Warning: Permanently added '[localhost]:14799' (ECDSA) to the list of known hosts. 2022/09/26 16:17:43 fuzzer started 2022/09/26 16:17:44 dialing manager at localhost:38881 syzkaller login: [ 44.598220] cgroup: Unknown subsys name 'net' [ 44.796464] cgroup: Unknown subsys name 'rlimit' 2022/09/26 16:17:58 syscalls: 2215 2022/09/26 16:17:58 code coverage: enabled 2022/09/26 16:17:58 comparison tracing: enabled 2022/09/26 16:17:58 extra coverage: enabled 2022/09/26 16:17:58 setuid sandbox: enabled 2022/09/26 16:17:58 namespace sandbox: enabled 2022/09/26 16:17:58 Android sandbox: enabled 2022/09/26 16:17:58 fault injection: enabled 2022/09/26 16:17:58 leak checking: enabled 2022/09/26 16:17:58 net packet injection: enabled 2022/09/26 16:17:58 net device setup: enabled 2022/09/26 16:17:58 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/26 16:17:58 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/26 16:17:58 USB emulation: enabled 2022/09/26 16:17:58 hci packet injection: enabled 2022/09/26 16:17:58 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/26 16:17:58 802.15.4 emulation: enabled 2022/09/26 16:17:58 fetching corpus: 50, signal 19460/21316 (executing program) 2022/09/26 16:17:58 fetching corpus: 100, signal 32658/36174 (executing program) 2022/09/26 16:17:59 fetching corpus: 150, signal 40034/45172 (executing program) 2022/09/26 16:17:59 fetching corpus: 200, signal 51505/58016 (executing program) 2022/09/26 16:17:59 fetching corpus: 250, signal 55692/63660 (executing program) 2022/09/26 16:17:59 fetching corpus: 300, signal 61479/70777 (executing program) 2022/09/26 16:17:59 fetching corpus: 350, signal 66211/76841 (executing program) 2022/09/26 16:17:59 fetching corpus: 400, signal 70496/82401 (executing program) 2022/09/26 16:17:59 fetching corpus: 450, signal 76688/89710 (executing program) 2022/09/26 16:18:00 fetching corpus: 500, signal 78791/93051 (executing program) 2022/09/26 16:18:00 fetching corpus: 550, signal 82873/98268 (executing program) 2022/09/26 16:18:00 fetching corpus: 600, signal 86497/102962 (executing program) 2022/09/26 16:18:00 fetching corpus: 650, signal 88909/106505 (executing program) 2022/09/26 16:18:00 fetching corpus: 700, signal 91535/110179 (executing program) 2022/09/26 16:18:00 fetching corpus: 750, signal 94924/114498 (executing program) 2022/09/26 16:18:00 fetching corpus: 800, signal 98246/118724 (executing program) 2022/09/26 16:18:01 fetching corpus: 850, signal 100947/122330 (executing program) 2022/09/26 16:18:01 fetching corpus: 900, signal 103687/125968 (executing program) 2022/09/26 16:18:01 fetching corpus: 950, signal 105563/128827 (executing program) 2022/09/26 16:18:01 fetching corpus: 1000, signal 108327/132375 (executing program) 2022/09/26 16:18:01 fetching corpus: 1050, signal 109878/134899 (executing program) 2022/09/26 16:18:01 fetching corpus: 1100, signal 112552/138279 (executing program) 2022/09/26 16:18:01 fetching corpus: 1150, signal 113567/140272 (executing program) 2022/09/26 16:18:01 fetching corpus: 1200, signal 115825/143275 (executing program) 2022/09/26 16:18:01 fetching corpus: 1250, signal 116676/145093 (executing program) 2022/09/26 16:18:01 fetching corpus: 1300, signal 117842/147187 (executing program) 2022/09/26 16:18:02 fetching corpus: 1350, signal 120314/150270 (executing program) 2022/09/26 16:18:02 fetching corpus: 1400, signal 121680/152469 (executing program) 2022/09/26 16:18:02 fetching corpus: 1450, signal 122876/154477 (executing program) 2022/09/26 16:18:02 fetching corpus: 1500, signal 124609/156878 (executing program) 2022/09/26 16:18:02 fetching corpus: 1550, signal 126095/159072 (executing program) 2022/09/26 16:18:02 fetching corpus: 1600, signal 127154/160933 (executing program) 2022/09/26 16:18:02 fetching corpus: 1650, signal 128621/163093 (executing program) 2022/09/26 16:18:03 fetching corpus: 1700, signal 130039/165175 (executing program) 2022/09/26 16:18:03 fetching corpus: 1750, signal 131509/167317 (executing program) 2022/09/26 16:18:03 fetching corpus: 1800, signal 132485/169045 (executing program) 2022/09/26 16:18:03 fetching corpus: 1850, signal 134594/171619 (executing program) 2022/09/26 16:18:03 fetching corpus: 1900, signal 135224/173010 (executing program) 2022/09/26 16:18:03 fetching corpus: 1950, signal 137334/175540 (executing program) 2022/09/26 16:18:03 fetching corpus: 2000, signal 138775/177498 (executing program) 2022/09/26 16:18:03 fetching corpus: 2050, signal 140072/179381 (executing program) 2022/09/26 16:18:03 fetching corpus: 2100, signal 140896/180941 (executing program) 2022/09/26 16:18:03 fetching corpus: 2150, signal 141804/182565 (executing program) 2022/09/26 16:18:04 fetching corpus: 2200, signal 142933/184332 (executing program) 2022/09/26 16:18:04 fetching corpus: 2250, signal 144097/186047 (executing program) 2022/09/26 16:18:04 fetching corpus: 2300, signal 144886/187523 (executing program) 2022/09/26 16:18:04 fetching corpus: 2350, signal 146262/189327 (executing program) 2022/09/26 16:18:04 fetching corpus: 2400, signal 147152/190780 (executing program) 2022/09/26 16:18:04 fetching corpus: 2450, signal 148198/192345 (executing program) 2022/09/26 16:18:04 fetching corpus: 2500, signal 149252/193913 (executing program) 2022/09/26 16:18:04 fetching corpus: 2550, signal 150324/195490 (executing program) 2022/09/26 16:18:04 fetching corpus: 2600, signal 151213/196904 (executing program) 2022/09/26 16:18:04 fetching corpus: 2650, signal 153123/198907 (executing program) 2022/09/26 16:18:04 fetching corpus: 2700, signal 155569/201242 (executing program) 2022/09/26 16:18:04 fetching corpus: 2750, signal 156538/202649 (executing program) 2022/09/26 16:18:05 fetching corpus: 2800, signal 157177/203886 (executing program) 2022/09/26 16:18:05 fetching corpus: 2850, signal 158191/205275 (executing program) 2022/09/26 16:18:05 fetching corpus: 2900, signal 159546/206884 (executing program) 2022/09/26 16:18:05 fetching corpus: 2950, signal 160431/208212 (executing program) 2022/09/26 16:18:05 fetching corpus: 3000, signal 161573/209715 (executing program) 2022/09/26 16:18:05 fetching corpus: 3050, signal 162204/210815 (executing program) 2022/09/26 16:18:05 fetching corpus: 3100, signal 163247/212231 (executing program) 2022/09/26 16:18:05 fetching corpus: 3150, signal 163804/213294 (executing program) 2022/09/26 16:18:06 fetching corpus: 3200, signal 165341/214969 (executing program) 2022/09/26 16:18:06 fetching corpus: 3250, signal 166454/216306 (executing program) 2022/09/26 16:18:06 fetching corpus: 3300, signal 167374/217564 (executing program) 2022/09/26 16:18:06 fetching corpus: 3350, signal 168340/218821 (executing program) 2022/09/26 16:18:06 fetching corpus: 3400, signal 169232/220067 (executing program) 2022/09/26 16:18:06 fetching corpus: 3450, signal 170000/221206 (executing program) 2022/09/26 16:18:06 fetching corpus: 3500, signal 170563/222189 (executing program) 2022/09/26 16:18:06 fetching corpus: 3550, signal 171260/223235 (executing program) 2022/09/26 16:18:06 fetching corpus: 3600, signal 172236/224412 (executing program) 2022/09/26 16:18:07 fetching corpus: 3650, signal 173525/225695 (executing program) 2022/09/26 16:18:07 fetching corpus: 3700, signal 174567/226879 (executing program) 2022/09/26 16:18:07 fetching corpus: 3750, signal 175008/227728 (executing program) 2022/09/26 16:18:07 fetching corpus: 3800, signal 175785/228738 (executing program) 2022/09/26 16:18:07 fetching corpus: 3850, signal 176302/229627 (executing program) 2022/09/26 16:18:07 fetching corpus: 3900, signal 176621/230471 (executing program) 2022/09/26 16:18:07 fetching corpus: 3950, signal 177346/231413 (executing program) 2022/09/26 16:18:08 fetching corpus: 4000, signal 178369/232506 (executing program) 2022/09/26 16:18:08 fetching corpus: 4050, signal 179151/233496 (executing program) 2022/09/26 16:18:08 fetching corpus: 4100, signal 179808/234421 (executing program) 2022/09/26 16:18:08 fetching corpus: 4150, signal 180666/235490 (executing program) 2022/09/26 16:18:08 fetching corpus: 4200, signal 181031/236285 (executing program) 2022/09/26 16:18:08 fetching corpus: 4250, signal 181548/237129 (executing program) 2022/09/26 16:18:08 fetching corpus: 4300, signal 182414/238212 (executing program) 2022/09/26 16:18:08 fetching corpus: 4350, signal 183089/239051 (executing program) 2022/09/26 16:18:08 fetching corpus: 4400, signal 183523/239848 (executing program) 2022/09/26 16:18:09 fetching corpus: 4450, signal 184240/240707 (executing program) 2022/09/26 16:18:09 fetching corpus: 4500, signal 185036/241605 (executing program) 2022/09/26 16:18:09 fetching corpus: 4550, signal 185881/242574 (executing program) 2022/09/26 16:18:09 fetching corpus: 4600, signal 186319/243340 (executing program) 2022/09/26 16:18:09 fetching corpus: 4650, signal 187395/244259 (executing program) 2022/09/26 16:18:09 fetching corpus: 4700, signal 188216/245095 (executing program) 2022/09/26 16:18:09 fetching corpus: 4750, signal 189124/245974 (executing program) 2022/09/26 16:18:10 fetching corpus: 4800, signal 189556/246708 (executing program) 2022/09/26 16:18:10 fetching corpus: 4850, signal 190332/247541 (executing program) 2022/09/26 16:18:10 fetching corpus: 4900, signal 191213/248366 (executing program) 2022/09/26 16:18:10 fetching corpus: 4950, signal 191540/249079 (executing program) 2022/09/26 16:18:10 fetching corpus: 5000, signal 192090/249793 (executing program) 2022/09/26 16:18:10 fetching corpus: 5050, signal 192838/250586 (executing program) 2022/09/26 16:18:10 fetching corpus: 5100, signal 193217/251239 (executing program) 2022/09/26 16:18:10 fetching corpus: 5150, signal 194023/251975 (executing program) 2022/09/26 16:18:11 fetching corpus: 5200, signal 194584/252645 (executing program) 2022/09/26 16:18:11 fetching corpus: 5250, signal 195202/253336 (executing program) 2022/09/26 16:18:11 fetching corpus: 5300, signal 195791/254058 (executing program) 2022/09/26 16:18:11 fetching corpus: 5350, signal 196197/254688 (executing program) 2022/09/26 16:18:11 fetching corpus: 5400, signal 196514/255279 (executing program) 2022/09/26 16:18:11 fetching corpus: 5450, signal 197412/256010 (executing program) 2022/09/26 16:18:11 fetching corpus: 5500, signal 197666/256601 (executing program) 2022/09/26 16:18:11 fetching corpus: 5550, signal 198515/257289 (executing program) 2022/09/26 16:18:11 fetching corpus: 5600, signal 199170/257942 (executing program) 2022/09/26 16:18:12 fetching corpus: 5650, signal 199654/258522 (executing program) 2022/09/26 16:18:12 fetching corpus: 5700, signal 200231/259115 (executing program) 2022/09/26 16:18:12 fetching corpus: 5750, signal 200798/259699 (executing program) 2022/09/26 16:18:12 fetching corpus: 5800, signal 201280/260263 (executing program) 2022/09/26 16:18:12 fetching corpus: 5850, signal 201717/260789 (executing program) 2022/09/26 16:18:12 fetching corpus: 5900, signal 202430/261365 (executing program) 2022/09/26 16:18:12 fetching corpus: 5950, signal 203232/261937 (executing program) 2022/09/26 16:18:12 fetching corpus: 6000, signal 203721/262498 (executing program) 2022/09/26 16:18:13 fetching corpus: 6050, signal 204017/263015 (executing program) 2022/09/26 16:18:13 fetching corpus: 6100, signal 204550/263586 (executing program) 2022/09/26 16:18:13 fetching corpus: 6150, signal 204866/264062 (executing program) 2022/09/26 16:18:13 fetching corpus: 6200, signal 205614/264613 (executing program) 2022/09/26 16:18:13 fetching corpus: 6250, signal 206065/265117 (executing program) 2022/09/26 16:18:13 fetching corpus: 6300, signal 206571/265684 (executing program) 2022/09/26 16:18:13 fetching corpus: 6350, signal 207507/266223 (executing program) 2022/09/26 16:18:13 fetching corpus: 6400, signal 207857/266659 (executing program) 2022/09/26 16:18:13 fetching corpus: 6450, signal 208482/267135 (executing program) 2022/09/26 16:18:14 fetching corpus: 6500, signal 208806/267587 (executing program) 2022/09/26 16:18:14 fetching corpus: 6550, signal 209384/268094 (executing program) 2022/09/26 16:18:14 fetching corpus: 6600, signal 210087/268554 (executing program) 2022/09/26 16:18:14 fetching corpus: 6650, signal 210716/268960 (executing program) 2022/09/26 16:18:14 fetching corpus: 6700, signal 211318/268960 (executing program) 2022/09/26 16:18:14 fetching corpus: 6750, signal 211965/268963 (executing program) 2022/09/26 16:18:14 fetching corpus: 6800, signal 212623/269014 (executing program) 2022/09/26 16:18:14 fetching corpus: 6850, signal 212882/269014 (executing program) 2022/09/26 16:18:15 fetching corpus: 6900, signal 213249/269033 (executing program) 2022/09/26 16:18:15 fetching corpus: 6950, signal 213525/269035 (executing program) 2022/09/26 16:18:15 fetching corpus: 7000, signal 214145/269060 (executing program) 2022/09/26 16:18:15 fetching corpus: 7050, signal 214734/269063 (executing program) 2022/09/26 16:18:15 fetching corpus: 7100, signal 215124/269063 (executing program) 2022/09/26 16:18:15 fetching corpus: 7150, signal 215619/269068 (executing program) 2022/09/26 16:18:15 fetching corpus: 7200, signal 215970/269073 (executing program) 2022/09/26 16:18:15 fetching corpus: 7250, signal 216404/269076 (executing program) 2022/09/26 16:18:16 fetching corpus: 7300, signal 216810/269087 (executing program) 2022/09/26 16:18:16 fetching corpus: 7350, signal 217104/269108 (executing program) 2022/09/26 16:18:16 fetching corpus: 7374, signal 217356/269108 (executing program) 2022/09/26 16:18:16 fetching corpus: 7374, signal 217356/269108 (executing program) 2022/09/26 16:18:18 starting 8 fuzzer processes 16:18:18 executing program 0: ioctl$TIOCGISO7816(0xffffffffffffffff, 0x80285442, &(0x7f0000000000)) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) ioctl$TIOCSIG(r0, 0x40045436, 0x0) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000080)={0xc45, 0xffffff81}) r1 = syz_open_pts(r0, 0x800) ioctl$TIOCSRS485(r1, 0x542f, &(0x7f00000000c0)={0x5, 0x7fffffff, 0x128}) r2 = syz_open_dev$hidraw(&(0x7f0000000100), 0x4, 0x40) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, '\x00', [{0x4, 0x8, 0x3, 0x3, 0x1, 0x8a}, {0x100, 0x9, 0x4, 0x100000001, 0xfff, 0x8}]}) ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000200)) ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0) r3 = accept$unix(r0, &(0x7f0000000240)=@abs, &(0x7f00000002c0)=0x6e) close(r3) r4 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$GIO_UNISCRNMAP(r4, 0x4b69, &(0x7f0000000300)) ioctl$TIOCMBIS(r4, 0x5416, &(0x7f0000000340)=0x6) ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000000380)={0x9, 0x3, 0x6, 0x101, 0xc52, 0x1}) ioctl$TIOCMGET(r0, 0x5415, &(0x7f00000003c0)) ioctl$FIONCLEX(r0, 0x5450) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x34, 0x1, 0x9, 0x401, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFCTH_STATUS={0x8}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x505a2d94}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x20}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0xc0) sendmsg$AUDIT_DEL_RULE(r0, &(0x7f00000009c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000540)={0x42c, 0x3f4, 0x100, 0x70bd27, 0x25dfdbfc, {0x4, 0x2, 0xe, [0x2bb5, 0x100, 0x7, 0x3, 0xff, 0x6, 0x5, 0x0, 0x6, 0x5, 0xbd6d, 0x66, 0x0, 0x7f, 0x2, 0x5, 0x8ca4, 0x23e, 0xfffffffb, 0x2, 0x89, 0x730, 0x3f, 0x7ff, 0x4, 0x3, 0xbed, 0x1f, 0xffffff4f, 0x5, 0x5, 0x70, 0x6, 0x401, 0x3, 0x18a, 0x0, 0x4, 0x91, 0x0, 0x38000, 0x80, 0x9, 0x0, 0x400, 0x95c, 0x7, 0x0, 0x2, 0x8000, 0x3, 0x2, 0xffffffff, 0x9, 0x2, 0x5, 0x2, 0x6, 0x8, 0x7, 0x5aad, 0x7, 0x1, 0x7fff], [0x2, 0x8, 0x200, 0x84b1, 0x0, 0x80, 0x7, 0x5df2, 0x4, 0x9, 0x7fff, 0x1f, 0x5, 0x3, 0xfffffff9, 0x9, 0x9, 0x93, 0x2, 0x5, 0x9, 0x1, 0x200, 0x7, 0x2, 0x4, 0x6, 0xff, 0x80000001, 0x4, 0x7fff, 0xff, 0x0, 0x4, 0x41a, 0x6, 0x3, 0x0, 0x80000000, 0x2, 0x0, 0x200000, 0x3, 0x8, 0x2, 0x3f, 0x0, 0x7, 0x8, 0x80000001, 0x1, 0x6ac6, 0xd1d, 0x1, 0x4100, 0x2, 0xf81a, 0x4, 0x4, 0x8, 0x2, 0x2, 0x7, 0x80000000], [0x3f, 0x400, 0x5, 0x2, 0x2, 0x40, 0x200000, 0x2, 0x40, 0x3, 0x2, 0x80, 0xffffff47, 0x2, 0x0, 0xfffffffb, 0x6, 0xff, 0xfff, 0x9, 0x1000, 0x2, 0xfffffffe, 0x2a6d, 0x1, 0x5, 0x400, 0x1e45c89e, 0x0, 0xff, 0x6, 0x8, 0x7f, 0x8cd, 0x8206, 0x3be, 0x5, 0x6, 0x1, 0x81, 0x3, 0x3, 0x0, 0x6, 0x1, 0xf7, 0x9, 0x1f, 0x8b4, 0x0, 0x9, 0x7ff, 0x0, 0x855e, 0x7ff, 0x1, 0x1, 0x80000, 0x80000001, 0x1f, 0x4, 0x101, 0x8, 0x6c], [0x3f, 0x101, 0xf8, 0x0, 0x400, 0xc43, 0x7, 0xa1, 0x3ff, 0x40, 0x8001, 0x0, 0x3, 0x80000000, 0x9, 0x7, 0x8, 0x7f, 0x4, 0x1f, 0x0, 0x2, 0x8, 0x2, 0x81, 0x5, 0x81, 0x17bca00, 0x40, 0x0, 0x3, 0x5, 0x8001, 0xff, 0x7f, 0x1f, 0x6, 0x1, 0x10001, 0x8, 0x40, 0x8, 0x2ed, 0x0, 0x3, 0xfff, 0x80, 0x2, 0x7, 0x5, 0x2, 0x2, 0xffffffff, 0x40, 0x7, 0x80, 0x100, 0x80, 0x73570866, 0xfff, 0xffff, 0x7, 0x5, 0x41903083], 0x9, ['\x00', 'O}{,,#]\x00']}, ["", "", "", ""]}, 0x42c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) 16:18:18 executing program 1: mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2024030, &(0x7f0000000080)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@noextend}, {@posixacl}, {@afid={'afid', 0x3d, 0x9}}, {@cache_mmap}, {@cache_mmap}], [{@dont_hash}]}}) fremovexattr(0xffffffffffffffff, &(0x7f0000000140)=@known='trusted.overlay.opaque\x00') symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x9, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@huge_always}], [{@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@audit}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}]}) renameat2(r0, &(0x7f0000000300)='./file1\x00', r0, &(0x7f0000000340)='./file0\x00', 0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={r0, 0x5, 0x3f, 0xffffffff80000001}) fchmodat(r1, &(0x7f00000003c0)='./file0\x00', 0x20) readlink(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440)=""/19, 0x13) r2 = syz_mount_image$iso9660(&(0x7f0000000480), &(0x7f00000004c0)='./file0\x00', 0xb8f3, 0x4, &(0x7f00000007c0)=[{&(0x7f0000000500)="d016ff68579d6b80b6e853e40a01d496df63e7ee121796a6be0b1d1bfe3c5c5786b02eca429a5d34d7973f12171927d68757581c8adb833b42a7095703ec2d1f082c8affce79007fc047f0a5cc49d804a27fb6e144aa5618ef43f7f27e9bafa0be8112390a0b4eaf60b37b21d3b7c0c9e7e265da3cb9c7548efae04f77705f23f7182b30cf8f29e2ccf3a80d25ca049bf7dfa56ae2c8c34803aa29a57f184e4f127f2eedb2116e937e311a6a121dfad569eaf224576fe1f68ef1bb057d57034887de60266652b086051c58e912467237cdc084da5a8450d3e046630d8e6596973a78a2f910e0dba44c5f78d5f7bd0229d4dd6995", 0xf4, 0x9}, {&(0x7f0000000600)="75732e521447bad6d7942dfe72c27a162e5ff740c25d3e1f6d7861736febb7d0128037b208b5bf92591b6373a23dba778a3df986fdbf3a12383e3604610d210cff4f1bc2430b1ffe714c31a49583ca40074bd5efae5508f1b8852ce8aeb1ed5a06558105acca5d001c4cd36ece3566075870e9c809304d919176819077ca1b37b56bccb34224b32968484db752b637501cfa8b455b30ba7bbfca5f5c2b5d3db8984403f618b6fab3e6b183a073d8bd5e58b357a49eadc3b5237d4f365e47ebd5a9139a73be23bbaf7ef0072c2a85eae64ee2fbca017001b3495cade1f067f8a82f0937b4d0e7b1e9", 0xe8, 0x8}, {0xffffffffffffffff, 0x0, 0x8000}, {&(0x7f0000000700)="39c5f3d8b55897b4998c026d4fe09681983818ba3540b8134a39f42f05c441f6b166ea9e8b4936db9e74a4ac7b37d03102b810d339fa77bfb50d0f3e3d823c925c61be7812993d924de0edcb573e62a9e2e57b5295f9ddef2da81e7fb5df10422313406969ed2f6a9f4eef30cabfc554714856f1ad9e9705d165082918e410b14c1233e37a2dda53810594cc414fba5e17d42bd4b6680e092d4ecf92a23a9a7dcfb444cb89f9fabf8e530928aa4e88bbb94938cbde1d734ee284e21c0798986d", 0xc0, 0x1}], 0x2024005, &(0x7f0000000840)={[{@cruft}], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@dont_hash}]}) readlinkat(r2, &(0x7f0000000880)='./file0/file0\x00', &(0x7f00000008c0)=""/94, 0x5e) clock_gettime(0x0, &(0x7f0000000980)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000009c0)={0x0, 0x0}) utimensat(r1, &(0x7f0000000940)='./file0/file0\x00', &(0x7f0000000a00)={{r3, r4/1000+10000}, {r5, r6/1000+60000}}, 0x100) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000a40)='tmpfs\x00', 0x0, 0xffffffffffffffff) syz_mount_image$iso9660(&(0x7f0000000a80), &(0x7f0000000ac0)='./file0/file0\x00', 0x10001, 0x5, &(0x7f0000000d80)=[{&(0x7f0000000b00)="fab1c4327318c891f8788ca3a11c18b99a2590658ec4b1ba16e448f8540c5d3d60a61941dbcc4372a5d578fbde8c6c419a1c5ff8b668449ef0f52c1ccc3fe07ed3f557b8c565a1d77194fd9ae719b8413fdc2c684599ff4630f328fde4c1e9aac96198566817529cba32cda4a20b6776a685b8e751ddbefe1bca018acc97560a3035c3891b097d6992d6ad5998ee1ce5e9610dc43bc6d929f8d7005779743f76217a900acd543706", 0xa8}, {&(0x7f0000000bc0)="cbffd6d1f7be2820c6bc6d28b0b1517340bf42cab3497877751416890ecaf1dd39ef0b12f2758235", 0x28, 0x5}, {&(0x7f0000000c00)="fce235b2edeb9da84ad0f02688a66274cd4f5e853fc088bfe96c37c3ec1fceee2a3b0dc0b31f5f5c33471cbb67737a0797f8d52436af19c2fac35bfae98e56eb79c59a8b8c880dbecde86fe6ccf9e149597b3de1e4aad755a332bb", 0x5b}, {&(0x7f0000000c80)="f6f2b41391426ab2edd08badb405579bb414ad6a02ff5ad1dc36d6f34b4d0457cd89130707b93dabc168c35a009dd2bce3c4d9580c752791da3d6e600004c9df8840c34b", 0x44, 0x40}, {&(0x7f0000000d00)="b213a8a02a12b3b7c428fd1f71e6f07dac2f864fd790786489b60af4b79c55c8c2ca3123c01196dc335d611eccd98343aabc0b462cb02478c4bded080b2787c8857d48f62851d4e198480a174fb006de7e36a9c3e905d280c98b5d9352250a36de94c8c152253bcd228b67d889", 0x6d}], 0x2800, &(0x7f0000000e00)={[{@check_strict}, {@map_off}, {@dmode={'dmode', 0x3d, 0x769}}], [{@smackfshat={'smackfshat', 0x3d, '+^^^}%!-#'}}, {@obj_role={'obj_role', 0x3d, '%:/'}}, {@fsuuid={'fsuuid', 0x3d, {[0x64, 0x31, 0x36, 0x37, 0x35, 0x31, 0x31, 0xe], 0x2d, [0x65, 0x34, 0x30, 0x61], 0x2d, [0x69, 0x30, 0x3e, 0x39], 0x2d, [0x39, 0x33, 0x31, 0x64], 0x2d, [0x31, 0x63, 0x65, 0x62, 0x61, 0x65, 0x53, 0x64]}}}, {@smackfsfloor={'smackfsfloor', 0x3d, '*}\\+\\#:,'}}, {@subj_role={'subj_role', 0x3d, 'afid'}}, {@fowner_gt}, {@audit}, {@obj_user}]}) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000f00), 0x22041, 0x0) r8 = openat(r7, &(0x7f0000000f40)='./file1/file0\x00', 0x48000, 0x80) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000f80)='/proc/vmstat\x00', 0x0, 0x0) execveat(r9, &(0x7f0000000fc0)='./file0\x00', &(0x7f00000010c0)=[&(0x7f0000001000)='func', &(0x7f0000001040)='posixacl', &(0x7f0000001080)='cruft'], &(0x7f0000001240)=[&(0x7f0000001100)='iso9660\x00', &(0x7f0000001140)='9p\x00', &(0x7f0000001180)='&\x00', 0xfffffffffffffffd, &(0x7f00000011c0)='smackfsfloor', &(0x7f0000001200)='iso9660\x00'], 0x400) mknodat(r8, &(0x7f0000001280)='./file1/file0\x00', 0x200, 0x6) 16:18:18 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3f, 0x4, &(0x7f0000000300)=[{&(0x7f0000000080)="3dba00ef6094f3d6f63654b60909c60a65cad9785d45eca9fe2cc98fd0ba52a5815588198ca795182292704e2c0b1a008ade82edb9d6a0c52b40547389d1ed555600648e2547dca405a195e4415333387261feae7d625b5489283529761dd049f86f605ff531cfde12f41f4279ff01c0fb9dd142027568e751f812656a1642b92830ef50a62d202af58ad16ec2ab4ce3cd35561b", 0x94, 0x1200}, {&(0x7f0000000140)="75e81556de7b5a39b0483a44d64ba9d6b6f37522d98ca514c81b2282cbfeb7e453a9d13a6f29a86d85432f4ad2e976d0856e74e07892b48d247c6e50feb441837a7e9c533c60539010dd37e73a842c593874d06d54949ecf8561ae35a9498f40239d07673c8c", 0x66, 0x9}, {&(0x7f00000001c0)="2ab1474ae669a255ae35d4e70dcc87ed06bf1590b1b6bde7c1a32204e3b58f2fd6bc4ae6f9261f4d2384fbd096910d0b209bec7a289c29d08adae5f1e232be3e81ac3013c3d19b90a7ccd35e7c058b582675ab1bc9c6b23ce139d18f0c6b8deabbb2487fb82551ecc063bb6179d45acf6b0341f7c07f6c41acff2d2f4cd32c8a1f0eff", 0x83, 0xffffffffffff7581}, {&(0x7f0000000280)="2d5a1a2a26af90b3e84ee19ff1f9c52ea7afc1e81c23379a9a1784402ccb017df7d3290e6637ffb1fe7ecc67eb03889f24342a56d11f134fc661ba797ccb9173f7b236dbbda0a43cf17e38610b94d5bbe077345b365b75412390d18c8d0869191ff3c8bcc70bf4c43f6b2d15b7399ee25e663116e6abf770ebf9", 0x7a, 0x1000}], 0x1000001, &(0x7f0000000380)={[{@shortname_winnt}, {@utf8no}, {@uni_xlateno}, {@nonumtail}, {@rodir}, {@shortname_win95}, {@uni_xlateno}, {@shortname_win95}], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@smackfsfloor={'smackfsfloor', 0x3d, '&{-'}}, {@audit}]}) chdir(&(0x7f0000000440)='./file0\x00') ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000480)=0x1) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000004c0)={@loopback}, 0x14) statx(0xffffffffffffff9c, &(0x7f0000000500)='./file0\x00', 0x400, 0x220, &(0x7f0000000540)) recvmsg(0xffffffffffffffff, &(0x7f0000001d00)={&(0x7f0000000640)=@phonet, 0x80, &(0x7f0000001bc0)=[{&(0x7f00000006c0)=""/129, 0x81}, {&(0x7f0000000780)=""/223, 0xdf}, {&(0x7f0000000880)=""/15, 0xf}, {&(0x7f00000008c0)=""/161, 0xa1}, {&(0x7f0000000980)=""/208, 0xd0}, {&(0x7f0000000a80)=""/4096, 0x1000}, {&(0x7f0000001a80)=""/156, 0x9c}, {&(0x7f0000001b40)=""/95, 0x5f}], 0x8, &(0x7f0000001c40)=""/150, 0x96}, 0xc87cea4454b1b2a9) stat(&(0x7f0000001d40)='./file0\x00', &(0x7f0000001d80)) perf_event_open(&(0x7f0000001e40)={0x1, 0x80, 0x8, 0xc5, 0x9, 0x1f, 0x0, 0xffffffff, 0x10400, 0xe, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x71f5, 0x0, @perf_bp={&(0x7f0000001e00), 0x2}, 0x600, 0x7fff, 0x7, 0x1d, 0x7fff, 0x3c, 0x6, 0x0, 0x4, 0x0, 0x4}, 0x0, 0xd, 0xffffffffffffffff, 0x8) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000001f80)={'ip6_vti0\x00', &(0x7f0000001f00)={'ip6tnl0\x00', 0x0, 0x2f, 0xf2, 0x4, 0x8000, 0x10, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1, 0x20, 0x3, 0x400}}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000020c0)={'tunl0\x00', &(0x7f0000001fc0)={'ip_vti0\x00', 0x0, 0x1, 0x80, 0x10001, 0x7, {{0x2e, 0x4, 0x0, 0x38, 0xb8, 0x64, 0x0, 0x43, 0x4, 0x0, @broadcast, @local, {[@end, @timestamp_prespec={0x44, 0x3c, 0xb3, 0x3, 0x1, [{@loopback, 0x4}, {@empty, 0x81}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xc30}, {@multicast1, 0x7}, {@multicast1, 0x5}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7f}, {@local, 0x3}]}, @end, @ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x7, 0x3b, [@private=0xa010100]}, @generic={0x44, 0xd, "c4d76432818a0fc18a2168"}, @timestamp_prespec={0x44, 0x34, 0xce, 0x3, 0x7, [{@multicast2, 0x9}, {@dev={0xac, 0x14, 0x14, 0x2e}, 0x2}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@remote, 0x3}, {@private=0xa010101, 0x6}, {@broadcast, 0x1}]}, @lsrr={0x83, 0xf, 0xa1, [@rand_addr=0x64010102, @rand_addr=0x64010102, @rand_addr=0x64010101]}, @rr={0x7, 0xb, 0x6f, [@private=0xa010101, @multicast1]}]}}}}}) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000021c0)={&(0x7f0000001ec0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002180)={&(0x7f0000002100)={0x60, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x900}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="ee82a3af583b"}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x60}, 0x1, 0x0, 0x0, 0x8c4}, 0x0) mount$bind(&(0x7f0000002200)='./file0\x00', &(0x7f0000002240)='./file0\x00', &(0x7f0000002280), 0x400, 0x0) ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f00000022c0)=0x8) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000002300), 0x400040, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f0000002340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000002380)=0x14, 0x80000) setsockopt$inet6_mreq(r3, 0x29, 0x14, &(0x7f00000023c0)={@empty, r4}, 0x14) flistxattr(r0, &(0x7f0000002400)=""/119, 0x77) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r3, &(0x7f00000025c0)={&(0x7f0000002480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002580)={&(0x7f00000024c0)={0x88, 0x0, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1000}]}, @TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000041}, 0x20000000) stat(&(0x7f0000002600)='./file0\x00', &(0x7f0000002640)) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000002740)={0x7, &(0x7f0000002700)=[{0x3f, 0x80, 0x0, 0x20}, {0x1, 0x0, 0x8, 0x9}, {0x1f, 0x7f, 0x6, 0x4}, {0x2, 0x8, 0x78, 0x5}, {0x40, 0xb2, 0x4}, {0xffff, 0x3, 0x6, 0x68}, {0x6, 0x1, 0x7, 0x80}]}, 0x10) 16:18:18 executing program 3: getsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f0000000000), 0x2) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/pata_oldpiix', 0x4aa602, 0x50) newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0xa0004, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@fscache}, {@privport}, {@access_any}], [{@dont_measure}, {@euid_eq={'euid', 0x3d, r3}}, {@fowner_eq={'fowner', 0x3d, 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, '}.\x15%'}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@pcr={'pcr', 0x3d, 0x2e}}]}}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000300)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) getsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000340)=0xe887, &(0x7f0000000380)=0x2) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x10000, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@afid={'afid', 0x3d, 0xc687}}, {@cache_fscache}], [{@fsuuid={'fsuuid', 0x3d, {[0x33, 0x65, 0x37, 0x66, 0x32, 0x35, 0x31, 0x62], 0x2d, [0x66, 0x34, 0x30, 0x38], 0x2d, [0x62, 0x65, 0x31, 0x62], 0x2d, [0x31, 0x64, 0x62, 0x31], 0x2d, [0x63, 0x30, 0x33, 0x36, 0x61, 0x65, 0x30, 0x34]}}}]}}) ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000500)) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x10, r4, 0x10000000) syz_io_uring_submit(0x0, r5, &(0x7f0000000540)=@IORING_OP_CLOSE={0x13, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x80) fcntl$setpipe(r4, 0x407, 0x1) write$P9_RVERSION(r4, &(0x7f0000000580)={0x15, 0x65, 0xffff, 0x2, 0x8, '9P2000.u'}, 0x15) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f00000005c0), 0x4000, 0x0) setsockopt$bt_BT_DEFER_SETUP(r6, 0x112, 0x7, &(0x7f0000000600), 0x4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000a80)={{0x1, 0x1, 0x18, r4}, './file0/file0\x00'}) r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000ac0)='./file0\x00', 0x200, 0x17) recvmsg$unix(r4, &(0x7f0000000d40)={&(0x7f0000000b00), 0x6e, &(0x7f0000000c00)=[{&(0x7f0000000b80)=""/71, 0x47}], 0x1, &(0x7f0000000c40)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xf0}, 0x2040) mount$9p_fd(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000680), 0x2004, &(0x7f0000000d80)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@posixacl}], [{@euid_gt={'euid>', r3}}, {@uid_lt={'uid<', r9}}, {@fsname={'fsname', 0x3d, 'dont_measure'}}, {@seclabel}, {@fsmagic={'fsmagic', 0x3d, 0x4}}, {@seclabel}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@uid_lt={'uid<', r3}}]}}) ioctl$FAT_IOCTL_GET_VOLUME_ID(r10, 0x80047213, &(0x7f0000000e80)) 16:18:18 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x883, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x2, 0x101, 0x0, 0x0, {0x3, 0x0, 0x7}, [@CTA_EXPECT_MASK={0x3c, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @remote}}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xc800}, 0x20000000) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r1, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x48041}, 0x4000004) r2 = fsmount(r0, 0x1, 0x4) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r1, 0x300, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x66}, @void, @val={0xc, 0x99, {0x1, 0x7b}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000) sendmsg$BATADV_CMD_GET_ORIGINATORS(r2, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x81}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000004c0), 0x200, 0x0) fsmount(r3, 0x1, 0xfc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000500), 0x2100, 0x0) sendmsg$NFNL_MSG_COMPAT_GET(r4, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0xb, 0x304, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_COMPAT_TYPE={0x8}, @NFTA_COMPAT_REV={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x6000081}, 0x4) r5 = pidfd_getfd(0xffffffffffffffff, r2, 0x0) sendmsg$BATADV_CMD_GET_MESH(r5, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x2c, 0x0, 0x20, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xffffff68}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x2c}}, 0x4) r6 = openat$cgroup_type(r3, &(0x7f0000000740), 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r6, &(0x7f0000000780)={0x20000008}) sendmsg$NFT_MSG_GETFLOWTABLE(r3, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x28, 0x17, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x40) connect$inet6(r3, &(0x7f00000008c0)={0xa, 0x4e24, 0x800, @dev={0xfe, 0x80, '\x00', 0xa}, 0x5}, 0x1c) r7 = syz_open_dev$vcsn(&(0x7f0000000b80), 0x357, 0x800) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WOWLAN(r7, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x8359b204bdf84d72}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x24, r8, 0x2, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x43}, @val={0x8}, @void}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x8900}, 0x44000) [ 78.947289] audit: type=1400 audit(1664209098.645:6): avc: denied { execmem } for pid=288 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:18:18 executing program 5: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x80049367, &(0x7f00000000c0)) write$hidraw(r3, &(0x7f0000000100)="a54b91a22fc76ebd45f7cde1785bd0b900988e531ec42e60ebe25f73d92f3ef07cbbe6c2e750747c670702cd49efb223ee253ed15585abb51f9afb98af7193ead718a61307e1d80a6f9c661d5dd6788d94b16c111f078505f1f825eba2", 0x5d) r4 = openat$incfs(r3, &(0x7f0000000180)='.log\x00', 0x20200, 0x10) r5 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0xc000, 0x0) fsetxattr$trusted_overlay_nlink(r3, &(0x7f0000000200), &(0x7f0000000240)={'L-', 0x3ff}, 0x16, 0x3) sendmsg$NFT_MSG_GETFLOWTABLE(r5, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, 0x17, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4080}, 0x400c011) sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x68, 0x7, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x800}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0xdc}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x68}}, 0x4001) r6 = syz_open_dev$vcsn(&(0x7f00000004c0), 0x100000000, 0x4000) r7 = accept$inet6(0xffffffffffffffff, &(0x7f0000001b40)={0xa, 0x0, 0x0, @empty}, &(0x7f0000001b80)=0x1c) r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000001bc0), 0x60000, 0x0) r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r10 = openat$random(0xffffffffffffff9c, &(0x7f0000001c00), 0x183800, 0x0) getgroups(0x1, &(0x7f0000001c40)=[0xee01]) sendmsg$unix(r6, &(0x7f0000001d00)={&(0x7f0000000500)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001a80)=[{&(0x7f0000000580)="1aeeb407df7339a284d451499ade2f2dd6493576321b888344b91232c5b127d6f659c35029c853e27bc5f50a8f0513adbc7e03dd582836e9970d80a1e691a7ed29d12c3952bf6023994600d706e73e0eab853a64000d74a8613a9ba005d5efffad5f098c5b908d684cd6ec4e4bdd33a1929c71d2047a167fe36e618d0154d8c8731ffaa1b9889add8557cc499440dee56ef6ffd89b0f927e6dc96cf39b3a619cef547086a363ae6f4e499567004729c1ee2b6fcf9a65e6", 0xb7}, {&(0x7f0000000640)="ec377720d55f1c041749efb0fccd2d2618adfa2dc60ce0266d1ad424a939a2ba609ab470bd0d3b586b67fa76e699101b0a86327115001d5c27192f84c1c903ee4ff16f31226296fdd80d9ff63442c8caaf6a83b22670668b819fdef8194daa65ac5cb837454c8aacc1c30be3879aa34c3f1724bed71279fb9224d085cc939f149b10ee843b581b329598da7595d22d5f38e27f1bb2e8df5455d5543859cfb70d2b96a671dfcc8f52b2da91", 0xab}, {&(0x7f0000000700)="c8c9b379ed3ba2423f83e15d47a1f2d115cd2ac63e99489c67b0634fd47bb53a8429afaf01e1bc4e43bc0e301fb5d71c44d4e942a5ed29fe2b1846311f6bdf5ccc3e51a1aa62e4777d3c0e8c025581fc6cbdf61414726b9f2b32521a5a880ccdb9954424efabef4f907144c3207d08d41e0b5bef16db1a87e5920cf339163d1fc7316b756ac9632d06dc1bc59c752572d6f4bf85c502a5b86bcaaa32d18d0cba37951cd1836046", 0xa7}, {&(0x7f00000007c0)="30d355a259793aead6ab8886fac73724bb5ab7756c0c3f87d4254ce4fa43e8", 0x1f}, {&(0x7f0000000800)="1a51d6de76c994ceccb10304fba1af5cffd8a26a6e141cc53083d14a7e05e3668e4ce9dbd7e2c4510e58d3ccd6945c35498edadda30857c675d59eb516c4c8e4f519d31560dafc792b1512989b02d30a259a836d960ad7bacb5246041a6b8dbc780b644d4804cb9540a9cee51f6ff561f07fd8716245acf02ae3fcd584667d463f9413419667df5776996291d786c96a1d90bdced3590c42f24713fe3c9c0557", 0xa0}, {&(0x7f00000008c0)="f03b1b224579c7", 0x7}, {&(0x7f0000000900)="8b12fd4cbb5a8e2bea55ef30f5c0897de56aa802cb94aae9332507afcc6653827762be284ae573bb6c5bbfccefc393e3db994497b816f46523cd94f258bf62359d6920845170869f5298d0d84f92dbeda53e907e61af0fc6a021889609f1369c549fa11600eae6fa804fc740e2b1", 0x6e}, {&(0x7f0000000980)="badee0c0a2a558bd058bf652e667475613825cc38fb2a5864d480435c9395857333a2e", 0x23}, {&(0x7f00000009c0)="434f6510fdba222962d887d4c87db47661a0f1213802288b942e27a490f22d2381321bc63e07aa6237b00367320ede92ad81e74bb1f392ae3a75454a99494f907f8edc526209b08b2737400e95103bdb0b49e1cd9219dca115b8e4100c0f62d39bfe204bdb3be37bae9fecd9d24aac8b19eaca24273516b71f7dbc31b324d79e63152dfa", 0x84}, {&(0x7f0000000a80)="eca2c4178913e22860e93bd4d0699344e39090036513aa475231b2817032388feec636f5f4cda385cf89a948bc40e1a750d37960899d8d268e92fb42afabf3d6786dfa9978a6bb81764131158c51fa37f812b71a3b163c72c1dbb90515c9e69a1deb0b558c6ced7ad93b758f88eb3d846c87782a6825b63cc99d7b31d5cefefd015d14b1ebb09a6f1c0b1775b1f4f7fd0b610878a2269e5c2a3ff56fbed33b06242c438a277c325d9c379df74c4a105129671a1791b41be9b57571d2f5a384c0684296ab8fd97427f299d754512800bec650f01b352868269cb507c30de2a4b277a4e9c30aaa907cf8de73b8eb9d213ffee73c5c64e53797f590e4800bcef61b362715deacb18c963ae4100558ded92f78521f0a561e2723bec7c8924a6acb251b6a59fb20f6d1791aab3df473b74637cb8bcb8d8b66d493c0eaacefc284b44416dce677ad45f71b5179e8eb72a46b7d535ed7a39b443a666ba96638c458b74db96f75754386fcaf2e2d3778d2048c7a7ef88550ec4482e1e0fd080982e0ab9fba09f098aeba953cdc1c354c0a2461d9eba69ca4304c5faa36bc2da00bbbe52d9a5f01a98ea3118556aa8fbcb0a0855c6747e7226be81ed8b6593d29ee9e3078997f7a9d735543cd8e3cc2b9d62b6cbe19bf76d1d9f3b5f96b42fee7510c4b2a219fd7c5e4b3dcdf883da729fb0f0a2f46a6cc8d53fdd8b3fe2afa39f7f3488376afeaa48e72c3ca4477772f31fe60a455ab6d6077f6001c15c8c06367618f6556af922da06759022e08a9962563466c3ad34f6a073058a41418cb88d0af9bc2e56b77a560d51360adabb5d017f89a6c649399182bd11c957f67a7e2c8cc98581f177661b67e6c9b4fa67d37a2589d9bde4a73db89edcd4ee1e1aea7ab0b937b40b4ee7a1d90c9516a8945c4496488fc73346a7a353be024cfd75ee4f8fdfada46e640154bebcdd6eb68d2baf106f2dd4051793dc0cb16d2610fb0a486963aa247739c738e5862f7132ce9c5152b239cff11a9e3c329910c6a0a6e9888d4286d1c2d7161817462d20583b7afdb490a568b29177aeb820f061e7eac65fc36162f5c8a31f309855b74eb9c224683074571eb91c67c58aa5c7940b5496dd3b6bfc8e7ec56fd39ec1df3b5ed1d128b682056b546cbc756098ef6b836cbb678c916be112397591497ad518388d1b725f1ef99a922c7dc8a976d08f0922bc09e0d13d0947a7146cab767577a8f6cffc1a2fb11aa3f22cd7fdda12b621839c8a16d7db805374593d25b67e8f91ed6225ef2425e070c4179e0f2248a3c17790849fea99ed95aab17c02c57329eb7c2d089637a4e381d89db598551397f52a19712a953ab4db6c7bcc3bc7a44ff988883a81310b89bccc389b8103942f41c356ba5c0cbdda6f0a9589e59666d28a05678bce9ad1314b9d2a1ade11e998e3223c36ac177a4b58dd3a61dfc0866b0ae3a5c0581927e7643ad9cdb285d12ce28c510e5b47fdef1662f3ad19b78eab5026f20983f75d8885dbd30f0eee58935b4d46e1ed69241f58d0baf7b32e816335f60c7c683f95c65ddb0ea57ec4bab7c7dc1c8aa6e75664993c6564e4d62b17f68c25dbfffb2697c02dae93ccbd37d1f3af2d461500752c13c6cc334d9e0d0340cae5e2ce8dab78c54a14dc42aff7c01c5a7a6d1f9b428c97eb2a14ef352d235f2e79000e36a0d317272d7e9ddc2d699469a8b9d22bc9a66ae7f3f59c520a1dffd8943efaf4432f6c09151aa910a5b26ae3f348e3c8e516d8946e01a8162a4cc3ae17fcf2dbc3f12106bdf937e7d364586854e75b7c3f4f954ce1d8d7bb7090261ec15ca5d9fb7f62fca947133ce69766052c1f34024daf113b73bf53e20713eb7edda3c08517fef9b49f26463a8e3f5239bf7f5c1ad9205f9be3fa553c1ea0ced63b0b8292c1e6b0d07f6328a380794e0c45cfddcb256e796d1ba70b26136489fc345cff0df61f710101f01abc6a267c9d695147ec79955d3ff13d55abe896b3c4d7e3d81a6bd998c04c3ccc2d0980700c3272842a6ecdb23aeb6e4717c8304d27ccd98c0935d4a915a3c39bcfc436461b3869e13b4ff88a2b83d8e51343c6606465b2e993366d9897bff1cfbf183b918c52bb16c684a693c5463ac117a047afcd09e26d09b965eaf0327d33f0b9fbc46422a7e78cb9699bd282b0beab11cee07570eb2f006fc12823027a3dfb4375ba3f8ffbe1e08ec6ebdeb8e50ec78ce01fee3fbd403f9bfa7b49d6f4c2f81158d7423939b07e6f86f99f3e84bcad0d0834c9b57e1a3d5c24bd89b6c20c3ed4f1d2fb1ce712fcee2ac3eb325f33bf1e8b5cf3dcade905b299a9433ade3cdc42f5f0eafa8fa4eced1c7274ae1bb79957ca5d7ea6fd5895750f61204f002bae3f43d3fab6c55d0c29b4aa53c7ff5b5d903f767c789ab219f0bca8b0e05a3301cf900c69a273b0d26ddf111e7a98a9c6e7bac26be7385507d3101628cf50861cf537759dba7ab36ebf5a2464cb0d8fdcb25906877f2138b24f59f0b89188eac8e7bc922a2a297daf964141050511b25114191a3d6420ee986fd080c951208cec04b628893f4306e8b6cab91c28aedc4809434e5e6e8af0350ffacff0e96205b489e7c4133723763556649ee95b7f1afd44e4f6ef4f2c15847f808da788667c9011557089b110fa498cf1719f528e7d8cdefb10a447b2b10e6c41176d32558c1a567490890300a036a4c3c51d028ec033f02e64de9ecb14ccebe6c1119ae45635c8b9f40cee030831b5c4ab552a943c3a5efe1a1f0639582ef2ea9529c6f0a2dbc6de4bcc4c5665e7887a29b467eb704666598c30c6a171b6f1eed0131e854513fd54482bbd3f14de9d2040176624fc7eb3a90c4d7182852f38581a6091873a995d225538f9f34ba78ff184dc26e890b2f924d45ef3a632b3743f56e4d8a0e176975a2452a7556c3e80ea0c14923633c0b2752a8e3c18d64d564f52790df86df473aadfa109855184eba3b0163baa89a60c39a4ddf5943d3f9b3154c1569f7fd4f90949299726b8deee0b63106847018e6ef1dae174e0115a1aa52474198079c102892a909039934fd5581fd052412d18fa6662d03643403c21201dac11d576d18cc7709e184f497443d575ff965791533e0d73a98af8306456734e521736c3013c21f936f619263649b6c5d778fabfb16723c2186a355c187121cd5482a4c7c34c673486b06b9e6ec374537e3ec62eacde4ad2ff1915d489ee0e508f1781d33bb28793c302ce9ebee3d2abe26fecd4cac8d3aeddc3bc1d4c6428b2752659ea6042f58e86d2a488a082955dd18d7277c93159c61b8b0c5d3f4ea712cb65285329082802d4f8ff7795977aa42d769dc5104d8a224ec23237a0dedc6c41af267361629e53def77343c370dc4669e318e083ee1336bd5a75bf28bf7ed4b430e5231634877b0a348bc8c824c3c14d22f5c8831440d7992b907ea33aa559094267f5a6f0ce8999f3bc7896a0c009792b2cd2bbc683b6bfca3dd3b904d18d0e5602e7a2b8be9724ca8541bd55c802a0e094b391fc4cc640f9b72792876113f82cf515062607acc5191a6c00dc463ecfe342d8b7f1b145c341d5387a458485fe6284fbf756c257b0f211478a5e89537b1353cc2239dc9699fc6aed8199790c62e302c8ab9904afeb24299395b68ddd2a50a6a040c9cf265528446b7a9f62a86c66c296652d8975834aafdafa6f8ebe78f0519706c2147574678e2eafedb1eb45a4b1271242a2b32c421de9c79263b8832a3fd96c9636fd47753a26b802d7c11f1ac48f87ee1265ee02c6a43012bb8366fa74b5d58b6f15b7231ad91f17873ccf4580ea4c2de3f1d11e7d155a46fabb84b3dc0e01e0a59c7f2e20ec03d7f58160089af1cbb50fbd4de6830cc1c477e1e545679156a493901c04dbdf6c627a4c2c316a65c62b26ed667a9d06fcea974176395a1e0f7c88d7e31869469d30f9e240a55a24658f624f5e129b597c4fcb842c45f3e839f4da7be2b932859e0daceb6aa1e655084423039cb322a137386f40756d92b42fcf6b2d0a10803204b773e26fcf2869ecb7fe45e6c0b6b32eeee2d0d722857f64aff0789e991f39b8f8b01dd60ac38d499e65d77842f64d028299a44b22898bfff5f18086d85f6a4de054d8eeed04a02c5224cdcffc0ddab94d60b94e91828db0d1a42de0ea5005e2e72586e88f4dadce0d9e341eb69aa06099cba4b36d0aa137c65032b413561df436a33c5abb273d7090348493e261f46ce02e6f6478f91eefdefbcd07c395bbbc30992c22da788dd5ee1fadd497dda4042023c76f11f9fd7a06f2b008f6f93041a233a083de3f011eddf612cb9f810ff75d3a730d6d7815eaf94622198bf6445e4dccc9da2f3da6a0e89bff36680affdb66104ddc0f657851451a640d53eac528a85c677d6a72a8ea276c2046248c911e4ae643c5b2a7d06b9dfdc197bbf920f8b374e1436c2e7cc63707a16abfd0a988425c3b2129c6e5b726350fd3e33087d68b8f0c874dfb25150495dca4a06be510dbbd7f39859d5569eb8879e61457786a1bf5cd101127e7ab3a57276880b55a657195ae773a26546fd27312abacd54a9e2285015974942ce3ea897c74d1fd1db057ef36669a9483d3a79d7bf9ce1929f744b13d7a28f8710cf234d9cfde77d5ce77b40016a7905e1934f3d6c0ef60fccb8b6cf30ce00c461b6e08d3ce861c53773c5dc8545fec30e1c46a6540fc8b94d7fcde9a7b986f33dafaa68408ac98b818c63fb21f41b0844b3488a8041247675255a23c8f36652ba3783270ee9a5ae7bfcfe9c2a0c7888215630f5f38af7b19c2183d36f92fe71d6fcded4be423056560b43791273744586190a2ea6a9d357ea7352db6ed077edf39ea29d1c3068467b045dbf46a2a022af48021affd34e2709c94ce2d4e51ff7a1d68317f3a9cc786675cfcdcff95809c979ba2f5c077ba7e53258f6ba93ac76fe2d5b9fb55a1e9e7dd27c6c033d2f09412d56b0054c43c4afe0530ce137b4ab0e5f8655d77f7a8c27757fdffdf0cb6b952a11025c42fd46abcf3fe9c8f64455e5ba769128d6b8fd196873020501781441c6b90bcf71494008a1a78b8837b9d5cd116490e57a2e0f885065c330374b74f12d6b7be579e5854e8a1f2628c87cf96626ae25d4fe1c64b87761d015e8923df32a6284b67e7ca9c89e3607da0dfc897500b85caeec9bf6266fc8b3aa46135d206a5f006d7da7763b33d8e11c064ede5310d9fe952658d00d4b782f9c6428fc014445e3725bdcbad101cad496edcc2ec4260a077c479d600bb82e883dfe6325b180b39c92b23bdc049dc3e30391e0256d39f4d1da5912142b0af50a09570208e8617d59dde8629c0635c344e1e2ef81598b8b21fb0b0b95d16bb846a43a0c0a49c6e625b71df7002ee6d250e0106e451e3b9d878a6897a39dc529265d6b5b8b530deba14bf62a62df41b988994f434752e95e8159ef43254686940df4317ff61046e9242dc60dce83d3643d66c0be5c43147b0878ccf7416cc9ca2190a1cd5d8cb6631a33ca0de81d6f46929f16acf4f4d3b79e6c1743b31c8e7bbb4dd8d10ba5bca70c6c77a6e875f459706d303a510ccbd39f8a360828039f2ff9d5380e93929b9a5a3fba9ccdf5676f402302b7e233856b54cc170957b6cf9df4e10e76ed85f51bfe9273f939818f8b9d1a3c6f39228f5571dfc30992e84717d55778d6673e78689a7aadb1fc877ee663db8044f5a68bfe9a89462fdea063f509e782049ec95ca58bf44a33145f1d4d8c2cc432aee1cdddd9ce84955e76feb4", 0x1000}], 0xa, &(0x7f0000001c80)=[@rights={{0x2c, 0x1, 0x1, [r7, r0, r8, r9, r1, r10, r5]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {r2, 0x0, r11}}}], 0x70}, 0x884) ioctl$PIO_FONT(r5, 0x4b61, &(0x7f0000001d40)="554557388428b640aa0c960922d248c1d2f6ecd77702de97ebee3d52c9eb2d") recvmmsg$unix(r5, &(0x7f0000006700)=[{{0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000001d80)=""/166, 0xa6}, {&(0x7f0000001e40)=""/4096, 0x1000}, {&(0x7f0000002e40)=""/254, 0xfe}, {&(0x7f0000002f40)=""/126, 0x7e}, {&(0x7f0000002fc0)}], 0x5, &(0x7f0000003080)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}, {{&(0x7f0000003140), 0x6e, &(0x7f0000004540)=[{&(0x7f00000031c0)=""/140, 0x8c}, {&(0x7f0000003280)=""/176, 0xb0}, {&(0x7f0000003340)=""/4096, 0x1000}, {&(0x7f0000004340)=""/210, 0xd2}, {&(0x7f0000004440)=""/63, 0x3f}, {&(0x7f0000004480)=""/166, 0xa6}], 0x6, &(0x7f00000045c0)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000004600), 0x6e, &(0x7f0000004780)=[{&(0x7f0000004680)=""/96, 0x60}, {&(0x7f0000004700)=""/57, 0x39}, {&(0x7f0000004740)=""/51, 0x33}], 0x3, &(0x7f00000047c0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}}, {{&(0x7f0000004880), 0x6e, &(0x7f0000004a00)=[{&(0x7f0000004900)=""/202, 0xca}], 0x1, &(0x7f0000004a40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd0}}, {{&(0x7f0000004b40), 0x6e, &(0x7f0000004d00)=[{&(0x7f0000004bc0)=""/111, 0x6f}, {&(0x7f0000004c40)=""/133, 0x85}], 0x2, &(0x7f0000004d40)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000004d80), 0x6e, &(0x7f0000006140)=[{&(0x7f0000004e00)=""/222, 0xde}, {&(0x7f0000004f00)=""/130, 0x82}, {&(0x7f0000004fc0)=""/4096, 0x1000}, {&(0x7f0000005fc0)=""/156, 0x9c}, {&(0x7f0000006080)=""/144, 0x90}], 0x5, &(0x7f00000061c0)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000006200), 0x6e, &(0x7f00000065c0)=[{&(0x7f0000006280)=""/254, 0xfe}, {&(0x7f0000006380)=""/75, 0x4b}, {&(0x7f0000006400)=""/164, 0xa4}, {&(0x7f00000064c0)=""/28, 0x1c}, {&(0x7f0000006500)=""/104, 0x68}, {&(0x7f0000006580)=""/11, 0xb}], 0x6, &(0x7f0000006640)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}], 0x7, 0x20, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r12, 0xc0189376, &(0x7f00000068c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) 16:18:18 executing program 6: r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x200802, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000040)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000080)) ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0xfff}, {0xd242, 0x9}, {0x3c, 0x7fff}]}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0) r2 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000180)) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f0000000240)={0x9, &(0x7f0000000200)=[{0x8, 0x3}, {0xb9, 0x9}, {0x8000, 0x4}, {0x6}, {0x8, 0x2}, {0x0, 0xd75}, {0xfff8, 0x3fc}, {0x101, 0x4}, {0x2, 0x80}]}) unlink(&(0x7f0000000280)='./file0\x00') r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000300)={0x5, &(0x7f00000002c0)=[{0x8001, 0x0, 0xff, 0x8}, {0x7fff, 0x0, 0x3, 0x7}, {0x7, 0x2, 0xa8, 0x7}, {0x1000, 0x7f, 0xa4, 0x7}, {0xeb98, 0x80, 0x6, 0x8000}]}) fstatfs(r3, &(0x7f0000000340)=""/78) ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f00000003c0)={0x0, 0x1}) ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000440)={0x8, &(0x7f0000000400)=[{0x20, 0x4}, {0x9, 0x6984}, {0x5, 0x3}, {0x800, 0x8}, {0x3, 0x101}, {0x7fff, 0x7}, {0x3, 0x1ff}, {}]}) r4 = accept4$packet(r0, 0x0, &(0x7f0000000480), 0x800) ioctl$BTRFS_IOC_RESIZE(r4, 0x50009403, &(0x7f00000004c0)={{r3}, {@val, @max}}) lstat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(r0, &(0x7f0000000840)={&(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000580)="51bcdfee32e963a2e19e295ba945bb08368c5ac7a9bc5c00493a2de575b182102d1591f9042fca1f6538f2127ace9b15669e0cd08ec30522ecb9cd4dc4940b998477ef5485341ebafc398839ad98bea8", 0x50}], 0x1, &(0x7f0000000780)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, r5}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0xa0, 0x4000000}, 0x91) 16:18:18 executing program 7: r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @loopback}, &(0x7f0000000040)=0x10, 0x80000) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000080)={0xc43abfb8611bb262, @dev={0xac, 0x14, 0x14, 0x20}, 0x4e22, 0x3, 'nq\x00', 0x11, 0x36b, 0x5c}, 0x2c) r1 = io_uring_setup(0x3df4, &(0x7f00000000c0)={0x0, 0xe4d8, 0x26, 0x0, 0x81}) r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000180)=0x1c, 0x0) ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x1}) ioctl$FIONCLEX(0xffffffffffffffff, 0x5450) connect$inet6(r2, &(0x7f00000005c0)={0xa, 0x4e22, 0x80000001, @ipv4={'\x00', '\xff\xff', @loopback}, 0x4d76}, 0x1c) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000600)={0x2, 'veth0\x00', {0x1000}, 0x5}) r4 = openat(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x0, 0x150) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000680)={0x3, 0x2, 0x4, 0x0, 0x0, [{{r1}, 0x9}, {{r1}, 0x5}, {{r4}, 0x1800000000000000}, {{r0}, 0x100}]}) r5 = openat$cgroup_ro(r4, &(0x7f0000000740)='blkio.bfq.dequeue\x00', 0x0, 0x0) ioctl$BTRFS_IOC_START_SYNC(r2, 0x80089418, &(0x7f0000000780)=0x0) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f00000007c0)={{r5}, r6, 0x0, @unused=[0x3, 0x10000, 0x9, 0x5], @devid=r3}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000017c0)={{0x1, 0x1, 0x18, r2, {0x1}}, './file0\x00'}) io_uring_register$IORING_UNREGISTER_FILES(r7, 0x3, 0x0, 0x0) readahead(0xffffffffffffffff, 0x0, 0x1) r8 = eventfd(0x80000000) preadv(r8, &(0x7f0000001940)=[{&(0x7f0000001800)=""/47, 0x2f}, {&(0x7f0000001840)=""/139, 0x8b}, {&(0x7f0000001900)=""/15, 0xf}], 0x3, 0xfffffffe, 0x800) recvmmsg(r5, &(0x7f00000053c0)=[{{&(0x7f0000001980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000004f00)=[{&(0x7f0000001a00)=""/228, 0xe4}, {&(0x7f0000001b00)=""/157, 0x9d}, {&(0x7f0000001bc0)=""/194, 0xc2}, {&(0x7f0000001cc0)=""/172, 0xac}, {&(0x7f0000001d80)=""/4096, 0x1000}, {&(0x7f0000002d80)=""/231, 0xe7}, {&(0x7f0000002e80)=""/4096, 0x1000}, {&(0x7f0000003e80)=""/59, 0x3b}, {&(0x7f0000003ec0)=""/4096, 0x1000}, {&(0x7f0000004ec0)=""/32, 0x20}], 0xa, &(0x7f0000004fc0)=""/72, 0x48}, 0x3f}, {{&(0x7f0000005040)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f00000052c0)=[{&(0x7f00000050c0)=""/197, 0xc5}, {&(0x7f00000051c0)=""/238, 0xee}], 0x2, &(0x7f0000005300)=""/162, 0xa2}, 0x3}], 0x2, 0x0, 0x0) accept(r9, &(0x7f0000005440)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @initdev}}, &(0x7f00000054c0)=0x80) [ 80.239764] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.243818] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.249588] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.260358] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.264813] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 80.265865] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 80.271505] Bluetooth: hci0: HCI_REQ-0x0c1a [ 80.341615] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 80.344025] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 80.346324] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 80.349792] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 80.352615] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 80.354774] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 80.362240] Bluetooth: hci2: HCI_REQ-0x0c1a [ 80.427867] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 80.430622] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 80.433468] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 80.436045] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 80.437114] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 80.439128] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 80.439332] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 80.441060] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 80.444062] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 80.445215] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 80.446311] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 80.446468] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 80.449358] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 80.453599] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 80.455021] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 80.455368] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 80.457892] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 80.460130] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 80.461231] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 80.463078] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 80.464063] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 80.465596] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 80.467997] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 80.473464] Bluetooth: hci4: HCI_REQ-0x0c1a [ 80.474230] Bluetooth: hci6: HCI_REQ-0x0c1a [ 80.474831] Bluetooth: hci5: HCI_REQ-0x0c1a [ 80.524476] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 80.529431] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 80.540488] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 80.540522] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 80.545858] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 80.546006] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 80.549264] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 80.552189] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 80.554505] Bluetooth: hci3: HCI_REQ-0x0c1a [ 80.555785] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 80.562117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 80.573339] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 80.584143] Bluetooth: hci1: HCI_REQ-0x0c1a [ 80.587094] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 80.596689] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 80.606605] Bluetooth: hci7: HCI_REQ-0x0c1a [ 82.311656] Bluetooth: hci0: command 0x0409 tx timeout [ 82.376245] Bluetooth: hci2: command 0x0409 tx timeout [ 82.503814] Bluetooth: hci6: command 0x0409 tx timeout [ 82.504617] Bluetooth: hci5: command 0x0409 tx timeout [ 82.505370] Bluetooth: hci4: command 0x0409 tx timeout [ 82.568349] Bluetooth: hci3: command 0x0409 tx timeout [ 82.631269] Bluetooth: hci7: command 0x0409 tx timeout [ 82.632222] Bluetooth: hci1: command 0x0409 tx timeout [ 84.359255] Bluetooth: hci0: command 0x041b tx timeout [ 84.423248] Bluetooth: hci2: command 0x041b tx timeout [ 84.551256] Bluetooth: hci4: command 0x041b tx timeout [ 84.551827] Bluetooth: hci5: command 0x041b tx timeout [ 84.552420] Bluetooth: hci6: command 0x041b tx timeout [ 84.615724] Bluetooth: hci3: command 0x041b tx timeout [ 84.679252] Bluetooth: hci1: command 0x041b tx timeout [ 84.680936] Bluetooth: hci7: command 0x041b tx timeout [ 86.407377] Bluetooth: hci0: command 0x040f tx timeout [ 86.471320] Bluetooth: hci2: command 0x040f tx timeout [ 86.599226] Bluetooth: hci6: command 0x040f tx timeout [ 86.599798] Bluetooth: hci5: command 0x040f tx timeout [ 86.600642] Bluetooth: hci4: command 0x040f tx timeout [ 86.663336] Bluetooth: hci3: command 0x040f tx timeout [ 86.727257] Bluetooth: hci7: command 0x040f tx timeout [ 86.728595] Bluetooth: hci1: command 0x040f tx timeout [ 88.455237] Bluetooth: hci0: command 0x0419 tx timeout [ 88.519220] Bluetooth: hci2: command 0x0419 tx timeout [ 88.647249] Bluetooth: hci4: command 0x0419 tx timeout [ 88.647815] Bluetooth: hci5: command 0x0419 tx timeout [ 88.648476] Bluetooth: hci6: command 0x0419 tx timeout [ 88.711264] Bluetooth: hci3: command 0x0419 tx timeout [ 88.775256] Bluetooth: hci1: command 0x0419 tx timeout [ 88.775865] Bluetooth: hci7: command 0x0419 tx timeout [ 142.631766] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 142.633126] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 142.636015] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 142.642446] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 142.643912] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 142.644903] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 142.655682] Bluetooth: hci0: HCI_REQ-0x0c1a [ 142.738531] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 142.739838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 142.741886] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 142.744084] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 142.745849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 142.746727] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 142.756234] Bluetooth: hci1: HCI_REQ-0x0c1a [ 142.826688] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 142.828282] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 142.829782] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 142.831489] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 142.832655] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 142.834287] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 142.837362] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 142.837380] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 142.839555] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 142.842899] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 142.843782] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 142.843790] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 142.846051] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 142.855712] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 142.857049] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 142.857796] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 142.858435] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 142.859357] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 142.860826] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 142.861585] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 142.862303] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 142.862979] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 142.874318] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 142.875174] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 142.877963] Bluetooth: hci4: HCI_REQ-0x0c1a [ 142.885201] Bluetooth: hci7: HCI_REQ-0x0c1a [ 142.901252] Bluetooth: hci6: HCI_REQ-0x0c1a [ 142.906292] Bluetooth: hci5: HCI_REQ-0x0c1a [ 144.711226] Bluetooth: hci0: command 0x0409 tx timeout [ 144.775277] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 144.776372] Bluetooth: hci1: command 0x0409 tx timeout [ 144.839181] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 144.903244] Bluetooth: hci4: command 0x0409 tx timeout [ 144.967219] Bluetooth: hci5: command 0x0409 tx timeout [ 144.967236] Bluetooth: hci6: command 0x0409 tx timeout [ 144.967771] Bluetooth: hci7: command 0x0409 tx timeout [ 146.759188] Bluetooth: hci0: command 0x041b tx timeout [ 146.824244] Bluetooth: hci1: command 0x041b tx timeout [ 146.951223] Bluetooth: hci4: command 0x041b tx timeout [ 147.015230] Bluetooth: hci7: command 0x041b tx timeout [ 147.016263] Bluetooth: hci6: command 0x041b tx timeout [ 147.016434] Bluetooth: hci5: command 0x041b tx timeout [ 148.808245] Bluetooth: hci0: command 0x040f tx timeout [ 148.872236] Bluetooth: hci1: command 0x040f tx timeout [ 149.000208] Bluetooth: hci4: command 0x040f tx timeout [ 149.063215] Bluetooth: hci5: command 0x040f tx timeout [ 149.064282] Bluetooth: hci6: command 0x040f tx timeout [ 149.064295] Bluetooth: hci7: command 0x040f tx timeout [ 149.447310] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 149.639319] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 150.855232] Bluetooth: hci0: command 0x0419 tx timeout [ 150.919353] Bluetooth: hci1: command 0x0419 tx timeout [ 151.047232] Bluetooth: hci4: command 0x0419 tx timeout [ 151.111274] Bluetooth: hci7: command 0x0419 tx timeout [ 151.111297] Bluetooth: hci6: command 0x0419 tx timeout [ 151.112037] Bluetooth: hci5: command 0x0419 tx timeout [ 152.208108] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 152.209757] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 152.211099] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 152.214966] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 152.216672] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 152.217998] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 152.226252] Bluetooth: hci2: HCI_REQ-0x0c1a [ 152.527416] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 152.529785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 152.533857] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 152.537920] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 152.539911] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 152.541806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 152.552226] Bluetooth: hci3: HCI_REQ-0x0c1a [ 154.311360] Bluetooth: hci2: command 0x0409 tx timeout [ 154.567331] Bluetooth: hci3: command 0x0409 tx timeout [ 156.360208] Bluetooth: hci2: command 0x041b tx timeout [ 156.616207] Bluetooth: hci3: command 0x041b tx timeout [ 158.407316] Bluetooth: hci2: command 0x040f tx timeout [ 158.663220] Bluetooth: hci3: command 0x040f tx timeout [ 160.455313] Bluetooth: hci2: command 0x0419 tx timeout [ 160.711364] Bluetooth: hci3: command 0x0419 tx timeout [ 193.065722] loop1: detected capacity change from 0 to 128 [ 193.076735] loop1: detected capacity change from 0 to 128 [ 197.334407] loop2: detected capacity change from 0 to 16245 [ 197.336586] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value [ 197.344497] audit: type=1400 audit(1664209217.043:7): avc: denied { open } for pid=7310 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 197.346199] loop2: detected capacity change from 0 to 16245 [ 197.347014] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value 16:20:34 executing program 1: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x30656, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='n/file0\x00']) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/anycast6\x00') ioctl$LOOP_CLR_FD(r2, 0x4c01) fcntl$dupfd(r0, 0x406, r1) getgid() perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0x0, 0xffffffffffffffff, 0x3) openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x4da101, 0x0) write(r1, &(0x7f0000000080)="01", 0x41030) 16:20:34 executing program 6: syslog(0x3, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) socket$inet_udp(0x2, 0x2, 0x0) r2 = accept$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000140)=0x10) ioctl(r2, 0x7, &(0x7f0000000180)="5cf76074abaf8315409c65d444762a84209195ef43e46d9c2a9a78687451cdd1a0de6e01ae572dc6c7e43900fddebbcd70cbbdfef400fd51343555a57b80482f1156a0caf1bf9fc3d2bddef12b13a61250d9118797a17c8242fdadb1bec8ede8c660ac947892867d0c82aa2c3211d0208cd20d51cfb7ed901ee7") sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="ff050008000000000000ffff000000000000005f7cab4816a5d3bbe7073bca3926246d89284cabfbbf83001b1ffd7fbfff02178716b6571cfd81bfcc2e8652064107c92ba79729bd0321051e0a30572010480e51f93f839c4e1ca1d39c9f9be3425b8cf455e0a40e672c62ad45f9d59d516e7375f48e7506b77fc697fb18353e4ea1388928885dab6bb057afc4bc76ce8005d897d33fb0edfe0000000000000000"], 0x1c}}, 0x0) perf_event_open(&(0x7f0000000440)={0x5, 0x80, 0x1, 0x3, 0x0, 0x5, 0x0, 0x315, 0x20, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8d90, 0x1, @perf_bp={&(0x7f0000000200), 0x1}, 0x10, 0x9, 0x269387ea, 0x5, 0x1340, 0x7, 0x2c5}, 0xffffffffffffffff, 0xe, r0, 0x8) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) mq_timedsend(0xffffffffffffffff, &(0x7f0000000300)="fc8281f3243e6487424c716bab7538418ca51b23e51577ed03135979b934db684d1410cdf549b6fd467d977743a41bbb056c161ec1ef64e0c46abceae724c0c26a876c299fa853ea3accc292e4da309c3c5a91b98a27a995e77b27ce4a53fda845d256474350fb5e3e52b5c9a74087220ab8bd5a0955eb56e68b307d59713d15b18314beeb8fe6e7a9602987cf170faf6a9000a8a241690ec6b29ff0123fbbdb9224875faa9039ec45e3f67edaf4da180afe", 0xb2, 0x4, 0x0) syz_io_uring_complete(r3) 16:20:34 executing program 4: ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'wg2\x00', {0x2, 0x0, @remote}}) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) open$dir(&(0x7f0000000200)='./file0\x00', 0x20000, 0x41) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000040), 0x6e, &(0x7f00000004c0)=[{&(0x7f00000000c0)=""/187, 0xbb}, {&(0x7f0000000180)=""/97, 0x61}, {&(0x7f0000000300)=""/253, 0xfd}, {&(0x7f0000000200)}, {&(0x7f0000000400)=""/168, 0xa8}], 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="2c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="00000000100000000000000001000000010000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000100000002070000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x130}, 0x20) syz_mount_image$nfs(&(0x7f00000007c0), 0x0, 0x3, 0x0, 0x0, 0x0, &(0x7f00000006c0)={[], [{@fowner_gt={'fowner>', r0}}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x38, 0x64, 0x37, 0x33, 0x30, 0x35, 0x31], 0x2d, [0x37, 0x64, 0x35, 0x38], 0x2d, [0x32, 0x62, 0x36, 0x65], 0x2d, [0x64, 0x3, 0x65, 0x39], 0x2d, [0x30, 0x32, 0x33, 0x32, 0x30, 0x63, 0x66, 0x7b]}}}, {@pcr={'pcr', 0x3d, 0x12}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@subj_user={'subj_user', 0x3d, 'wg2\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@euid_gt={'euid>', r1}}, {@obj_user={'obj_user', 0x3d, '#\'))#-@'}}]}) lchown(&(0x7f0000000800)='./file0\x00', r0, 0xee01) 16:20:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.controllers\x00', 0x0, 0x0) r1 = openat(r0, &(0x7f0000000040)='./file1\x00', 0x100, 0x18) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c010}, 0x801) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f0000000440)={{0x0, 0xff}, 'port1\x00', 0x64, 0x0, 0x1f, 0xffffffff, 0x8000000, 0x8, 0x6, 0x0, 0x2}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(r0, &(0x7f0000000100)='./file2\x00', 0x101042, 0x140) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(r2, &(0x7f0000000840)='./file0\x00', 0x2, 0x4a) openat(0xffffffffffffffff, &(0x7f0000000200)='./file2\x00', 0x103400, 0x1) io_setup(0x7, &(0x7f0000000000)) r3 = io_uring_setup(0x13eb, &(0x7f0000000100)={0x0, 0xa306, 0x0, 0x0, 0x32e}) open_by_handle_at(r3, &(0x7f0000000180)=@reiserfs_3={0xc}, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r4, &(0x7f0000000040)=""/169, 0x200000e9) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x220) 16:20:34 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f00000000c0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000000)) 16:20:34 executing program 2: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000140)=@abs, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000040)=""/32, 0x20}, {&(0x7f00000001c0)=""/27, 0x1b}, {&(0x7f0000000200)=""/7, 0x7}, {&(0x7f0000000300)=""/127, 0x7f}, {&(0x7f0000000240)=""/34, 0x22}, {&(0x7f0000000380)=""/197, 0xc5}], 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000061c00006c0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="18000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xa0}, 0x12001) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000800)=0x6, 0x60000000000) syz_open_procfs(r0, &(0x7f0000000600)='attr/fscreate\x00') syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_opaque(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700), &(0x7f0000000740), 0x2, 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x535081, 0x0) r2 = epoll_create(0x7fffffff) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000040)) r4 = syz_open_dev$rtc(&(0x7f00000007c0), 0x0, 0x0) ioctl$RTC_ALM_SET(r4, 0x40247007, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000040)={0x8}) ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000780)=0xffff) fsetxattr$security_capability(r4, &(0x7f0000000640), &(0x7f0000000680)=@v2={0x2000000, [{0x0, 0x100}, {0x9, 0x200}]}, 0x14, 0x2) r5 = inotify_init1(0x0) dup2(r5, r1) 16:20:34 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000340), 0x80, 0x0) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x280400, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f0000000080)=0x1) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0xa8420, &(0x7f0000000940)={'trans=unix,', {[{@cache_fscache}, {@access_client}, {@access_any}, {@access_uid={'access', 0x3d, 0xee01}}, {@privport}, {@dfltgid={'dfltgid', 0x3d, r2}}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@obj_user={'obj_user', 0x3d, 'environ\x00'}}, {@subj_role={'subj_role', 0x3d, 'environ\x00'}}, {@euid_eq={'euid', 0x3d, r3}}, {@measure}]}}) fchown(r1, 0x0, r2) r4 = syz_io_uring_setup(0x1, &(0x7f0000000180)={0x0, 0xf060, 0x20, 0x0, 0x40000340, 0x0, r1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, r1, {0x5}}, './file0\x00'}) ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r5, 0x8982, &(0x7f0000000280)={0x8, 'veth1_to_bond\x00', {'macvtap0\x00'}, 0x3}) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x110, r6, 0x0) io_uring_enter(r4, 0x1, 0x0, 0x0, 0x0, 0x0) ioctl(r1, 0x1, &(0x7f00000000c0)="959d48e1130f392f0a939dffda4e25f3059ea2b96d2fdc467fb1b956bad091d1b93ca6fed3028812a454140eb68cbfdfa3ee91") socket$inet6_udp(0xa, 0x2, 0x0) 16:20:34 executing program 0: syz_mount_image$ext4(&(0x7f0000003480)='ext3\x00', &(0x7f00000034c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="64656275675f77616e745f65787472615f6973697a653d3078303030303030303030303030303030302c0051ca08a9558188"]) [ 214.395774] audit: type=1400 audit(1664209234.094:8): avc: denied { kernel } for pid=7372 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 16:20:34 executing program 4: syz_open_dev$loop(0x0, 0x0, 0x0) r0 = getpid() r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0xc4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r0, 0x0, r1, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = fork() perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x6, 0x0, 0xce, 0x1, 0x0, 0x87, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x100, 0x1, @perf_bp={&(0x7f0000000100), 0xa}, 0x0, 0x7, 0x8, 0x1, 0x80, 0x5, 0x8000, 0x0, 0x9, 0x0, 0x7}, r2, 0xc, r1, 0x2) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x81, 0x4, 0x4e, 0x3, 0x0, 0x80000004, 0x8000, 0x9, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfff, 0x2, @perf_config_ext={0x3, 0x2}, 0x10000, 0x401, 0x0, 0x6, 0x100, 0x65, 0x1, 0x0, 0x3, 0x0, 0x9}, r0, 0x5, r1, 0x9) [ 214.421741] ------------[ cut here ]------------ [ 214.421763] [ 214.421766] ====================================================== [ 214.421770] WARNING: possible circular locking dependency detected [ 214.421774] 6.0.0-rc6-next-20220923 #1 Not tainted [ 214.421780] ------------------------------------------------------ [ 214.421784] syz-executor.3/7374 is trying to acquire lock: [ 214.421791] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 214.421832] [ 214.421832] but task is already holding lock: [ 214.421835] ffff88800e939420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 214.421864] [ 214.421864] which lock already depends on the new lock. [ 214.421864] [ 214.421867] [ 214.421867] the existing dependency chain (in reverse order) is: [ 214.421870] [ 214.421870] -> #3 (&ctx->lock){....}-{2:2}: [ 214.421884] _raw_spin_lock+0x2a/0x40 [ 214.421903] __perf_event_task_sched_out+0x53b/0x18d0 [ 214.421915] __schedule+0xedd/0x2470 [ 214.421929] schedule+0xda/0x1b0 [ 214.421941] exit_to_user_mode_prepare+0x114/0x1a0 [ 214.421953] syscall_exit_to_user_mode+0x19/0x40 [ 214.421965] do_syscall_64+0x48/0x90 [ 214.421982] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 214.421994] [ 214.421994] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 214.422008] _raw_spin_lock_nested+0x30/0x40 [ 214.422025] raw_spin_rq_lock_nested+0x1e/0x30 [ 214.422039] task_fork_fair+0x63/0x4d0 [ 214.422055] sched_cgroup_fork+0x3d0/0x540 [ 214.422069] copy_process+0x4183/0x6e20 [ 214.422080] kernel_clone+0xe7/0x890 [ 214.422089] user_mode_thread+0xad/0xf0 [ 214.422100] rest_init+0x24/0x250 [ 214.422111] arch_call_rest_init+0xf/0x14 [ 214.422129] start_kernel+0x4c1/0x4e6 [ 214.422146] secondary_startup_64_no_verify+0xe0/0xeb [ 214.422162] [ 214.422162] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 214.422175] _raw_spin_lock_irqsave+0x39/0x60 [ 214.422193] try_to_wake_up+0xab/0x1930 [ 214.422206] up+0x75/0xb0 [ 214.422220] __up_console_sem+0x6e/0x80 [ 214.422236] console_unlock+0x46a/0x590 [ 214.422251] do_con_write+0xc05/0x1d50 [ 214.422264] con_write+0x21/0x40 [ 214.422274] n_tty_write+0x4d4/0xfe0 [ 214.422287] file_tty_write.constprop.0+0x49c/0x8f0 [ 214.422300] vfs_write+0x9c3/0xd90 [ 214.422319] ksys_write+0x127/0x250 [ 214.422335] do_syscall_64+0x3b/0x90 [ 214.422351] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 214.422363] [ 214.422363] -> #0 ((console_sem).lock){....}-{2:2}: [ 214.422377] __lock_acquire+0x2a02/0x5e70 [ 214.422394] lock_acquire+0x1a2/0x530 [ 214.422409] _raw_spin_lock_irqsave+0x39/0x60 [ 214.422427] down_trylock+0xe/0x70 [ 214.422441] __down_trylock_console_sem+0x3b/0xd0 [ 214.422456] vprintk_emit+0x16b/0x560 [ 214.422472] vprintk+0x84/0xa0 [ 214.422488] _printk+0xba/0xf1 [ 214.422499] report_bug.cold+0x72/0xab [ 214.422515] handle_bug+0x3c/0x70 [ 214.422531] exc_invalid_op+0x14/0x50 [ 214.422547] asm_exc_invalid_op+0x16/0x20 [ 214.422558] group_sched_out.part.0+0x2c7/0x460 [ 214.422569] ctx_sched_out+0x8f1/0xc10 [ 214.422579] __perf_event_task_sched_out+0x6d0/0x18d0 [ 214.422591] __schedule+0xedd/0x2470 [ 214.422604] schedule+0xda/0x1b0 [ 214.422617] exit_to_user_mode_prepare+0x114/0x1a0 [ 214.422627] syscall_exit_to_user_mode+0x19/0x40 [ 214.422639] do_syscall_64+0x48/0x90 [ 214.422655] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 214.422667] [ 214.422667] other info that might help us debug this: [ 214.422667] [ 214.422669] Chain exists of: [ 214.422669] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 214.422669] [ 214.422684] Possible unsafe locking scenario: [ 214.422684] [ 214.422687] CPU0 CPU1 [ 214.422689] ---- ---- [ 214.422691] lock(&ctx->lock); [ 214.422697] lock(&rq->__lock); [ 214.422704] lock(&ctx->lock); [ 214.422710] lock((console_sem).lock); [ 214.422715] [ 214.422715] *** DEADLOCK *** [ 214.422715] [ 214.422717] 2 locks held by syz-executor.3/7374: [ 214.422724] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 214.422752] #1: ffff88800e939420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 214.422780] [ 214.422780] stack backtrace: [ 214.422783] CPU: 1 PID: 7374 Comm: syz-executor.3 Not tainted 6.0.0-rc6-next-20220923 #1 [ 214.422795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 214.422804] Call Trace: [ 214.422807] [ 214.422811] dump_stack_lvl+0x8b/0xb3 [ 214.422829] check_noncircular+0x263/0x2e0 [ 214.422845] ? format_decode+0x26c/0xb50 [ 214.422862] ? print_circular_bug+0x450/0x450 [ 214.422878] ? enable_ptr_key_workfn+0x20/0x20 [ 214.422894] ? format_decode+0x26c/0xb50 [ 214.422911] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 214.422929] __lock_acquire+0x2a02/0x5e70 [ 214.422950] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 214.422972] lock_acquire+0x1a2/0x530 [ 214.422988] ? down_trylock+0xe/0x70 [ 214.423004] ? lock_release+0x750/0x750 [ 214.423024] ? vprintk+0x84/0xa0 [ 214.423042] _raw_spin_lock_irqsave+0x39/0x60 [ 214.423060] ? down_trylock+0xe/0x70 [ 214.423076] down_trylock+0xe/0x70 [ 214.423091] ? vprintk+0x84/0xa0 [ 214.423107] __down_trylock_console_sem+0x3b/0xd0 [ 214.423124] vprintk_emit+0x16b/0x560 [ 214.423143] vprintk+0x84/0xa0 [ 214.423160] _printk+0xba/0xf1 [ 214.423171] ? record_print_text.cold+0x16/0x16 [ 214.423186] ? report_bug.cold+0x66/0xab [ 214.423203] ? group_sched_out.part.0+0x2c7/0x460 [ 214.423215] report_bug.cold+0x72/0xab [ 214.423233] handle_bug+0x3c/0x70 [ 214.423250] exc_invalid_op+0x14/0x50 [ 214.423267] asm_exc_invalid_op+0x16/0x20 [ 214.423279] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 214.423293] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 214.423304] RSP: 0018:ffff888030bb7c48 EFLAGS: 00010006 [ 214.423313] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.423321] RDX: ffff8880184f3580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 214.423329] RBP: ffff8880375505c8 R08: 0000000000000005 R09: 0000000000000001 [ 214.423336] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800e939400 [ 214.423344] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 214.423354] ? group_sched_out.part.0+0x2c7/0x460 [ 214.423367] ? group_sched_out.part.0+0x2c7/0x460 [ 214.423381] ctx_sched_out+0x8f1/0xc10 [ 214.423393] __perf_event_task_sched_out+0x6d0/0x18d0 [ 214.423409] ? lock_is_held_type+0xd7/0x130 [ 214.423422] ? __perf_cgroup_move+0x160/0x160 [ 214.423434] ? set_next_entity+0x304/0x550 [ 214.423451] ? update_curr+0x267/0x740 [ 214.423469] ? lock_is_held_type+0xd7/0x130 [ 214.423482] __schedule+0xedd/0x2470 [ 214.423499] ? io_schedule_timeout+0x150/0x150 [ 214.423514] ? rcu_read_lock_sched_held+0x3e/0x80 [ 214.423535] schedule+0xda/0x1b0 [ 214.423549] exit_to_user_mode_prepare+0x114/0x1a0 [ 214.423561] syscall_exit_to_user_mode+0x19/0x40 [ 214.423574] do_syscall_64+0x48/0x90 [ 214.423591] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 214.423604] RIP: 0033:0x7f914c7f7b19 [ 214.423612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 214.423623] RSP: 002b:00007f9149d6d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 214.423633] RAX: 0000000000000001 RBX: 00007f914c90af68 RCX: 00007f914c7f7b19 [ 214.423641] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f914c90af6c [ 214.423648] RBP: 00007f914c90af60 R08: 000000000000000e R09: 0000000000000000 [ 214.423655] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f914c90af6c [ 214.423662] R13: 00007fff4299ecaf R14: 00007f9149d6d300 R15: 0000000000022000 [ 214.423675] [ 214.479410] WARNING: CPU: 1 PID: 7374 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 214.480110] Modules linked in: [ 214.480354] CPU: 1 PID: 7374 Comm: syz-executor.3 Not tainted 6.0.0-rc6-next-20220923 #1 [ 214.480957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 214.481783] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 214.482190] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 214.483529] RSP: 0018:ffff888030bb7c48 EFLAGS: 00010006 [ 214.483939] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.484466] RDX: ffff8880184f3580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 214.484996] RBP: ffff8880375505c8 R08: 0000000000000005 R09: 0000000000000001 [ 214.485526] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800e939400 [ 214.486051] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 214.486575] FS: 00007f9149d6d700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 214.487164] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.487588] CR2: 00007fc6adc7e547 CR3: 000000000e868000 CR4: 0000000000350ee0 [ 214.488136] Call Trace: [ 214.488335] [ 214.488508] ctx_sched_out+0x8f1/0xc10 [ 214.488803] __perf_event_task_sched_out+0x6d0/0x18d0 [ 214.489199] ? lock_is_held_type+0xd7/0x130 [ 214.489531] ? __perf_cgroup_move+0x160/0x160 [ 214.489872] ? set_next_entity+0x304/0x550 [ 214.490199] ? update_curr+0x267/0x740 [ 214.490499] ? lock_is_held_type+0xd7/0x130 [ 214.490830] __schedule+0xedd/0x2470 [ 214.491113] ? io_schedule_timeout+0x150/0x150 [ 214.491471] ? rcu_read_lock_sched_held+0x3e/0x80 [ 214.491847] schedule+0xda/0x1b0 [ 214.492119] exit_to_user_mode_prepare+0x114/0x1a0 [ 214.492493] syscall_exit_to_user_mode+0x19/0x40 [ 214.492859] do_syscall_64+0x48/0x90 [ 214.493147] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 214.493535] RIP: 0033:0x7f914c7f7b19 [ 214.493819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 214.495163] RSP: 002b:00007f9149d6d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 214.495738] RAX: 0000000000000001 RBX: 00007f914c90af68 RCX: 00007f914c7f7b19 [ 214.496261] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f914c90af6c [ 214.496780] RBP: 00007f914c90af60 R08: 000000000000000e R09: 0000000000000000 [ 214.497310] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f914c90af6c [ 214.497838] R13: 00007fff4299ecaf R14: 00007f9149d6d300 R15: 0000000000022000 [ 214.498366] [ 214.498545] irq event stamp: 492 [ 214.498792] hardirqs last enabled at (491): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 214.499485] hardirqs last disabled at (492): [] __schedule+0x1225/0x2470 [ 214.500113] softirqs last enabled at (0): [] copy_process+0x1e15/0x6e20 [ 214.500724] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.501192] ---[ end trace 0000000000000000 ]--- [ 214.508303] EXT4-fs: Invalid want_extra_isize 0 [ 214.509065] EXT4-fs: Invalid want_extra_isize 0 [ 214.523152] hrtimer: interrupt took 21560 ns 16:20:34 executing program 0: setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x4d4, 0x3c}, 0x2, @in6=@empty, 0x0, 0x1, 0x0, 0xfe}}, 0xe8) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004580)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x0) 16:20:34 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fsmount(0xffffffffffffffff, 0x1, 0x4) io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f00000004c0)={0x1d9, 0x0, &(0x7f0000000480)}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0xfffffffffffffff8, 0x2, 0xfffffffffffffff7}) perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x6d, 0x20, 0x2, 0x1f, 0x0, 0x5, 0x40100, 0x8, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={&(0x7f00000001c0), 0x1}, 0x4, 0x100000000, 0x3, 0xc, 0x4, 0x5, 0x8, 0x0, 0x7f, 0x0, 0x400}, 0x0, 0xa, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000500)=ANY=[@ANYBLOB="011e40419900000018000000211ddd79709b973173e39530d05021b9931d5ebbab04747b62aeb96b65d4f1dcc69d3dc3d618f0f4e3b2b6894c9654f66d795d5868", @ANYBLOB="6ce187b6f02e152eade3f045321e46048a41034805501d23e534d5cb3f21bb783bb119d88d58d2f703deb066a20bdce18f5365b1d4cd977527cd903fb72524466af0deef70cc6c7480f509000000f08c19fbbaa79cc4c6a9bfaa34e42249d3c698468ee6529bdfc643deed30a6bf6a65fcb9022094805bca832c3850b49c48234eaef6b69ae8f57c7f46951af3d4229a8367341d525a6bdea6", @ANYBLOB="40001ce2f40000000070cd2e2f66696c37e89b2b12913beda5d40d9c7701ff4e5c812812b75b0c30e0201827e45759eea74367fd9dfdba39cfc1c5b3f275afc72b73ee4038afc5d975bcb7c01a7e0ca7732a4ce9c1b1ffb0be01eb445bae62eecd6d37cd008ea342f13420b81081d78b2af50e48fffeb411643f1f359bbe0a739667e655"]) fallocate(r2, 0x0, 0x0, 0x87ffffc) timerfd_gettime(r1, &(0x7f0000000000)) syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) [ 214.612804] audit: type=1400 audit(1664209234.311:9): avc: denied { write } for pid=7393 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 16:20:34 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r0, 0x20, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1a5, 0x14}}}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x600d) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x172f, 0x500, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) [ 214.677006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.680885] misc raw-gadget: fail, usb_gadget_register_driver returned -16 16:20:34 executing program 1: r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000580)=[{&(0x7f0000000400)="c3d0", 0x2}, {0x0, 0x0, 0x7fffffff}], 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f717500aaa454494933cdc21932e4b504a632c730d8916d6931055b214cc7b526f50f81b3f79c4813cb4f64e73ad0e972614aa8787654e83927ed67473e09ee604edab66b325ce15fbff57f33"]) r2 = socket$unix(0x1, 0x1, 0x0) io_setup(0x7, &(0x7f0000000000)=0x0) io_submit(r3, 0x1, &(0x7f0000001740)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000000c0)={r1, 0x5, 0xfff, 0x3}) io_submit(r3, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x400, r1, &(0x7f0000000080)="6daa6dc0ad3a7dceb414513a4a5de3e63f", 0x11, 0x1, 0x0, 0x1, r4}]) [ 214.713852] loop1: detected capacity change from 0 to 264192 [ 214.717279] ext4: Unknown parameter 'noqu' [ 214.722116] loop1: detected capacity change from 0 to 264192 [ 214.724502] ext4: Unknown parameter 'noqu' [ 215.186752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 215.188523] misc raw-gadget: fail, usb_gadget_register_driver returned -16 VM DIAGNOSIS: 16:20:34 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=0000000000000000 RSI=00000000ffffffff RDI=ffff88800fa93974 RBP=ffffffff84936520 RSP=ffff888030ba7910 R8 =0000000000000007 R9 =fffffffffffff000 R10=ffff88801e503b58 R11=0000000000000001 R12=000000000000174c R13=0000000000000000 R14=ffff88800fa93580 R15=ffff88801010a000 RIP=ffffffff81205794 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555556ec5400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d320000 CR3=000000001d7dc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000079 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff888030bb7698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000079 R11=0000000000000001 R12=0000000000000079 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9149d6d700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc6adc7e547 CR3=000000000e868000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f914c8de7c0 00007f914c8de7c8 YMM02=0000000000000000 0000000000000000 00007f914c8de7e0 00007f914c8de7c0 YMM03=0000000000000000 0000000000000000 00007f914c8de7c8 00007f914c8de7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000