Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:21631' (ECDSA) to the list of known hosts. 2022/09/27 19:10:53 fuzzer started 2022/09/27 19:10:53 dialing manager at localhost:38881 syzkaller login: [ 36.047453] cgroup: Unknown subsys name 'net' [ 36.164801] cgroup: Unknown subsys name 'rlimit' 2022/09/27 19:11:08 syscalls: 2215 2022/09/27 19:11:08 code coverage: enabled 2022/09/27 19:11:08 comparison tracing: enabled 2022/09/27 19:11:08 extra coverage: enabled 2022/09/27 19:11:08 setuid sandbox: enabled 2022/09/27 19:11:08 namespace sandbox: enabled 2022/09/27 19:11:08 Android sandbox: enabled 2022/09/27 19:11:08 fault injection: enabled 2022/09/27 19:11:08 leak checking: enabled 2022/09/27 19:11:08 net packet injection: enabled 2022/09/27 19:11:08 net device setup: enabled 2022/09/27 19:11:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/27 19:11:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/27 19:11:08 USB emulation: enabled 2022/09/27 19:11:08 hci packet injection: enabled 2022/09/27 19:11:08 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/27 19:11:08 802.15.4 emulation: enabled 2022/09/27 19:11:08 fetching corpus: 50, signal 23049/24875 (executing program) 2022/09/27 19:11:08 fetching corpus: 100, signal 32758/36290 (executing program) 2022/09/27 19:11:09 fetching corpus: 150, signal 43857/48914 (executing program) 2022/09/27 19:11:09 fetching corpus: 200, signal 50035/56575 (executing program) 2022/09/27 19:11:09 fetching corpus: 250, signal 55025/63018 (executing program) 2022/09/27 19:11:09 fetching corpus: 300, signal 59367/68798 (executing program) 2022/09/27 19:11:09 fetching corpus: 350, signal 63612/74361 (executing program) 2022/09/27 19:11:09 fetching corpus: 400, signal 70519/82442 (executing program) 2022/09/27 19:11:09 fetching corpus: 450, signal 73897/87055 (executing program) 2022/09/27 19:11:09 fetching corpus: 500, signal 78202/92517 (executing program) 2022/09/27 19:11:09 fetching corpus: 550, signal 81103/96661 (executing program) 2022/09/27 19:11:10 fetching corpus: 600, signal 83239/100056 (executing program) 2022/09/27 19:11:10 fetching corpus: 650, signal 88135/105914 (executing program) 2022/09/27 19:11:10 fetching corpus: 700, signal 90344/109245 (executing program) 2022/09/27 19:11:10 fetching corpus: 750, signal 92983/112974 (executing program) 2022/09/27 19:11:10 fetching corpus: 800, signal 96604/117542 (executing program) 2022/09/27 19:11:10 fetching corpus: 850, signal 97982/120078 (executing program) 2022/09/27 19:11:10 fetching corpus: 900, signal 101444/124392 (executing program) 2022/09/27 19:11:10 fetching corpus: 950, signal 102926/126973 (executing program) 2022/09/27 19:11:11 fetching corpus: 1000, signal 104933/129986 (executing program) 2022/09/27 19:11:11 fetching corpus: 1050, signal 106581/132605 (executing program) 2022/09/27 19:11:11 fetching corpus: 1100, signal 108215/135278 (executing program) 2022/09/27 19:11:11 fetching corpus: 1150, signal 110950/138805 (executing program) 2022/09/27 19:11:11 fetching corpus: 1200, signal 113078/141754 (executing program) 2022/09/27 19:11:11 fetching corpus: 1250, signal 114563/144175 (executing program) 2022/09/27 19:11:11 fetching corpus: 1300, signal 116617/147011 (executing program) 2022/09/27 19:11:11 fetching corpus: 1350, signal 117849/149129 (executing program) 2022/09/27 19:11:11 fetching corpus: 1400, signal 119565/151652 (executing program) 2022/09/27 19:11:12 fetching corpus: 1450, signal 121029/153939 (executing program) 2022/09/27 19:11:12 fetching corpus: 1500, signal 123341/156921 (executing program) 2022/09/27 19:11:12 fetching corpus: 1550, signal 124581/159044 (executing program) 2022/09/27 19:11:12 fetching corpus: 1600, signal 126475/161600 (executing program) 2022/09/27 19:11:12 fetching corpus: 1650, signal 127935/163778 (executing program) 2022/09/27 19:11:12 fetching corpus: 1700, signal 129076/165732 (executing program) 2022/09/27 19:11:12 fetching corpus: 1750, signal 129681/167239 (executing program) 2022/09/27 19:11:12 fetching corpus: 1800, signal 130708/169057 (executing program) 2022/09/27 19:11:12 fetching corpus: 1850, signal 133434/172127 (executing program) 2022/09/27 19:11:13 fetching corpus: 1900, signal 134836/174254 (executing program) 2022/09/27 19:11:13 fetching corpus: 1950, signal 136813/176709 (executing program) 2022/09/27 19:11:13 fetching corpus: 2000, signal 137713/178379 (executing program) 2022/09/27 19:11:13 fetching corpus: 2050, signal 139982/181014 (executing program) 2022/09/27 19:11:13 fetching corpus: 2100, signal 141163/182803 (executing program) 2022/09/27 19:11:13 fetching corpus: 2150, signal 142014/184384 (executing program) 2022/09/27 19:11:13 fetching corpus: 2200, signal 143177/186131 (executing program) 2022/09/27 19:11:13 fetching corpus: 2250, signal 144127/187733 (executing program) 2022/09/27 19:11:13 fetching corpus: 2300, signal 144682/189074 (executing program) 2022/09/27 19:11:14 fetching corpus: 2350, signal 146465/191179 (executing program) 2022/09/27 19:11:14 fetching corpus: 2400, signal 147604/192872 (executing program) 2022/09/27 19:11:14 fetching corpus: 2450, signal 148420/194402 (executing program) 2022/09/27 19:11:14 fetching corpus: 2500, signal 150282/196518 (executing program) 2022/09/27 19:11:14 fetching corpus: 2550, signal 150961/197905 (executing program) 2022/09/27 19:11:14 fetching corpus: 2600, signal 151922/199421 (executing program) 2022/09/27 19:11:14 fetching corpus: 2650, signal 153092/201088 (executing program) 2022/09/27 19:11:15 fetching corpus: 2700, signal 156242/203967 (executing program) 2022/09/27 19:11:15 fetching corpus: 2750, signal 157172/205433 (executing program) 2022/09/27 19:11:15 fetching corpus: 2800, signal 158573/207155 (executing program) 2022/09/27 19:11:15 fetching corpus: 2850, signal 159271/208416 (executing program) 2022/09/27 19:11:15 fetching corpus: 2900, signal 160012/209717 (executing program) 2022/09/27 19:11:15 fetching corpus: 2950, signal 161028/211135 (executing program) 2022/09/27 19:11:15 fetching corpus: 3000, signal 161440/212229 (executing program) 2022/09/27 19:11:15 fetching corpus: 3050, signal 161887/213356 (executing program) 2022/09/27 19:11:16 fetching corpus: 3100, signal 162512/214594 (executing program) 2022/09/27 19:11:16 fetching corpus: 3150, signal 163194/215840 (executing program) 2022/09/27 19:11:16 fetching corpus: 3200, signal 163791/216992 (executing program) 2022/09/27 19:11:16 fetching corpus: 3250, signal 164618/218248 (executing program) 2022/09/27 19:11:16 fetching corpus: 3300, signal 165429/219518 (executing program) 2022/09/27 19:11:16 fetching corpus: 3350, signal 166450/220878 (executing program) 2022/09/27 19:11:16 fetching corpus: 3400, signal 167063/222034 (executing program) 2022/09/27 19:11:16 fetching corpus: 3450, signal 167498/223075 (executing program) 2022/09/27 19:11:16 fetching corpus: 3500, signal 168443/224336 (executing program) 2022/09/27 19:11:17 fetching corpus: 3550, signal 169298/225495 (executing program) 2022/09/27 19:11:17 fetching corpus: 3600, signal 170122/226702 (executing program) 2022/09/27 19:11:17 fetching corpus: 3650, signal 170473/227678 (executing program) 2022/09/27 19:11:17 fetching corpus: 3700, signal 171188/228765 (executing program) 2022/09/27 19:11:17 fetching corpus: 3750, signal 172535/230104 (executing program) 2022/09/27 19:11:17 fetching corpus: 3800, signal 173485/231292 (executing program) 2022/09/27 19:11:17 fetching corpus: 3850, signal 174039/232247 (executing program) 2022/09/27 19:11:17 fetching corpus: 3900, signal 175022/233423 (executing program) 2022/09/27 19:11:18 fetching corpus: 3950, signal 176079/234651 (executing program) 2022/09/27 19:11:18 fetching corpus: 4000, signal 176775/235681 (executing program) 2022/09/27 19:11:18 fetching corpus: 4050, signal 177332/236636 (executing program) 2022/09/27 19:11:18 fetching corpus: 4100, signal 178644/237930 (executing program) 2022/09/27 19:11:18 fetching corpus: 4150, signal 179447/239018 (executing program) 2022/09/27 19:11:18 fetching corpus: 4200, signal 180617/240192 (executing program) 2022/09/27 19:11:18 fetching corpus: 4250, signal 181070/241089 (executing program) 2022/09/27 19:11:18 fetching corpus: 4300, signal 181631/242085 (executing program) 2022/09/27 19:11:18 fetching corpus: 4350, signal 182063/242950 (executing program) 2022/09/27 19:11:19 fetching corpus: 4400, signal 182765/243933 (executing program) 2022/09/27 19:11:19 fetching corpus: 4450, signal 183588/244905 (executing program) 2022/09/27 19:11:19 fetching corpus: 4500, signal 183937/245736 (executing program) 2022/09/27 19:11:19 fetching corpus: 4550, signal 184591/246640 (executing program) 2022/09/27 19:11:19 fetching corpus: 4600, signal 184883/247421 (executing program) 2022/09/27 19:11:19 fetching corpus: 4650, signal 185352/248206 (executing program) 2022/09/27 19:11:19 fetching corpus: 4700, signal 185871/249027 (executing program) 2022/09/27 19:11:19 fetching corpus: 4750, signal 186356/249852 (executing program) 2022/09/27 19:11:19 fetching corpus: 4800, signal 186939/250703 (executing program) 2022/09/27 19:11:20 fetching corpus: 4850, signal 187795/251639 (executing program) 2022/09/27 19:11:20 fetching corpus: 4900, signal 188655/252527 (executing program) 2022/09/27 19:11:20 fetching corpus: 4950, signal 189637/253501 (executing program) 2022/09/27 19:11:20 fetching corpus: 5000, signal 190273/254346 (executing program) 2022/09/27 19:11:20 fetching corpus: 5050, signal 190628/255105 (executing program) 2022/09/27 19:11:20 fetching corpus: 5100, signal 191313/255933 (executing program) 2022/09/27 19:11:20 fetching corpus: 5150, signal 192053/256736 (executing program) 2022/09/27 19:11:20 fetching corpus: 5200, signal 192453/257457 (executing program) 2022/09/27 19:11:20 fetching corpus: 5250, signal 193288/258310 (executing program) 2022/09/27 19:11:21 fetching corpus: 5300, signal 194090/259097 (executing program) 2022/09/27 19:11:21 fetching corpus: 5350, signal 194526/259780 (executing program) 2022/09/27 19:11:21 fetching corpus: 5400, signal 194918/260460 (executing program) 2022/09/27 19:11:21 fetching corpus: 5450, signal 195276/261129 (executing program) 2022/09/27 19:11:21 fetching corpus: 5500, signal 195974/262006 (executing program) 2022/09/27 19:11:21 fetching corpus: 5550, signal 196319/262634 (executing program) 2022/09/27 19:11:21 fetching corpus: 5600, signal 196817/263328 (executing program) 2022/09/27 19:11:21 fetching corpus: 5650, signal 197091/263960 (executing program) 2022/09/27 19:11:21 fetching corpus: 5700, signal 197704/264680 (executing program) 2022/09/27 19:11:21 fetching corpus: 5750, signal 197985/265302 (executing program) 2022/09/27 19:11:22 fetching corpus: 5800, signal 198857/266094 (executing program) 2022/09/27 19:11:22 fetching corpus: 5850, signal 199456/266744 (executing program) 2022/09/27 19:11:22 fetching corpus: 5900, signal 199946/267390 (executing program) 2022/09/27 19:11:22 fetching corpus: 5950, signal 200392/268028 (executing program) 2022/09/27 19:11:22 fetching corpus: 6000, signal 200799/268616 (executing program) 2022/09/27 19:11:22 fetching corpus: 6050, signal 201656/269310 (executing program) 2022/09/27 19:11:22 fetching corpus: 6100, signal 202383/270038 (executing program) 2022/09/27 19:11:22 fetching corpus: 6150, signal 203013/270661 (executing program) 2022/09/27 19:11:22 fetching corpus: 6200, signal 203303/271314 (executing program) 2022/09/27 19:11:23 fetching corpus: 6250, signal 203878/271908 (executing program) 2022/09/27 19:11:23 fetching corpus: 6300, signal 204439/272537 (executing program) 2022/09/27 19:11:23 fetching corpus: 6350, signal 204903/273107 (executing program) 2022/09/27 19:11:23 fetching corpus: 6400, signal 205732/273752 (executing program) 2022/09/27 19:11:23 fetching corpus: 6450, signal 206184/274285 (executing program) 2022/09/27 19:11:23 fetching corpus: 6500, signal 206847/274866 (executing program) 2022/09/27 19:11:23 fetching corpus: 6550, signal 207477/275453 (executing program) 2022/09/27 19:11:23 fetching corpus: 6600, signal 207988/275967 (executing program) 2022/09/27 19:11:23 fetching corpus: 6650, signal 208591/276483 (executing program) 2022/09/27 19:11:24 fetching corpus: 6700, signal 208829/277038 (executing program) 2022/09/27 19:11:24 fetching corpus: 6750, signal 209378/277579 (executing program) 2022/09/27 19:11:24 fetching corpus: 6800, signal 209605/278067 (executing program) 2022/09/27 19:11:24 fetching corpus: 6850, signal 209964/278573 (executing program) 2022/09/27 19:11:24 fetching corpus: 6900, signal 210737/279041 (executing program) 2022/09/27 19:11:24 fetching corpus: 6950, signal 211567/279041 (executing program) 2022/09/27 19:11:24 fetching corpus: 7000, signal 212511/279041 (executing program) 2022/09/27 19:11:25 fetching corpus: 7050, signal 212899/279041 (executing program) 2022/09/27 19:11:25 fetching corpus: 7100, signal 213447/279041 (executing program) 2022/09/27 19:11:25 fetching corpus: 7150, signal 213759/279045 (executing program) 2022/09/27 19:11:25 fetching corpus: 7200, signal 214322/279095 (executing program) 2022/09/27 19:11:25 fetching corpus: 7250, signal 214676/279099 (executing program) 2022/09/27 19:11:25 fetching corpus: 7300, signal 215053/279099 (executing program) 2022/09/27 19:11:25 fetching corpus: 7350, signal 215492/279100 (executing program) 2022/09/27 19:11:25 fetching corpus: 7400, signal 215878/279102 (executing program) 2022/09/27 19:11:25 fetching corpus: 7450, signal 216194/279102 (executing program) 2022/09/27 19:11:26 fetching corpus: 7500, signal 216448/279102 (executing program) 2022/09/27 19:11:26 fetching corpus: 7550, signal 217156/279103 (executing program) 2022/09/27 19:11:26 fetching corpus: 7600, signal 217403/279136 (executing program) 2022/09/27 19:11:26 fetching corpus: 7650, signal 217928/279137 (executing program) 2022/09/27 19:11:26 fetching corpus: 7683, signal 218299/279148 (executing program) 2022/09/27 19:11:26 fetching corpus: 7683, signal 218299/279148 (executing program) 2022/09/27 19:11:29 starting 8 fuzzer processes 19:11:29 executing program 0: r0 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x1a5) r2 = memfd_create(&(0x7f0000000080)='}}/}%)\x00', 0x2) r3 = fcntl$dupfd(r1, 0x406, r2) r4 = io_uring_setup(0x74f0, &(0x7f00000000c0)={0x0, 0x4170, 0x10, 0x0, 0x6e}) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000140)={0x0, 0x4, 0x4, 0x7}) ioctl$RTC_PLL_GET(r3, 0x80207011, &(0x7f0000000180)) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000001c0)={0x0, 0x1, 0x18000, 0xffff}) r5 = dup(r4) ftruncate(r4, 0x1) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, r6, 0xffffffffffffffff, r7, r8, r5, r0], 0x7) r9 = socket$inet(0x2, 0x4, 0x755) ioctl$FICLONERANGE(r9, 0x4020940d, &(0x7f0000000240)={{r0}, 0xb020, 0x100, 0x400}) r10 = dup(r6) r11 = io_uring_setup(0x6a8, &(0x7f0000000280)={0x0, 0x50a3, 0x1, 0x2, 0x259}) r12 = syz_open_dev$vcsn(&(0x7f0000000300), 0x8, 0x101000) io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[r10, r11, r3, r0, r12, r2, r7]}, 0x7) 19:11:29 executing program 2: r0 = getpgid(0xffffffffffffffff) capget(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x8b6, 0x69, 0x1c000000, 0x7f, 0x9, 0x598214e5}) ptrace$setopts(0x4206, r0, 0x400, 0x40) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001240)=[{{&(0x7f0000000080)=@abs, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000180)=""/192, 0xc0}, {&(0x7f0000000240)=""/251, 0xfb}, {&(0x7f0000000340)=""/153, 0x99}, {&(0x7f0000000400)=""/132, 0x84}, {&(0x7f00000004c0)=""/250, 0xfa}], 0x6, &(0x7f0000000640)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x78}}, {{&(0x7f00000006c0)=@abs, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000740)=""/187, 0xbb}, {&(0x7f0000000800)=""/117, 0x75}, {&(0x7f0000000880)=""/195, 0xc3}], 0x3, &(0x7f00000009c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}}, {{&(0x7f0000000a00), 0x6e, &(0x7f0000000f80)=[{&(0x7f0000000a80)=""/167, 0xa7}, {&(0x7f0000000b40)=""/42, 0x2a}, {&(0x7f0000000b80)=""/95, 0x5f}, {&(0x7f0000000c00)=""/253, 0xfd}, {&(0x7f0000000d00)=""/34, 0x22}, {&(0x7f0000000d40)=""/66, 0x42}, {&(0x7f0000000dc0)=""/255, 0xff}, {&(0x7f0000000ec0)=""/158, 0x9e}], 0x8, &(0x7f0000001000)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}}, {{&(0x7f0000001080), 0x6e, &(0x7f0000001180)=[{&(0x7f0000001100)=""/92, 0x5c}], 0x1, &(0x7f00000011c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}], 0x50}}], 0x4, 0x40000102, 0x0) capset(&(0x7f0000001340)={0x19980330, r2}, 0x0) capset(&(0x7f0000001380)={0x19980330, r1}, &(0x7f00000013c0)={0x8, 0x4, 0x14000, 0x9, 0x7d9904e3, 0xffff}) fcntl$getownex(r4, 0x10, &(0x7f0000001400)) r10 = inotify_init1(0x800) ioctl$FS_IOC_FIEMAP(r10, 0xc020660b, &(0x7f0000001440)={0x1000, 0x7fffffff, 0x3, 0x7, 0x3, [{0x6, 0x9c3, 0xcf, '\x00', 0x1400}, {0x7, 0x9, 0x9, '\x00', 0x2900}, {0xff, 0x6ee, 0x6, '\x00', 0x2100}]}) r11 = eventfd2(0x7cf, 0x1) r12 = socket$inet6(0xa, 0x2, 0x7ff) io_submit(0x0, 0x5, &(0x7f0000002900)=[&(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x200, r8, &(0x7f0000001540)="d08d29a296bdeace39fce81a5ba2f7174a7212dad7b791775527e37f75c7b08f21a8e65a56297880542a634a6407ac55b928721306890936c7499904bcb447194965ab9d7c823fd15287441aeb87efb090cc57e6850fea1d75660dde2a29d62531f0644320e95b8cbc601747", 0x6c, 0x4, 0x0, 0x2, r5}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x21, r10, &(0x7f0000001600)="789b4b166b32bed60c0f21dc8a01184b5d1451474a5d102236e6715b01778db758c6a24069ea52e24dd521a406eea77a3321f8fea4a2abcd30573bbc9fec8712cbf3f0", 0x43, 0x80000001, 0x0, 0x3}, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x3, 0x3, r3, &(0x7f00000016c0)="e16c6fe8bc2234765be3e23e2055472e6032d3601e19de1b17a1f18dcaacd56e02fd2e2e7ae6aaaaa10f623720081126f088f58952119a6c7199eef1a7287392a48248aa5de9228b4fbf1ff04b4df1fb92ba9bfbb68398564c664ad8468ad683755358e616f513d950c91089fe7ae7f08442bc4a86173680eeb79036a0dcca29a909c69d9ea0353b1a25", 0x8a, 0x1, 0x0, 0x3, r11}, &(0x7f00000027c0)={0x0, 0x0, 0x0, 0x3, 0x6, 0xffffffffffffffff, &(0x7f00000017c0)="9104153a9656721c46b53517b71c3a205c51ac7087539a732c088195f6c3fdb9b9635e3f0bb4c2e569f7eb6c5a7b4a994ab4e145c9cad9eacef4acfc7706c2a3a26505676f1e24592b0c207dc3f8262b33a38fd6e5166fd5326b4aa30b4b98dd9f265a22b9ea0dd1e8db64a784f985e52238126202ea106137d107a8709685a2b8531a2afeaa97e813948217c775562a30eb3635110e689c82e506564af222bb90ac19ede4afe661f398e4d0de3a4d63b1bdea20628e15eca980c9966bda89e0ebb87058d011690597e6add17b3d2c4470b9a8b3e25432dfd01036a35de983336ec54d60e887b4ef3a67f1db8bfdebca8a6554082e03984f5a59fea649512c4ded6541954aac8d916e2b975528037f50f98c0acc3a97e1fb32fd2b2309cff5ad20e70e519ede18c2a16fba7c4901cb0214fcdbf98a221ff5a44003fb8d37064cb29511f697101536fbf12b926dd2083a3159bdcb0aaf880eac0d5af69f67fe14d2add6b1cee4bb1181ff9ba1dfc7eb8565b1f14e12ef42120a42f7f6561e35ff3820cef1e7449cbd8dae8ebb825d4cc974ff6a4985bdce788687830f4c1eb5de7c87238abff37ad7843e073acca6d604fab102611b44e1b9c112b1c2ecf6dc3ef17c69bf8e658b431a236673400ceaec180bc1827ec09a5e8ee9f8483dedd61b3518e11c4687d77a8a2ef9582eaca9a324ba133e5b7b4250ebf0ea8932d76435a3d0ef2b8ba456f135704e1280991a3dd6ebdf2985cfef49dbf542cdd516ba0f879968d4f5e3a0a899d09d615f24f55550e25312c6bcc6f86f630f307864fb64ff36a6cfa7bc0711e66c5e2a52b5f37a2a04bed4279bc3dfb608c102762a48993e469453227dcbcec4e1251112da885b667e1e5e046858e81a02959165dc81a5e8c3f1fd03d5d5ac09f5ae5272a1b77fb41a6697bcc12f6ab139aa05c24501ee2e7967d968a917f985a70446077249e8810c5d09a02fc9ad43cee213866584752a55d3bc4c2916c99526ba36bc71dbfe7703de6baa9fc6c21522ccd709c6aea3403236bf2c15a8aef31101bfbe931806066b4df32bae2359609084444b50673a503da8f7ed41dc36e8cfc1c9c37f3b15f38df152b9a190ff71fe07baed097906f64743b03aefd4873088c6be0b015b2bc92f4d4b2827c371b8d074fa4be258631b9d433c9a7bab005f603f9a2d632e85ca543fd5d3400b616ae512a77c7e02e0df6b990881b42c310b4d5de905f57a42264812ceea0479fecbef042ee10887a84274d0bc3d1c2bfa58d47fde9230df95a1c3bd7b2022cb79ec0df13c8978ee6a15c510fda8d1f72a5cddcc18d8ca7f3248eb457289f0b8c307df9da4ad06871c9558bd2ced5c414bacde70c1da72eae9261ba4e6ac8e3c200c8c1d1054f271131f46f5c6b0465c5471a3dd4f34558f23a2aa7cbb7dfa8d2f3576214dde7371948e29f50de6a586a89868cb51ea215562eb529fc33ccffb9e489a91adbf9fbe2d915c4d80b745e4ab23d77248c6d8f69111b8c9c171d54d637128d004ace11c9043aa4c93d2ffa24ea0b129a3a6f4867c1e2edc9eb7dccb97f14ae971729199d256ba80cb792a3140d2b9f7924096bcd9cbbf941fd871fe07274e1a3200c00501dc8f1d08b28bac12ce69506352d65ed88a9587967903159a5d6705f7428e95dfcc489365382734b1e54a3843f17df3186ed39a37996bb1ae321ddf42422064be79dd3f67ef55be7da42cf1af7e3561ed9bb4b7c29545445b4e4270d69e5c17d2ad1719a7bc813a4616bbde8fb20c71252e85ddb187dfb10e8e1ba99f943544bd9c0a84e46594f312d63abc29c0275bf3a0ec32963cb052c9777a7b52b66e967fb8bf0febed529890c402d04e1f9a9e363070c8f71f7e08facdefae7c0e757b36c44778f5d61a83407572e88e98c5e823fc919d7741f65903de24f574f40e2fd6bac626cadf9312b366b214adf0aea78c5f470c396c092aa23fda73e59cba9cb2200f6fcf0eacf82e90ee0c25345bebce3129da452f76fd64e243639b46ab3a7975cdd22111250474fb9d01325b711460330c1d67a643899f96f8f2b4c2f35dd38408dc1cecc59dbcfb9007e538bd628a078cac2a6b68538a6da95ad3b806dea3616b70f4dfc1409c30cd2002077df2b9966b9339c987fa275307f76808a07686eb3e8285837f090deb5b34816a13688da9e17c0ed51e58fbf274de6a2f4843f14c5e1920f27dfbffa7e73c56c4a058bd9b5ca6bb7a2973a51de213244091aebd7c2537783d7cd2799dab3ee3d29e981ee04002f5f06449b8b697bfc6020a59774cf29e841dc79ef16baa76e09649711b28598a639adb315b4df860d44dafdb38e8acc8c37f50b44d7ab2223abd924bae6bead0e0a45c10695661f2b90751ec2f787ebcad45d2c49d150ce60a90cc2758a8526c89fddcbcf6bfe50e73c4f4436a1ab4d79791d7845c598e8b334b7ecd29921928b48deacdc40a16c307a63dbe3e1a24945eb5177b22f3bd0dada917de6839e902e9f7f45b9d0335c563919c5dbf022ad0cb61fe38e0728b4be9e5fcb9e55a86761bf1342d3c2bcb9e76a2ced2e16ae9496c63949bfc27e4245c9f9035dfa50320af6636d9494118bddab2dc7305d5b403623db56f8960fc72c630b2b6dd4359d7bf57ee8b6195474ad318165c35286524688ae47720f273c080ed5efdfa637f88db347091156be6fc2c4f2dc929da384477b6336bf65e1d46806febe50ba9b0a4e741884b823d292e31b038c90ff5e3dfa7fa289c86db3ef08a7ef074e9c016f5fea39ed5a3c20b81da19bfa2e21ecf1d4c1c109022a8d493ff216b81a3b227ed43a1bb7ac436cd7428ede831ed3801e9366186185eb2173cf763920cf068f56ac4d5b37b5e6557595458e49054360b0a140ffc69573b046820d5a5fc91cb2092760fea9ecfd964400ddd43cf3eed37a263e18ef129cc32b1d6340559d96d1613b4d5b71e08a681b7dc627d34974a16f7ff70a6d30a17621ac458a5960a7069edcde938dcc39158657b67a739a21bc5df5a3e61fc77bcc9c8b5e780a40616a573fa86e2df6a94d0ddefc8314f49587d9f7b592f6f39fda73cc1cda7eb648580f4bfa129d889d9724287121da96131e029e1641401e92d7c0c01cf4856a94ff8d9d00c44e0531d9b04f294d867c0db5f9a12c6428f404e38ec17248adacb3ba932b7274e6cde1b09a8e0affca469507aea6d945609f577580731ba38969cd709e28e9372ef6fbfa4d1444850c1856e24a2b0969a50916a4c61ea20803d39a7a39508f1cbf2283c49782c15190f1745a2b7234e9446f75e64978b8caa6d615715ec304daf53fc408f3a5714f34373fd0175c9cc51d912c6b32f60f341e66e804d00eff3cb44d63fddc6ab61b564983541354fcc22184e4fdc414b77208c942892e1d08f6c9e27435a406b83b9620eef5f11d78e22df064eb92d7d80fe10f54d792c05b23379b151bb82ef9e41adc01989e3317411b238854b387239c9faedbb089f81d0ef759730784f25172c7e7f0e746063b48365d3c6dd1cf25092d2cb40643bcf835758fb274b653b45edb4b5048020e8ea9345cbfc628a17cc94074d1af4622cf5dfd8471fa589b76a83488c80b7b0ddb62ff8cbadb02f4f34bc39829b6422464e6c3e129deb277ba9c3625c08c4efb21981ee9bfccf49999796bcc23e33e658dfc9597cc4d28c8473bd98a563404c4db6660d05147c879de920e3ac6868c64a7c48af3f692007874584951d7a8a610feb5d237fdba8fd9c515e462fb8c7b844396af1f2b38fea1e8e465f7acbcaf5c35f81966b5af4317470dc92cf240214e78eac2b8588059690fbb5955b0b44799cac853d90146c80db94344b1e2a0757cc6950d44391eac69f1a736b16b29b63dee2cc663160f82d36a6bc329424826ee74693edfaa3a3cde423a0dc2b48dfe094fff39055a3640c33e230523a36f83fc212c21c1f3d3ee99c3576f6392e43d6c640f7c805c42ca75900c12d97845988bc2197821666b1a2c3289c7d14e13677e888dead8c4b89034c05848f9e053a7c1700856009a5a5aff8963b000d3c29a07aafe9bed0d4cc0347bd0a5a70ae46cfdfc0a5d5cdaae5c1cfeeaba652d00a185ce5ccd91a8ccb0a280882be3cc10f9352dade855fc953d513b560768bd270eb07d97f614f564a1a76c8fca8b68fb7fa4372b27dd6fb944c4568b44f90d19acce03868bff239b76689d1e22315a90b336d68f05c7d6ddb18e191f9cd815f5f5623ef829f2320d2363dc0a70793a8946bf24b81f3a98ca163b0f008ca22f43659fc09259a3cb3d1214ee2349629a575e592c878a4e1102654ab7490f16bc31929b3d3c5fba16a75b123653063b141cec4a6b5b68ef87d1451bf857e403c0ce5bc3c40866a49f482a4f356fb67bd791d05fa40e0dad5d7b0c44939ba39931e262366aa46505c6c30bc7c8c9e891a019e5696598730de765e846dcb0596da285f23850fb970827dda35f58c272d41b6f35167c923df7706b346b4eb6bdec601b0c1acd4c879822f12ed6da97222b4beb8c8cad033fc2621e3cf8e3461a10bf7dc05b0a980b89153823235664b60b8f897e54828e8a72813403fab0e66009ea00a1b1fca8b6f37256b776940d728854818a48f8de07452b20af0c5841f21d25e9e57cb73e1ec4d9ebe16d48d82d7ef24091ee7a935ab224149611c037890a16d1e1192180509b94e9001e9e0c0ae1b721be69304a7088c8c3115cb97d146164ca5aca7731ce8eff1ab4bf77bb81365be7acd02d02d800eedc167c8943227b09d59b204edd0367e39e4e3a77a8bf4708b5de83529c6668e9a56ccf1f283d7b75ed864978d228df50a1db8852ff89d1b33b01c441c92cfd734209e5d91093c0f782ddcda4676af2a010aff4c397a09e3017dc8c23134d21e28df0a83a9aa7f5fde5f3278b38f03d1f2252a8c988fd15051c6bcc5567e4d6277145220e00d9e30c311f4ca15020234f41d68472ecda3c1ad335cf5fd50eb388afa7f2ccab663faf5331f7d0fef30cb9ccd81b9c12cd6b18a58e1ca7df1b7e7e2ea047e88dd13a989f1e9564f6827e4d9a7d332fe278d39ada18b7a8274827795667292e2ad410e7ac83ed516a3cb295fc26fd5729e64efaab897f72967c67590555b3bff45da089c1777d6286a6933df0e104afc2a5bcc2583eb7a7d92b246a48d8f58376bf7b889b511bbfa2568d0034c79322255341986237f1a4d1c1b0b095cdc3d037035a900f0ec5ccb87dbc35ad913f458f9c6b52c7d271cba204b86dac6533907730e270a25e4720982903e4ee45b972132c580fd34f58cffe46d7a2f7693f6912e69f9b0744ccb7ec701cb3cad0ade470d4e54241479bdedf47a08e73bd254b20d93a5726fdf31be77d21a4b7768299eec6b22b2befef0b10b1552ae6c5bb51a6337cd8d90098a4a36830b6a151f6acae8950b406e39123ef7913a241853e299fec62d44c8c05506f2aba7e30ccfb26a0b328a261f57ccb68af57e334f87f3f49471c28d02840bd915b56433a729e9bdd735ff11bbff200cd38cab7d402a14c28dccc8eb3615037f874c00d7a5776f18e68769d36f48156303b2f50219171103686b81be32cbf236350b0cb6545357f617d6f324cdf3bc8a4b95c885c1a1a8267fa9640fde8215edf19e856bbe6dcdc5fbe39984f25b0e396f102b941bd64e1af8ea235962cb83ae8dd97897e7fbc2ef2e499da9ccb9695e4e9f36ebdb0a9ce7841cc78200eebf349c1e7b13e7880ccfbbf195223a3111659196faf956fb11d31d4c49", 0x1000, 0x45a, 0x0, 0x3}, &(0x7f00000028c0)={0x0, 0x0, 0x0, 0x0, 0x1ff, r12, &(0x7f0000002800)="7361a1bebea5f12b36a262399969ce0528bd469d67bbe756924bb509481fca45fb1b6ecc01fd91fd974e3725b2c6d080bff0fb114f8933b765535073293b4fc7796a76b1987801fee1674a38591d5af4023112455eb92e2d11b771ee8aaf68581639562af45afcaa9c62128f539dd020720b9ba41b27f47f74d6950b9dd2814ccee7fa5900a79f384313fb16a539bcb36d4f95ae5633a14014770e4ef8a34f127047d87d189fca98e2d47425ff3224d84a8e962884f03911f90fffcf6396ae39", 0xc0, 0x3b, 0x0, 0x2, r9}]) socket$inet6(0xa, 0xa, 0x3ff) io_setup(0x8000, &(0x7f0000002940)) sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000002b80)={&(0x7f0000002980)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002b40)={&(0x7f00000029c0)={0x164, 0x0, 0x1, 0x401, 0x0, 0x0, {0x1, 0x0, 0x9}, [@CTA_LABELS_MASK={0x8, 0x17, [0xffff0000]}, @CTA_TUPLE_REPLY={0xfc, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @local}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x3b}}}}]}, @CTA_LABELS_MASK={0x18, 0x17, [0xffff, 0x10000, 0x560, 0x4, 0x47]}, @CTA_NAT_DST={0x4}, @CTA_TUPLE_MASTER={0x30, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x38}}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x4}, 0x8000) r13 = syz_open_dev$mouse(&(0x7f0000002bc0), 0x7f, 0x2082) getsockopt$IP6T_SO_GET_INFO(r13, 0x29, 0x40, &(0x7f0000002c00)={'nat\x00', 0x0, [0x6444, 0x0, 0x4b, 0x200, 0xfffffffc]}, &(0x7f0000002c80)=0x54) capset(&(0x7f0000002cc0)={0x19980330, r1}, &(0x7f0000002d00)={0x6e74, 0x1, 0xffff, 0x5d0, 0x1000, 0x6796}) gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000002d40)={@mcast2, 0x7a8, 0x1, 0x1, 0x4, 0x2, 0x7}, 0x20) 19:11:29 executing program 1: r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x80000001, 0x80800) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000040)={@id={0x2, 0x0, @c}}) fspick(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x20040, 0xc0) fsetxattr$security_evm(r1, &(0x7f0000000100), &(0x7f0000000140)=@sha1={0x1, "83e3956b7f7f3e58d1dfc880ab91306aca088722"}, 0x15, 0x0) mknodat(r0, &(0x7f0000000180)='./file0\x00', 0x1000, 0x5) r2 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0xa0800, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x202600, 0x10) pwrite64(r2, &(0x7f0000000240)="ba9d245b399b5b8b478fbeecae13b06f5210ad", 0x13, 0xffff) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x12) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000300)={0x1, &(0x7f00000002c0)=[{0x2, 0x6, 0xe0, 0x5}]}, 0x10) r5 = accept$inet(r2, &(0x7f0000000340)={0x2, 0x0, @broadcast}, &(0x7f0000000380)=0x10) ftruncate(r5, 0x4000000000000000) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000400)={0x0, r6, 0x3, 0xc96, 0xffffffffffffffff}) r7 = dup2(r3, r2) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r7, 0x6, 0x1d, &(0x7f0000000440)={0x8, 0x5, 0x4, 0x7f1, 0xbd0}, 0x14) fsetxattr$trusted_overlay_origin(r6, &(0x7f0000000480), &(0x7f00000004c0), 0x2, 0x1) r8 = pidfd_getfd(r4, r5, 0x0) openat(r8, &(0x7f0000000500)='./file0\x00', 0x20000, 0x176) 19:11:29 executing program 7: prctl$PR_SET_PDEATHSIG(0x1, 0x41) prctl$PR_SET_PDEATHSIG(0x1, 0x21) prctl$PR_SET_PDEATHSIG(0x1, 0x41) prctl$PR_SET_PDEATHSIG(0x1, 0xc) prctl$PR_SET_PDEATHSIG(0x1, 0x3) prctl$PR_SET_PDEATHSIG(0x1, 0x3e) prctl$PR_SET_PDEATHSIG(0x1, 0x39) prctl$PR_SET_PDEATHSIG(0x1, 0x3d) prctl$PR_SET_PDEATHSIG(0x1, 0x31) prctl$PR_SET_PDEATHSIG(0x1, 0xa) prctl$PR_SET_PDEATHSIG(0x1, 0x12) prctl$PR_SET_PDEATHSIG(0x1, 0x0) prctl$PR_SET_PDEATHSIG(0x1, 0x38) prctl$PR_SET_PDEATHSIG(0x1, 0x6) prctl$PR_SET_PDEATHSIG(0x1, 0x5) prctl$PR_SET_PDEATHSIG(0x1, 0x40) prctl$PR_SET_PDEATHSIG(0x1, 0x39) prctl$PR_SET_PDEATHSIG(0x1, 0x33) prctl$PR_SET_PDEATHSIG(0x1, 0x4) prctl$PR_SET_PDEATHSIG(0x1, 0x16) 19:11:29 executing program 3: sendmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000040)="d150516ff65a561b5e840491e6c769c26e86861e4860168acf8bd0d9349c2ae90b446122247d125d046ecbc4a2c1f86fb92a02ef761eef657142a727a3194bf8a493de685bf3d7176a2709f60ca230d8d0110037d541a9d740a68e5777a16df151b82fe1077ac05d43dd7b9959e0313ab8189254421bbd4deabab60a783965c868d25915063588a3d4b609c3dd082e6a80f04274eeb5a4f086b3ca35f4936e00228120eb21352cc525a18ca4c1a814138b3954f43b334b75c51f518e6ce7b4f5e77ec05ad5fcb8831a5c0f88028b127b", 0xd0}, {&(0x7f0000000140)="d7f9133671cb1e4cda99712b9cfd795718f0cbe1a5a73310ab5338d86ff20a1848a5a7a034d5b30553701d3ba9fe326d0afadd8ad05ba87af4d7ce3a8b868ef8ea2462d088c71025f5d180fa14d837057ac186740c4303bc6e126f5b5ea7b7670a2788de19c247d5f7299e474088", 0x6e}, {&(0x7f00000001c0)="61394611d8e546210ab1f0c11f955df3ed2b627892355189831c36adf68b76de875346e6f03b7ff158b8a89c612cb9fcb0f2eff0f8c2161321d655b06a7e82a880a101dd091ebf8a", 0x48}, {&(0x7f0000000240)="51ebc75f6289be3ef75354d1067a66e01ee26b653dfef67af4c22b4393a23ef714b5a5d9fbfc61d1c8105548a6dca28ecc13dcba0f90343c5f41ff28d494917dfcb80bc7fb6492d1ce0121106168c93eb593fe14a09399c2de43c856591c249edd202449339c8b7d98561d7c543450daf84eb8ef3bc0225a8464faf802efa9fbbdeb701e7c70767c203cd88d68f70e854ed15a0d9c419302c2ae6852e6787ee451838f341df364870f59d1c4311994fd4c2242d98cacb850718f9b73bc97658573e3b4aa366a8a86345b316cc8406382c2127005534d4447c1fd96c73750ecdfa5337ca9bf3e9edd1572c015b3", 0xed}, {&(0x7f0000000340)="b3e1c24fde7ac34ff45fc486b9d519460fda6d6ef8c66f067320b04663a3c58e92e5c92fbb5560d5a81e5d4bdda9ab3eb030e2a23a7fa7ceba9a5082bb340f3048cde586e075bcbf15a58beea1870ddd47e5a530fd2b4e822719f80aa10efa59e5cf1221ce31ed35a6850ae4ee6a9733bea5d6730355388948920dfd4aec8b24c05e41106b68c950a239e2c13dfc49636632a2ac2a6e0b9720a3b58864eaa39fe3", 0xa1}], 0x5, &(0x7f0000000480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @remote}}}], 0x20}, 0x4040001) r0 = socket$netlink(0x10, 0x3, 0x5) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000540)={0x4, &(0x7f0000000500)=[{0xaab, 0xb1, 0xfa, 0x2}, {0x3, 0x1, 0x1b, 0x1ff}, {0x8a69, 0x1, 0x20, 0x8000}, {0x0, 0x3, 0x3, 0x5}]}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000800)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWSET={0xa4, 0x9, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x1}, @NFTA_SET_USERDATA={0x79, 0xd, 0x1, 0x0, "86e137d265adb7d7bb9f1078dcbe47c6674eb09e2d2c8b45d9828437fb4b44ad2e74aa8c70e489fa57115e544ab5152a0a1371f9cf2d4b74d5a0a088e4a0d966383c0dcc3a9160f781899de08a167742edb23d5fab6bd920cc8a1df667a057ee04a72f864af7fbb88dadc85933c01ef914e0c5a072"}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELSET={0x20, 0xb, 0xa, 0x401, 0x0, 0x0, {0xc}, [@NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0xffff}]}, @NFT_MSG_DELCHAIN={0xb0, 0x5, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_CHAIN_COUNTERS={0x40, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x400}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x81}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x8}]}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_COUNTERS={0x34, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x3ff}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x7}, @NFTA_COUNTER_BYTES={0xc}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWTABLE={0x2c, 0x0, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x68, 0x2, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}], {0x14}}, 0x230}, 0x1, 0x0, 0x0, 0x40}, 0x4000010) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000940)={'ip6_vti0\x00', &(0x7f00000008c0)={'ip6gre0\x00', 0x0, 0x2f, 0x7, 0x92, 0x6, 0x77, @loopback, @ipv4={'\x00', '\xff\xff', @local}, 0x8, 0x7, 0x7baa, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000a00)={'sit0\x00', &(0x7f0000000980)={'syztnl1\x00', 0x0, 0x29, 0x58, 0x6, 0xffff, 0x34, @rand_addr=' \x01\x00', @loopback, 0x10, 0x700, 0x1, 0x6}}) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000b80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000b40)={&(0x7f0000000a40)={0xdc, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_EEE_MODES_OURS={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x399}]}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x310f}, @ETHTOOL_A_EEE_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0xffffffff}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x80000000}, @ETHTOOL_A_EEE_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x4000000}, 0x90) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000bc0), 0x400201, 0x0) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000c40), r0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r3, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x24, r4, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x81}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008880}, 0x20000000) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000d80), r0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f0000000e80)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x54, r5, 0x2, 0x6, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x9f}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x479d}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}]}, 0x54}}, 0x80) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r6, 0x89fb, &(0x7f0000000f40)={'sit0\x00', &(0x7f0000000ec0)={'ip6_vti0\x00', r2, 0x4, 0x1, 0x40, 0x2, 0x9, @dev={0xfe, 0x80, '\x00', 0x2f}, @empty, 0x7, 0x8, 0x0, 0x401}}) getpeername$packet(r3, &(0x7f0000000fc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001000)=0x14) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r6, 0x89f4, &(0x7f00000010c0)={'syztnl2\x00', &(0x7f0000001040)={'syztnl1\x00', r1, 0x2f, 0x1, 0xa3, 0x3, 0x1d, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x80, 0x8000, 0x400, 0x3}}) accept4(r3, &(0x7f0000001140)=@xdp={0x2c, 0x0, 0x0}, &(0x7f00000011c0)=0x80, 0x80800) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f00000013c0)={'sit0\x00', &(0x7f0000001340)={'syztnl1\x00', r1, 0x29, 0x9, 0x6, 0x8, 0x6, @loopback, @empty, 0x700, 0x1, 0x5, 0x1000}}) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000001400)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@remote}}, &(0x7f0000001500)=0xe8) sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000001880)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001840)={&(0x7f0000001600)={0x218, 0x0, 0x728, 0x70bd2b, 0x25dfdbfd, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x218}, 0x1, 0x0, 0x0, 0x8000}, 0x8881) 19:11:29 executing program 4: ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000040)={0x0, {0x2, 0x4e23, @loopback}, {0x2, 0x4e24, @broadcast}, {0x2, 0x4e20, @empty}, 0x140, 0x0, 0x0, 0x0, 0xaf6d, &(0x7f0000000000)='bridge_slave_1\x00', 0x4, 0x4, 0x5}) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0x99, "5c09b1796cf13fd29a5cba15ed3f4d100893004d620f240549cc7aa1e69ec6c3e93ba2f6ba539cb8b3a024a443f48d47fb5385d00b1ac25876be81418c152ab9763ff1ca4437b0380492f4f7411fc5d926b624b34c6217d111d93a8e5933c1dee39e5d8e5d971440dafcec1f3faf625cec94d6b57d0c5b9e21440112e7d9753d45e1298de3bc91c975f52f51b90e6ecac9503320f3175d6e6c"}, &(0x7f0000000180)=0xbd) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f00000001c0), 0x600000, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000240)={0x0, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e20, @local}, {0x2, 0x4e23, @empty}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)='gre0\x00', 0x1ff, 0x0, 0x80}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_buf(r1, 0x0, 0x10, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=0x1000) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000001300)={0x0, 0x55d0}, 0x8) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3000001, 0x4010, r0, 0x8000000) syz_io_uring_submit(r2, 0x0, &(0x7f0000001340)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xf}, 0x21) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000001380)={{{@in6=@private1, @in=@multicast1}}, {{@in=@multicast2}, 0x0, @in6=@private1}}, &(0x7f0000001480)=0xe8) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, &(0x7f00000014c0)={0x8, 'batadv_slave_1\x00', {'veth1_macvtap\x00'}, 0x1000}) r3 = socket(0x2c, 0x6, 0x100) ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f00000015c0)={{0x2, 0x4e21, @remote}, {0x1, @multicast}, 0xa, {0x2, 0x4e21, @multicast1}, 'nr0\x00'}) getsockopt$sock_buf(r0, 0x1, 0x3d, &(0x7f0000001640)=""/39, &(0x7f0000001680)=0x27) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001b80)=@broute={'broute\x00', 0x20, 0x2, 0x45c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001700], 0x0, &(0x7f00000016c0), &(0x7f0000001700)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x2, [{0x5, 0x2, 0x6, 'batadv0\x00', 'vlan0\x00', 'ip_vti0\x00', 'batadv_slave_1\x00', @broadcast, [0x0, 0xff, 0xff, 0x0, 0xff, 0xff], @multicast, [0xff, 0x0, 0x0, 0xff], 0x11e, 0x196, 0x20e, [@rateest={{'rateest\x00', 0x0, 0x48}, {{'syzkaller1\x00', 'ip6gre0\x00', 0x19, 0x2, 0x3000, 0x54ac, 0x3, 0x0, {0x800}, {0x7}}}}, @devgroup={{'devgroup\x00', 0x0, 0x18}, {{0xd, 0xe9, 0x0, 0x20, 0x8e5}}}], [@common=@nflog={'nflog\x00', 0x50, {{0x0, 0x8, 0xe4, 0x0, 0x0, "7951e04d6bf791b5043042f590a1557c3fb44843af596cab617d0c65054a4ad1b8f068351cd5bc83f5d0502a30a88668f53d99102c7a7300c8da7dff24cf16e0"}}}], @common=@nflog={'nflog\x00', 0x50, {{0x5, 0x6, 0xff, 0x0, 0x0, "052b3f8f4aa79edb89e4aa5625be565b658909cdc3ba45e6608ca0af5a12828b586e666534c8b8430a30368d55b696570da63bb8d17d4ed55bc2f2c25c97f5a2"}}}}, {0x3, 0x68, 0x3, 'ip_vti0\x00', 'ip6gretap0\x00', 'team_slave_0\x00', 'dummy0\x00', @link_local, [0x0, 0xff, 0xff, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, [0xff, 0x0, 0x0, 0x0, 0xff, 0xff], 0x9e, 0x146, 0x1be, [@cpu={{'cpu\x00', 0x0, 0x8}, {{0x4, 0x1}}}], [@common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x7fff}}}, @common=@nflog={'nflog\x00', 0x50, {{0x7, 0xec00, 0x3f, 0x0, 0x0, "7a168e2050e007f680fdfb5e91dba6470344cc0d3bc596425abb6387586a60832eebf95587a88416dcf129223c9be1cbdacadc49755f63b0e040d0780645cca6"}}}], @common=@nflog={'nflog\x00', 0x50, {{0xc49, 0x749, 0xbd, 0x0, 0x0, "7bde3fad30942d6f3c55a16f3148675416d42e5a402855251ea7fde2232399a2db59876b5400d6c68e4a9adf427c861af3f71c221a4d56c7ed6dcb912883cb43"}}}}]}]}, 0x4d4) recvmsg$unix(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000004180)=[{&(0x7f0000001c00)=""/223, 0xdf}, {&(0x7f0000001d00)=""/220, 0xdc}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/128, 0x80}, {&(0x7f0000002e80)=""/227, 0xe3}, {&(0x7f0000002f80)=""/35, 0x23}, {&(0x7f0000002fc0)=""/4096, 0x1000}, {&(0x7f0000003fc0)=""/166, 0xa6}, {&(0x7f0000004080)=""/105, 0x69}, {&(0x7f0000004100)=""/119, 0x77}], 0xa, &(0x7f0000004240)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf0}, 0x40010060) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000004400)={'nat\x00', 0x0, 0x3, 0x2c, [0x10000, 0x400, 0xffff, 0x5, 0x1, 0x5], 0x3, &(0x7f0000004380)=[{}, {}, {}], &(0x7f00000043c0)=""/44}, &(0x7f0000004480)=0x78) r7 = openat$cgroup_subtree(r6, &(0x7f00000044c0), 0x2, 0x0) pread64(r7, &(0x7f0000004500)=""/44, 0x2c, 0xfffffffffffeffff) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r4, 0x50009418, &(0x7f0000004640)={{}, 0x0, 0x10, @inherit={0x68, &(0x7f00000045c0)={0x0, 0x4, 0x6, 0x2d0, {0x28, 0x9, 0x446, 0x4, 0x7ff}, [0xffffffffffffffe1, 0x1000, 0x9, 0x1]}}, @devid}) 19:11:29 executing program 5: prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000000)) sync() sync() sync() sync() sync() sync() sync() r0 = msgget(0x0, 0x4) msgctl$MSG_STAT(r0, 0xb, &(0x7f0000000040)=""/162) msgrcv(r0, &(0x7f0000000100)={0x0, ""/83}, 0x5b, 0x3, 0x800) sync() fork() sync() prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000180)) sync() msgget(0x1, 0x8) sync() openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) sync() [ 71.542564] audit: type=1400 audit(1664305889.455:6): avc: denied { execmem } for pid=286 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:11:29 executing program 6: setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), 0x4) r0 = socket$inet(0x2, 0x6, 0x81) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x7}, 0x8) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000080)=0x3, 0x4) getsockopt$IP_SET_OP_GET_BYINDEX(r0, 0x1, 0x53, &(0x7f00000000c0)={0x7, 0x7, 0x3}, &(0x7f0000000100)=0x28) setsockopt$inet_int(r0, 0x0, 0x16, &(0x7f0000000140)=0x6dc, 0x4) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000180)=0x40, 0x4) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e21, @local}, {0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x10, {0x2, 0x4e22, @loopback}, 'vcan0\x00'}) r1 = syz_open_dev$vcsa(&(0x7f0000000240), 0xba, 0x4100) ioctl$F2FS_IOC_DEFRAGMENT(r1, 0xc010f508, &(0x7f0000000280)={0x7, 0x1}) ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f00000002c0)={0x1, 'wg0\x00', {}, 0xffff}) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000019c0), 0x248802, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r2, 0x0, 0x2d, &(0x7f0000001a00)={0x101, {{0x2, 0x4e23, @broadcast}}}, 0x88) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, r1, {0x40}}, './file0\x00'}) ioctl$KDMKTONE(r3, 0x4b30, 0x0) fchmodat(r1, &(0x7f0000001b00)='./file0\x00', 0x86) accept4$inet6(r2, &(0x7f0000001b40)={0xa, 0x0, 0x0, @empty}, &(0x7f0000001b80)=0x1c, 0x81000) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001bc0), 0x400001, 0x0) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r4, 0x8010671f, &(0x7f0000002c00)={&(0x7f0000001c00)=""/4096, 0x1000}) [ 72.936176] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.937966] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.939983] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.941835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.943639] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.944757] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.946697] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.949082] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.950478] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.952176] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.953719] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.973348] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.978914] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.980572] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.981870] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.985442] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.987187] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.990589] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.992823] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.994094] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.995161] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.996322] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.997550] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.999569] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.000670] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 73.001788] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.003018] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.004077] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 73.006057] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.007313] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.011728] Bluetooth: hci3: HCI_REQ-0x0c1a [ 73.011868] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.016818] Bluetooth: hci4: HCI_REQ-0x0c1a [ 73.019312] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 73.023844] Bluetooth: hci1: HCI_REQ-0x0c1a [ 73.027481] Bluetooth: hci2: HCI_REQ-0x0c1a [ 73.047389] Bluetooth: hci0: HCI_REQ-0x0c1a [ 73.066525] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 73.068773] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 73.071702] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 73.073619] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 73.074995] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 73.076546] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 73.079790] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 73.080995] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 73.082491] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 73.083720] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 73.085594] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 73.087075] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 73.088514] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 73.092665] Bluetooth: hci7: HCI_REQ-0x0c1a [ 73.101405] Bluetooth: hci6: HCI_REQ-0x0c1a [ 73.114455] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 73.120499] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 73.124534] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 73.130561] Bluetooth: hci5: HCI_REQ-0x0c1a [ 75.060707] Bluetooth: hci2: command 0x0409 tx timeout [ 75.061947] Bluetooth: hci3: command 0x0409 tx timeout [ 75.062888] Bluetooth: hci0: command 0x0409 tx timeout [ 75.063812] Bluetooth: hci1: command 0x0409 tx timeout [ 75.064705] Bluetooth: hci4: command 0x0409 tx timeout [ 75.124352] Bluetooth: hci6: command 0x0409 tx timeout [ 75.125815] Bluetooth: hci7: command 0x0409 tx timeout [ 75.191268] Bluetooth: hci5: command 0x0409 tx timeout [ 77.108477] Bluetooth: hci4: command 0x041b tx timeout [ 77.109294] Bluetooth: hci1: command 0x041b tx timeout [ 77.110006] Bluetooth: hci0: command 0x041b tx timeout [ 77.110756] Bluetooth: hci3: command 0x041b tx timeout [ 77.111498] Bluetooth: hci2: command 0x041b tx timeout [ 77.172415] Bluetooth: hci7: command 0x041b tx timeout [ 77.173261] Bluetooth: hci6: command 0x041b tx timeout [ 77.236311] Bluetooth: hci5: command 0x041b tx timeout [ 79.156453] Bluetooth: hci2: command 0x040f tx timeout [ 79.157362] Bluetooth: hci3: command 0x040f tx timeout [ 79.158156] Bluetooth: hci0: command 0x040f tx timeout [ 79.159274] Bluetooth: hci1: command 0x040f tx timeout [ 79.160050] Bluetooth: hci4: command 0x040f tx timeout [ 79.220388] Bluetooth: hci6: command 0x040f tx timeout [ 79.221195] Bluetooth: hci7: command 0x040f tx timeout [ 79.284470] Bluetooth: hci5: command 0x040f tx timeout [ 81.204357] Bluetooth: hci4: command 0x0419 tx timeout [ 81.204871] Bluetooth: hci1: command 0x0419 tx timeout [ 81.205651] Bluetooth: hci0: command 0x0419 tx timeout [ 81.206054] Bluetooth: hci3: command 0x0419 tx timeout [ 81.206456] Bluetooth: hci2: command 0x0419 tx timeout [ 81.269289] Bluetooth: hci7: command 0x0419 tx timeout [ 81.269758] Bluetooth: hci6: command 0x0419 tx timeout [ 81.332386] Bluetooth: hci5: command 0x0419 tx timeout 19:12:26 executing program 5: r0 = syz_mount_image$iso9660(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="00ae31f188895104f773caaa68e3efef7386be0bf60ea1a75b1fc9e79554123534b00ee0cbf7cba1cd21b36572ba776e0e36074510c74238c5a13c314e3f760f02369869a11528e88e974035782cc533b887db132097bbb497"]) statx(r0, &(0x7f0000000040)='./file1\x00', 0x2000, 0x800, &(0x7f0000000080)) statx(r0, &(0x7f0000000180)='./file0\x00', 0x2000, 0x100, &(0x7f00000001c0)) 19:12:27 executing program 7: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000005c0), 0x6}, 0x6840, 0x0, 0x1, 0x0, 0x2, 0x0, 0x80}, r0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000600)={'hsr0\x00'}) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc) r3 = socket$inet_icmp(0x2, 0x2, 0x1) fsetxattr$security_evm(r3, &(0x7f0000000300), &(0x7f0000000340)=@v2={0x0, 0x1, 0x8, 0x9, 0x7f, "f335a666673bfe26afccc610867f24fc6e96d2ebe45606592da06ab94a66d7e21e4b7cd7dc65a3e33eb8504ca697082f8513c1fa1aa7897bd1cf9d6ad9db71961ead6519ce35464915e1ada387a2ac511e1a215a58978f7b66655e366c08b44bfc0eda0fbce5d76ec7103b8fe15be6417033bbfe79b2bdbb05773d603525fa"}, 0x88, 0x2) syz_io_uring_setup(0x61a1, &(0x7f00000004c0)={0x0, 0x225f, 0x16, 0x3, 0x35c}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000580)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f00000001c0)) read(0xffffffffffffffff, &(0x7f0000000140)=""/78, 0x4e) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000200)={@local, @remote}, &(0x7f0000000240)=0xc) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f00000008c0)={@multicast2, @private, 0x0}, &(0x7f0000000900)=0xc) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000400)={'ip6gre0\x00', r4, 0x4, 0xe1, 0xb5, 0xc, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, 0x80, 0x10, 0xffff, 0x6}}) syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0) [ 129.380568] ISOFS: Unable to identify CD-ROM format. [ 129.417141] audit: type=1400 audit(1664305947.330:7): avc: denied { open } for pid=3811 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.418710] audit: type=1400 audit(1664305947.330:8): avc: denied { kernel } for pid=3811 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.431002] ------------[ cut here ]------------ [ 129.431023] [ 129.431026] ====================================================== [ 129.431030] WARNING: possible circular locking dependency detected [ 129.431034] 6.0.0-rc6-next-20220923 #1 Not tainted [ 129.431040] ------------------------------------------------------ [ 129.431043] syz-executor.7/3812 is trying to acquire lock: [ 129.431050] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 129.431093] [ 129.431093] but task is already holding lock: [ 129.431096] ffff8880410a5820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 129.431126] [ 129.431126] which lock already depends on the new lock. [ 129.431126] [ 129.431129] [ 129.431129] the existing dependency chain (in reverse order) is: [ 129.431132] [ 129.431132] -> #3 (&ctx->lock){....}-{2:2}: [ 129.431146] _raw_spin_lock+0x2a/0x40 [ 129.431165] __perf_event_task_sched_out+0x53b/0x18d0 [ 129.431178] __schedule+0xedd/0x2470 [ 129.431191] schedule+0xda/0x1b0 [ 129.431204] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.431215] syscall_exit_to_user_mode+0x19/0x40 [ 129.431228] do_syscall_64+0x48/0x90 [ 129.431245] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.431257] [ 129.431257] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 129.431271] _raw_spin_lock_nested+0x30/0x40 [ 129.431289] raw_spin_rq_lock_nested+0x1e/0x30 [ 129.431302] task_fork_fair+0x63/0x4d0 [ 129.431318] sched_cgroup_fork+0x3d0/0x540 [ 129.431332] copy_process+0x4183/0x6e20 [ 129.431343] kernel_clone+0xe7/0x890 [ 129.431352] user_mode_thread+0xad/0xf0 [ 129.431363] rest_init+0x24/0x250 [ 129.431381] arch_call_rest_init+0xf/0x14 [ 129.431400] start_kernel+0x4c1/0x4e6 [ 129.431415] secondary_startup_64_no_verify+0xe0/0xeb [ 129.431429] [ 129.431429] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 129.431442] _raw_spin_lock_irqsave+0x39/0x60 [ 129.431460] try_to_wake_up+0xab/0x1930 [ 129.431473] up+0x75/0xb0 [ 129.431487] __up_console_sem+0x6e/0x80 [ 129.431503] console_unlock+0x46a/0x590 [ 129.431518] vprintk_emit+0x1bd/0x560 [ 129.431534] vprintk+0x84/0xa0 [ 129.431550] _printk+0xba/0xf1 [ 129.431561] kauditd_hold_skb.cold+0x3f/0x4e [ 129.431578] kauditd_send_queue+0x233/0x290 [ 129.431593] kauditd_thread+0x5da/0x9a0 [ 129.431606] kthread+0x2ed/0x3a0 [ 129.431621] ret_from_fork+0x22/0x30 [ 129.431633] [ 129.431633] -> #0 ((console_sem).lock){....}-{2:2}: [ 129.431647] __lock_acquire+0x2a02/0x5e70 [ 129.431663] lock_acquire+0x1a2/0x530 [ 129.431679] _raw_spin_lock_irqsave+0x39/0x60 [ 129.431697] down_trylock+0xe/0x70 [ 129.431711] __down_trylock_console_sem+0x3b/0xd0 [ 129.431727] vprintk_emit+0x16b/0x560 [ 129.431742] vprintk+0x84/0xa0 [ 129.431758] _printk+0xba/0xf1 [ 129.431767] report_bug.cold+0x72/0xab [ 129.431784] handle_bug+0x3c/0x70 [ 129.431799] exc_invalid_op+0x14/0x50 [ 129.431815] asm_exc_invalid_op+0x16/0x20 [ 129.431827] group_sched_out.part.0+0x2c7/0x460 [ 129.431838] ctx_sched_out+0x8f1/0xc10 [ 129.431847] __perf_event_task_sched_out+0x6d0/0x18d0 [ 129.431860] __schedule+0xedd/0x2470 [ 129.431873] schedule+0xda/0x1b0 [ 129.431885] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.431896] syscall_exit_to_user_mode+0x19/0x40 [ 129.431908] do_syscall_64+0x48/0x90 [ 129.431923] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.431935] [ 129.431935] other info that might help us debug this: [ 129.431935] [ 129.431938] Chain exists of: [ 129.431938] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 129.431938] [ 129.431953] Possible unsafe locking scenario: [ 129.431953] [ 129.431955] CPU0 CPU1 [ 129.431958] ---- ---- [ 129.431960] lock(&ctx->lock); [ 129.431966] lock(&rq->__lock); [ 129.431972] lock(&ctx->lock); [ 129.431978] lock((console_sem).lock); [ 129.431984] [ 129.431984] *** DEADLOCK *** [ 129.431984] [ 129.431986] 2 locks held by syz-executor.7/3812: [ 129.431993] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 129.432022] #1: ffff8880410a5820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 129.432049] [ 129.432049] stack backtrace: [ 129.432052] CPU: 1 PID: 3812 Comm: syz-executor.7 Not tainted 6.0.0-rc6-next-20220923 #1 [ 129.432064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 129.432073] Call Trace: [ 129.432076] [ 129.432080] dump_stack_lvl+0x8b/0xb3 [ 129.432098] check_noncircular+0x263/0x2e0 [ 129.432114] ? format_decode+0x26c/0xb50 [ 129.432130] ? print_circular_bug+0x450/0x450 [ 129.432147] ? enable_ptr_key_workfn+0x20/0x20 [ 129.432162] ? __lockdep_reset_lock+0x180/0x180 [ 129.432179] ? format_decode+0x26c/0xb50 [ 129.432195] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 129.432212] __lock_acquire+0x2a02/0x5e70 [ 129.432234] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 129.432256] lock_acquire+0x1a2/0x530 [ 129.432272] ? down_trylock+0xe/0x70 [ 129.432288] ? lock_release+0x750/0x750 [ 129.432305] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 129.432325] ? vprintk+0x84/0xa0 [ 129.432343] _raw_spin_lock_irqsave+0x39/0x60 [ 129.432361] ? down_trylock+0xe/0x70 [ 129.432377] down_trylock+0xe/0x70 [ 129.432392] ? vprintk+0x84/0xa0 [ 129.432408] __down_trylock_console_sem+0x3b/0xd0 [ 129.432425] vprintk_emit+0x16b/0x560 [ 129.432442] ? lock_downgrade+0x6d0/0x6d0 [ 129.432460] vprintk+0x84/0xa0 [ 129.432477] _printk+0xba/0xf1 [ 129.432488] ? record_print_text.cold+0x16/0x16 [ 129.432501] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 129.432515] ? lock_downgrade+0x6d0/0x6d0 [ 129.432532] ? report_bug.cold+0x66/0xab [ 129.432550] ? group_sched_out.part.0+0x2c7/0x460 [ 129.432561] report_bug.cold+0x72/0xab [ 129.432579] handle_bug+0x3c/0x70 [ 129.432596] exc_invalid_op+0x14/0x50 [ 129.432614] asm_exc_invalid_op+0x16/0x20 [ 129.432626] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 129.432639] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 129.432651] RSP: 0018:ffff88804171fc48 EFLAGS: 00010006 [ 129.432660] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.432667] RDX: ffff88801f1ab580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 129.432675] RBP: ffff888041730000 R08: 0000000000000005 R09: 0000000000000001 [ 129.432682] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880410a5800 [ 129.432690] R13: ffff88806cf3d140 R14: ffffffff8547c9a0 R15: 0000000000000002 [ 129.432701] ? group_sched_out.part.0+0x2c7/0x460 [ 129.432714] ? group_sched_out.part.0+0x2c7/0x460 [ 129.432727] ctx_sched_out+0x8f1/0xc10 [ 129.432740] __perf_event_task_sched_out+0x6d0/0x18d0 [ 129.432755] ? lock_is_held_type+0xd7/0x130 [ 129.432768] ? __perf_cgroup_move+0x160/0x160 [ 129.432780] ? set_next_entity+0x304/0x550 [ 129.432798] ? update_curr+0x267/0x740 [ 129.432816] ? lock_is_held_type+0xd7/0x130 [ 129.432829] __schedule+0xedd/0x2470 [ 129.432846] ? io_schedule_timeout+0x150/0x150 [ 129.432862] ? __x64_sys_futex_time32+0x480/0x480 [ 129.432876] schedule+0xda/0x1b0 [ 129.432890] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.432902] syscall_exit_to_user_mode+0x19/0x40 [ 129.432915] do_syscall_64+0x48/0x90 [ 129.432932] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.432945] RIP: 0033:0x7f34f7ebcb19 [ 129.432953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.432964] RSP: 002b:00007f34f5432218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 129.432975] RAX: 0000000000000001 RBX: 00007f34f7fcff68 RCX: 00007f34f7ebcb19 [ 129.432982] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34f7fcff6c [ 129.432990] RBP: 00007f34f7fcff60 R08: 000000000000000e R09: 0000000000000000 [ 129.432997] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f34f7fcff6c [ 129.433004] R13: 00007fff93c7ae3f R14: 00007f34f5432300 R15: 0000000000022000 [ 129.433016] [ 129.478823] ISOFS: Unable to identify CD-ROM format. [ 129.479301] WARNING: CPU: 1 PID: 3812 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 129.479322] Modules linked in: [ 129.479328] CPU: 1 PID: 3812 Comm: syz-executor.7 Not tainted 6.0.0-rc6-next-20220923 #1 [ 129.479341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 129.479348] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 129.479362] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 129.479379] RSP: 0018:ffff88804171fc48 EFLAGS: 00010006 [ 129.479389] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.479397] RDX: ffff88801f1ab580 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 129.479405] RBP: ffff888041730000 R08: 0000000000000005 R09: 0000000000000001 [ 129.479413] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880410a5800 [ 129.479420] R13: ffff88806cf3d140 R14: ffffffff8547c9a0 R15: 0000000000000002 [ 129.479430] FS: 00007f34f5432700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 129.479442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.479451] CR2: 00007fca4684f8e0 CR3: 0000000040d7c000 CR4: 0000000000350ee0 [ 129.479460] Call Trace: [ 129.479463] [ 129.479468] ctx_sched_out+0x8f1/0xc10 [ 129.479482] __perf_event_task_sched_out+0x6d0/0x18d0 [ 129.479498] ? lock_is_held_type+0xd7/0x130 [ 129.479511] ? __perf_cgroup_move+0x160/0x160 [ 129.479524] ? set_next_entity+0x304/0x550 [ 129.479542] ? update_curr+0x267/0x740 [ 129.479560] ? lock_is_held_type+0xd7/0x130 [ 129.479574] __schedule+0xedd/0x2470 [ 129.479590] ? io_schedule_timeout+0x150/0x150 [ 129.479607] ? __x64_sys_futex_time32+0x480/0x480 [ 129.479621] schedule+0xda/0x1b0 [ 129.479635] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.479648] syscall_exit_to_user_mode+0x19/0x40 [ 129.479661] do_syscall_64+0x48/0x90 [ 129.479679] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.479692] RIP: 0033:0x7f34f7ebcb19 [ 129.479701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.479712] RSP: 002b:00007f34f5432218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 129.479724] RAX: 0000000000000001 RBX: 00007f34f7fcff68 RCX: 00007f34f7ebcb19 [ 129.479731] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34f7fcff6c [ 129.479739] RBP: 00007f34f7fcff60 R08: 000000000000000e R09: 0000000000000000 [ 129.479747] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f34f7fcff6c [ 129.479755] R13: 00007fff93c7ae3f R14: 00007f34f5432300 R15: 0000000000022000 [ 129.479768] [ 129.479772] irq event stamp: 842 [ 129.479775] hardirqs last enabled at (841): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 129.479791] hardirqs last disabled at (842): [] __schedule+0x1225/0x2470 [ 129.479809] softirqs last enabled at (814): [] __irq_exit_rcu+0x11b/0x180 [ 129.479829] softirqs last disabled at (805): [] __irq_exit_rcu+0x11b/0x180 [ 129.479849] ---[ end trace 0000000000000000 ]--- 19:12:27 executing program 5: sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x800) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x9, &(0x7f0000000140)=0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0) io_submit(r0, 0x1, &(0x7f00000005c0)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000001c0)=')', 0x1}]) r2 = eventfd2(0x7, 0x0) sendfile(r1, r2, &(0x7f0000000340)=0x5, 0x400) syz_open_procfs(0x0, &(0x7f0000000100)='net/dev\x00') write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x41030) fsetxattr$security_selinux(r2, &(0x7f0000000180), &(0x7f0000000240)='system_u:object_r:zero_device_t:s0\x00', 0x23, 0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) socket$packet(0x11, 0x3, 0x300) [ 130.000232] hrtimer: interrupt took 19025 ns [ 130.257372] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 130.258084] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 130.258602] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 130.259084] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00 [ 130.259660] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 2 [ 131.282430] audit: type=1400 audit(1664305949.195:9): avc: denied { create } for pid=3948 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 [ 134.009283] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 134.010841] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 134.023457] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 134.025745] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 134.028181] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 134.030117] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 134.033570] Bluetooth: hci7: HCI_REQ-0x0c1a [ 136.052354] Bluetooth: hci7: command 0x0409 tx timeout [ 138.100356] Bluetooth: hci7: command 0x041b tx timeout VM DIAGNOSIS: 19:12:27 Registers: info registers vcpu 0 RAX=1ffffffff0b75664 RBX=ffffffff85bab320 RCX=ffffffff816544fb RDX=0000000000000004 RSI=ffffffff85ec6bba RDI=ffffffff85bab2d4 RBP=ffffffff85bab318 RSP=ffff88801c3e73b8 R8 =ffffffff85ec6bba R9 =ffffffff85edd148 R10=ffffed100387ce9d R11=000000000003603d R12=ffffffff85bab328 R13=ffffffff85bab2d4 R14=ffffffff85bab314 R15=dffffc0000000000 RIP=ffffffff81119bea RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1ed1777700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fabcd908710 CR3=000000004158a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 000000ff00000000 00000000000000ff YMM01=0000000000000000 0000000000000000 ffffff0000ff00ff ffffffffffffff00 YMM02=0000000000000000 0000000000000000 494c4700362e322e 325f4342494c4700 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000004700 YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff822b175c RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88804171f640 R8 =0000000000000004 R9 =0000000000000010 R10=0000000000000010 R11=0000000000000001 R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0ec8bcb R15=dffffc0000000000 RIP=ffffffff822b17b1 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f34f5432700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fca4684f8e0 CR3=0000000040d7c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f34f7fa37c0 00007f34f7fa37c8 YMM02=0000000000000000 0000000000000000 00007f34f7fa37e0 00007f34f7fa37c0 YMM03=0000000000000000 0000000000000000 00007f34f7fa37c8 00007f34f7fa37c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000