40004) syz_io_uring_setup(0x81a, &(0x7f0000001f80)={0x0, 0xe2cc, 0x8, 0x3, 0x14}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000002000), &(0x7f0000002040)) 11:04:38 executing program 4: prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) prctl$PR_GET_KEEPCAPS(0x7) [ 76.213109] audit: type=1400 audit(1664103878.909:6): avc: denied { execmem } for pid=291 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:04:38 executing program 5: sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_CCA_ED_LEVEL={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x4}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x1ff}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x4e}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20040850) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@empty}}, &(0x7f0000000280)=0xe8) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x64, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x9}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x10000}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x7}, @ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x3}, @ETHTOOL_A_RINGS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x7}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x8844}, 0x1) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x6000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x1}]}, 0x1c}}, 0x40040) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x54, 0x13, 0xb, 0x101, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x1}, [@nested={0x40, 0x52, 0x0, 0x1, [@generic="002035211de80ede4510f5a42cd2f693794f3845b3e5d95785ba3d87362c9d0632f7f84efe6a3f0cd31eecf400f8da8eab2fd47a", @typed={0x8, 0x34, 0x0, 0x0, @uid=r1}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x24000090}, 0x40004) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000700)={0xbc, r2, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_DEVICE={0x34, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x2}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x1f}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x2}]}, @NL802154_ATTR_SEC_DEVICE={0x34, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0xffff}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x7a3}, @NL802154_DEV_ATTR_KEY_MODE={0x8}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x2}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x2}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0xbc}, 0x1, 0x0, 0x0, 0x4000000}, 0x40084) r5 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000840), 0x2, 0x0) ioctl$BTRFS_IOC_GET_FEATURES(r5, 0x80189439, &(0x7f0000000880)) sendmsg$NL802154_CMD_GET_SEC_KEY(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x20, r2, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x20}}, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000a00)={'wg0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000ac0)={'ip6_vti0\x00', &(0x7f0000000a40)={'syztnl1\x00', r0, 0x0, 0x9, 0x1f, 0x7fffffff, 0x48, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, 0x8000, 0x10, 0x80000001, 0xb0}}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x80800000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b00)={0xb0, 0x0, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4}, 0x4000) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'batadv_slave_0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000cc0)={'vcan0\x00', 0x0}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000d00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000d40)=0x14) getsockname$packet(0xffffffffffffffff, &(0x7f0000000d80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000dc0)=0x14) sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000000c40), 0xc, &(0x7f0000001300)={&(0x7f0000001100)={0x1cc, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x1}, 0x800) 11:04:38 executing program 6: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='veth1_virt_wifi\x00', 0x10) r0 = openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x100142, 0x90}, 0x18) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x60020200}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x94, 0x0, 0x400, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0xffffff41, 0x53}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x44}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x6c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x42}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x48}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x4}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x48}]}, 0x94}, 0x1, 0x0, 0x0, 0x240e4000}, 0x4014) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r2, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x4, 0x28}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4008001) r3 = signalfd(r0, &(0x7f00000003c0)={[0x1f]}, 0x8) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r3, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x44, r4, 0x200, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x20044001) r6 = open$dir(&(0x7f00000005c0)='./file0\x00', 0x80, 0x20) ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, &(0x7f0000000600)={r6}) io_cancel(0x0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x1f, r3, &(0x7f0000000640)="6b7bc0b12c08d3d5c06860e7f3d11638", 0x10, 0x1, 0x0, 0x0, r0}, &(0x7f00000006c0)) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000700)={{0x1, 0x1, 0x18, r3, {0xee00, 0xee00}}, './file0\x00'}) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r7, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x38, 0x1, 0x8, 0x101, 0x0, 0x0, {0x7}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xdada}]}, 0x38}}, 0x4000000) ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000000840)={r6, 0x99a, 0x3, 0x5d0e}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000880)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) r10 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000008c0), 0x561341, 0x0) ppoll(&(0x7f0000000900)=[{r8}, {r9, 0x1010}, {r10}], 0x3, &(0x7f0000000940)={0x77359400}, &(0x7f0000000980)={[0x6]}, 0x8) open_tree(r8, &(0x7f00000009c0)='./file0\x00', 0x4000) 11:04:38 executing program 7: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'}) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8101420}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, 0x0, 0x100, 0x1000, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0x2, @media='ib\x00'}}}, ["", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40011}, 0x4c040) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r0) sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x15c, r1, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0xe0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffff9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8f6}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5b9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_LINK={0x68, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x118a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x383}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x56c4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}]}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x15c}, 0x1, 0x0, 0x0, 0x400c080}, 0x8080) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440), r0) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x24, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x100}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x4a418248}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x40, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0xaf}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40020}, 0x400c010) getpeername(r0, &(0x7f0000000640)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, &(0x7f00000006c0)=0x80) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000740), r0) sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x50, r4, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @broadcast}, @GTPA_TID={0xc, 0x3, 0x1}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @loopback}, @GTPA_PEER_ADDRESS={0x8, 0x4, @remote}, @GTPA_MS_ADDRESS={0x8, 0x5, @loopback}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000940)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x2c, 0x0, 0x8, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6}, @NL80211_ATTR_CRIT_PROT_ID={0x6}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x79c}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000811) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x34, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x3}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x7ff}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x3e5}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40040) syz_genetlink_get_family_id$devlink(&(0x7f0000000a80), r0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000ac0), r0) r5 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f0000000b00)={@dev, @local}, &(0x7f0000000b40)=0xc) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000c40)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x800004}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x3c, 0x0, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x40}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x20}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x9}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x30150530}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x8000}]}, 0x3c}, 0x1, 0x0, 0x0, 0x404c000}, 0x40a0) r6 = syz_io_uring_setup(0x17d0, &(0x7f0000000c80)={0x0, 0xe224, 0x2, 0x1, 0x1b0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000d00), &(0x7f0000000d40)) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r6) sendmsg$NL80211_CMD_JOIN_OCB(r3, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x34, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9b4}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x358}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000080}, 0x20000011) [ 77.530772] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.532177] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.533236] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.534288] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.535201] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.535969] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.536667] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.537432] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.538161] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.541138] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.542044] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.542739] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.544130] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.544865] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.545590] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.546405] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.549590] Bluetooth: hci1: HCI_REQ-0x0c1a [ 77.551766] Bluetooth: hci3: HCI_REQ-0x0c1a [ 77.552472] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.557743] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.569781] Bluetooth: hci2: HCI_REQ-0x0c1a [ 77.594393] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.596884] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.601718] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.621924] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.651384] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.652088] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 77.660985] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.669240] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 77.673480] Bluetooth: hci0: HCI_REQ-0x0c1a [ 77.675480] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 77.683206] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 77.705663] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 77.708122] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 77.710993] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 77.711992] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 77.715332] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 77.718604] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 77.725047] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 77.726302] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 77.739139] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 77.746447] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 77.747694] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 77.754136] Bluetooth: hci6: HCI_REQ-0x0c1a [ 77.768969] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 77.769764] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 77.776969] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 77.779240] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.788605] Bluetooth: hci5: HCI_REQ-0x0c1a [ 79.610409] Bluetooth: hci2: command 0x0409 tx timeout [ 79.611049] Bluetooth: hci1: command 0x0409 tx timeout [ 79.611521] Bluetooth: hci3: command 0x0409 tx timeout [ 79.673999] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 79.737947] Bluetooth: hci0: command 0x0409 tx timeout [ 79.801970] Bluetooth: hci5: command 0x0409 tx timeout [ 79.802619] Bluetooth: hci7: command 0x0409 tx timeout [ 79.803225] Bluetooth: hci6: command 0x0409 tx timeout [ 81.657858] Bluetooth: hci3: command 0x041b tx timeout [ 81.658336] Bluetooth: hci1: command 0x041b tx timeout [ 81.658737] Bluetooth: hci2: command 0x041b tx timeout [ 81.785863] Bluetooth: hci0: command 0x041b tx timeout [ 81.849904] Bluetooth: hci6: command 0x041b tx timeout [ 81.850399] Bluetooth: hci7: command 0x041b tx timeout [ 81.850931] Bluetooth: hci5: command 0x041b tx timeout [ 82.579712] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 82.582933] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 82.585942] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 82.599975] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 82.603195] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 82.604454] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 82.607733] Bluetooth: hci4: HCI_REQ-0x0c1a [ 83.705942] Bluetooth: hci2: command 0x040f tx timeout [ 83.706410] Bluetooth: hci1: command 0x040f tx timeout [ 83.706853] Bluetooth: hci3: command 0x040f tx timeout [ 83.833893] Bluetooth: hci0: command 0x040f tx timeout [ 83.898005] Bluetooth: hci5: command 0x040f tx timeout [ 83.898556] Bluetooth: hci7: command 0x040f tx timeout [ 83.899080] Bluetooth: hci6: command 0x040f tx timeout [ 84.666337] Bluetooth: hci4: command 0x0409 tx timeout [ 85.753915] Bluetooth: hci3: command 0x0419 tx timeout [ 85.754366] Bluetooth: hci1: command 0x0419 tx timeout [ 85.754735] Bluetooth: hci2: command 0x0419 tx timeout [ 85.881853] Bluetooth: hci0: command 0x0419 tx timeout [ 85.945861] Bluetooth: hci6: command 0x0419 tx timeout [ 85.946249] Bluetooth: hci7: command 0x0419 tx timeout [ 85.946611] Bluetooth: hci5: command 0x0419 tx timeout [ 86.713934] Bluetooth: hci4: command 0x041b tx timeout [ 88.761862] Bluetooth: hci4: command 0x040f tx timeout [ 90.809956] Bluetooth: hci4: command 0x0419 tx timeout 11:05:29 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x3d}) pidfd_open(0x0, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) syz_io_uring_setup(0x2971, &(0x7f0000000200)={0x0, 0xdd89, 0x2, 0x2, 0x392}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000400)) clone3(&(0x7f0000000440)={0x80202800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000500), {0x19}, &(0x7f0000000540)=""/93, 0x5d, &(0x7f000001dc80)=""/102379, &(0x7f0000000180)}, 0x58) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$cgroup(r1, &(0x7f00000004c0)='syz0\x00', 0x200002, 0x0) r3 = dup(r0) perf_event_open$cgroup(&(0x7f0000000380)={0x4, 0x80, 0x5, 0x0, 0x72, 0x2, 0x0, 0x6, 0x40020, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xa8f342e, 0x1, @perf_bp={&(0x7f0000000340)}, 0x20, 0x1f, 0x8000, 0x2, 0x3, 0x40, 0x0, 0x0, 0xffffffec, 0x0, 0x8}, r2, 0xc, r3, 0xc) [ 126.624396] audit: type=1400 audit(1664103929.325:7): avc: denied { open } for pid=3591 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.625875] audit: type=1400 audit(1664103929.325:8): avc: denied { kernel } for pid=3591 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.655773] ------------[ cut here ]------------ [ 126.655800] [ 126.655804] ====================================================== [ 126.655808] WARNING: possible circular locking dependency detected [ 126.655812] 6.0.0-rc6-next-20220923 #1 Not tainted [ 126.655819] ------------------------------------------------------ [ 126.655822] syz-executor.1/3594 is trying to acquire lock: [ 126.655828] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 126.655869] [ 126.655869] but task is already holding lock: [ 126.655872] ffff888040af8020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 126.655901] [ 126.655901] which lock already depends on the new lock. [ 126.655901] [ 126.655904] [ 126.655904] the existing dependency chain (in reverse order) is: [ 126.655908] [ 126.655908] -> #3 (&ctx->lock){....}-{2:2}: [ 126.655921] _raw_spin_lock+0x2a/0x40 [ 126.655940] __perf_event_task_sched_out+0x53b/0x18d0 [ 126.655953] __schedule+0xedd/0x2470 [ 126.655967] schedule+0xda/0x1b0 [ 126.655979] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.655991] syscall_exit_to_user_mode+0x19/0x40 [ 126.656004] do_syscall_64+0x48/0x90 [ 126.656020] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.656033] [ 126.656033] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 126.656046] _raw_spin_lock_nested+0x30/0x40 [ 126.656064] raw_spin_rq_lock_nested+0x1e/0x30 [ 126.656078] task_fork_fair+0x63/0x4d0 [ 126.656094] sched_cgroup_fork+0x3d0/0x540 [ 126.656108] copy_process+0x4183/0x6e20 [ 126.656119] kernel_clone+0xe7/0x890 [ 126.656128] user_mode_thread+0xad/0xf0 [ 126.656138] rest_init+0x24/0x250 [ 126.656149] arch_call_rest_init+0xf/0x14 [ 126.656167] start_kernel+0x4c1/0x4e6 [ 126.656182] secondary_startup_64_no_verify+0xe0/0xeb [ 126.656197] [ 126.656197] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 126.656210] _raw_spin_lock_irqsave+0x39/0x60 [ 126.656228] try_to_wake_up+0xab/0x1930 [ 126.656241] up+0x75/0xb0 [ 126.656255] __up_console_sem+0x6e/0x80 [ 126.656271] console_unlock+0x46a/0x590 [ 126.656286] vprintk_emit+0x1bd/0x560 [ 126.656302] vprintk+0x84/0xa0 [ 126.656318] _printk+0xba/0xf1 [ 126.656329] kauditd_hold_skb.cold+0x3f/0x4e [ 126.656346] kauditd_send_queue+0x233/0x290 [ 126.656360] kauditd_thread+0x5da/0x9a0 [ 126.656374] kthread+0x2ed/0x3a0 [ 126.656388] ret_from_fork+0x22/0x30 [ 126.656400] [ 126.656400] -> #0 ((console_sem).lock){....}-{2:2}: [ 126.656414] __lock_acquire+0x2a02/0x5e70 [ 126.656431] lock_acquire+0x1a2/0x530 [ 126.656446] _raw_spin_lock_irqsave+0x39/0x60 [ 126.656464] down_trylock+0xe/0x70 [ 126.656479] __down_trylock_console_sem+0x3b/0xd0 [ 126.656494] vprintk_emit+0x16b/0x560 [ 126.656510] vprintk+0x84/0xa0 [ 126.656525] _printk+0xba/0xf1 [ 126.656535] report_bug.cold+0x72/0xab [ 126.656551] handle_bug+0x3c/0x70 [ 126.656573] exc_invalid_op+0x14/0x50 [ 126.656589] asm_exc_invalid_op+0x16/0x20 [ 126.656600] group_sched_out.part.0+0x2c7/0x460 [ 126.656611] ctx_sched_out+0x8f1/0xc10 [ 126.656621] __perf_event_task_sched_out+0x6d0/0x18d0 [ 126.656633] __schedule+0xedd/0x2470 [ 126.656646] schedule+0xda/0x1b0 [ 126.656659] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.656669] syscall_exit_to_user_mode+0x19/0x40 [ 126.656681] do_syscall_64+0x48/0x90 [ 126.656697] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.656709] [ 126.656709] other info that might help us debug this: [ 126.656709] [ 126.656712] Chain exists of: [ 126.656712] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 126.656712] [ 126.656727] Possible unsafe locking scenario: [ 126.656727] [ 126.656729] CPU0 CPU1 [ 126.656732] ---- ---- [ 126.656734] lock(&ctx->lock); [ 126.656740] lock(&rq->__lock); [ 126.656746] lock(&ctx->lock); [ 126.656752] lock((console_sem).lock); [ 126.656758] [ 126.656758] *** DEADLOCK *** [ 126.656758] [ 126.656760] 2 locks held by syz-executor.1/3594: [ 126.656767] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 126.656795] #1: ffff888040af8020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 126.656826] [ 126.656826] stack backtrace: [ 126.656829] CPU: 0 PID: 3594 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1 [ 126.656841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 126.656850] Call Trace: [ 126.656854] [ 126.656858] dump_stack_lvl+0x8b/0xb3 [ 126.656876] check_noncircular+0x263/0x2e0 [ 126.656892] ? format_decode+0x26c/0xb50 [ 126.656909] ? print_circular_bug+0x450/0x450 [ 126.656925] ? enable_ptr_key_workfn+0x20/0x20 [ 126.656940] ? __lockdep_reset_lock+0x180/0x180 [ 126.656957] ? format_decode+0x26c/0xb50 [ 126.656974] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 126.656991] __lock_acquire+0x2a02/0x5e70 [ 126.657012] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 126.657034] lock_acquire+0x1a2/0x530 [ 126.657051] ? down_trylock+0xe/0x70 [ 126.657067] ? lock_release+0x750/0x750 [ 126.657084] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 126.657105] ? vprintk+0x84/0xa0 [ 126.657122] _raw_spin_lock_irqsave+0x39/0x60 [ 126.657141] ? down_trylock+0xe/0x70 [ 126.657156] down_trylock+0xe/0x70 [ 126.657171] ? vprintk+0x84/0xa0 [ 126.657188] __down_trylock_console_sem+0x3b/0xd0 [ 126.657205] vprintk_emit+0x16b/0x560 [ 126.657221] ? lock_downgrade+0x6d0/0x6d0 [ 126.657239] vprintk+0x84/0xa0 [ 126.657256] _printk+0xba/0xf1 [ 126.657267] ? record_print_text.cold+0x16/0x16 [ 126.657281] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 126.657295] ? lock_downgrade+0x6d0/0x6d0 [ 126.657312] ? report_bug.cold+0x66/0xab [ 126.657330] ? group_sched_out.part.0+0x2c7/0x460 [ 126.657341] report_bug.cold+0x72/0xab [ 126.657359] handle_bug+0x3c/0x70 [ 126.657376] exc_invalid_op+0x14/0x50 [ 126.657393] asm_exc_invalid_op+0x16/0x20 [ 126.657406] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 126.657420] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 126.657432] RSP: 0018:ffff888017c57c48 EFLAGS: 00010006 [ 126.657441] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.657448] RDX: ffff88801777b580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 126.657456] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 126.657463] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888040af8000 [ 126.657471] R13: ffff88806ce3d140 R14: ffffffff8547d1a0 R15: 0000000000000002 [ 126.657482] ? group_sched_out.part.0+0x2c7/0x460 [ 126.657495] ? group_sched_out.part.0+0x2c7/0x460 [ 126.657508] ctx_sched_out+0x8f1/0xc10 [ 126.657521] __perf_event_task_sched_out+0x6d0/0x18d0 [ 126.657537] ? lock_is_held_type+0xd7/0x130 [ 126.657550] ? __perf_cgroup_move+0x160/0x160 [ 126.657562] ? set_next_entity+0x304/0x550 [ 126.657579] ? update_curr+0x267/0x740 [ 126.657597] ? lock_is_held_type+0xd7/0x130 [ 126.657611] __schedule+0xedd/0x2470 [ 126.657627] ? io_schedule_timeout+0x150/0x150 [ 126.657643] ? __x64_sys_futex_time32+0x480/0x480 [ 126.657657] schedule+0xda/0x1b0 [ 126.657672] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.657684] syscall_exit_to_user_mode+0x19/0x40 [ 126.657697] do_syscall_64+0x48/0x90 [ 126.657714] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.657727] RIP: 0033:0x7f843bd38b19 [ 126.657735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.657746] RSP: 002b:00007f84392ae218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.657757] RAX: 0000000000000001 RBX: 00007f843be4bf68 RCX: 00007f843bd38b19 [ 126.657764] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f843be4bf6c [ 126.657772] RBP: 00007f843be4bf60 R08: 000000000000000e R09: 0000000000000000 [ 126.657779] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f843be4bf6c [ 126.657786] R13: 00007ffc31e7653f R14: 00007f84392ae300 R15: 0000000000022000 [ 126.657798] [ 126.715899] WARNING: CPU: 0 PID: 3594 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 126.716604] Modules linked in: [ 126.716848] CPU: 0 PID: 3594 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1 [ 126.717440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 126.718279] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 126.718682] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 126.720039] RSP: 0018:ffff888017c57c48 EFLAGS: 00010006 [ 126.720433] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.720968] RDX: ffff88801777b580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 126.721496] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 126.722026] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888040af8000 [ 126.722559] R13: ffff88806ce3d140 R14: ffffffff8547d1a0 R15: 0000000000000002 [ 126.723089] FS: 00007f84392ae700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 126.723680] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.724104] CR2: 00007f5b84261b70 CR3: 000000000f828000 CR4: 0000000000350ef0 [ 126.724645] Call Trace: [ 126.724838] [ 126.725011] ctx_sched_out+0x8f1/0xc10 [ 126.725308] __perf_event_task_sched_out+0x6d0/0x18d0 [ 126.725699] ? lock_is_held_type+0xd7/0x130 [ 126.726022] ? __perf_cgroup_move+0x160/0x160 [ 126.726364] ? set_next_entity+0x304/0x550 [ 126.726691] ? update_curr+0x267/0x740 [ 126.727003] ? lock_is_held_type+0xd7/0x130 [ 126.727331] __schedule+0xedd/0x2470 [ 126.727624] ? io_schedule_timeout+0x150/0x150 [ 126.727977] ? __x64_sys_futex_time32+0x480/0x480 [ 126.728344] schedule+0xda/0x1b0 [ 126.728619] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.728991] syscall_exit_to_user_mode+0x19/0x40 [ 126.729349] do_syscall_64+0x48/0x90 [ 126.729637] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.730025] RIP: 0033:0x7f843bd38b19 [ 126.730307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.731649] RSP: 002b:00007f84392ae218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.732210] RAX: 0000000000000001 RBX: 00007f843be4bf68 RCX: 00007f843bd38b19 [ 126.732755] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f843be4bf6c [ 126.733283] RBP: 00007f843be4bf60 R08: 000000000000000e R09: 0000000000000000 [ 126.733813] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f843be4bf6c [ 126.734342] R13: 00007ffc31e7653f R14: 00007f84392ae300 R15: 0000000000022000 [ 126.734872] [ 126.735051] irq event stamp: 3690 [ 126.735307] hardirqs last enabled at (3689): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 126.736011] hardirqs last disabled at (3690): [] __schedule+0x1225/0x2470 [ 126.736656] softirqs last enabled at (3576): [] __irq_exit_rcu+0x11b/0x180 [ 126.737296] softirqs last disabled at (3569): [] __irq_exit_rcu+0x11b/0x180 [ 126.737932] ---[ end trace 0000000000000000 ]--- 11:05:29 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x3d}) pidfd_open(0x0, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) syz_io_uring_setup(0x2971, &(0x7f0000000200)={0x0, 0xdd89, 0x2, 0x2, 0x392}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000400)) clone3(&(0x7f0000000440)={0x80202800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000500), {0x19}, &(0x7f0000000540)=""/93, 0x5d, &(0x7f000001dc80)=""/102379, &(0x7f0000000180)}, 0x58) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$cgroup(r1, &(0x7f00000004c0)='syz0\x00', 0x200002, 0x0) r3 = dup(r0) perf_event_open$cgroup(&(0x7f0000000380)={0x4, 0x80, 0x5, 0x0, 0x72, 0x2, 0x0, 0x6, 0x40020, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xa8f342e, 0x1, @perf_bp={&(0x7f0000000340)}, 0x20, 0x1f, 0x8000, 0x2, 0x3, 0x40, 0x0, 0x0, 0xffffffec, 0x0, 0x8}, r2, 0xc, r3, 0xc) 11:05:30 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x3d}) pidfd_open(0x0, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) syz_io_uring_setup(0x2971, &(0x7f0000000200)={0x0, 0xdd89, 0x2, 0x2, 0x392}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000400)) clone3(&(0x7f0000000440)={0x80202800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000500), {0x19}, &(0x7f0000000540)=""/93, 0x5d, &(0x7f000001dc80)=""/102379, &(0x7f0000000180)}, 0x58) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$cgroup(r1, &(0x7f00000004c0)='syz0\x00', 0x200002, 0x0) r3 = dup(r0) perf_event_open$cgroup(&(0x7f0000000380)={0x4, 0x80, 0x5, 0x0, 0x72, 0x2, 0x0, 0x6, 0x40020, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xa8f342e, 0x1, @perf_bp={&(0x7f0000000340)}, 0x20, 0x1f, 0x8000, 0x2, 0x3, 0x40, 0x0, 0x0, 0xffffffec, 0x0, 0x8}, r2, 0xc, r3, 0xc) 11:05:30 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x3d}) pidfd_open(0x0, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) syz_io_uring_setup(0x2971, &(0x7f0000000200)={0x0, 0xdd89, 0x2, 0x2, 0x392}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000400)) clone3(&(0x7f0000000440)={0x80202800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000500), {0x19}, &(0x7f0000000540)=""/93, 0x5d, &(0x7f000001dc80)=""/102379, &(0x7f0000000180)}, 0x58) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$cgroup(r1, &(0x7f00000004c0)='syz0\x00', 0x200002, 0x0) r3 = dup(r0) perf_event_open$cgroup(&(0x7f0000000380)={0x4, 0x80, 0x5, 0x0, 0x72, 0x2, 0x0, 0x6, 0x40020, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xa8f342e, 0x1, @perf_bp={&(0x7f0000000340)}, 0x20, 0x1f, 0x8000, 0x2, 0x3, 0x40, 0x0, 0x0, 0xffffffec, 0x0, 0x8}, r2, 0xc, r3, 0xc) 11:05:30 executing program 1: r0 = syz_io_uring_setup(0x1, &(0x7f00000003c0), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), 0x0) r1 = pkey_alloc(0x0, 0x2) pkey_alloc(0x0, 0x1) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=0x0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0xab, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0xa264, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_REFRESH(r3, 0x2402, 0xe57d) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x3f, 0x44, 0x6, 0x0, 0x5924, 0x10004, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x2, @perf_config_ext={0x3, 0x6}, 0x20, 0x40, 0x5, 0x1, 0x4, 0x3, 0xfff, 0x0, 0x5, 0x0, 0x1}, r2, 0x5, r3, 0x9) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup3(r4, r5, 0x0) recvmsg$unix(r6, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x41) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x2, 0x3, 0x5, 0x3, 0x0, 0x975, 0x1004, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xcb, 0x2, @perf_bp={&(0x7f0000000140), 0xc}, 0x10, 0x7, 0x4, 0x4, 0x7fffffff, 0x0, 0x4, 0x0, 0x7, 0x0, 0x5}, r2, 0x1, r6, 0x2) pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000018, r1) pkey_mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000000, r1) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) syz_io_uring_setup(0x13f4, &(0x7f0000000000)={0x0, 0x4d40, 0x10, 0x0, 0x279, 0x0, r0}, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 11:05:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000001c0)={0x14, 0x15, 0x101, 0x0, 0x0, "", [@nested={0xa}]}, 0x14}], 0x1}, 0x0) ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000380)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r3) fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14) getsockname$packet(r3, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x7, 0x7800, 0x10001}}) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_audit(0x10, 0x3, 0x9) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0x3, r4, 0x3) 11:05:31 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000001c0)={0x14, 0x15, 0x101, 0x0, 0x0, "", [@nested={0xa}]}, 0x14}], 0x1}, 0x0) ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000380)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r3) fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14) getsockname$packet(r3, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x7, 0x7800, 0x10001}}) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_audit(0x10, 0x3, 0x9) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14) r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0x3, r4, 0x3) 11:05:31 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r1, &(0x7f0000000200)='x', 0x1, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) r3 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$chown(0x4, r3, r2, 0xee00) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x33820, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{}, {@cache_loose}, {@access_any}, {@aname}], [{@dont_appraise}, {@fowner_eq={'fowner', 0x3d, r2}}, {@obj_user={'obj_user', 0x3d, '['}}]}}) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000080)=0x1) fallocate(r0, 0x0, 0x0, 0x8001) execveat(r1, &(0x7f0000000180)='./file1\x00', &(0x7f0000000300)=[&(0x7f00000001c0)='\x00'], &(0x7f00000003c0)=[&(0x7f0000000340)='@(-.\x00', &(0x7f0000000380)='+(\'&\x00'], 0x1000) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1}) VM DIAGNOSIS: 11:05:29 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff822b175c RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff888017c57640 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0ec8bcb R15=dffffc0000000000 RIP=ffffffff822b17b1 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f84392ae700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f5b84261b70 CR3=000000000f828000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f843be1f7c0 00007f843be1f7c8 YMM02=0000000000000000 0000000000000000 00007f843be1f7e0 00007f843be1f7c0 YMM03=0000000000000000 0000000000000000 00007f843be1f7c8 00007f843be1f7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=1ffff11001f0dc7f RBX=ffff88801b93ac40 RCX=1ffff1100372758e RDX=dffffc0000000000 RSI=ffff88802002b900 RDI=ffff88800f86e3f8 RBP=ffff88802002b800 RSP=ffff88801766f910 R8 =0000000000000001 R9 =0000000000000246 R10=ffffed1002ecdf10 R11=0000000000000001 R12=ffff88800d911998 R13=0000000000000000 R14=ffff88800f86e3c8 R15=ffff88800d911950 RIP=ffffffff817bbbc6 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f53a0df08e0 CR3=0000000017fa4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000