Warning: Permanently added '[localhost]:22893' (ECDSA) to the list of known hosts. 2022/09/26 03:56:45 fuzzer started 2022/09/26 03:56:45 dialing manager at localhost:38881 syzkaller login: [ 36.237966] cgroup: Unknown subsys name 'net' [ 36.305948] cgroup: Unknown subsys name 'rlimit' 2022/09/26 03:56:59 syscalls: 2215 2022/09/26 03:56:59 code coverage: enabled 2022/09/26 03:56:59 comparison tracing: enabled 2022/09/26 03:56:59 extra coverage: enabled 2022/09/26 03:56:59 setuid sandbox: enabled 2022/09/26 03:56:59 namespace sandbox: enabled 2022/09/26 03:56:59 Android sandbox: enabled 2022/09/26 03:56:59 fault injection: enabled 2022/09/26 03:56:59 leak checking: enabled 2022/09/26 03:56:59 net packet injection: enabled 2022/09/26 03:56:59 net device setup: enabled 2022/09/26 03:56:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/26 03:56:59 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/26 03:56:59 USB emulation: enabled 2022/09/26 03:56:59 hci packet injection: enabled 2022/09/26 03:56:59 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/26 03:56:59 802.15.4 emulation: enabled 2022/09/26 03:57:00 fetching corpus: 50, signal 22033/23847 (executing program) 2022/09/26 03:57:00 fetching corpus: 100, signal 32121/35601 (executing program) 2022/09/26 03:57:00 fetching corpus: 150, signal 45563/50482 (executing program) 2022/09/26 03:57:00 fetching corpus: 200, signal 54377/60686 (executing program) 2022/09/26 03:57:00 fetching corpus: 250, signal 59701/67386 (executing program) 2022/09/26 03:57:00 fetching corpus: 300, signal 63782/72809 (executing program) 2022/09/26 03:57:00 fetching corpus: 350, signal 68659/78958 (executing program) 2022/09/26 03:57:00 fetching corpus: 400, signal 72543/84122 (executing program) 2022/09/26 03:57:01 fetching corpus: 450, signal 77305/89980 (executing program) 2022/09/26 03:57:01 fetching corpus: 500, signal 79967/93863 (executing program) 2022/09/26 03:57:01 fetching corpus: 550, signal 83132/98150 (executing program) 2022/09/26 03:57:01 fetching corpus: 600, signal 86045/102173 (executing program) 2022/09/26 03:57:01 fetching corpus: 650, signal 88841/106079 (executing program) 2022/09/26 03:57:01 fetching corpus: 700, signal 90411/108786 (executing program) 2022/09/26 03:57:01 fetching corpus: 750, signal 93104/112519 (executing program) 2022/09/26 03:57:01 fetching corpus: 800, signal 95591/115979 (executing program) 2022/09/26 03:57:02 fetching corpus: 850, signal 97986/119333 (executing program) 2022/09/26 03:57:02 fetching corpus: 900, signal 98998/121508 (executing program) 2022/09/26 03:57:02 fetching corpus: 950, signal 100650/124231 (executing program) 2022/09/26 03:57:02 fetching corpus: 1000, signal 104152/128462 (executing program) 2022/09/26 03:57:02 fetching corpus: 1050, signal 106857/131931 (executing program) 2022/09/26 03:57:02 fetching corpus: 1100, signal 109144/135008 (executing program) 2022/09/26 03:57:02 fetching corpus: 1150, signal 109897/136801 (executing program) 2022/09/26 03:57:02 fetching corpus: 1200, signal 113069/140570 (executing program) 2022/09/26 03:57:02 fetching corpus: 1250, signal 114086/142565 (executing program) 2022/09/26 03:57:03 fetching corpus: 1300, signal 116389/145578 (executing program) 2022/09/26 03:57:03 fetching corpus: 1350, signal 118170/148065 (executing program) 2022/09/26 03:57:03 fetching corpus: 1400, signal 120903/151325 (executing program) 2022/09/26 03:57:03 fetching corpus: 1450, signal 121957/153198 (executing program) 2022/09/26 03:57:03 fetching corpus: 1500, signal 123032/155122 (executing program) 2022/09/26 03:57:03 fetching corpus: 1550, signal 124316/157169 (executing program) 2022/09/26 03:57:03 fetching corpus: 1600, signal 125902/159465 (executing program) 2022/09/26 03:57:03 fetching corpus: 1650, signal 126823/161197 (executing program) 2022/09/26 03:57:03 fetching corpus: 1700, signal 128738/163657 (executing program) 2022/09/26 03:57:04 fetching corpus: 1750, signal 129438/165197 (executing program) 2022/09/26 03:57:04 fetching corpus: 1800, signal 132352/168366 (executing program) 2022/09/26 03:57:04 fetching corpus: 1850, signal 134061/170606 (executing program) 2022/09/26 03:57:04 fetching corpus: 1900, signal 136868/173622 (executing program) 2022/09/26 03:57:04 fetching corpus: 1950, signal 138353/175633 (executing program) 2022/09/26 03:57:04 fetching corpus: 2000, signal 139729/177608 (executing program) 2022/09/26 03:57:04 fetching corpus: 2050, signal 141021/179488 (executing program) 2022/09/26 03:57:05 fetching corpus: 2100, signal 142377/181338 (executing program) 2022/09/26 03:57:05 fetching corpus: 2150, signal 143900/183271 (executing program) 2022/09/26 03:57:05 fetching corpus: 2200, signal 144554/184656 (executing program) 2022/09/26 03:57:05 fetching corpus: 2250, signal 145267/186030 (executing program) 2022/09/26 03:57:05 fetching corpus: 2300, signal 147396/188361 (executing program) 2022/09/26 03:57:05 fetching corpus: 2350, signal 149168/190426 (executing program) 2022/09/26 03:57:05 fetching corpus: 2400, signal 150654/192233 (executing program) 2022/09/26 03:57:05 fetching corpus: 2450, signal 151497/193623 (executing program) 2022/09/26 03:57:06 fetching corpus: 2500, signal 152366/194971 (executing program) 2022/09/26 03:57:06 fetching corpus: 2550, signal 153037/196231 (executing program) 2022/09/26 03:57:06 fetching corpus: 2600, signal 153890/197584 (executing program) 2022/09/26 03:57:06 fetching corpus: 2650, signal 154716/198917 (executing program) 2022/09/26 03:57:06 fetching corpus: 2700, signal 155849/200421 (executing program) 2022/09/26 03:57:06 fetching corpus: 2750, signal 156842/201825 (executing program) 2022/09/26 03:57:06 fetching corpus: 2800, signal 157965/203290 (executing program) 2022/09/26 03:57:06 fetching corpus: 2850, signal 159524/204960 (executing program) 2022/09/26 03:57:06 fetching corpus: 2900, signal 160752/206483 (executing program) 2022/09/26 03:57:07 fetching corpus: 2950, signal 161929/207873 (executing program) 2022/09/26 03:57:07 fetching corpus: 3000, signal 163471/209457 (executing program) 2022/09/26 03:57:07 fetching corpus: 3050, signal 164724/210901 (executing program) 2022/09/26 03:57:07 fetching corpus: 3100, signal 165394/212029 (executing program) 2022/09/26 03:57:07 fetching corpus: 3150, signal 166001/213089 (executing program) 2022/09/26 03:57:07 fetching corpus: 3200, signal 166961/214358 (executing program) 2022/09/26 03:57:07 fetching corpus: 3250, signal 167448/215330 (executing program) 2022/09/26 03:57:07 fetching corpus: 3300, signal 167847/216289 (executing program) 2022/09/26 03:57:08 fetching corpus: 3350, signal 168713/217483 (executing program) 2022/09/26 03:57:08 fetching corpus: 3400, signal 169826/218732 (executing program) 2022/09/26 03:57:08 fetching corpus: 3450, signal 170764/219917 (executing program) 2022/09/26 03:57:08 fetching corpus: 3500, signal 171715/221096 (executing program) 2022/09/26 03:57:08 fetching corpus: 3550, signal 172609/222199 (executing program) 2022/09/26 03:57:08 fetching corpus: 3600, signal 173635/223344 (executing program) 2022/09/26 03:57:08 fetching corpus: 3650, signal 174121/224255 (executing program) 2022/09/26 03:57:08 fetching corpus: 3700, signal 175100/225409 (executing program) 2022/09/26 03:57:09 fetching corpus: 3750, signal 175645/226314 (executing program) 2022/09/26 03:57:09 fetching corpus: 3800, signal 176174/227220 (executing program) 2022/09/26 03:57:09 fetching corpus: 3850, signal 176709/228144 (executing program) 2022/09/26 03:57:09 fetching corpus: 3900, signal 177604/229221 (executing program) 2022/09/26 03:57:09 fetching corpus: 3950, signal 178400/230241 (executing program) 2022/09/26 03:57:09 fetching corpus: 4000, signal 179406/231266 (executing program) 2022/09/26 03:57:09 fetching corpus: 4050, signal 180364/232302 (executing program) 2022/09/26 03:57:09 fetching corpus: 4100, signal 180861/233108 (executing program) 2022/09/26 03:57:09 fetching corpus: 4150, signal 181907/234159 (executing program) 2022/09/26 03:57:10 fetching corpus: 4200, signal 182601/235021 (executing program) 2022/09/26 03:57:10 fetching corpus: 4250, signal 183187/235854 (executing program) 2022/09/26 03:57:10 fetching corpus: 4300, signal 183575/236616 (executing program) 2022/09/26 03:57:10 fetching corpus: 4350, signal 184502/237591 (executing program) 2022/09/26 03:57:10 fetching corpus: 4400, signal 185569/238591 (executing program) 2022/09/26 03:57:10 fetching corpus: 4450, signal 186171/239364 (executing program) 2022/09/26 03:57:10 fetching corpus: 4500, signal 186664/240116 (executing program) 2022/09/26 03:57:10 fetching corpus: 4550, signal 187025/240798 (executing program) 2022/09/26 03:57:10 fetching corpus: 4600, signal 187783/241700 (executing program) 2022/09/26 03:57:11 fetching corpus: 4650, signal 188172/242385 (executing program) 2022/09/26 03:57:11 fetching corpus: 4700, signal 189566/243349 (executing program) 2022/09/26 03:57:11 fetching corpus: 4750, signal 190012/244067 (executing program) 2022/09/26 03:57:11 fetching corpus: 4800, signal 190808/244848 (executing program) 2022/09/26 03:57:11 fetching corpus: 4850, signal 191185/245514 (executing program) 2022/09/26 03:57:11 fetching corpus: 4900, signal 191635/246172 (executing program) 2022/09/26 03:57:11 fetching corpus: 4950, signal 192349/246919 (executing program) 2022/09/26 03:57:11 fetching corpus: 5000, signal 193354/247680 (executing program) 2022/09/26 03:57:12 fetching corpus: 5050, signal 193656/248309 (executing program) 2022/09/26 03:57:12 fetching corpus: 5100, signal 194463/249058 (executing program) 2022/09/26 03:57:12 fetching corpus: 5150, signal 195005/249731 (executing program) 2022/09/26 03:57:12 fetching corpus: 5200, signal 195397/250358 (executing program) 2022/09/26 03:57:12 fetching corpus: 5250, signal 195987/251008 (executing program) 2022/09/26 03:57:12 fetching corpus: 5300, signal 196534/251654 (executing program) 2022/09/26 03:57:12 fetching corpus: 5350, signal 197342/252334 (executing program) 2022/09/26 03:57:12 fetching corpus: 5400, signal 197859/252931 (executing program) 2022/09/26 03:57:12 fetching corpus: 5450, signal 198149/253483 (executing program) 2022/09/26 03:57:13 fetching corpus: 5500, signal 198848/254110 (executing program) 2022/09/26 03:57:13 fetching corpus: 5550, signal 200213/254801 (executing program) 2022/09/26 03:57:13 fetching corpus: 5600, signal 200934/255392 (executing program) 2022/09/26 03:57:13 fetching corpus: 5650, signal 201732/255992 (executing program) 2022/09/26 03:57:13 fetching corpus: 5700, signal 202585/256569 (executing program) 2022/09/26 03:57:13 fetching corpus: 5750, signal 202959/257091 (executing program) 2022/09/26 03:57:13 fetching corpus: 5800, signal 203385/257653 (executing program) 2022/09/26 03:57:13 fetching corpus: 5850, signal 203973/258152 (executing program) 2022/09/26 03:57:13 fetching corpus: 5900, signal 204281/258635 (executing program) 2022/09/26 03:57:14 fetching corpus: 5950, signal 204626/259184 (executing program) 2022/09/26 03:57:14 fetching corpus: 6000, signal 205288/259719 (executing program) 2022/09/26 03:57:14 fetching corpus: 6050, signal 206098/260224 (executing program) 2022/09/26 03:57:14 fetching corpus: 6100, signal 206531/260754 (executing program) 2022/09/26 03:57:14 fetching corpus: 6150, signal 206965/261251 (executing program) 2022/09/26 03:57:14 fetching corpus: 6200, signal 207613/261730 (executing program) 2022/09/26 03:57:14 fetching corpus: 6250, signal 208069/262200 (executing program) 2022/09/26 03:57:14 fetching corpus: 6300, signal 208520/262622 (executing program) 2022/09/26 03:57:15 fetching corpus: 6350, signal 209078/263085 (executing program) 2022/09/26 03:57:15 fetching corpus: 6400, signal 209800/263615 (executing program) 2022/09/26 03:57:15 fetching corpus: 6450, signal 210279/264068 (executing program) 2022/09/26 03:57:15 fetching corpus: 6500, signal 210799/264468 (executing program) 2022/09/26 03:57:15 fetching corpus: 6550, signal 211436/264765 (executing program) 2022/09/26 03:57:15 fetching corpus: 6600, signal 211672/264765 (executing program) 2022/09/26 03:57:15 fetching corpus: 6650, signal 212190/264784 (executing program) 2022/09/26 03:57:15 fetching corpus: 6700, signal 212799/264784 (executing program) 2022/09/26 03:57:15 fetching corpus: 6750, signal 213065/264786 (executing program) 2022/09/26 03:57:16 fetching corpus: 6800, signal 213563/264791 (executing program) 2022/09/26 03:57:16 fetching corpus: 6850, signal 214298/264791 (executing program) 2022/09/26 03:57:16 fetching corpus: 6900, signal 214723/264791 (executing program) 2022/09/26 03:57:16 fetching corpus: 6950, signal 215235/264796 (executing program) 2022/09/26 03:57:16 fetching corpus: 7000, signal 215521/264804 (executing program) 2022/09/26 03:57:16 fetching corpus: 7050, signal 215990/264806 (executing program) 2022/09/26 03:57:16 fetching corpus: 7100, signal 216426/264870 (executing program) 2022/09/26 03:57:16 fetching corpus: 7150, signal 216694/264882 (executing program) 2022/09/26 03:57:16 fetching corpus: 7163, signal 216732/264884 (executing program) 2022/09/26 03:57:16 fetching corpus: 7163, signal 216732/264884 (executing program) 2022/09/26 03:57:19 starting 8 fuzzer processes 03:57:19 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000040)) sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd0, 0x0, 0x7, 0x3, 0x0, 0x0, {0x2}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x7fffffff}, @NFACCT_PKTS={0xc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x8}, @NFACCT_FILTER={0x3c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfffff17a}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfffffb10}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x20}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x8000}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfffffff8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x9e34}]}, @NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x7}]}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x4}, @NFACCT_FILTER_VALUE={0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x4}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x7bb}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7}]}, @NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x3f}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x101}]}, 0xd0}, 0x1, 0x0, 0x0, 0x40004}, 0x4000) r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000280)=0x14) fallocate(r2, 0x41, 0x7f000000000, 0x7f) copy_file_range(0xffffffffffffffff, &(0x7f00000002c0)=0x4, r0, &(0x7f0000000300)=0x9, 0xffffffff80000000, 0x0) sendmsg$unix(r0, &(0x7f0000000880)={&(0x7f0000000340)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000800)=[{&(0x7f00000003c0)="00d5677efb9ade192918db3367398959d6f651bdca6587f00a2ac68fd9d3d40c1750396702ae2ee9157c450405f016ac475e86c10072ce3ea882fd4c6c5f5d02e5cfb6feedb8d9", 0x47}, {&(0x7f0000000440)="be251a678443c0cdbeba330d766824d30d5f2e2e90809437e787e1bc6f99c818e4595e3812da0612a532df41470fe9626d7d468294250dd62db77c93a6a1f80026ec8309aafc944b8d1db3bb079c5c49a346fd67015ab30d5b5a970cdd07f26d581ef75072e132c2272c89a3169c4f99cbdee2251cbc4b0539b6c4e4e23b39b6d9a9c9bbcda3aa3cafead3e6b1f0d99635af2696d4d14e8a6fe02bac151449ced64fa094619e4a5913fca1b90d9125537bf94694f8ca18741fc0b5135b4a855e4433c37ee2ff94738d4ec27a030c447238c664ec33774c11e214f7465c2174176858ff419d8d12e5a4b2248f91d4ac941039009ee0ec651c98a30841d4f7a6", 0xff}, {&(0x7f0000000540)="163e45e33f5ca8c28ebea86fe33eb2003d90600676594f9228b78f30fc0e68373ba4b52be957c9c6d7e650906a4d806c1541d3d1d09aa9997f7bc7fc4ab6509e346f85aa5f27830aec443ade9606cddf8aeb6de0cfbfe3838dbd30f5bbb0eaae64da6dbc53e0b08fa38b8212f4e2d9e26d6567bbf9058401ed642c6c1bbb481d77019b88c27e442e1e29e2f98d7ac98d064d1174ade2e9b6ad05b2a677679edf006feccbdb17bea19299b3a2f2631ec328c16629b33d206e16301468579c605588c25346fbb1810f1d49d4afe0e07166", 0xd0}, {&(0x7f0000000640)="80d0475ae722716e35f045dce13dd0cca9ed64e7bf93ac3eee81f449327cba8d60ca02b2b4c47da20db53a1ecca6aec2103bc0ced15b98fe79b9f5ff8088878546b8a6daa35d6cd8d187be721a3ac7e937fcc8171af7afa8995bc39e420a10b0cc7b23bfcc7506cf660caf51855d2bee1b2f575ba90b4dba707f4803bcfe92726b7a152571c2c6295fdd542ce8470e2e2eae8e791791042655c9c81019ddf55b02f33a67924c12244b2ad83b371b80406ecd9f376443357315ce88398e9f0b27a95eef35c0c1c4cbdafab3674c96b04aa6c03a009d71b5a10fef1aae9b4701caa0d8377155ae70a1a60f4a82", 0xec}, {&(0x7f0000000740)="a298ecdb69a9112dcc6302227b427ba47f9e4c346745f400840d65ba8a3a22f30a97bc80312eced36248cb25f5037812a11b335d44126ba9c088bc5844eac6dd58d7badeff536dd10fc860313464619f79db855a8184e4b7e383d8fd28c2ff6b8619b945f59d1e60791c43c085d6066e3f3649dfdd0e6054d11cb1c31b9d83a89ec3b21fd5e45b07da7cfa1de852243e175338c8fa63eae04560", 0x9a}], 0x5, 0x0, 0x0, 0x1}, 0x4040004) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000008c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000900)={{0x1, 0x1, 0x18, r3, @out_args}, './file0\x00'}) accept$unix(r4, &(0x7f0000000940)=@abs, &(0x7f00000009c0)=0x6e) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0/file0\x00'}) r6 = openat(r4, &(0x7f0000000a40)='./file1\x00', 0x2870c0, 0x87) r7 = perf_event_open$cgroup(&(0x7f0000000a80)={0x3, 0x80, 0x3, 0x2, 0x8, 0x80, 0x0, 0x7ff, 0x10000, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x77, 0x1, @perf_config_ext={0x3, 0x2}, 0x800, 0x6, 0xffff, 0x4, 0x6, 0x8001, 0x3, 0x0, 0x40, 0x0, 0x80000000}, r6, 0x5, r6, 0x1) perf_event_open$cgroup(&(0x7f0000000b00)={0x4, 0x80, 0xb6, 0x0, 0x5, 0xe8, 0x0, 0xbd2, 0x40, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x1, 0x173}, 0x400, 0x7, 0x7, 0x8, 0x200, 0xff, 0x9, 0x0, 0x1, 0x0, 0x200}, r6, 0x0, r7, 0xc) write$bt_hci(r6, &(0x7f0000000b80)={0x1, @le_accept_cis={{0x2066, 0x2}, {0xc9}}}, 0x6) bind$bt_hci(r4, &(0x7f0000000bc0)={0x1f, 0x3}, 0x6) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000c00), 0xb00, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000003d40)={'batadv0\x00', 0x0}) recvfrom$packet(r8, &(0x7f0000000c40)=""/9, 0x9, 0x80, &(0x7f0000003d80)={0x11, 0x8, r9, 0x1, 0xff, 0x6, @random="5f27139a99d6"}, 0x14) openat(0xffffffffffffffff, &(0x7f0000003e00)='./file1\x00', 0x0, 0x1) 03:57:19 executing program 2: clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x4, 0x1000}, {0x1, 0x7ff, 0x1800}, {0x1, 0x4, 0x400}], 0x3, &(0x7f0000000080)={r0, r1+10000000}) clock_gettime(0x3, &(0x7f00000000c0)) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x800000, 0x110, 0xffffffffffffffff, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_TEE={0x21, 0x3, 0x0, @fd, 0x0, 0x0, 0x0, 0xa, 0x0, {0x0, r3}}, 0x7) r4 = syz_io_uring_setup(0x2340, &(0x7f0000000140)={0x0, 0x35be, 0x10, 0x2, 0xb1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fef000/0x11000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) r5 = dup2(0xffffffffffffffff, r4) r6 = syz_io_uring_setup(0x3f3c, &(0x7f0000000240)={0x0, 0x3ce, 0x8, 0x2, 0x1d8, 0x0, r5}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000002c0), &(0x7f0000000300)) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) pwritev2(r7, &(0x7f0000001400)=[{&(0x7f0000000340)="acfe40bdfc6b394109c63dcd89212eaab1faee71895cf4fe8610e9634b1be46c3afb39ee1569fe1c6651f6cf3c48dd55070a7ec9a903aad32459cb2e154d15b4e537ae995e38d19f9cf11b24c983cf330817c05d11136c05f0c99111561092f5cf963334b4b39f760c73832f74a8696ea8f97e9d1834afa4b9e2f2be4cdc94975b73", 0x82}, {&(0x7f0000000400)="f4a65492c5f2a2a432f01cf105cba9f2805cd08d2858dc16f0b8f8b01ad460dca1b1d5529ac72d31c27be180f1cb0794e46c62580e451971e93d266dc3d9fb1722fc6bb96cd5f4a3b662cad5b2f99f4e7d6b6f3456ac770e60a2680d56af56032ec3263ef1fde946022175de58c0aa4302d0713fb1bf1b687e163aeb5236b04e1d0820f7b1772c5fe93e132488ba27a09b07c5b02600ccb701e8658dc149b164de971515b6b87cc442e23def0b8948b3cac9796c85f2797bdac4a879379dd91bd373a322588a50620866a0aa2f2c9040a4a5a788b85ea10e3ee0bdd9a35b815d0930d9d74b527cfed45f6a97f1f2afb50e9c170a683055058943f3c23aa37089fb847d01061756d0519c905f84fa1a7cfa8de3a479fb2290d5dfa6451b8eddad7b8dea38e7d67a8def7d0002a0a8467702ca1194856d4fc8eff80968355ff782f872557dd2e898da211c8f720d54870423a163bedb215a3a64d45988136925e031fb5ebcb2c2055285e420284887ab5b12688af6bdfd36b09abd274ca21fda2d64d629c821a961722bb70a35958b515b5867170a57a4de34ed535bfd26737bf5010ee5ef5810bc34005a082363899d127ed12eb84b37f3543234323e459abf41bc11684651a68aff9c1625f81c4f857916ebc88e177c9314978a129febec28fb7ae5ae6dc686e7c33ce891b7c714e5dd5107b6e9c1ae9e98e3409a66d1e00718b32a026801386c9ee3de4bfd41044c7434cea8d7cd342da3e50682c80e1e58534e992ad5bf9dc5a65f09e8bd06799ff11a817eb3c9f92d8b1fe44d9736d45cfa1779d68417b4e2f8325da003e6d2772c319c2b376f9134746fb8770284181c7caa783329b07dc68d2b80c65f54bc5ca53c028886158ed8f60a7d953bfca9634c0ce7bb25bdea2ff82b7c3e1817aab4be99c72e370e3a1b4ab05225ce0e91a37458c42183df4b489497b8280df6c6c2f86071433c9bcf1f1cd668675ed3b98cccd6a51020b5347ef575a7138afff0ddc2112d5119066c0e0815d702772ecc9ea38237e2790643dc7d52abaf9b59128dc4033f95d56e933de9aba27553017978c475671d6ca23d73e07a2030a5ef1993d1e22d96885a7ab347638c58829a1b1f20e7d7f101611d96360986b0b1f49e5efdf8f522e23461ac03871de28b1988d6a821f459ca0646f701ea8a7c3e89e58a6b962e843fb46dba6b3b2520dba6575c73b0af9d314fc5618610ff18fcfc9f95160a8e1cad25d30e9b6cd1c5e1ed326ad733273b6f5d8f1bc8730b8035e4432066171d7b40920db31ef035e473770e2cad30ef44011fa6153c673fc433229595c715bc82fda43a85ac69f1413b771ba6f3f3bf2df5ffa121a401f791b0e57e149f35609bcd1debe519b29df3b5aad91d42983bf672c367df3abf200c98038028f60a9941391ee477c9d0ada8d50ed4088ed2e92eeee52ac73d43b3c5d8dc9f8cf796a41f68a49592a515ac5f7540af5a4fe24a74e82ee47a4f5d888474d12095360baf66087df5312ec01c259b9e1c9ad8e2a662e9681b24e9eb18d5aaa0ff6628b0d8dd1a79a4dedb4184f04d1e90fe3d9599968577210c9e4a872362dff3cb904159866b667c68478c93c8261a55f2e3b03464dc4bea7a6ea5548fcb5a8c238459b1db05698b1a3badc0a2b60a413e37dfeea193f57505e67c9138ca46ef3b5d495c27b492541a84f5de42494b3f11403f49e5337b6bc7b02d2f5095f7d3c1e3f67c464284d8972c2296328e5949ca2187f08559b84de41195f1b50b605f98b709c77204addfb28f8ce5ef1a29a6f481ba2c1c218567790e81f8ba9f9cd1cd69ff1625cabd04479ea6ab129892696b629da6c4d59c238b084d28375e651e726c7d33647a553ded8f276000b3416fc3176eee286d4c597283d96fb77ead2ce19e18787cd17ca504d08b616bd62419c3db8fcd458058ec8559fb722ae067b261e06b2c21f1002b686f2aa209be7dff14b268335ae888fdb272cd3c45bdc57952ead8d316993df8ed018b88e0a85331354478b27ce14c608c04c62aff2b9b95acd465642d5601afe1410b9c6cdf22a262ec0de78e7679f4da2b840edb3fe8e1561bcf5cf60a0689073482f2113dc761aaf50b32eca4d1a0a00b37a2cc17d179afe13e033018666b6bd44679652d198c0cc9a64dc992abc31c19cf501811b0bf6d093d3c2ac15b0b14e3ffc23431ba42c5c1282c0b256bdfa94895375bf817a708a0c33873e2c0823c3da541dee23883600ba773a628e23477acb033f803336a66ceb0b0274751c32342308245c653b5bab487466661fc44e34884513a4875b1115a80af35e916ea929a055be76a90c101442adf144fd57b7bc6f8ae17dbde13361f62cf3cd8ddb92b738ff3d7e4da605135913bbc7eb462e2d91a603381a8ba59e61c56ccf5862b3cce88b6771ebc99d3426efce9a5770d4d2bc82eff4cd3ee32a4459452f5f3e23b66bf4d34f594dbc4074f343842f480f7ac8811be6ccaeae604a7e638552febdc4eccd958d7580fb18fd0e097258e6c51e8657f44ab1c55ea5626cd015be7c54811f8129a6451c100ac522270a52c23bc411350582b047c26bb3d6f6f90fd030bcbdec8c5b441e2c8909148912c2fa493d12f5b4c3f41d13a69d21a78540795c404929f4d22a928eb20fbcdd1adaecbd2a53beb21e197201ebacaad11246643e38af396eaccb1e113ae004584d20ca1f3e0c33dba4d88022e7f788f5a6a8dc30ba226f861584aa22aa40d8a3c88324f3d05e346718410bbfe6aae0e0c3924b9326d3b8637579a6c96e9b361d724e20b843740b297dfd01d7a3e6e8fedead1e07c78ced2ed7d4ce7a09bd8a07cdbf2a55509a3040afa6ee7c69dda66cd753be282823469ba129d002f5fb623c784b5bbf0a278cc05f36c04e417f3fd3798d56fae5d85d25e664d7f41f73eb5447b50c2f1cc1fd3518345a8ddd008492c762e34573e33248d208daf7131ee291341309e0f436dabdf972ef0c40793c161f8989b79d94b948966cb4e9ae1b79bac231723af9455aab1fee21731285d258f2db8c2aed2686f1cdc245ce147e7d5d27d04108b78c24e8e0174ba82d6e67428455449df9821a21ff2d0e80dd5f21eb73c9e046fbbd51ffb95c2b070db5535d18e4c55926d87280dc53acb6f85b01470087e0802b6bf75ceac08abc61698e94bed0f74a58a93281d27a0d262a41e83dfc3654ca67526e5adcb908206026a14785a951d19e4fc7ae9e45ac01c58d997e482d71dbc9ce368ea62ccf7e64cb683184eaff18a7959f0eac18d3f465313dda3afa5239b778c841e32548023878c91aa375e8c29b11954c9e65e0aaf2d05418c21f725e0e04ff291580a74b31818267e422d0cecdb1dc58237a7df8094e82ae7ef65ea83df599040a6bbb6a4c1afb9f794e95f34a7a6ef0e02bfe3c4844acdcabc517403c122c09b21584b181eb65666d08010db6a418803cfe33c4a131f78a157e9e81b0ef46de161c30b52e0ef6b73bed26308025a2342a5bdaed16ca927e280591efacd59a90aa5e559853932c239d64c6192f54ca9427f8e1c5ac75c1dbc588e025469c74d75a52acf52da3478ed6c8671efcd6e883ef76ebb27148da69dabaad223fc2b6efff99f592aca66e5d0093c098bf8231abf85ce62e09aae8da7fa593329ca2cf0cfbbdf077eb5e200c8758f229b694979016b19f51cfb27086c9cddb395ccb6244e38cd24a78993d3b6c70479a7154a09042f583ad36a3bdfaa34fe1dae64a822b9ee3c8cf673921fc3bc5f144708b1b8f78e25fcaee376f3344756db2c547bf87254aa9db4cdcd7744f8f0a8b237e6b0e029d1ca7d0647c997966e90534815211f31c0a843ded5817139f363c266a37dd3adaf5eed097c9c8e8ae281f75dac0c2124bcefd62f9138559b4307f1633d76852e01c6a06c0f053f3ee7d8da5443dbabb63911f3403c846211a16d9b750be73f468d38a445f9ebb58c71f62cc4ed6a1d01a8de977d4a5f34e9003c40ab2538333ac40ededbdfd6ee4e113fc04a6ef1c7c83095797984f97ab76fffbebcf349176f8e42ac9c39c2c42ec13697c24ff64591ee20f88610a06301baf69892479f08a9f9e97d802178568ee4c0168a7d346cd1263f868aed542e59268896075492e4462e82df0a5035cf68e0fa8bd38dd0ea4c0f49843a74202b93d37f8c46a944ded05e5acab90e5a993c1ed089022a7708eb9d84e2952cc50cc4a35a6b700e9859c711403c2b09bd71d72376421bf6e3238e63541f9cc3733077e916289e4cbb0ee108807321fd5bf5a60f46c91324d897de7a1ae557c275d5bf4ec2421bdc46aa8ff3842413b9dddc4cf9bc7c8fe3ec480352e01894b06caa87ef7af887e82f0fdbaf794b40a42ddf8e08fb0a99542fdd18934947119d19ad3bb0a3340df4b07155e58b5cd696415209b9c468850968ee423fe01ce015262f4a9fb004054a8deeb34c1535862dad4b0dd4ddf2c3014698a80224b4e366f18193986fb83aa53dba3a3407da3417944e878d4f53c2f8234ec44dac38c20b19ab5e8a7b63d44d8e3c03412b45ab43e1bd0847694b426af77cabf506e45e8dc4219db6c6e6d30b2fa6612671ee1e75d7f90be251bf1392c787955308b3ce4bcc7ad0eb6b7ff4d3ed71498b11389590f8bb8753166ba496bf0fb97fbc4d41984154e54fc27eafc3050169a8f7212c215a0c434fa10a583dfc786a373662fa942b16cfafbb231f0db699f8613fe994303ff68c09e7d7a4930954ccca85a8dc79f9c82395f95e480fd95edfdf33b65716dd5794138af878e89f67ab66d8cc985af852f376553a736d49af7c7ae32516cbcab3a041cb75f16f688e9692e3937fe562974c4a148818fb34805db6e1ff93b9554092d258b9262b6c05ebd0ad805e2e924bbd874c0c460b1093dd06f9487184cf476d95213db2cb92202a243ab1554ca6e377ffdffc92e172a17695728605d6e353055ecc5063087700cda0acfbdb72a3311f94795914a6770db518331204041a345aca763e0cc5be3980920f4cacb6bc8b8f06df5c14e8748f6d144a765b9b317d72b6d8c4a927ccf09fed8b8c4df22d1faf9ebb1118f196c389aa73626bb805023946f2d719023144fc4c81dcac0861b6e0a33285245fa2eb5c4d3da6a6386ea0d8695e0d8220a7b8d8f9c48b78cceb9ca55655a6d4bf922e5b2f8beb857537444cb0f2e41d60b54d015c9278d6827652a31a39535d207f433d10dd2437acc5f0a04854addd47d94d14a7fef29dac6790f0360665add79dc2eb762c83169f809b0582f0d216affa52d2bd23da5d98b41ae61e9a278840b9456c4059c0df0398b3b754f1a2fdd97a1aa49a4956edf75777eb741706f6a0c2b234d47ae11370c12bbf6fe73c5238f53b5b6250f51d1daf79bed52e4a8c9a01c27babd7bb8f8e73c4d2f85221c60c65208573f8a80320bccf33389cacd0d8cd2d1711dcaa0125ec3802015dcfa4e0782b17925e41ad3732d6eda4c5e6ab07747acf0e84176da4c3e90af60ed61ce46f5c6a189b7f3fe78c54ef9be80ed187221061cf1af1acd3d82fec4761aee3d037fd6692928680b08c06f408d312f2d3faadae414627a91579025b8af2dee667744c0dc3b9b99d3175e8859aa69cbdb6a6b82d485d55097a04fba37a2e7e4d4d3f4928c342c5de0ef273125abc633f605f76ccb6e339a5284b545bb2938b97f0ce4fd750d3d8a6419be5fdcbdd0a9d315ad7d1859add104237ea49432e3e3262a6ad82e254d90fa5bc7fb20b7c2e4862ccd24154abc17a", 0x1000}], 0x2, 0x3, 0x48000000, 0x11) r8 = socket$nl_generic(0x10, 0x3, 0x10) close_range(r6, r8, 0x2) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001480), r5) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001640)={&(0x7f00000014c0)={0x160, r9, 0x4, 0x70bd28, 0x25dfdbfe, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_VENDOR_DATA={0xac, 0xc5, "597a9f7994c1a8daf4fd3e85b3c64ce6dfed142317f6fa301df22f0acc5aa58d10173e8852d1994b695ff10cd14d52e4a729bd646f7eb2f2d3d622f417aa51f920033de07c9b79b4afc83b15533e24053fd9c4f5ad61d35f2ebabb1c7aee6f9505f1ac16330c60b5750a856c313b2d5279ba52777f6e7ed078388977d3272050a9dc15d0249223af666b798f41c201a2dd93dd42b49f8f642f09592e074b3aa9079b21cf64286b3f"}, @NL80211_ATTR_VENDOR_DATA={0x2d, 0xc5, "3fb553f1be7d545276ff4ee7f4d65e5f3744077fa177fb0d6f49a42029decf157bb4b7adaa6b574891"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x101}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffffff}, @NL80211_ATTR_VENDOR_DATA={0x46, 0xc5, "0b193025b1f950685c9217d8409938a875306a03cb90d3db975d8ed012f5892b78fe5a18a5ab53061ba234705ca06a12cd8bf4899ee7057f478b97f3f4d651b4632d"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x6}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}]}, 0x160}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000805) ioctl$BTRFS_IOC_FS_INFO(r4, 0x8400941f, &(0x7f00000016c0)) clock_gettime(0x4, &(0x7f0000001ac0)) syz_io_uring_setup(0x417b, &(0x7f0000001b00)={0x0, 0x58e1, 0x0, 0x3, 0x369, 0x0, r4}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000001b80), &(0x7f0000001bc0)) futex(&(0x7f0000001c00)=0x1, 0x7, 0x2, &(0x7f0000001c40)={0x77359400}, &(0x7f0000001c80), 0x1) setsockopt$inet_mtu(r7, 0x0, 0xa, &(0x7f0000001cc0)=0x5, 0x4) 03:57:19 executing program 1: ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)) r1 = socket$inet6(0xa, 0xa, 0xffff) getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, &(0x7f0000000140), &(0x7f00000001c0)=0x68) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x500, 0x0) statx(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x100, 0x400, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x1801004, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {}, 0x2c, {[{@version_u}, {@afid={'afid', 0x3d, 0x4a}}, {@debug={'debug', 0x3d, 0x8}}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@cache_none}, {@debug={'debug', 0x3d, 0x4}}, {@debug={'debug', 0x3d, 0x6}}, {@dfltuid={'dfltuid', 0x3d, 0xffffffffffffffff}}], [{@func={'func', 0x3d, 'PATH_CHECK'}}, {@fowner_lt={'fowner<', 0xee01}}, {@fsmagic={'fsmagic', 0x3d, 0x8000}}, {@fowner_eq={'fowner', 0x3d, r3}}, {@smackfsfloor}, {@appraise_type}]}}) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000001b00), 0x200200, 0x0) sendmsg$DEVLINK_CMD_PORT_SET(r4, &(0x7f0000001c80)={&(0x7f0000001b40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001c40)={&(0x7f0000001b80)={0x98, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x6}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x6, 0x4, 0x2}}]}, 0x98}, 0x1, 0x0, 0x0, 0x880}, 0x4) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000001d40)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_AUTHENTICATE(r5, &(0x7f0000001e00)={&(0x7f0000001d00)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001dc0)={&(0x7f0000001d80)={0x30, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0xffff7fff, 0x14}}}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000001e40)={r6, 0x7, 0x3, 0xed82}) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r8, &(0x7f0000002040)={&(0x7f0000001e80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000002000)={&(0x7f0000001ec0)={0x12c, 0x0, 0x70966f82f0627566, 0x70bd2b, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x12c}, 0x1, 0x0, 0x0, 0x4008810}, 0x0) fcntl$setstatus(r4, 0x4, 0x800) fstat(r5, &(0x7f0000002500)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$vfat(&(0x7f0000002080), &(0x7f00000020c0)='./file0\x00', 0x7, 0x5, &(0x7f0000002480)=[{&(0x7f0000002100)="0acb7f992c3828ded7113d3a2816b7c3d1a592a59cdbc802578756", 0x1b, 0x4}, {&(0x7f0000002140)="fa3497c175e7dcb236c3a2dbbe9add79ea1a74f818308f27363d8f07a53078344115d5e0671af360f4ed28c21d85fdb20a92f570f9a7b6603e67c3434466a4f5b87e7d1367742af590b14d52e3e80c981bd2cb1677a2b37772390e6955c974fb622eb2d7800ecfe78b242acb0be0e749b6cf8663afd2aceecaf3902fab3b2c2b4549b53a74a77c073fc6a0e2d24af235ec07b9473090de95b5a4296fd0834c704bdeba2228bc4c5d3e905d6fcbd4d0f706067193194b0e192fcad159dc5b1030460fe4d610f717f1222761f45e8d1d21c8850f7aafd7e2a91c05cb561332a4841c83d5c1445e", 0xe6, 0x2cc}, {&(0x7f0000002240)="a45fe777cc3d44b4e474ea251727de86c35db5e14bb2791d6130ca4579edc6d2662a5bcd64c69ee60aaee9438eae456c0f46f24d6b6e2dcb222e7d3b4334567b489b17530fe86730c49a5d3ea86b2c33f9653e3af73844489378174b256e48b3ed4796e4f0b291b5150cae4fcc2c7535f661144cf7c29cd235415d91104f8aaca24c0b830c6b5ed7ad866cdd105b81e92b768787c36597863eaeaa91a104d1186f7c0375", 0xa4, 0xfffffffffffffffc}, {&(0x7f0000002300)="149574d6ffd134a7c48013edfe3082a7a64cc5c68602dcd0881aba79bd185de1c97d2d0a358f152c55f04c57d7d6892badb1513598e0a41868ef0ded60dd8117c9551b8c014d1ec835d4ca438964c54e7fc309205b858b68b0c38f03f35a3a853f05410464d80208203ccb065208f2fd9a0a9de96943089fca5efddb61e7a62a8d2f929c14265ccd913815f0c07864a7b828402578d197e96b58ee3e4987cffb574effd61575d33f31e6f9a46becb115027a10bed89540073c4fc09b418baf2083405543e7", 0xc5, 0x3d49}, {&(0x7f0000002400)="eaa9a65f4f6b5a2d7c86ead210c54903c18984ccc2772c739d00cb53c4d54889620d0e8b7b21e7812e79c5d6ed02f2eff745f98997ec8f6be92e0df1d73abc84ad212d8fa9cae8ab4978f885260c99d7701b4728f538da5dde5802469de8e468c1b1c7e3d9bcf2c4fe02df16", 0x6c, 0x4}], 0x806000, &(0x7f0000002580)={[{@utf8no}], [{@fsuuid={'fsuuid', 0x3d, {[0x65, 0x0, 0x36, 0x35, 0x33, 0x65, 0x35, 0x37], 0x2d, [0x34, 0x30, 0x38, 0x38], 0x2d, [0x32, 0x32, 0x61, 0x33], 0x2d, [0x31, 0x53, 0x35], 0x2d, [0x65, 0x39, 0x34, 0x62, 0x31, 0x38, 0x62, 0x65]}}}, {@obj_user}, {@obj_user={'obj_user', 0x3d, 'fowner<'}}, {@smackfshat={'smackfshat', 0x3d, '.*-+'}}, {@euid_lt={'euid<', r9}}]}) ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000002600)) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000002640)={{0x1, 0x1, 0x18, r8, {0x22}}, './file0\x00'}) sendmsg$NL802154_CMD_GET_SEC_KEY(0xffffffffffffffff, &(0x7f0000002840)={&(0x7f0000002680)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002800)={&(0x7f0000002780)={0x60, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x0) 03:57:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r1, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x8c, r1, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x80000001}, {0x6, 0x11, 0x5}, {0x8, 0x13, 0x7}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x5}, {0x8, 0x13, 0xd1b}, {0x5, 0x14, 0x1}}]}, 0x8c}}, 0x20000080) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000340), 0x480000, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000380)) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000005c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_POWER_SAVE(r0, &(0x7f0000000680)={&(0x7f0000000580), 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x28, 0x0, 0x300, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x0, 0x1a}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8}, 0x48811) mmap(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x2, 0x4000010, 0xffffffffffffffff, 0xb54f6000) r4 = syz_io_uring_complete(0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), r0) sendmsg$NL80211_CMD_DEAUTHENTICATE(r4, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x60, r5, 0x8, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x5}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc398}, @NL80211_ATTR_IE={0xa, 0x2a, [@chsw_timing={0x68, 0x4, {0x8, 0x9}}]}, @NL80211_ATTR_REASON_CODE={0x6}, @NL80211_ATTR_SSID={0x8, 0x34, @random="53d088f1"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) sendmsg$NL80211_CMD_LEAVE_MESH(r4, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x28, 0x0, 0x300, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x3, 0x14}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20044080) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000980), r0) sendmsg$NL80211_CMD_SET_BSS(r4, &(0x7f0000000a80)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x4c, r6, 0x8, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x37}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x6}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x7}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) recvmsg$unix(r0, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000ac0)=""/75, 0x4b}, {&(0x7f0000000b40)=""/139, 0x8b}, {&(0x7f0000000c00)=""/154, 0x9a}, {&(0x7f0000000cc0)=""/244, 0xf4}, {&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f0000001dc0)=""/20, 0x14}, {&(0x7f0000001e00)=""/101, 0x65}], 0x7, &(0x7f0000001f00)=[@cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}, 0x10020) sendmsg$DEVLINK_CMD_RATE_DEL(r7, &(0x7f0000002140)={&(0x7f0000002040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000002100)={&(0x7f0000002080)={0x78, r1, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @handle=@pci={{0x8}, {0x11}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004040) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000021c0), r9) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000002200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_AUTHENTICATE(r8, &(0x7f00000022c0)={&(0x7f0000002180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000002280)={&(0x7f0000002240)={0x30, r10, 0x20, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r11}, @val={0xc, 0x99, {0x1ff, 0x80}}}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x4000) [ 70.058234] audit: type=1400 audit(1664164639.769:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 03:57:19 executing program 4: r0 = getpid() process_vm_writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/75, 0x4b}, {&(0x7f0000000080)=""/126, 0x7e}, {&(0x7f0000000100)=""/26, 0x1a}, {&(0x7f0000000140)=""/157, 0x9d}, {&(0x7f0000000200)=""/238, 0xee}, {&(0x7f0000000300)=""/163, 0xa3}], 0x6, &(0x7f0000001640)=[{&(0x7f0000000440)=""/227, 0xe3}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001540)=""/64, 0x40}, {&(0x7f0000001580)=""/139, 0x8b}], 0x4, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000001680)=0x9d4) perf_event_open(&(0x7f0000001700)={0x5, 0x80, 0x1, 0x1, 0x3, 0x2, 0x0, 0x0, 0x2140, 0x8, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x20, 0x1, @perf_bp={&(0x7f00000016c0)}, 0x40000, 0x1, 0x80, 0x9, 0x6, 0x8000, 0x8, 0x0, 0x5, 0x0, 0xfe}, r0, 0x1, 0xffffffffffffffff, 0x0) r1 = getpid() process_vm_writev(r1, &(0x7f00000017c0)=[{&(0x7f0000001780)=""/26, 0x1a}], 0x1, &(0x7f0000001980)=[{&(0x7f0000001800)=""/33, 0x21}, {&(0x7f0000001840)=""/3, 0x3}, {&(0x7f0000001880)=""/250, 0xfa}], 0x3, 0x0) clock_gettime(0x0, &(0x7f0000002000)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001f80)=[{{&(0x7f00000019c0), 0x6e, &(0x7f0000001c40)=[{&(0x7f0000001a40)=""/255, 0xff}, {&(0x7f0000001b40)=""/239, 0xef}], 0x2}}, {{&(0x7f0000001c80)=@abs, 0x6e, &(0x7f0000001ec0)=[{&(0x7f0000001d00)=""/116, 0x74}, {&(0x7f0000001d80)}, {&(0x7f0000001dc0)=""/79, 0x4f}, {&(0x7f0000001e40)=""/119, 0x77}], 0x4, &(0x7f0000001f00)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x68}}], 0x2, 0x12060, &(0x7f0000002040)={r2, r3+60000000}) sched_getaffinity(r5, 0x8, &(0x7f0000002080)) r7 = msgget$private(0x0, 0x463) getgroups(0x2, &(0x7f0000002140)=[r6, r6]) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000021c0)={{{@in=@initdev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@local}}, &(0x7f00000022c0)=0xe8) r10 = gettid() msgctl$IPC_SET(r7, 0x1, &(0x7f0000002300)={{0x0, 0x0, r8, r9, r6, 0x40, 0x8}, 0x0, 0x0, 0x10001, 0x6, 0x8000, 0x81, 0x4, 0x7, 0x80, 0x20, r0, r10}) clock_gettime(0x6, &(0x7f0000002380)) msgsnd(r7, &(0x7f00000023c0)={0x0, "40a7755dd3037e6128677d98acdeeec9eaa9cfe41eacf57749706e5bd82099a4718c52f97708110efe1243a55a1d0822df532dce694541c0d1ac311fb3e8f9af94bd55fc84284f95bad11a340f14501af2c2664b8037259411e8596081da66457a08ea381670e507f4150bb4f2f128809324d9b3662db79970d05580ed38cf661eb79ba6293b6989426c134064d3ba99476dd54f82a132ca1d83"}, 0xa2, 0x800) clock_gettime(0x3, &(0x7f0000002480)) msgsnd(r7, &(0x7f00000024c0)={0x2, "1f01d9e2bbe39c69cd47caea4f55236ca3191fa9b97f6d6f6071b377e8cd30f878b17d5b1b6cfe3dda23b16db7b58585b6af738bc751aa7c34b82aecd71214e737f0eefe8446998219f1bd1fe8d535eb28c54fb34be3fbda4f6febc36993304d28ca7f87b31c94ecec6ddc189200874ce55cbd5cb8988b599ebda8402907a2c4b9bc7afbef74c6fe1c23db8bf9b9f53ddcc00cae9cef5dd1449607b853e7040f1ff57e370c4a2b3569caa0fefe186720a55c4d3536446025bbaac1eb01ea1f0c0417bbba9363108a448adee08bb1629acf28ccdf1acdd39536e6"}, 0xe2, 0x800) clock_gettime(0x2, &(0x7f00000025c0)) fork() 03:57:19 executing program 5: sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x90, 0x3, 0x8, 0x301, 0x0, 0x0, {0x5, 0x0, 0x9}, [@CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xffff}]}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_GRE_REPLIED={0x8}]}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1dd}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3fc000}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x40}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x200400c1}, 0x20000009) r0 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, r0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4d9}, {0x6, 0x11, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x6}}]}, 0x74}, 0x1, 0x0, 0x0, 0x8044}, 0x40000) r1 = dup(0xffffffffffffffff) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$FOU_CMD_GET(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, r2, 0x0, 0x70bd29, 0x25dfdbfe, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}]}, 0x34}}, 0x0) r3 = openat$cgroup_ro(r1, &(0x7f0000000440)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r3, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x4c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xfffffff9}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xfffffffd}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x712c}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24048055}, 0x24000000) r4 = syz_open_dev$mouse(&(0x7f00000005c0), 0x6, 0x121700) sendmsg$AUDIT_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x10, 0x3e8, 0x4, 0x70bd28, 0x25dfdbfc, "", [""]}, 0x10}}, 0x20000004) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r3, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x4c, 0x0, 0x10, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xf5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x6}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x7465672be0c61c91}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x64}, @NL80211_ATTR_BANDS={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4001}, 0x800) ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000840)={0x5, 0x42, "926847e06e452e13d065253458f507ce463263bafc35b80de9a97e3c49299d1e9c24b8580c846ef97beaaedee213683cc69a0f85c7d0bd2cbce1208896ffa3dce748"}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000008c0), 0x135802, 0x0) sendmsg$FOU_CMD_GET(r5, &(0x7f00000009c0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x38, r2, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_PEER_V6={0x14, 0x9, @private1}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x0) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x202}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x5c, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_DEVKEY={0x14, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x6}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}]}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x18, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x5}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xffff}]}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x404c445}, 0x400c0) ioctl$TIOCGPGRP(r5, 0x540f, &(0x7f0000000b40)=0x0) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000b80)=0x0) r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000bc0), 0x541002) kcmp$KCMP_EPOLL_TFD(r6, r7, 0x7, r4, &(0x7f0000000c00)={r4, r8, 0x85}) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x2c, 0x0, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x8000) 03:57:19 executing program 7: r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x40) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000040)={{0x8, 0x85}, {0x7, 0x81}, 0x0, 0x6, 0x1}) lseek(0xffffffffffffffff, 0x747c, 0x2) ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000100)={0x8000, 0x20, [0x8000, 0x0, 0x4, 0x13e000000000], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0]}) fcntl$getflags(r0, 0x1) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r0) accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@loopback}}, &(0x7f0000000340)=0xe8) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000380)={'syztnl1\x00', 0x0, 0x29, 0x7, 0x4, 0x8, 0x1, @mcast2, @local, 0x7800, 0x700, 0x3, 0x101}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f00000004c0)={'syztnl2\x00', &(0x7f0000000440)={'sit0\x00', 0x0, 0x4, 0x1, 0x5, 0x6, 0x0, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00', 0x8, 0x8, 0x200}}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000540)={'tunl0\x00', &(0x7f0000000500)={'erspan0\x00', 0x0, 0x10, 0x10, 0x5, 0x3, {{0x5, 0x4, 0x1, 0x1, 0x14, 0x66, 0x0, 0x20, 0x0, 0x0, @local, @empty}}}}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000740)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000700)={&(0x7f0000000580)={0x17c, r1, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x17c}, 0x1, 0x0, 0x0, 0x1}, 0x4004) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000800)={'syztnl1\x00', &(0x7f0000000780)={'ip6tnl0\x00', 0x0, 0x4, 0xd9, 0x1, 0x2, 0x37, @private2, @empty, 0x8000, 0x7800, 0x1f, 0xfffff48b}}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000840)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r8 = open$dir(&(0x7f0000000880)='./file0\x00', 0x101000, 0xe) r9 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000008c0), 0x680800, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r7, 0xc0189378, &(0x7f0000000900)={{0x1, 0x1, 0x18, r8, {r9}}, './file0\x00'}) ioctl$FAT_IOCTL_GET_VOLUME_ID(r11, 0x80047213, &(0x7f0000000940)) r12 = openat$cgroup_ro(r10, &(0x7f0000000980)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0xffffffffffffffff, 0x7, r7, &(0x7f00000009c0)={r0, r12, 0x1}) 03:57:19 executing program 6: sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000c4}, 0x20008000) r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r0, 0x10, 0x70bd2d, 0x25dfdbfd, {{}, {}, {0x14, 0x19, {0x401, 0x200, 0x8, 0x5}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0xc080}, 0x8000) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x4}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x3f}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xfa}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x80}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xfb}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x48800}, 0x24004881) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000480), 0x80, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000500)={'tunl0\x00', 0x0, 0x700, 0x8000, 0xe10, 0x9, {{0x1b, 0x4, 0x2, 0x2d, 0x6c, 0x64, 0x0, 0x1, 0x0, 0x0, @broadcast, @rand_addr=0x64010101, {[@timestamp_addr={0x44, 0x34, 0x79, 0x1, 0xd, [{@private=0xa010101, 0x2}, {@local, 0x6}, {@broadcast, 0x400}, {@broadcast, 0x573}, {@private=0xa010100, 0x3}, {@broadcast, 0x101}]}, @generic={0x5c, 0xa, "c82c9c23af9efdfb"}, @timestamp={0x44, 0x18, 0xcb, 0x0, 0x2, [0x8001, 0x2000, 0xcd8, 0x2, 0x8298]}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000740)={'ip6tnl0\x00', &(0x7f00000006c0)={'sit0\x00', 0x0, 0x4, 0x1, 0x7f, 0x7, 0x0, @loopback, @remote, 0x1, 0x80, 0x80000001, 0x1000}}) sendmsg$ETHTOOL_MSG_DEBUG_GET(r1, &(0x7f0000000800)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x0, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x28}}, 0x20000000) sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f00000009c0)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000880)={0xd4, 0x0, 0x8, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xf0}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x31}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x31}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}]}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}]}, 0xd4}, 0x1, 0x0, 0x0, 0x800}, 0x40840) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000a40), r1) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r1, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x70, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x70}}, 0x0) sendmsg$NFT_MSG_GETTABLE(r1, &(0x7f0000000c80)={&(0x7f0000000b80), 0xc, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x68, 0x1, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x80) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000cc0), 0x20400, 0x0) sendmsg$GTP_CMD_GETPDP(r5, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x34, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @multicast1}, @GTPA_LINK={0x8, 0x1, r2}, @GTPA_I_TEI={0x8, 0x8, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x4004084) sendmsg$TIPC_NL_BEARER_ADD(r5, &(0x7f0000001280)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001240)={&(0x7f0000000e40)={0x3e4, 0x0, 0x100, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x57}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x517}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x74}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}]}, @TIPC_NLA_NODE={0x138, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9ad0}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "6feaa59c932a41065e5c264b3c80ef06ef256d19104518562c"}}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "faef276c5d93093e7306cb120d9205fa0d35db5201901d037a8d0f"}}, @TIPC_NLA_NODE_ID={0x53, 0x3, "70c157b94ca1f7363b31bedee41f71f1b3ab151c552dc68a30860fe34cb6b3a967e2bc981056c207a57934312af227d38a97477130fdb4dbb8782a84e57199b1558c890d29bf881c188c9fa0acf58d"}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "f6629f0cc54742deafad9d8882aa1998b13a0fc82b9c2a3e3f632b865dfdaf"}}]}, @TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3f}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER={0x80, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6e7b80d2}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x2df, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x5}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffe00}]}, @TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x100}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x200}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8b06}]}, @TIPC_NLA_BEARER={0x120, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x739}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9cca}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @private=0xa010101}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x4, @mcast1, 0x4}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x8, @mcast1, 0xffff}}, {0x14, 0x2, @in={0x2, 0x4e23, @remote}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x58}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}]}, @TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x81}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @private=0xa010102}}, {0x14, 0x2, @in={0x2, 0x4e21, @remote}}}}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x400}]}]}, 0x3e4}, 0x1, 0x0, 0x0, 0x10}, 0x24040850) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000012c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) sendmsg$IPVS_CMD_ZERO(r6, &(0x7f0000001440)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001400)={&(0x7f0000001340)={0xa8, 0x0, 0x10, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x400}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8000}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x56ed5440}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x101}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7b}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2b, 0xe}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xfd7620a0e3ba1dd8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x101}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x101}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}]}, 0xa8}, 0x1, 0x0, 0x0, 0x80}, 0x4000880) r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000014c0), r1) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r5, &(0x7f0000001580)={&(0x7f0000001480)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x28, r7, 0x0, 0x70bd29, 0x25dfdbff, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x40840) [ 71.405602] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.407513] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.408858] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.410693] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.411848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.412934] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.414386] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.415482] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.416547] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.421959] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.422973] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.424655] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.427369] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.428369] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.429685] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.430714] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.430873] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.453454] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.460385] Bluetooth: hci2: HCI_REQ-0x0c1a [ 71.463605] Bluetooth: hci1: HCI_REQ-0x0c1a [ 71.464450] Bluetooth: hci0: HCI_REQ-0x0c1a [ 71.507869] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.511542] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.514154] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.517423] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 71.519899] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 71.521994] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 71.523561] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.525712] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.527924] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 71.533357] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 71.534918] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.536573] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.545767] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.545901] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 71.548361] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.550435] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 71.552623] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 71.552975] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 71.555930] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 71.557521] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 71.559033] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 71.569415] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 71.569469] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.572629] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 71.582014] Bluetooth: hci7: HCI_REQ-0x0c1a [ 71.585805] Bluetooth: hci4: HCI_REQ-0x0c1a [ 71.586893] Bluetooth: hci6: HCI_REQ-0x0c1a [ 71.588031] Bluetooth: hci5: HCI_REQ-0x0c1a [ 73.480644] Bluetooth: hci2: command 0x0409 tx timeout [ 73.481440] Bluetooth: hci0: command 0x0409 tx timeout [ 73.482025] Bluetooth: hci1: command 0x0409 tx timeout [ 73.482912] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 73.608282] Bluetooth: hci5: command 0x0409 tx timeout [ 73.609154] Bluetooth: hci7: command 0x0409 tx timeout [ 73.672225] Bluetooth: hci6: command 0x0409 tx timeout [ 73.673059] Bluetooth: hci4: command 0x0409 tx timeout [ 75.528913] Bluetooth: hci1: command 0x041b tx timeout [ 75.529721] Bluetooth: hci0: command 0x041b tx timeout [ 75.530145] Bluetooth: hci2: command 0x041b tx timeout [ 75.656204] Bluetooth: hci7: command 0x041b tx timeout [ 75.656668] Bluetooth: hci5: command 0x041b tx timeout [ 75.720194] Bluetooth: hci4: command 0x041b tx timeout [ 75.720645] Bluetooth: hci6: command 0x041b tx timeout [ 76.620940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 76.622020] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 76.622879] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 76.624569] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 76.625632] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 76.626374] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.628955] Bluetooth: hci3: HCI_REQ-0x0c1a [ 77.576743] Bluetooth: hci2: command 0x040f tx timeout [ 77.577566] Bluetooth: hci0: command 0x040f tx timeout [ 77.577965] Bluetooth: hci1: command 0x040f tx timeout [ 77.704221] Bluetooth: hci5: command 0x040f tx timeout [ 77.704653] Bluetooth: hci7: command 0x040f tx timeout [ 77.768415] Bluetooth: hci6: command 0x040f tx timeout [ 77.768828] Bluetooth: hci4: command 0x040f tx timeout [ 78.664266] Bluetooth: hci3: command 0x0409 tx timeout [ 79.624240] Bluetooth: hci1: command 0x0419 tx timeout [ 79.624709] Bluetooth: hci0: command 0x0419 tx timeout [ 79.625210] Bluetooth: hci2: command 0x0419 tx timeout [ 79.752218] Bluetooth: hci7: command 0x0419 tx timeout [ 79.752641] Bluetooth: hci5: command 0x0419 tx timeout [ 79.816268] Bluetooth: hci4: command 0x0419 tx timeout [ 79.816678] Bluetooth: hci6: command 0x0419 tx timeout [ 80.712214] Bluetooth: hci3: command 0x041b tx timeout [ 82.760176] Bluetooth: hci3: command 0x040f tx timeout [ 84.808208] Bluetooth: hci3: command 0x0419 tx timeout [ 125.165259] loop1: detected capacity change from 0 to 16383 [ 125.184907] loop1: detected capacity change from 0 to 16383 03:58:14 executing program 1: r0 = fsopen(&(0x7f0000000040)='tracefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) creat(&(0x7f0000000000)='./file1\x00', 0x105) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x141040, 0x0) 03:58:15 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)="2293befa2b5223f8be7218069091d691494bf026f5272d0a4e718a03ddb152485c5ddc844889ed50022c48ece88e1aa60254af", 0x33}, {&(0x7f0000000180)="d478551d7582269c6bdd882ddf4d04891c3b33379d9bb2ced65ed1055c3d5e0ebc88266d649e70a91ac02f13d98f61f99945ad1db0307d8b5ca29bf52e97a3cc42eba620ee7772629058cc52bb9724518da69ccc9bf72e0f808d6a770933d3a02849d5857608b471a264ee353a82e1fd82c0ed14108c34ed71b5bf101cefd23f7222c5c15bb117923544c0f4ea7040c9573b8456520d2b5b43ec72c39bcb4d94b8196d352b864241edf998f5f9e6b38577aa32cb31ceb68ab14515bf8e14ff7510f3e6da522eb707a6f09a8d0476825fbc439f3a8a40d2056010ac9e2339a32817f6f4bb6031484295fe1a4fc3cb1b1fa5aafc75b6", 0xf5}, {&(0x7f0000000280)="a275031cc08c84d77ac215d30c5187ef4ee4a40716b14806a4eabe7918351c794ff9669c4e1ba4c7837f212ef183c5604c691616751d8a4ce878ab9db0f76b5755902a40b7bbeaec3179fc2f52223f122b97dec46487fa09194931c607bcfd30f31cfa7a8f", 0x65}], 0x3, 0x9e74, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0xc, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)={0x1c, r2, 0xc0822a29f05aae81, 0x0, 0x0, {{0x55}, {@val={0x1}, @val, @void}}}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000140)={0x28, r2, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x3, 0x7f}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x54}, 0xb06b1fc039ea4191) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write(r5, &(0x7f0000000080)="01", 0x41030) [ 125.602717] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 03:58:15 executing program 1: ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f00000000c0)) r0 = socket$inet6(0xa, 0x6, 0x8) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000100)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) pwritev2(r1, &(0x7f0000001840)=[{&(0x7f00000017c0)="04", 0x1}], 0x1, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x0, 0x2, [{}, {}]}) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000200)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffff, 0x0, 0x0, 0x3, 0x7b7, 0x7ff}, &(0x7f0000000240)=0x20) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) unlink(&(0x7f0000000000)='./file0\x00') ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000080)={0x200017e, 0x0, 0x4}) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) close(r2) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r3, {0xffff}}, './file0\x00'}) perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x5, 0x0, 0x80, 0x1, 0x0, 0xfe, 0x22208, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x100, 0x4}, 0x200, 0x4, 0x80000000, 0x1, 0x1000, 0xffff, 0x7, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x7, r4, 0xa) socket$inet6_udp(0xa, 0x2, 0x0) [ 125.824987] audit: type=1400 audit(1664164695.536:7): avc: denied { create } for pid=3831 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 [ 125.876937] audit: type=1400 audit(1664164695.588:8): avc: denied { open } for pid=3831 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.878869] audit: type=1400 audit(1664164695.588:9): avc: denied { kernel } for pid=3831 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.887130] ------------[ cut here ]------------ [ 125.887154] [ 125.887157] ====================================================== [ 125.887161] WARNING: possible circular locking dependency detected [ 125.887165] 6.0.0-rc6-next-20220923 #1 Not tainted [ 125.887172] ------------------------------------------------------ [ 125.887175] syz-executor.1/3839 is trying to acquire lock: [ 125.887182] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 125.887222] [ 125.887222] but task is already holding lock: [ 125.887226] ffff88801045b820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.887254] [ 125.887254] which lock already depends on the new lock. [ 125.887254] [ 125.887258] [ 125.887258] the existing dependency chain (in reverse order) is: [ 125.887261] [ 125.887261] -> #3 (&ctx->lock){....}-{2:2}: [ 125.887275] _raw_spin_lock+0x2a/0x40 [ 125.887293] __perf_event_task_sched_out+0x53b/0x18d0 [ 125.887306] __schedule+0xedd/0x2470 [ 125.887319] schedule+0xda/0x1b0 [ 125.887332] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.887344] syscall_exit_to_user_mode+0x19/0x40 [ 125.887356] do_syscall_64+0x48/0x90 [ 125.887373] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.887386] [ 125.887386] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 125.887399] _raw_spin_lock_nested+0x30/0x40 [ 125.887417] raw_spin_rq_lock_nested+0x1e/0x30 [ 125.887431] task_fork_fair+0x63/0x4d0 [ 125.887447] sched_cgroup_fork+0x3d0/0x540 [ 125.887461] copy_process+0x4183/0x6e20 [ 125.887472] kernel_clone+0xe7/0x890 [ 125.887482] user_mode_thread+0xad/0xf0 [ 125.887492] rest_init+0x24/0x250 [ 125.887503] arch_call_rest_init+0xf/0x14 [ 125.887521] start_kernel+0x4c1/0x4e6 [ 125.887536] secondary_startup_64_no_verify+0xe0/0xeb [ 125.887550] [ 125.887550] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 125.887563] _raw_spin_lock_irqsave+0x39/0x60 [ 125.887581] try_to_wake_up+0xab/0x1930 [ 125.887594] up+0x75/0xb0 [ 125.887607] __up_console_sem+0x6e/0x80 [ 125.887624] console_unlock+0x46a/0x590 [ 125.887639] vprintk_emit+0x1bd/0x560 [ 125.887655] vprintk+0x84/0xa0 [ 125.887688] _printk+0xba/0xf1 [ 125.887701] kauditd_hold_skb.cold+0x3f/0x4e [ 125.887718] kauditd_send_queue+0x233/0x290 [ 125.887734] kauditd_thread+0x5da/0x9a0 [ 125.887748] kthread+0x2ed/0x3a0 [ 125.887762] ret_from_fork+0x22/0x30 [ 125.887774] [ 125.887774] -> #0 ((console_sem).lock){....}-{2:2}: [ 125.887788] __lock_acquire+0x2a02/0x5e70 [ 125.887805] lock_acquire+0x1a2/0x530 [ 125.887820] _raw_spin_lock_irqsave+0x39/0x60 [ 125.887839] down_trylock+0xe/0x70 [ 125.887853] __down_trylock_console_sem+0x3b/0xd0 [ 125.887868] vprintk_emit+0x16b/0x560 [ 125.887884] vprintk+0x84/0xa0 [ 125.887899] _printk+0xba/0xf1 [ 125.887909] report_bug.cold+0x72/0xab [ 125.887925] handle_bug+0x3c/0x70 [ 125.887941] exc_invalid_op+0x14/0x50 [ 125.887957] asm_exc_invalid_op+0x16/0x20 [ 125.887969] group_sched_out.part.0+0x2c7/0x460 [ 125.887979] ctx_sched_out+0x8f1/0xc10 [ 125.887989] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.888002] __schedule+0xedd/0x2470 [ 125.888015] schedule+0xda/0x1b0 [ 125.888027] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.888038] syscall_exit_to_user_mode+0x19/0x40 [ 125.888050] do_syscall_64+0x48/0x90 [ 125.888065] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.888077] [ 125.888077] other info that might help us debug this: [ 125.888077] [ 125.888080] Chain exists of: [ 125.888080] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 125.888080] [ 125.888095] Possible unsafe locking scenario: [ 125.888095] [ 125.888097] CPU0 CPU1 [ 125.888100] ---- ---- [ 125.888102] lock(&ctx->lock); [ 125.888108] lock(&rq->__lock); [ 125.888114] lock(&ctx->lock); [ 125.888120] lock((console_sem).lock); [ 125.888126] [ 125.888126] *** DEADLOCK *** [ 125.888126] [ 125.888128] 2 locks held by syz-executor.1/3839: [ 125.888135] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 125.888163] #1: ffff88801045b820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.888191] [ 125.888191] stack backtrace: [ 125.888194] CPU: 1 PID: 3839 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1 [ 125.888206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.888214] Call Trace: [ 125.888218] [ 125.888222] dump_stack_lvl+0x8b/0xb3 [ 125.888240] check_noncircular+0x263/0x2e0 [ 125.888256] ? format_decode+0x26c/0xb50 [ 125.888273] ? print_circular_bug+0x450/0x450 [ 125.888289] ? enable_ptr_key_workfn+0x20/0x20 [ 125.888304] ? __lockdep_reset_lock+0x180/0x180 [ 125.888321] ? format_decode+0x26c/0xb50 [ 125.888339] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 125.888359] __lock_acquire+0x2a02/0x5e70 [ 125.888382] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 125.888404] lock_acquire+0x1a2/0x530 [ 125.888420] ? down_trylock+0xe/0x70 [ 125.888437] ? lock_release+0x750/0x750 [ 125.888455] ? find_held_lock+0x2c/0x110 [ 125.888471] ? vprintk+0x84/0xa0 [ 125.888488] _raw_spin_lock_irqsave+0x39/0x60 [ 125.888507] ? down_trylock+0xe/0x70 [ 125.888522] down_trylock+0xe/0x70 [ 125.888537] ? vprintk+0x84/0xa0 [ 125.888554] __down_trylock_console_sem+0x3b/0xd0 [ 125.888571] vprintk_emit+0x16b/0x560 [ 125.888589] vprintk+0x84/0xa0 [ 125.888606] _printk+0xba/0xf1 [ 125.888617] ? record_print_text.cold+0x16/0x16 [ 125.888631] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 125.888645] ? lock_downgrade+0x6d0/0x6d0 [ 125.888662] ? report_bug.cold+0x66/0xab [ 125.888679] ? group_sched_out.part.0+0x2c7/0x460 [ 125.888691] report_bug.cold+0x72/0xab [ 125.888709] handle_bug+0x3c/0x70 [ 125.888725] exc_invalid_op+0x14/0x50 [ 125.888743] asm_exc_invalid_op+0x16/0x20 [ 125.888755] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.888769] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.888780] RSP: 0018:ffff88803f4cfc48 EFLAGS: 00010006 [ 125.888789] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.888797] RDX: ffff888015feb580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 125.888805] RBP: ffff88803f448000 R08: 0000000000000005 R09: 0000000000000001 [ 125.888812] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801045b800 [ 125.888819] R13: ffff88806cf3d140 R14: ffffffff8547d1a0 R15: 0000000000000002 [ 125.888830] ? group_sched_out.part.0+0x2c7/0x460 [ 125.888843] ? group_sched_out.part.0+0x2c7/0x460 [ 125.888856] ctx_sched_out+0x8f1/0xc10 [ 125.888869] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.888885] ? lock_is_held_type+0xd7/0x130 [ 125.888898] ? __perf_cgroup_move+0x160/0x160 [ 125.888910] ? set_next_entity+0x304/0x550 [ 125.888927] ? update_curr+0x267/0x740 [ 125.888945] ? lock_is_held_type+0xd7/0x130 [ 125.888959] __schedule+0xedd/0x2470 [ 125.888975] ? io_schedule_timeout+0x150/0x150 [ 125.888991] ? __x64_sys_futex_time32+0x480/0x480 [ 125.889005] schedule+0xda/0x1b0 [ 125.889019] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.889031] syscall_exit_to_user_mode+0x19/0x40 [ 125.889044] do_syscall_64+0x48/0x90 [ 125.889061] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.889074] RIP: 0033:0x7fe99f1e1b19 [ 125.889082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.889093] RSP: 002b:00007fe99c736218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.889104] RAX: 0000000000000001 RBX: 00007fe99f2f5028 RCX: 00007fe99f1e1b19 [ 125.889111] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe99f2f502c [ 125.889118] RBP: 00007fe99f2f5020 R08: 000000000000000e R09: 0000000000000000 [ 125.889126] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fe99f2f502c [ 125.889133] R13: 00007fffe591692f R14: 00007fe99c736300 R15: 0000000000022000 [ 125.889145] [ 125.947392] WARNING: CPU: 1 PID: 3839 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 125.948007] Modules linked in: [ 125.948226] CPU: 1 PID: 3839 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1 [ 125.948753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.949480] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.949842] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.951008] RSP: 0018:ffff88803f4cfc48 EFLAGS: 00010006 [ 125.951356] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.951828] RDX: ffff888015feb580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 125.952296] RBP: ffff88803f448000 R08: 0000000000000005 R09: 0000000000000001 [ 125.952770] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801045b800 [ 125.953236] R13: ffff88806cf3d140 R14: ffffffff8547d1a0 R15: 0000000000000002 [ 125.953703] FS: 00007fe99c736700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 125.954228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.954613] CR2: 00007faf1b19e710 CR3: 00000000345bc000 CR4: 0000000000350ee0 [ 125.955083] Call Trace: [ 125.955258] [ 125.955417] ctx_sched_out+0x8f1/0xc10 [ 125.955696] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.956044] ? lock_is_held_type+0xd7/0x130 [ 125.956334] ? __perf_cgroup_move+0x160/0x160 [ 125.956636] ? set_next_entity+0x304/0x550 [ 125.956924] ? update_curr+0x267/0x740 [ 125.957191] ? lock_is_held_type+0xd7/0x130 [ 125.957481] __schedule+0xedd/0x2470 [ 125.957737] ? io_schedule_timeout+0x150/0x150 [ 125.958046] ? __x64_sys_futex_time32+0x480/0x480 [ 125.958371] schedule+0xda/0x1b0 [ 125.958608] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.958937] syscall_exit_to_user_mode+0x19/0x40 [ 125.959255] do_syscall_64+0x48/0x90 [ 125.959512] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.959864] RIP: 0033:0x7fe99f1e1b19 [ 125.960112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.961284] RSP: 002b:00007fe99c736218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.961779] RAX: 0000000000000001 RBX: 00007fe99f2f5028 RCX: 00007fe99f1e1b19 [ 125.962241] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe99f2f502c [ 125.962710] RBP: 00007fe99f2f5020 R08: 000000000000000e R09: 0000000000000000 [ 125.963173] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fe99f2f502c [ 125.963637] R13: 00007fffe591692f R14: 00007fe99c736300 R15: 0000000000022000 [ 125.964123] [ 125.964283] irq event stamp: 1344 [ 125.964510] hardirqs last enabled at (1343): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 125.965124] hardirqs last disabled at (1344): [] __schedule+0x1225/0x2470 [ 125.965669] softirqs last enabled at (1320): [] __irq_exit_rcu+0x11b/0x180 [ 125.966229] softirqs last disabled at (1177): [] __irq_exit_rcu+0x11b/0x180 [ 125.966794] ---[ end trace 0000000000000000 ]--- 03:58:16 executing program 1: sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x38, 0x2, 0x7, 0x801, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x6}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004801}, 0x24048800) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='oom_score_adj\x00') fchown(r0, 0xee00, 0xee01) [ 126.381748] audit: type=1400 audit(1664164696.093:10): avc: denied { setattr } for pid=3886 comm="syz-executor.1" name="oom_score_adj" dev="proc" ino=13863 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file permissive=1 03:58:16 executing program 1: ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0) sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x400, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4008880}, 0x48000) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000300)=[&(0x7f0000000140)='\x00', &(0x7f00000001c0)='[)!*-\x00', 0x0, &(0x7f0000000240)='#)\x00', 0x0]) 03:58:16 executing program 5: r0 = syz_mount_image$tmpfs(&(0x7f0000000540), &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[]) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0]) syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f355ac91ea06b0127d7efaf5d0ba593d5f3cb22465c4d56ecf5932cf583aff8e6e1211f12b6911389a839f1325b3524431491e62949313437f733ca6099931fcc993038344db4d20408f113990db524ae9ec2b31e00000000000e1f0d08a49695c1807478998676fb6a98ddaa5ee8a17bf3198787bc8f7e59467f0a3e32fa1c6ccc2f6e23f662b20e6ab45c68b61"]) umount2(&(0x7f0000000080)='./file0\x00', 0x4) umount2(&(0x7f0000000040)='./file0\x00', 0x4) umount2(&(0x7f0000000000)='./file0\x00', 0x4) [ 126.482360] process 'syz-executor.1' launched './file0' with NULL argv: empty string added [ 126.497500] tmpfs: Unknown parameter 'óU¬‘ê°}~úõкY' [ 126.512964] tmpfs: Unknown parameter 'óU¬‘ê°}~úõкY' 03:58:16 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x202880, 0x49) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r3, r4) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x200, 0x1) r6 = perf_event_open$cgroup(&(0x7f0000000300)={0x4, 0x80, 0x3f, 0x2, 0x3a, 0x6, 0x0, 0x2, 0xc9510, 0x5, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x2, @perf_bp={&(0x7f0000000180), 0x2}, 0x4, 0xcf, 0x2, 0x6, 0x2, 0xfff, 0x3, 0x0, 0xfffffff2, 0x0, 0x5}, r5, 0x1, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000002, 0x8080a, 0x9d1e7edd4d058812, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x10000}, 0x0, 0xffffffffffffffff, r6, 0xf) sendfile(r3, r1, 0x0, 0xfffffdef) 03:58:16 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, 0x0, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x58, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@GTPA_VERSION={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @loopback}, @GTPA_TID={0xc, 0x3, 0x3}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}, @GTPA_MS_ADDRESS={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x3c}}, @GTPA_O_TEI={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}]}, 0x58}, 0x1, 0x0, 0x0, 0x44050}, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x2, &(0x7f0000004b80)=[{&(0x7f0000004980)="e3", 0x1, 0x9}, {&(0x7f0000004ac0)='4', 0x1}], 0x0, 0x0) [ 126.586615] loop1: detected capacity change from 0 to 40 [ 126.610817] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3919 comm=syz-executor.5 [ 126.621790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3920 comm=syz-executor.5 [ 126.643941] syz-executor.1: attempt to access beyond end of device [ 126.643941] loop1: rw=2049, sector=124, nr_sectors = 4 limit=40 [ 126.644927] Buffer I/O error on dev loop1, logical block 31, lost async page write VM DIAGNOSIS: 03:58:15 Registers: info registers vcpu 0 RAX=ffffffff816c6758 RBX=0000000000000001 RCX=1ffff11007e5af03 RDX=dffffc0000000000 RSI=ffff88803f2d7d90 RDI=ffff88803f2d7d90 RBP=ffff88803f2d7818 RSP=ffff88803f2d7738 R8 =ffffffff85ece34e R9 =ffffffff85ece352 R10=ffffed1007e5af05 R11=ffff88803f2d7800 R12=ffff88803f2d7801 R13=ffff88803f2d7820 R14=ffff88803f2d77c0 R15=ffffffff85ece353 RIP=ffffffff81119b73 RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f63936f61f0 CR3=000000003e43c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000000000d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88803f4cf698 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=000000000000000d R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe99c736700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007faf1b19e710 CR3=00000000345bc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fe99f2c87c0 00007fe99f2c87c8 YMM02=0000000000000000 0000000000000000 00007fe99f2c87e0 00007fe99f2c87c0 YMM03=0000000000000000 0000000000000000 00007fe99f2c87c8 00007fe99f2c87c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000