Warning: Permanently added '[localhost]:51238' (ECDSA) to the list of known hosts. 2022/09/30 11:19:41 fuzzer started 2022/09/30 11:19:41 dialing manager at localhost:40535 syzkaller login: [ 45.233658] cgroup: Unknown subsys name 'net' [ 45.327071] cgroup: Unknown subsys name 'rlimit' 2022/09/30 11:19:56 syscalls: 2215 2022/09/30 11:19:56 code coverage: enabled 2022/09/30 11:19:56 comparison tracing: enabled 2022/09/30 11:19:56 extra coverage: enabled 2022/09/30 11:19:56 setuid sandbox: enabled 2022/09/30 11:19:56 namespace sandbox: enabled 2022/09/30 11:19:56 Android sandbox: enabled 2022/09/30 11:19:56 fault injection: enabled 2022/09/30 11:19:56 leak checking: enabled 2022/09/30 11:19:56 net packet injection: enabled 2022/09/30 11:19:56 net device setup: enabled 2022/09/30 11:19:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/30 11:19:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/30 11:19:56 USB emulation: enabled 2022/09/30 11:19:56 hci packet injection: enabled 2022/09/30 11:19:56 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220929) 2022/09/30 11:19:56 802.15.4 emulation: enabled 2022/09/30 11:19:56 fetching corpus: 50, signal 24448/26216 (executing program) 2022/09/30 11:19:56 fetching corpus: 100, signal 39705/42990 (executing program) 2022/09/30 11:19:56 fetching corpus: 150, signal 45181/49956 (executing program) 2022/09/30 11:19:56 fetching corpus: 200, signal 52667/58768 (executing program) 2022/09/30 11:19:57 fetching corpus: 250, signal 59600/66920 (executing program) 2022/09/30 11:19:57 fetching corpus: 300, signal 63084/71647 (executing program) 2022/09/30 11:19:57 fetching corpus: 350, signal 69305/78924 (executing program) 2022/09/30 11:19:57 fetching corpus: 400, signal 71854/82689 (executing program) 2022/09/30 11:19:57 fetching corpus: 450, signal 77286/89065 (executing program) 2022/09/30 11:19:57 fetching corpus: 500, signal 84074/96634 (executing program) 2022/09/30 11:19:57 fetching corpus: 550, signal 88274/101676 (executing program) 2022/09/30 11:19:57 fetching corpus: 600, signal 90723/105045 (executing program) 2022/09/30 11:19:58 fetching corpus: 650, signal 94436/109548 (executing program) 2022/09/30 11:19:58 fetching corpus: 700, signal 97385/113256 (executing program) 2022/09/30 11:19:58 fetching corpus: 750, signal 99420/116092 (executing program) 2022/09/30 11:19:58 fetching corpus: 800, signal 101531/118997 (executing program) 2022/09/30 11:19:58 fetching corpus: 850, signal 103874/122058 (executing program) 2022/09/30 11:19:58 fetching corpus: 900, signal 105336/124390 (executing program) 2022/09/30 11:19:58 fetching corpus: 950, signal 106972/126844 (executing program) 2022/09/30 11:19:58 fetching corpus: 1000, signal 109013/129547 (executing program) 2022/09/30 11:19:59 fetching corpus: 1050, signal 111061/132245 (executing program) 2022/09/30 11:19:59 fetching corpus: 1100, signal 113221/135000 (executing program) 2022/09/30 11:19:59 fetching corpus: 1150, signal 114985/137396 (executing program) 2022/09/30 11:19:59 fetching corpus: 1200, signal 116813/139753 (executing program) 2022/09/30 11:19:59 fetching corpus: 1250, signal 118016/141672 (executing program) 2022/09/30 11:19:59 fetching corpus: 1300, signal 119598/143890 (executing program) 2022/09/30 11:19:59 fetching corpus: 1350, signal 120911/145854 (executing program) 2022/09/30 11:19:59 fetching corpus: 1400, signal 122762/148137 (executing program) 2022/09/30 11:20:00 fetching corpus: 1450, signal 124262/150238 (executing program) 2022/09/30 11:20:00 fetching corpus: 1500, signal 125586/152098 (executing program) 2022/09/30 11:20:00 fetching corpus: 1550, signal 128200/154860 (executing program) 2022/09/30 11:20:00 fetching corpus: 1600, signal 130228/157137 (executing program) 2022/09/30 11:20:00 fetching corpus: 1650, signal 131471/158876 (executing program) 2022/09/30 11:20:00 fetching corpus: 1700, signal 133467/161159 (executing program) 2022/09/30 11:20:00 fetching corpus: 1750, signal 134783/162920 (executing program) 2022/09/30 11:20:00 fetching corpus: 1800, signal 136284/164722 (executing program) 2022/09/30 11:20:01 fetching corpus: 1850, signal 137504/166289 (executing program) 2022/09/30 11:20:01 fetching corpus: 1900, signal 138905/168023 (executing program) 2022/09/30 11:20:01 fetching corpus: 1950, signal 140028/169554 (executing program) 2022/09/30 11:20:01 fetching corpus: 2000, signal 140746/170719 (executing program) 2022/09/30 11:20:01 fetching corpus: 2050, signal 142171/172352 (executing program) 2022/09/30 11:20:01 fetching corpus: 2100, signal 143620/174009 (executing program) 2022/09/30 11:20:01 fetching corpus: 2150, signal 144488/175259 (executing program) 2022/09/30 11:20:01 fetching corpus: 2200, signal 145916/176819 (executing program) 2022/09/30 11:20:01 fetching corpus: 2250, signal 146977/178202 (executing program) 2022/09/30 11:20:02 fetching corpus: 2300, signal 147893/179446 (executing program) 2022/09/30 11:20:02 fetching corpus: 2350, signal 149292/180965 (executing program) 2022/09/30 11:20:02 fetching corpus: 2400, signal 150586/182380 (executing program) 2022/09/30 11:20:02 fetching corpus: 2450, signal 151468/183558 (executing program) 2022/09/30 11:20:02 fetching corpus: 2500, signal 152813/184939 (executing program) 2022/09/30 11:20:02 fetching corpus: 2550, signal 153651/186031 (executing program) 2022/09/30 11:20:02 fetching corpus: 2600, signal 154613/187189 (executing program) 2022/09/30 11:20:02 fetching corpus: 2650, signal 155463/188270 (executing program) 2022/09/30 11:20:02 fetching corpus: 2700, signal 156201/189293 (executing program) 2022/09/30 11:20:03 fetching corpus: 2750, signal 157064/190370 (executing program) 2022/09/30 11:20:03 fetching corpus: 2800, signal 157797/191353 (executing program) 2022/09/30 11:20:03 fetching corpus: 2850, signal 160016/193012 (executing program) 2022/09/30 11:20:03 fetching corpus: 2900, signal 160697/193933 (executing program) 2022/09/30 11:20:03 fetching corpus: 2950, signal 161356/194768 (executing program) 2022/09/30 11:20:03 fetching corpus: 3000, signal 162175/195694 (executing program) 2022/09/30 11:20:03 fetching corpus: 3050, signal 163135/196732 (executing program) 2022/09/30 11:20:03 fetching corpus: 3100, signal 164027/197702 (executing program) 2022/09/30 11:20:04 fetching corpus: 3150, signal 164974/198652 (executing program) 2022/09/30 11:20:04 fetching corpus: 3200, signal 165768/199503 (executing program) 2022/09/30 11:20:04 fetching corpus: 3250, signal 166624/200377 (executing program) 2022/09/30 11:20:04 fetching corpus: 3300, signal 167132/201128 (executing program) 2022/09/30 11:20:04 fetching corpus: 3350, signal 167955/201914 (executing program) 2022/09/30 11:20:04 fetching corpus: 3400, signal 168760/202724 (executing program) 2022/09/30 11:20:04 fetching corpus: 3450, signal 169471/203510 (executing program) 2022/09/30 11:20:04 fetching corpus: 3500, signal 170391/204347 (executing program) 2022/09/30 11:20:05 fetching corpus: 3550, signal 171509/205298 (executing program) 2022/09/30 11:20:05 fetching corpus: 3600, signal 172468/206160 (executing program) 2022/09/30 11:20:05 fetching corpus: 3650, signal 173331/206959 (executing program) 2022/09/30 11:20:05 fetching corpus: 3700, signal 173885/207566 (executing program) 2022/09/30 11:20:05 fetching corpus: 3750, signal 174350/208184 (executing program) 2022/09/30 11:20:05 fetching corpus: 3800, signal 174943/208814 (executing program) 2022/09/30 11:20:05 fetching corpus: 3850, signal 175649/209463 (executing program) 2022/09/30 11:20:05 fetching corpus: 3900, signal 176454/210181 (executing program) 2022/09/30 11:20:05 fetching corpus: 3950, signal 177214/210825 (executing program) 2022/09/30 11:20:06 fetching corpus: 4000, signal 177903/211426 (executing program) 2022/09/30 11:20:06 fetching corpus: 4050, signal 179194/212241 (executing program) 2022/09/30 11:20:06 fetching corpus: 4100, signal 179867/212842 (executing program) 2022/09/30 11:20:06 fetching corpus: 4150, signal 180598/213472 (executing program) 2022/09/30 11:20:06 fetching corpus: 4200, signal 181317/214038 (executing program) 2022/09/30 11:20:06 fetching corpus: 4250, signal 182052/214584 (executing program) 2022/09/30 11:20:06 fetching corpus: 4300, signal 182730/215136 (executing program) 2022/09/30 11:20:06 fetching corpus: 4350, signal 183333/215680 (executing program) 2022/09/30 11:20:07 fetching corpus: 4400, signal 183732/216146 (executing program) 2022/09/30 11:20:07 fetching corpus: 4450, signal 184284/216633 (executing program) 2022/09/30 11:20:07 fetching corpus: 4500, signal 185449/217223 (executing program) 2022/09/30 11:20:07 fetching corpus: 4550, signal 186650/218092 (executing program) 2022/09/30 11:20:07 fetching corpus: 4600, signal 187027/218495 (executing program) 2022/09/30 11:20:07 fetching corpus: 4650, signal 187588/218949 (executing program) 2022/09/30 11:20:07 fetching corpus: 4700, signal 188422/219398 (executing program) 2022/09/30 11:20:07 fetching corpus: 4750, signal 189243/219837 (executing program) 2022/09/30 11:20:08 fetching corpus: 4800, signal 189733/220209 (executing program) 2022/09/30 11:20:08 fetching corpus: 4850, signal 190496/220624 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/220965 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/221264 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/221561 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/221861 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/222186 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/222523 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/222865 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/223194 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/223494 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/223807 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/224109 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/224405 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/224704 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/224867 (executing program) 2022/09/30 11:20:08 fetching corpus: 4872, signal 190746/224867 (executing program) 2022/09/30 11:20:11 starting 8 fuzzer processes 11:20:11 executing program 0: recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000), 0x6e, &(0x7f0000000140)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f00000000c0)=""/85, 0x55}], 0x2, &(0x7f0000000180)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0xb0}, 0x180) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000340)={{{@in=@loopback, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000440)=0xe8) mount$9p_unix(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x100008, &(0x7f0000000480)={'trans=unix,', {[{@cache_mmap}, {@loose}, {@cachetag={'cachetag', 0x3d, '\xd5-7!.*/#--('}}, {@aname={'aname', 0x3d, '\'$)%))@'}}, {@noextend}], [{@subj_user={'subj_user', 0x3d, '*'}}, {@uid_gt={'uid>', r6}}, {@fowner_eq={'fowner', 0x3d, r8}}, {@dont_hash}, {@defcontext={'defcontext', 0x3d, 'system_u'}}]}}) recvmsg$unix(r1, &(0x7f0000000e80)={&(0x7f0000000b80)=@abs, 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000c00)=""/46, 0x2e}, {&(0x7f0000000c40)=""/134, 0x86}, {&(0x7f0000000d00)=""/111, 0x6f}, {&(0x7f0000000d80)=""/49, 0x31}], 0x4, &(0x7f0000000e00)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}], 0x78}, 0x100) syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000580)='./file0\x00', 0x6, 0x7, &(0x7f0000000ac0)=[{&(0x7f00000005c0)="2e4d537bcb2d3cff7fd7a58fbe534696ba94d4e47c0f2fdf4396fc2761a7fb6b54473907a8ab2930dc52204a4e5cd35115c417d0a5ee9b39cdb9c41b4c94321c072cbd2d19a23a6db99fa8077749d684fe9ba03133818147da59818ff1223e954656484366294c5946f19f575982cf083cfc31764a78dd90aa6fe78bf577137689690936b52fe657c1155c99e7a7f29481a56f8994a8f79ceecebd617e1bac1a7e5b7ea6e036f9bfa6cd6c91e04e5a36e3b72158710315066c6192e461ebdda836", 0xc1, 0x59f8}, {&(0x7f00000006c0)="4b6b1e452bf8adaea492d9e4be7570d52feefcafd60239be082643096ac5aa3f6a11928a9e9eae5397a1d201daf28dc19fb31f21fbacbc35a240daad0b9b8fa07c07b070f3baaf2806204522cde0fdc0a7a34727ec08b0148224458452453d8697d83e851645639c2b254829dd1917ecbe396b4a053e01e315ad6da0004d60cbf5683c", 0x83, 0x5a6}, {&(0x7f0000000780)="6abc007241df5a8daa961d4840bbe0b8b02afb2319023e3f16364f59ee8f3dd36bc7ba57a81d423e9506241448f5e0eeedc8257bc642dbb5384137f6d650e337b152faba709b6dc5b63fc404766a1e33f384a8df294d396e3308f75d32ec72effa97f03e81369e2691e3ea7bc0daf1a63150921108b312a05ca2e2fc9131a9b9d21c1a96ea7de9d5c8b28f830a99df4991ad9496f8dd80f403a8046c06d981d2dcea7ace5e041bb63e2df520a25783da18440a87c81d19c776c8e2906d8e2c5709367a20147e3e65f012258927fb87524e16304ad34583e38477f82d935b360cbc", 0xe1}, {&(0x7f0000000880)="2f858fa192c575958a09ca91924a91e86748ae599ea589c555379a296bc0835f6c9bbf9524c286fa7a53b9d89aee618e122c781fff76b5d78ba21f845686781edffa821f6c90f4b615162bf932075565ac13af82c299b30915baaee2490772655ad93044", 0x64, 0x4}, {&(0x7f0000000900)="f5990965e8724685bd4577b48375ca1ebe9390b6776e21a98c33638f52f0730e8a739b58082d62585085618ebd4609247f3d7ca9925811e3e9f2be156b04c2897efe8f455146387aa688ae06f32bb042125cdc73aa893b65c5804e3e6dcbc82895e7d2d7969ef835a9c3e46cfda6f56570539b4864805398f75e6e698c82e63e59a937129fb6b7630cb9fdc324451f47", 0x90, 0xcb}, {&(0x7f00000009c0)="c6fbb7fb8b24b280a23bfb57fcd058917c855236343d28eb8c3f06c68aa7235c6539352a425ce70b1c2570ac658de1e16304bf47a21e9ae1c5a39f76113672fc7245b33c6f64e1a49b9ce9144a0443acfc85a7e0744f8175fe7108397b5a814f8210f97ffe7df621122da9e0e8f07e1b26753fe02b0b23ea82449f8330b3026675f5a2afa78fcd5cfdaac706d05db0e75f9e2b49a9989050c908a27c", 0x9c, 0x6}, {&(0x7f0000000a80)="b4380c4c003475bde0882f62c720a4111025755df743b5ce0a56bda398da7b33afd254fd7c818fe56a", 0x29, 0x80000001}], 0x2, &(0x7f0000000ec0)={[{@numtail}, {@shortname_lower}, {@shortname_mixed}], [{@smackfsdef={'smackfsdef', 0x3d, 'uid>'}}, {@audit}, {@smackfsroot={'smackfsroot', 0x3d, 'trans=unix,'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@subj_user={'subj_user', 0x3d, '('}}, {@uid_lt={'uid<', r9}}, {@subj_type={'subj_type', 0x3d, '-'}}]}) r12 = accept$packet(r2, &(0x7f0000000f80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000fc0)=0x14) fchdir(r12) pread64(r5, &(0x7f0000001000)=""/102, 0x66, 0x9) r13 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000001080), 0x4082, 0x0) ioctl$BTRFS_IOC_DEV_INFO(r13, 0xd000941e, &(0x7f00000010c0)={0x0, "ac6fba34e4e3bed9e3d3b1b0a8d301dc"}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000002140)={{0x1, 0x1, 0x18, r13, {r4, r10}}, './file0\x00'}) mount$tmpfs(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002180)={[{@mpol={'mpol', 0x3d, {'local', '', @void}}}, {@huge_within_size}, {@huge_always}, {@size={'size', 0x3d, [0x37, 0x36]}}, {@size={'size', 0x3d, [0x36, 0x21, 0x38, 0x32]}}, {@huge_never}, {@uid={'uid', 0x3d, r14}}], [{@smackfsfloor={'smackfsfloor', 0x3d, '#$\x14{#:\''}}, {@obj_user={'obj_user', 0x3d, 'dont_hash'}}, {@uid_gt={'uid>', r8}}, {@dont_hash}]}) mount$9p_unix(&(0x7f0000002240)='./file0\x00', &(0x7f0000002280)='./file0\x00', &(0x7f00000022c0), 0x200000, &(0x7f0000002300)={'trans=unix,', {[{@version_u}, {@cachetag={'cachetag', 0x3d, 'audit'}}, {@version_9p2000}], [{@mask={'mask', 0x3d, '^MAY_EXEC'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@obj_type}, {@uid_eq={'uid', 0x3d, r11}}, {@fsuuid={'fsuuid', 0x3d, {[0x35, 0x61, 0x65, 0x31, 0x63, 0x64, 0x66, 0x39], 0x2d, [0x34, 0x37, 0x61, 0x61], 0x2d, [0x39, 0x39, 0x31, 0x6e], 0x2d, [0x39, 0x38, 0x64, 0x65], 0x2d, [0x65, 0x60, 0x35, 0x34, 0x34, 0x63, 0x31, 0x55]}}}, {@func={'func', 0x3d, 'POLICY_CHECK'}}]}}) umount2(&(0x7f00000023c0)='./file0\x00', 0x7) newfstatat(0xffffffffffffff9c, &(0x7f0000002400)='./file0\x00', &(0x7f0000002440)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) fchown(r3, r16, r7) r17 = syz_open_dev$vcsu(&(0x7f00000024c0), 0xfffffffffffffffe, 0x6c200) ioctl$HIDIOCGUCODE(r17, 0xc018480d, &(0x7f0000002500)={0x2, 0x2, 0x4, 0x3, 0xffffff16, 0x8}) ioctl$FAT_IOCTL_GET_VOLUME_ID(r17, 0x80047213, &(0x7f0000002540)) chown(&(0x7f0000002580)='./file0\x00', r14, r15) 11:20:11 executing program 1: getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000080)={'filter\x00', 0x0, 0x3, 0x14, [0x5, 0x6, 0x8, 0xff, 0xf17, 0x1], 0x1, &(0x7f0000000000)=[{}], &(0x7f0000000040)=""/20}, &(0x7f0000000100)=0x78) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000140)=""/74, 0x4a, 0x40010002, &(0x7f00000001c0)={0x2, 0x4e23, @broadcast}, 0x10) r0 = fsmount(0xffffffffffffffff, 0x1, 0x2) getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000340)={'nat\x00', 0x0, 0x3, 0x9f, [0x9, 0xffffffffffffffff, 0x0, 0x1ff, 0x6, 0x7fffffff], 0x5, &(0x7f0000000200)=[{}, {}, {}, {}, {}], &(0x7f0000000280)=""/159}, &(0x7f00000003c0)=0x78) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000440)={0x2001}) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000540)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1f}, @in=@dev={0xac, 0x14, 0x14, 0x1f}, 0x4e22, 0x6, 0x4e22, 0xfe00, 0x2, 0x20, 0xa0, 0x0, 0x0, r2}, {0x10000, 0x1, 0x7, 0x0, 0x8, 0x3, 0x9, 0x200}, {0x100, 0x6, 0x8000, 0x1}, 0x5, 0x6e6bb4, 0x1, 0x0, 0x1, 0x2}, {{@in6=@remote, 0x4d5, 0x32}, 0x2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x3506, 0x4, 0x0, 0x8, 0x0, 0x6, 0x1000}}, 0xe8) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000640)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) openat$sr(0xffffffffffffff9c, &(0x7f0000000680), 0x210001, 0x0) setsockopt$inet_buf(r0, 0x0, 0x23, &(0x7f00000006c0)="d3b87eee46071a3e48d51475b8628dac7965b8761decf65c38e421c6ef33cfcf1a5e6fdf8818f0abea330563c1ee7377e63af49dbf9d559a4a10513aa9fbd9cc51de", 0x42) lstat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000d00)=@filter={'filter\x00', 0xe, 0x3, 0x492, [0x0, 0x20000840, 0x20000870, 0x20000aa4], 0x0, &(0x7f0000000800), &(0x7f0000000840)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{0x5, 0x20, 0x15bb, 'veth0_to_bond\x00', 'veth0_to_team\x00', 'ip6erspan0\x00', 'veth1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, [0x0, 0x0, 0x0, 0xff, 0xff], @multicast, [0x0, 0x0, 0x80, 0x0, 0xff], 0xa6, 0xde, 0x12e, [@realm={{'realm\x00', 0x0, 0x10}, {{0x5, 0x0, 0x1}}}], [@common=@mark={'mark\x00', 0x10, {{0xffffffd0, 0xfffffffffffffffe}}}], @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x15fc00, 'syz0\x00'}}}}, {0x3, 0x1, 0xdadd, 'bridge0\x00', 'geneve0\x00', 'geneve0\x00', 'bridge_slave_1\x00', @local, [0xff, 0xff, 0x0, 0x0, 0xff], @local, [0xff, 0xff, 0xff, 0xff, 0x0, 0xff], 0xa6, 0xa6, 0xd6, [@cluster={{'cluster\x00', 0x0, 0x10}, {{0xfc, 0x0, 0xfff}}}], [], @common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff, 0x1, [{0x3, 0x40, 0x11, 'sit0\x00', 'xfrm0\x00', 'bond_slave_0\x00', 'veth1_to_bond\x00', @empty, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @local, [0x0, 0x0, 0xff], 0x6e, 0x9e, 0x1ce, [], [@common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x4a03}}}], @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x1, 'system_u:object_r:kmsg_device_t:s0\x00'}}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe}]}, 0x50a) recvmsg$unix(r3, &(0x7f0000000fc0)={&(0x7f0000000d80)=@abs, 0x6e, &(0x7f0000000ec0)=[{&(0x7f0000000e00)=""/176, 0xb0}], 0x1, &(0x7f0000000f00)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc0}, 0x2102) socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000001000)={'filter\x00', 0x0, [0x5, 0x1ff, 0xffffffe6]}, &(0x7f0000001080)=0x44) fstat(r5, &(0x7f00000010c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000001140)={{0x1, 0x1, 0x18, r3, {r2, r6}}, './file0\x00'}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000011c0)={{{@in6=@dev, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@initdev}}, 0xfffffffffffffffe) lchown(&(0x7f0000001180)='./file1\x00', r7, r4) 11:20:11 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8004002}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x94, r0, 0x10, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x5, 0x7}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000004) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f0000000280)={0x1a0, r2, 0x4, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x6c}, @val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x3, 0x2c}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x7f}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x7f}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x7fff}, @NL80211_ATTR_VENDOR_DATA={0xbd, 0xc5, "04b8ea75c62b0001deef1e0dabdc4cc389d57aaf0de0f66dc03350c4810532da8e643de82a2823fdb0d169f660fe22e9be6cb7754f073532854fca248134b604a0656c21cba2aa58ebf0b56a12b20c4487e2d7c0b53ae0321ba0753fdaf199a95feca81a1c86032a1895631af3f9d927a50ff2cb1965c4c533899074d8f097021e870790d798be7823f744d0f4b912ab4f6b4c2c1da20a4c42321fa50c97c5939f206bf3c1ebee32f026366e5fe8edd8f335b821800f419408"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x2a69}, @NL80211_ATTR_VENDOR_DATA={0x7e, 0xc5, "7e139864462afdc3ebf38b494bf5a7d98a001853165d3757eadfd42db46fd0e5531021ebb21e7804e49ea8bfbd33d8939fd2282d2b42bc2dec073bff24df313f9f65082f3de0dcf804983d9d08c971fc9caebe38a52f6269b4ceb5b30348021e717f100925d5710f0411c1b0ac21724ed1ae0cda503906ffd7da"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x9}]}, 0x1a0}, 0x1, 0x0, 0x0, 0xa800}, 0x40000) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'team0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'bridge_slave_0\x00', 0x0}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000740)=0x14) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000900)={&(0x7f0000000780)={0x150, 0x0, 0x4, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PAUSE_HEADER={0x4}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_HEADER={0x88, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x4000080) sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {{}, {}, {0x14, 0x18, {0x3, @bearer=@udp='udp:syz1\x00'}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000009}, 0x24000000) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x80, 0x0, 0x4, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_HE_OBSS_PD={0x3c, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0xf}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x10}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0xa}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x10}, @NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET={0x5, 0x2, 0x8}, @NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET={0x5, 0x2, 0x9}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x11}]}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x3}, @NL80211_ATTR_HE_OBSS_PD={0x1c, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET={0x5, 0x2, 0x10}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x6}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x6}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x15) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000bc0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r6, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x4a8191bbc3b57ff4}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x1c, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_VLANID={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8800}, 0x10) sendmsg$NL80211_CMD_DEL_TX_TS(r6, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x6c, r2, 0x0, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x401, 0x12}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x4}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x3}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10}, 0x20000000) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e80), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000fc0)={&(0x7f0000000e40), 0xc, &(0x7f0000000f80)={&(0x7f0000000ec0)={0xb8, r7, 0x0, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x6, 0x49}}}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x1}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_IE={0x6c, 0x2a, [@gcr_ga={0xbd, 0x6, @device_b}, @preq={0x82, 0x30, @not_ext={{0x1, 0x1}, 0x40, 0x5, 0x32a65941, @device_b, 0x7, "", 0x1000, 0x101, 0x2, [{{0x1}, @device_a, 0x6}, {{0x0, 0x0, 0x1}, @broadcast, 0x8000}]}}, @rann={0x7e, 0x15, {{}, 0x4, 0x5, @device_a, 0x0, 0x8, 0x8}}, @rann={0x7e, 0x15, {{0x0, 0x8}, 0x0, 0x20, @device_a, 0x4, 0x4, 0xd45}}]}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0xb0}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x8}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x8, 0x1}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4}, 0x24040081) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r6, 0xc0189374, &(0x7f0000001000)={{0x1, 0x1, 0x18, r6, {0x8}}, './file0\x00'}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r8, &(0x7f0000001140)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001100)={&(0x7f0000001080)={0x6c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x58, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1ff}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "d7741449b58b6d9f"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "ce40d578804d8af8"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "361e8d352113dfbb"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "cdc1b1f156cb8292"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "4e5386b61b74a340"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x2}, 0x4001) r9 = creat(&(0x7f0000001180)='./file0\x00', 0x5b1995fe8c43e5dd) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r9, &(0x7f00000012c0)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x3c, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x57}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x39}, @NL80211_ATTR_IE={0xa, 0x2a, [@ext_channel_switch={0x3c, 0x4, {0x0, 0x3, 0x5}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x2}, @NL80211_ATTR_IE={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4804}, 0x8000) 11:20:11 executing program 3: r0 = fsmount(0xffffffffffffffff, 0x1, 0x80) ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f0000000000)) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000040)=0x4781) r1 = dup2(r0, r0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r3 = dup3(0xffffffffffffffff, r1, 0x0) splice(r2, &(0x7f00000000c0)=0x6, r3, &(0x7f0000000100)=0x6, 0x8e5, 0x5) r4 = fsmount(r0, 0x0, 0x1) ioctl$CDROMEJECT_SW(r4, 0x530f, 0x1) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r5, 0x10000000) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000180)={0x8853, 0x7, 0x80000, 0x13, 0x6}) symlinkat(&(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='./file0\x00') r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x80900) ioctl$SG_IO(r6, 0x2285, &(0x7f0000001500)={0x53, 0xffffffffffffffff, 0x1000, 0x17, @scatter={0x2, 0x0, &(0x7f0000000380)=[{&(0x7f0000000280)=""/186, 0xba}, {&(0x7f0000000340)}]}, &(0x7f00000003c0)="a9d1908e7cfe92142c154d492a0c27d0749ed8273e411770830766495af8c10239be2154194bd1a3abb7f4dfbafbf1e72645e682d9b5947723ce4b38259c2bfacef1688461393213f32ec06b14fee14f1e986735724b138731b6a6e13fd1f7e1b738562a1c63afe9c0125d02628d33afa86318446668e6d28e14ea70e8a6122159e0b8acfdd7de8f1e924a91551f720c7991acee8978b26b6488ebe087989f90ae0c9a4571c60ed256198cc65ce62557065680bf0cf39c429491b7d83d4267341a5e562e17c30ac969005f590e57ff931e91fa81f017aeb9c399742cbcad3a58ea64667529875c81ef1be29f6a326b16b2e638e04bbc26ababcc28005f9221503d48ad37c0f2dbb119680fda1fa4c573e5bab9451eaeb914666b894a8a8db73ba4b4a68f8f19ec679685154119f17055b0121f6cd790de6a7900c6379ff15c8aa6eb10fec5ca32bacfdb10db33b72e34bd9bfade560a86d1e28c23ea8c2f7b4d5214e131b454f5c36bbbeb64ddbcb2946e4c0571db6ea4fd9fe57acb73aa07dc2b56f5c798b2032e91cbff01f4a1d50fc71ad5b1853610144866c8146cfeeeb83bd85006e42f59eea6df9f29a951eda79d4348705356db00a8b34f777862a73258143c154bd9bcb144d080bc46bd0ad868beb7a5ffb5e4452d5df5b989e6d947608c281f90e0c6968f3e87d6bccda9d4bbd1f6bc290d6bf4d2f427541565c01874f566de056900e103cc3268b47ba8996461394b2d81db0664720fccce2c8ef565a8eba0e407bf19652fe2dc46cefa4127f2c1906b2a8265464168d9dd5364cec59dc279258d2d829984c8da7ad00bf398a4cecca75d884475dc97e389ba84d8064d2976dce91eb3e72fd64ef7b400f0ec2b3b2072cbc479cad104465c9fbfec538fa11fbcac1250b593c434c764912e2212d8cf7c2c2a27fddd04249e209ba300309e37eab74a044309d2dc124d4d0c50a30dc351f7b68aa54cc0dffaa033a5e0f36e64d302409b1206b5b105ac1150967159a27d31ab4ac62e41696258de63b8206ab57cdd4403d878ef4bd9fcf252d90c7bb297424b2b1e7b1f0e6f5b5e57e05516678238dfc10e5fbb833b3bbcc76ff5b473d2a2ab9573bba46fab1cb0c2f8bb90500f374a4506c3cc1e23cdc0ad86602adbb892c083b3d95b9f898126e4a58d67eb18c7ac728028e1d20c486a16b5fd7d0d354b39d94ec284286d9c21483c45dc8ebe830fa2ad85b7b6874f2e6992bf93482596fd851e707a61dbaeefa4a493bacb3a5f325bffe0121e38cdf46ffe72fb79af9a168b517bcb642623ef381a33109e99aee7fa020db937dccc54593ffb0ef54171892c9166f35f0c8d9aa02031d4c21847ba214690b09d9cad35a1f2e66449d37800df808cd2285c0c893da68b38f154815f3c16c530360a3868a67d8dd2f0eb8cf28d6aa18c5b49c7b42e2b29135fe1f130f10abea4c8605d03fc9b29c669be5d3888755dd734e5e36d15dbab0bff4c8e53ef65f477eb2cb5f41880af608f06f47d77a2fb7d5504fc15203aaf7fbabc7e2950c23ab0176d3255e1b59c4991f883bb7e66a87df737cd60de0c1cdc8377362d3ca5802b39a4153685aa7691090f9a897415bc5185e2164493127e60774fe5b062b4014cc02fd6ef1697662326f5bcc4799d67baef729c9bb90dc0eb2006dd1db0101a564634311787dde8ffb8fb22f35dd699f142f260a45ba76872ebde6024705b67b5ea130c7e87cb5c52478dddc185f24bd70d3d5b998830940621f6e5c9b57345c1998ded3bab4f7f5ab51e7fa85d1a1aeace56a6db69d61bc5bca7359135963d7e9ea897d305d138ed6556977cd53eca9d9e699303e3ef098d996cfef94b8f2a0fdce0f7340487354d8831f7d91a1ea75dd9430b18ac39eb65dc6d4bf755f091465652f74fee2cb56117fd07a948cbe1491f72cb893637cb03cccad845c9de222bb833f394d0d4c08fae2522cba1f84af0d65654d72e413ac6a14059df8f38e1db7553a2c3cbf43c5a180a1068633c10a0d54256bb95a4fe513ceda12f45a17e39c637dcb350b78bce216c3fb76b729542c3e2557953cdb976be3c0bc4a0e28e4f789220c9371a3ab09781dbe642e0d6c9919803b1221a86278ca6c038c065056a0fdb31cb97fb2b0db6bc0c711a313ea9e7bd7c2655de601df3640579ab6bd352c69bab001b64e411062d3062229c8a9c8b2c4337f437a6fa06ad11b9c266ef68394c9e34f6ca545360126ddd79d861536be96935db8fc027a20a9134f0df4fdd6811acb1953a0bdb50695fd861f77ced901d06267a18401443092df9b40670a9a97d75c7255ffd35c12a0261ba27b556119ba108707bdfc0db3d791131956f351d8b4a6c58dea1c9cd95bdd1828bb536e07169c2fe7b73f7169733602b9eec280e0897387131ee904ac0a82096ed1f76709498bbc06c940f45589a7c5cec9ecee6d819db23c95fc28659c57fd95d3414328fd7b4dbb57bb2007c323e9b442d97f967881a48893eac1d496b39d5281ff4dcac76ebd958e64c1493d9bc81348784dd18d404033dde181915586250445c1644274006a783d7cff06751a1bd8a5174b097aaca035089ed88e36e97ac0d3efca595e527658ad0764946db2350be99fbe1592415845aea754521b3ee4e0bca1d340eed1587b100c88386fb956f9f751b9527f10bf7b306a56bda8502387ea30f133c8059b72eed96a2c0244ef1e537923709d0a58fa6c968f1d3169330d8f3497928a4f7a643437e37188d13c114d20b89d7c157efb3dd8bf41e407b2c0ce70c9bd991ce6f3d34bb5a230572ffb818d7aa6329699080fc423467233c74a7dc74243ab0471d5e900002e03855b8bb38a968d553a2a8181094bc10e5967aabe403d950221dbe47da7a99bf78b0db5461e62cb960c7a3642608b9534a442f16774a67339228d2bcb49d5425daf845de94d5a865f17721e1346e51cc4d94829453e30db449cde58a781594491b2ffcb1784ed7d7607d229197863256b7f5548f6881b85d7f7af4e478ddda4b9b5e59225d91b8df0e087a6cc307f5b4e81d32f93c0047d95fe5429eae0c527d94486927e7dd5bb17176240c824ea90f9d9d265339a37ba13eab344fcd6c72820706737fb65b5a25d93a32b21f94e897f1ef0a3e0163298ffe3b7030c720942118f5829cb6908911a1b62d6c72f6e65d85c09ab40f2a734b6b9ae46f41d880ae7955d1e4ddf9006fa70826bf275e96c0b1bae16df2181bd198511e1c0f262bf070103466d4f30b7088944fadd7253a42e00e9efacbd17ac574203437736c6053d0a730cde55d23800fb6f2317e3af61aa5b45679f3c6647f19cd2d9d9434ea840ae9d8af2b4d4a95ce91572336965eff83f0571ca654fb4ec23ad609ddab1a0c13382adc14459a8d6282b7d2fc92f332aeeba3b539a2b8f8e6b68c513cb36e4755a6a7846dec98f2a46236cc8b36efc1144056a7248d7340d9d701f582cc948532ee5cc04e1afca0b6c2051fc4138e267156113d9dea6a483b61ec327aa21be32c608e8059968a1a9bf6ee76d632fb1a24507325abc9cd0a6b58e51b0315b70aab76a6d146463343f1fb40aed833ab9741aa2ec52d5722a4664e4c6a3e5f7623d373ceb4797bf0dc298704fba704446c6c9d1c1c736fcc9c3ef8d18468324840b5dfc7b7d27535a42e04a13179a8d4848f444f0d420a98d3c82c148331811a2f705d6f8e235c9bb822c2e63d315144d01a8594bdb2049d6db28dd8329ed056d7b05e45b902d20d5b16659efc1197ff6550424ea1277b792db5343e6b7051b7ce2af4ca378be207aa700898c0bf8d7fbcdbd73afb677aa1e2c089ecafe1207f0af111f1cef5fc64d4befc68987cb5224b7b877ec44107787c1aaaa77efc9e5f2984ca796fce56ca7951b5cdaf396f5603015e59ca81a070ea00de949c8228b08f628e785b03067b3e818f65686aad2454a7d2c9e074c2e772ee264a0e1a4bb6b29db529e420887dfbdf99006cff26f66812deb1d017a20aef1799b8cc1c3b265d61ee39d3acfc816e536c64437a4e8fce014f94d6e146c1a13e1374e309fa564ed961292d0742793fdcefec3ce1c841cbea51ca61a73e2d330941def5645c41b5e04eec69b0bd752501013ab057d81336e64e59108a7d98827c4b9c126971eacf0d810f34ff4afc89e3a866bda5676b5c82806ebdfeef6121779da52cf4aa128aa5b4876548b210707417ad2345402003fb492d9723f14b270e9405464496c13583a563920adc94dafed17da410f0d10e142780b211874fb02fdd070962a8b7acaaa9e3c7b71a93144c37aa20d371eac4cfb9359ce8764755158285e735fe325643049218fa71629d35f4450f22a9712709aff2c7cf8ad1b85dcbcb7a0e1a0a22c8a15f0a67a1bda6e5060f8eff17554aaed514e59d7a07ecc63988685831583a44a721da1c158ab29c7fc24c16b49198f80826568429e7e08d295a2a9b58eb153fb90544dc981a56bb0e3c86faa9c9ae52fd6b5fd97d5ab41dd285a3e2a019c816ad062c85c021c7871d7c16bb3df67a145c8f523e971ec5b6f72b983ec096dcbaf20f911a9aa784e35ddbd67d397a2c0f3a713a6ae61fc3fd4c494bf49c17d06240022f6a314c618cac9117dd43fc1278d2478b0e84094a0f3d3dedf5c8befb02de5f0b941931bfb8c79ec797e2649383e4a44a4258fc539e39e68c40537cdbd5c1882b984d4b06517e1b019d574aadddc1c8d41f72ed7c48dc7342ae82d2f6f2821fc11d9903226e2a7a05ea651e0c81226be1abd78bbe8579a392b7afa7b8d9263018ec18b8897c2ca2f2157d86000c0e87969c038779d8e68edd98cc672f4d22ed47df0125c6798e95595191c0fef4f0891ce6e78732f074db59c120062a9d8bd0175c5aebae21821600f1716e1b18aa83e773476160dafb008510128bcfdc3d8a9694b7d7fab4a2330d607f8c812d8554b7cf47ceb1c5c2533f33bfee5b7bfca322f7df0b21c438fda02407d2fd1fbc518dad02b3c8ad29bffa89c8130994880646d50b0decf275fae3556125417c709c5dfbf63ba85d5df39271a96c09470b4aedfc53c8706a4b5c2ccc605678240358ab1ce375599a56c45f985e8dcd534154d3b0b44dec4ec58083327f90e71d723531486c4933007533ddada111c8b564ea23fb3eecd8f52f9a7704a17476720fc2198f336dce0b0114d7f048d3ca049f278207fea1bc6d1ef6b08609f470de40e9bcd2b0ba82924508a3735bb4899f53faf0bea48d6c390002da70176bb4ffb1706e916447b2e8a9eb6f324aacb3c339849ffdfdfafddf9d48173aa2aa84d803940ebf7c9865230ecccf654b95cb3a33c9304fea9e8abf02484de8fc6e4058e65b7c9f529429f44adbdf413dd0e9aa25e8d74dcfc93ae629407a387f43286623da44ddf4d0c3e41d0d38a3ec3ddf348b02b6f8a37a1e06383371ccecd57c44b945b5d31c16c6bdb39751c8e431b8b92733c3dc694501062c6da2a3947105a09acc6257b9fe5c298cb3764bf17b92c67d7ec94b792c02fa9e3dcbc0113495ac5aaf2d7bf8928b11dbbcdaca807d4a37fa3a5a67da39be4d2703b12f3af5b18ccd7346f5f57be999e060a5325800e6f3fe010755d6d329ac0c4af308916835ab0b35a6c74a6213e6dd92b98a18cf44da30c95c864aedc4de8a9c01ecb94ab9c24acf21a38576d2e46d7ae0e4a1d1f8a6c54a7310e44311f3b8681d60264a89bbc450b018d71d8efe9a5b096dee260bcc29feb8d78a01b5ac0a4bcd51af58e9932e0d5c1eae2fa436e7af", &(0x7f00000013c0)=""/195, 0x5, 0x18000, 0xffffffffffffffff, &(0x7f00000014c0)}) r7 = signalfd4(0xffffffffffffffff, &(0x7f0000001580)={[0x120]}, 0x8, 0x80800) ioctl$SCSI_IOCTL_SYNC(r7, 0x4) r8 = accept4$bt_l2cap(r3, &(0x7f00000015c0)={0x1f, 0x0, @fixed}, &(0x7f0000001600)=0xe, 0x800) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r8, 0xf50f, 0x0) ioctl$SCSI_IOCTL_DOORLOCK(r6, 0x5380) [ 74.864660] audit: type=1400 audit(1664536811.242:6): avc: denied { execmem } for pid=288 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:20:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x9cdd, 0x608001) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000040)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000240)={{}, r1, 0x4, @unused=[0x200, 0x100000001, 0x81, 0x7], @subvolid=0x5}) r2 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000001240), 0x2, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE(r2, 0x50009401, &(0x7f0000001280)={{r0}, "f651cc75f4bc726c1172f567a5e3f12baaa71d09a5233669708e4ddf9f76a10a3da947e8b42a95b87cd1d6e10f4861f2355462d85f525ce7816dfb9e07debc04c910f8bf7f00dbe2ab898f3d8769e67bf2e2b01f418846c833a491286439101b9d6754b1bb209f7bff095dade13b48748ab62b7f922529fb91532b999dbed37a0c57dbd31e7d39cc13117c3fce5b3756a0e2e2c38d8a4031b5c403b863de9e00f81a8689b96cf91ca2d8bcaa7001cbbfd974faad1a8746588740c5bfea953542e796659c65da6a18599a98907ee94dd0c2e13ac4accaf28e93a01d99af02bcb60dda73b7120f60ab93811074b28a894e4f8d28330b753edc17c3bd4e01d10a175c91bf8df09539a99b990fe899a6a30254a65f39fbdf0fd059ad8ede84e4cf06de5dbe0f7eeef59c3483bf0614cd1dba5fc7f446a0718f5dfc221e64d344265e8f0e46c277d5ccc051236745206f8cdfce444765cbc67c2998944ea961821e135af4b1b722039cd6b6af2a11a2df0db84a1f9b4b8270c4482d77190cba9efd2a89a54980307c6ca39e15bc55bb23d0ed3e6f7a7dc6dab6473db4caa88442d434c986b2c34146c66a5fec391ef4daf163e5581f928ac0238611f61c0694ee5030e6ed3170ee9a0388008de37447bbc0dc035bf78ee7d70c5b72630b0f7ba46c74408e5c0dc36de8e40a79c89e8f7370a8972055348b3c022c2cfa7707eba4c33c7a744eee16ec369a802cd8895f53054a703b8faa5f6a1677301cf900b6e32bc402ad5f0415e5c8a1873410789e584e4117f2715465bb780561d8eef5e2a9fd1379019c32f46bfdb0f500c96b2ce558fed9987f4b3455b350a30b6ba424ee9983319aba3c223e328e9b8efcf48c53adc9ba77fe57da586d0d64038eca8743ea4b6292084f761828411a045928551c91327eec7da9d38d63ee109ab4c33478279afe362ff97ea1bc61d0cdf151126bbdc6177aa5f44b880efa0ef0159e5704f58fca3a09dab3293b228f6ea3fe41dc62dae7116dc495189694db2c2780331a36cc34df2e160c20a4206defa3d96ab3fb0d572352e998039f9da80e322b7c2e7468c31da90ea08458a405e8a5e809b6649cb1752269755c44beda46ecc31f9596ece1d5d8f485ca837012c8ac77e904b4eda63d710bcf07735b41a5cec07b5a0e5b1c8ba98464c5670b87724ca07f6cf84ca0a235a8a832481574b24fcb3d36fdb590982570e16eff4ee9b3f4054bc7f1ed2990d4b61c310e8b3b2a6c81d85b5a8c2679877c45d0f4a191240aa398a5fe4a1356d9a8c10576246439692c6d7b7a2041c5aff47f9f4eb41177dfd432c057f6df469cfabffacb55f61f7653d3317e17bbc931c7f7e85fc4a93902b77e65bd3faf65868c4b7872699aa87b5e9d3f07ec8031919e4002bb34aa9882e2a30408743cae5df5f0c268e1d43898281b3ee8c49309e6932f5e6dfe89e12c26056e915ac1e2b034cec30a699a22ef39d65ae64a8ae2e5110479e5444bbdbb347fdf719a48d964bfcc9225f6d31ed7281b5679f47c024a3479b8eb7ed50a435d34eb03a67b71bf34c166f29406ff7a374442a973c1ee914b95deccc8414c3cae1f42816df11f4385dbf8e62f6be3b3aae8768bf39a8995e99ce4d295c04ca30ad9269d727e98cdec37bed6567a7f1aec4c95b8774bb088cd14beb56c252ea59512c57a53b8c111e34a32f0f1c07d1c03c3cc4389919a83be39f28867e3f21302a681fb398fb9210b2065f5c3c838048afa69b01fd2b7b5fca474ba8d6df4d1d07a2e7286d9fdda642ca3f1ccce5f5bb65bcb9e07ab6ba7db96ad2439aec689aa93d905003e38fd321c3d597bef9f80832bfafe5c94cbbc645e09e69ad83e2131163935ce5bf8a67b2a9a0dc170723eee4fb5aca57976ef70e070b293e577f842db1763d017ceebe3381855938c0735c08ba853c6c4257f60b9190af87dace783eea8df5ae8e45807a8d99ca70f2d105c43b52e6342c914c84f5e69f9f8185a9daf9c6331300c9565f01040143b8f0d1e65e881b9fd271d31b29fc95dc8c71f995945e2591a805830005cd3291e74f9e2cc0f7b0aecde31f3524981d9a4b48267cab4b96d196550a0f0477dc3915073ec5e000d21b2163567dc140787e8d2db9c30f9b3c475ab6076011b991ec6d7213e4bf44fb34c88f159047a570243ae338e76b3c17e4e476667d562021a5824195ddb12f1c0c970fff51b7b0203b4f257fee9e83aaec21a5708dcd0738143549cbe701e26b5ffed96e77ee6cfb859f255e2f3572ae854d66bdf32485186cb7d9f1480c4dcf7dafe621a42a517df75b92e3b2f1d0314a875594e24c483a51a6ce5bdddd4f36a3dcef65c808e1ee765ca628f3bb550763ca689e05a75543c17d04076f42991df337b400f1ddc8e161f7eec4109688efd2bbc5cde98a433d05c42fe64dc02b8a347abccee0fcd2515765b2319244d7c6c2a2f630cec3878edbd585f6add56a854f7af4eec84c2dd3e0f355b4d13fb728cba80036d25b26a810602bf2831e971ff74fe787535b787be4c6b6c3304c54708755d6c3b8cf56b187f5fb2f75ab93c5218d1069f595dc9e60c6c27bfdfd74b8079ea7b205b113fca3bb87d52679a070c667817fc7c965de175142416ede2a4ffb2d952c38a70b29e17b5a8b0ad925fd554fcb1028c5681004c552833ed85c41b2fd8317e589b21067ef63d59352d7a97df65d9b7580a5e5be43c9dfcf712a34e62e44a20f68d4f8f59a3b9b144e85bc9ed2b1669500c083ab40f121c8e57f9a9ae1e5f7827726f1b1e543e78ea5d2e5323ab1c16f7a39db07c44c6ed0dbc5ca088a0b274c7ab74344386b766ce53b0be353ef8b36b5531710517f50f074188d9608c143ffdc5d718cd1d53c03594b56fb3d7b2b50def103348259c196d14428b7fcd2f78d109e1a633464d38427fd034e6a651be850dce10cc02c77dac142755b76871f6e7d7215b36805985c0edf8fe97af5258346298279d1755ad4b1b5e7db7c6ef181715b524b89653700b3d96f087a332573de273f64d4b441f636e10ad1dba6387658f71da2565b30345de458e8b2fcd4cf95a9ed6f8d5f4264270db3db2376db688cb8ba1b080fb0e1a1dc8a23bf9cbc906c646a982ae85ac086fd0afa0590a49b1a293d4b7532392e06a4ed4a71039a11e3e52e5d54c906d96ed72d7c87cf940da7b48b81d6201a4c100269a6f7efc3302e693d9fea516f31c1fcaec64be1f5328bf924941458ee9389821bc55a19b321b8cdbf697ba5f5d28c492e02b10b64a5a40bf6d764789791b26b88a374cbb3e45f61e5701565f7186beebfa6349b33df6fefb8c682c6ca4d355691e050655f6b9c415319092cd6c813279b37e9b1d770b9fe39e2a5d408797bc1ad27c303b24d09ed4018f24c9573552450b4ef3dfbf4ca8faf356ff429fd99fc0287f245abde42e757d474c2593da905fbf79074f285e3924da8e75275cc14a7c42b5c933ea4ce6ac01b6d497e8f0bf1c7a7b8ebc5639b9645d5e2b5f333e684425ab525c97a033a3df29df871118a5857eacd98e913d3f45d1db12a6c59b1185523ca134514b39d62cf4ba5ef9b7654e887fb99ff3c05275ed7db7565bdb77e8b8187b286f5f30fa465854621c413241cfdab41ac3a58ba7f94bd63349bb5717b58b4827aeedf7f13cb13c34963578c6402aeac083eaba2b61deb8bd2ec5377d21395cfc1e92286f00a35e3b73e55c2fcaab1a4553bb91dde34ee452030136a22d8b30502a661bd22bc4c676ae9bda479a9faba90d2db1440848dc5d0cd706862bb29fb264cd1bb8c7f51d7cefb300f57791f11a4195068aacfea0d2e580d38ff76fcb5f848af660c1f2e42373781fc73408a4e24b00010a64970945a32687afa41eaee5f938acafb1a8a24ac2a14e1562df0fd9c126110ec844dce3ccf05d3310ad7a2688ebdc153da7d039e836774e378aaa57bc1cd7db87adefc979167f078a824a82a5b906fcf79c03645fcaac27891123c5da12f204b19a7ce642869006e9df14563802f7707c45db44ca372e2ee0328489012935b00e9fb3e1f6975b1335bf261dc3697e932a06f5acd94d8f24e2e058af25de2471b1463248740c0718846b474c61df9788749dad427bc79317ce3e417aab6b268848734e3f91d453647fe65be9ef044c09465ea74ee3cac300ea7565dca962c8a721f461c250451d1ffa7de7e8d305aa381b3ecb0d5317fa870d928c426a236e958b1e336bba2f93f1436544c9b2ead503998961617bf66b92fe98fd6d31a2339f06b1eb412361617795863acdbef09c8f56146a70be5d501dac17fda284c110b7a4b3cf2dfa32b3b90400bd95a4a3c9d8915b45d8ba3833f982183fa0bb5f1d645b22fb36a3c70fd1d3db6eba650db5d22e91218dfee80c0eb2c26ea5937847c84b8feca1dfdbbd806b8266d6d43b0062a4c9fdac985be5e492ee5e19de16df6b11e25d50875136473c5d08c80f56d86bca05a84f89a64dd6f339860af1ec8790d34ad1f7fed2df49a31665f068a25c623a85a7e5750a9a948f69a7ded4a92fade8ff1bd6131a47e43a4772846fd1d2c84b7f30d5a8ac74e7ca14c33aa365e28e86ff90cf0e8ab928123ee3b7a886f69a595295e10794772d91ee0e52f7642fdd4b76e66d39817d97459d4a613a4c5bfb94232ddbf52456d90886a17b62c47a488df6e74ff192ec478c7777812d7b22d2a988d642a519fae8c2a9e20895a6ad2e709ba0e8fe41e8d71731fd39d9670fcf0dfd6dbed7f2dd71b1e2b42fe1771c7e170b75ee7e5c1b1cbc2ce8f6916f8d85701cc8d4d7572af40a16d923f2ab168710949277c218627067dc7104d3e512d6081446bc1a3478bf595f23e2da025a8a0547ebebd61aac37b6078fbf0de95c04d6af8e9b2f2c01bf7c289f67199e526a01ed669e7cd01dd053b6866a47523d59b4ddabf523a33e29c592f698639343830f7dc7a4e1afc5f953116024193bed572b34420c96a2a2876754b88e22cf0e3f0da79226b55bf9f614ecd8fe56436d753bf3c4c938fc82670daa7af3c403f37ceff5e57e2013435157f06e74810dfc958659033a66eb19fada19bae1a49c10adf0dcf49171380b3d4d077295f36aa947b7d1fd1bde6ad4e66f159f2fdb0c071580f93f9020396972f8ebb0721f7d067292817b334bce7ac834b9cf6db8a12632383f49c3068a102ff5c8ab7ec6bc83a7e3556c4daff512e589a67d2c63f1496df9044ae9832a054b9bc71a89f090d4891c26d5ead3e2285ef924ad233755b2a893c2506e77ecad6d42e3fe73a21900f734ff99fff962b5afbfb2d0648126be4e3c112e33465aea7a87cd5a06ee3cfe0d88b7cd514a2f85b833d91c5210a0cbc0a2fd2c40df76eb459ecc4421317f3249c4b58c073050ef8860bbcaada785f1567557cad8e480e1bcaf802fe9c596cc3ffc1fcb8e2b95fa0e651b2a12d9649b8395172812c420142b38bdd063679a366aff85befb26e9669d2c5c5969f92248f5bd9e3f369d5b021983ba77d97b36079b39aed435b5771372f9996712379ac594697ad06cc637150740ab3afde8da73d0ba0f81efdd0173d3d8d7d1412474eaf343833e6b8e97cd2a1687df569473c0576b66c222db619cb72e4ff7fb000c0eec9491155347efffe58ae21b3e93c5da22c45c9628c5a2e0b7841b06f11fb9a1108cc6765b175cd21c8b30b6a34993fdc66282cd4967bf1a44daabb0350849c7045574a2a36bf6663cbfc298293b6da4a17030985b6de036686e3e345dbf84ea3436"}) ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000002280)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000002340)={0x10, 0x0, &(0x7f00000022c0)=[@request_death={0x400c630e, 0x3}], 0x3d, 0x0, &(0x7f0000002300)="f08e4e20c63f444dc6bcc7b8d723bfb467a87b7ff14cf33276d9441192ac73571fdf7b8a055aafad679783e9826777331fc30fc4fdad3bdd6fb3f7911e"}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002600)=0x0) r4 = getpgrp(0xffffffffffffffff) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002640)=0x0) r6 = getpid() r7 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) clone3(&(0x7f00000026c0)={0x440050200, &(0x7f0000002380)=0xffffffffffffffff, &(0x7f00000023c0), &(0x7f0000002400), {0x23}, &(0x7f0000002440)=""/196, 0xc4, &(0x7f0000002540)=""/187, &(0x7f0000002680)=[r3, r4, 0xffffffffffffffff, r5, 0x0, r6, 0xffffffffffffffff, 0xffffffffffffffff], 0x8, {r7}}, 0x58) write$binfmt_elf32(r8, &(0x7f0000002740)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x8, 0x3, 0x7, 0x400, 0x2, 0x3, 0x5, 0x332, 0x38, 0x1f0, 0x1, 0xffff, 0x20, 0x1, 0x1, 0x7ff, 0x7}, [{0x6, 0xffff, 0x9, 0x101, 0x1, 0x0, 0x1f, 0x7}, {0x3, 0x5, 0xdc4, 0x800, 0x800, 0x10000, 0x3, 0x3}], "78d87c01f7b68f32f16b36c1ef24e0ac596eb7cd2e0af1fab13f9ce71b3d7c8b9837c9f7dfd95737ae538ab222e3fdfd9e26a9a9ae5171bf429796a408", ['\x00']}, 0x1b5) r9 = syz_open_dev$vcsa(&(0x7f0000002900), 0x4, 0xa8640) r10 = openat$cgroup_subtree(r9, &(0x7f0000002940), 0x2, 0x0) r11 = memfd_secret(0x80000) ioctl$SG_GET_VERSION_NUM(r11, 0x2282, &(0x7f0000002980)) ioctl$BTRFS_IOC_SCRUB_CANCEL(r10, 0x941c, 0x0) sendmsg$NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f0000002b00)={&(0x7f0000002a00)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000002ac0)={&(0x7f0000002a80)={0x1c, 0x0, 0x300, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0xc000) 11:20:11 executing program 5: modify_ldt$write(0x1, &(0x7f0000000000)={0x7, 0xffffffffffffefff, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000040)={0x9, 0x100000, 0x4000, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000080)={0x2, 0x20000000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000000c0)={0xffffffff, 0x20000000, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000100)={0x77, 0x1000, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000140)={0x8, 0x1000, 0xffffffffffffffff, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000180)={0x5, 0x20000000, 0x4000, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000001c0)={0x44, 0x20000000, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000200)={0x2, 0x20001000, 0x400, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000240)={0x9, 0x0, 0x1000, 0x1, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000280)={0x5, 0x10100800, 0x3000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10) set_thread_area(&(0x7f00000002c0)={0xff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1}) modify_ldt$write(0x1, &(0x7f0000000300)={0x7fffffff, 0x0, 0x4000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000340)={0x0, 0x30101c00, 0x1000, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000380)={0x7fff, 0x0, 0x400, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000003c0)={0x4, 0x1000, 0x4000, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000400)={0xff, 0x0, 0x400, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000440)={0x8000, 0xffffffffffffffff, 0x400, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000480)={0x8, 0x20000800, 0xffffffffffffffff, 0x1, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000004c0)={0x800, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, 0x10) 11:20:11 executing program 7: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000000)=0x4) ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{}, {}, {}, {}]}) ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, &(0x7f00000000c0)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x4) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000100)={0x3, 0x8001, 0x7, 0x3, 0x18, "cdaedebc376cb5d0797d2743bca66508e7f3c0"}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000200)={r3, 0x0, 0xffffffffffffffff, 0x2}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000240)={r3, 0x2, r1, 0x3, 0x80000}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) close_range(r1, r4, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x105c00, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000300)={{0x1, 0x1, 0x18, r4, {r6}}, './file0\x00'}) ioctl$KDSKBLED(r8, 0x4b65, 0x3af) r9 = fcntl$getown(r5, 0x9) syz_open_procfs(r9, &(0x7f0000000340)='net/if_inet6\x00') ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000000380)) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000400)=0x40) 11:20:11 executing program 6: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x6, &(0x7f0000000040)={r0, r1+10000000}}, 0x54) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) rt_sigtimedwait(&(0x7f00000000c0)={[0xffffffff]}, &(0x7f0000000100), &(0x7f00000001c0)={r2, r3+60000000}, 0x8) rt_sigtimedwait(&(0x7f0000000200)={[0x7ff]}, &(0x7f0000000240), &(0x7f00000002c0), 0x8) clock_gettime(0x3, &(0x7f0000000300)) ptrace$setsig(0x4203, 0xffffffffffffffff, 0x20, &(0x7f0000000340)={0x2d, 0x20, 0x5b41be3f}) recvmmsg(0xffffffffffffffff, &(0x7f0000002840)=[{{&(0x7f00000003c0)=@nfc, 0x80, &(0x7f0000000640)=[{&(0x7f0000000440)=""/93, 0x5d}, {&(0x7f00000004c0)=""/76, 0x4c}, {&(0x7f0000000540)=""/244, 0xf4}], 0x3, &(0x7f0000000680)=""/206, 0xce}, 0x6}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000780)=""/241, 0xf1}, {&(0x7f0000000880)=""/170, 0xaa}, {&(0x7f0000000940)=""/108, 0x6c}, {&(0x7f00000009c0)=""/38, 0x26}], 0x4, &(0x7f0000000a40)=""/90, 0x5a}, 0x4}, {{&(0x7f0000000ac0)=@pppoe={0x18, 0x0, {0x0, @multicast}}, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000b40)=""/27, 0x1b}, {&(0x7f0000000b80)=""/232, 0xe8}], 0x2, &(0x7f0000000cc0)=""/1, 0x1}, 0x100}, {{0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000d00)=""/35, 0x23}, {&(0x7f0000000d40)=""/90, 0x5a}, {&(0x7f0000000dc0)=""/138, 0x8a}, {&(0x7f0000000e80)=""/220, 0xdc}, {&(0x7f0000000f80)=""/14, 0xe}, {&(0x7f0000000fc0)=""/122, 0x7a}, {&(0x7f0000001040)=""/12, 0xc}], 0x7, &(0x7f0000001100)=""/4096, 0x1000}, 0x400}, {{0x0, 0x0, &(0x7f0000002140)=[{&(0x7f0000002100)=""/51, 0x33}], 0x1, &(0x7f0000002180)=""/150, 0x96}, 0x4}, {{&(0x7f0000002240)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f00000027c0)=[{&(0x7f00000022c0)=""/178, 0xb2}, {&(0x7f0000002380)=""/33, 0x21}, {&(0x7f00000023c0)=""/214, 0xd6}, {&(0x7f00000024c0)=""/205, 0xcd}, {&(0x7f00000025c0)=""/60, 0x3c}, {&(0x7f0000002600)=""/124, 0x7c}, {&(0x7f0000002680)=""/237, 0xed}, {&(0x7f0000002780)=""/36, 0x24}], 0x8}, 0x8}], 0x6, 0x22, &(0x7f00000029c0)={0x0, 0x3938700}) futex(&(0x7f0000002a00)=0x1, 0x4, 0x2, &(0x7f0000002a40), &(0x7f0000002a80), 0x1) r4 = syz_io_uring_setup(0x2af5, &(0x7f0000002ac0)={0x0, 0x25b1, 0x4, 0x2, 0x35c}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000002b40)=0x0, &(0x7f0000002b80)=0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000002bc0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4, 0x0, 0x0, 0x0, 0x12345}, 0x5) clock_gettime(0x0, &(0x7f0000002c40)={0x0, 0x0}) epoll_pwait2(0xffffffffffffffff, &(0x7f0000002c00)=[{}, {}, {}], 0x3, &(0x7f0000002c80)={r7, r8+10000000}, &(0x7f0000002cc0)={[0x5]}, 0x8) r9 = syz_io_uring_setup(0x52b0, &(0x7f0000002d00)={0x0, 0x1ae, 0x1, 0x0, 0x1}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000002d80), &(0x7f0000002dc0)=0x0) syz_io_uring_submit(r5, r10, &(0x7f0000002e00)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x4007, @fd_index, 0x709, 0x3f2, 0x5, 0x1, 0x1, {0x1}}, 0xd3) clock_gettime(0x4, &(0x7f0000002e40)) syz_io_uring_setup(0x23a5, &(0x7f0000002e80)={0x0, 0xec00, 0x4, 0x2, 0x221, 0x0, r4}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000002f00)=0x0, &(0x7f0000002f40)) syz_io_uring_setup(0x3f3e, &(0x7f0000002f80)={0x0, 0xef88, 0x2, 0x2, 0x194, 0x0, r9}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000003000), &(0x7f0000003040)=0x0) r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r11, r12, &(0x7f0000003080)=@IORING_OP_READ_FIXED={0x4, 0x3, 0x0, @fd=r4, 0x1, 0x2, 0x1, 0x5, 0x0, {0x2, r13}}, 0xf8) [ 76.243724] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.245250] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 76.247645] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.249054] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 76.250636] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 76.251625] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.253519] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.256134] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 76.257863] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.259539] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 76.261237] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.262472] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 76.264212] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.276202] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 76.282630] Bluetooth: hci3: HCI_REQ-0x0c1a [ 76.291629] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 76.293996] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 76.297666] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 76.302149] Bluetooth: hci1: HCI_REQ-0x0c1a [ 76.313300] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 76.318866] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 76.323721] Bluetooth: hci4: HCI_REQ-0x0c1a [ 76.342151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.360828] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.366820] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.373520] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 76.376483] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 76.388607] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.391291] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 76.393245] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.408602] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.413046] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 76.414581] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 76.415065] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 76.418550] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 76.422579] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 76.424297] Bluetooth: hci0: HCI_REQ-0x0c1a [ 76.457301] Bluetooth: hci2: HCI_REQ-0x0c1a [ 76.457312] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 76.458374] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 76.470179] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 76.493525] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 76.494417] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 76.495921] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 76.498734] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 76.499273] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 76.500254] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 76.504581] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 76.506141] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 76.507621] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 76.509663] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 76.515312] Bluetooth: hci6: HCI_REQ-0x0c1a [ 76.515560] Bluetooth: hci5: HCI_REQ-0x0c1a [ 76.558204] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 76.559923] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 76.577002] Bluetooth: hci7: HCI_REQ-0x0c1a [ 78.317780] Bluetooth: hci1: command 0x0409 tx timeout [ 78.319553] Bluetooth: hci3: command 0x0409 tx timeout [ 78.380756] Bluetooth: hci4: command 0x0409 tx timeout [ 78.445432] Bluetooth: hci0: command 0x0409 tx timeout [ 78.508440] Bluetooth: hci2: command 0x0409 tx timeout [ 78.572463] Bluetooth: hci5: command 0x0409 tx timeout [ 78.573516] Bluetooth: hci6: command 0x0409 tx timeout [ 78.636427] Bluetooth: hci7: command 0x0409 tx timeout [ 80.365019] Bluetooth: hci3: command 0x041b tx timeout [ 80.365887] Bluetooth: hci1: command 0x041b tx timeout [ 80.428412] Bluetooth: hci4: command 0x041b tx timeout [ 80.492466] Bluetooth: hci0: command 0x041b tx timeout [ 80.556441] Bluetooth: hci2: command 0x041b tx timeout [ 80.620613] Bluetooth: hci6: command 0x041b tx timeout [ 80.621424] Bluetooth: hci5: command 0x041b tx timeout [ 80.684422] Bluetooth: hci7: command 0x041b tx timeout [ 82.412399] Bluetooth: hci1: command 0x040f tx timeout [ 82.412876] Bluetooth: hci3: command 0x040f tx timeout [ 82.476444] Bluetooth: hci4: command 0x040f tx timeout [ 82.540417] Bluetooth: hci0: command 0x040f tx timeout [ 82.604375] Bluetooth: hci2: command 0x040f tx timeout [ 82.668396] Bluetooth: hci5: command 0x040f tx timeout [ 82.668832] Bluetooth: hci6: command 0x040f tx timeout [ 82.732404] Bluetooth: hci7: command 0x040f tx timeout [ 84.460498] Bluetooth: hci3: command 0x0419 tx timeout [ 84.460967] Bluetooth: hci1: command 0x0419 tx timeout [ 84.524453] Bluetooth: hci4: command 0x0419 tx timeout [ 84.588369] Bluetooth: hci0: command 0x0419 tx timeout [ 84.652364] Bluetooth: hci2: command 0x0419 tx timeout [ 84.716478] Bluetooth: hci6: command 0x0419 tx timeout [ 84.716921] Bluetooth: hci5: command 0x0419 tx timeout [ 84.780415] Bluetooth: hci7: command 0x0419 tx timeout 11:21:06 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) sendmmsg$inet(r2, &(0x7f0000001a00)=[{{&(0x7f00000000c0)={0x2, 0x4e22, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="38000000000000000000000007000000442025000000000000000000000000000000000000000000000000000000000001940400000000001c000000000000000000000008000000", @ANYRES32=r4], 0x58}}], 0x1, 0x0) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000000)={r4, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x1, 0x6, @broadcast}, 0x10) [ 129.905556] device syz_tun entered promiscuous mode [ 129.918834] device syz_tun left promiscuous mode 11:21:06 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) lseek(r1, 0x0, 0x4) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0x4) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x230, 0x0, 0x0, 0x4}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r3, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r3, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f0000000140)=0x10000) perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x3f, 0x0, 0xff, 0x7, 0x0, 0x7, 0x9, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8001, 0x1, @perf_bp={&(0x7f0000000180), 0x8}, 0x1300, 0x1000, 0xc1, 0x7, 0x7, 0x3b9d, 0xf504, 0x0, 0x5, 0x0, 0x3}, 0x0, 0x10, r2, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002e00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}], 0x20}}], 0x2, 0x0) syncfs(r4) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) [ 129.980872] audit: type=1400 audit(1664536866.358:7): avc: denied { open } for pid=3888 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.982460] audit: type=1400 audit(1664536866.358:8): avc: denied { kernel } for pid=3888 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.997341] ------------[ cut here ]------------ [ 129.997365] [ 129.997369] ====================================================== [ 129.997373] WARNING: possible circular locking dependency detected [ 129.997377] 6.0.0-rc7-next-20220929 #1 Not tainted [ 129.997384] ------------------------------------------------------ [ 129.997388] syz-executor.5/3891 is trying to acquire lock: [ 129.997394] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 129.997437] [ 129.997437] but task is already holding lock: [ 129.997440] ffff888018ab3020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 129.997467] [ 129.997467] which lock already depends on the new lock. [ 129.997467] [ 129.997470] [ 129.997470] the existing dependency chain (in reverse order) is: [ 129.997474] [ 129.997474] -> #3 (&ctx->lock){....}-{2:2}: [ 129.997487] _raw_spin_lock+0x2a/0x40 [ 129.997499] __perf_event_task_sched_out+0x53b/0x18d0 [ 129.997510] __schedule+0xedd/0x2470 [ 129.997525] schedule+0xda/0x1b0 [ 129.997538] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.997551] syscall_exit_to_user_mode+0x19/0x40 [ 129.997564] do_syscall_64+0x48/0x90 [ 129.997581] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.997594] [ 129.997594] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 129.997608] _raw_spin_lock_nested+0x30/0x40 [ 129.997618] raw_spin_rq_lock_nested+0x1e/0x30 [ 129.997631] task_fork_fair+0x63/0x4d0 [ 129.997648] sched_cgroup_fork+0x3d0/0x540 [ 129.997662] copy_process+0x4183/0x6e20 [ 129.997673] kernel_clone+0xe7/0x890 [ 129.997686] user_mode_thread+0xad/0xf0 [ 129.997696] rest_init+0x24/0x250 [ 129.997708] arch_call_rest_init+0xf/0x14 [ 129.997725] start_kernel+0x4c6/0x4eb [ 129.997739] secondary_startup_64_no_verify+0xe0/0xeb [ 129.997754] [ 129.997754] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 129.997767] _raw_spin_lock_irqsave+0x39/0x60 [ 129.997778] try_to_wake_up+0xab/0x1930 [ 129.997791] up+0x75/0xb0 [ 129.997805] __up_console_sem+0x6e/0x80 [ 129.997821] console_unlock+0x46a/0x590 [ 129.997837] vprintk_emit+0x1bd/0x560 [ 129.997853] vprintk+0x84/0xa0 [ 129.997869] _printk+0xba/0xf1 [ 129.997880] regdb_fw_cb.cold+0x6c/0xa7 [ 129.997898] request_firmware_work_func+0x12e/0x240 [ 129.997918] process_one_work+0xa17/0x16a0 [ 129.997935] worker_thread+0x637/0x1260 [ 129.997951] kthread+0x2ed/0x3a0 [ 129.997966] ret_from_fork+0x22/0x30 [ 129.997978] [ 129.997978] -> #0 ((console_sem).lock){....}-{2:2}: [ 129.997992] __lock_acquire+0x2a02/0x5e70 [ 129.998009] lock_acquire+0x1a2/0x530 [ 129.998024] _raw_spin_lock_irqsave+0x39/0x60 [ 129.998035] down_trylock+0xe/0x70 [ 129.998050] __down_trylock_console_sem+0x3b/0xd0 [ 129.998065] vprintk_emit+0x16b/0x560 [ 129.998081] vprintk+0x84/0xa0 [ 129.998097] _printk+0xba/0xf1 [ 129.998107] report_bug.cold+0x72/0xab [ 129.998123] handle_bug+0x3c/0x70 [ 129.998139] exc_invalid_op+0x14/0x50 [ 129.998156] asm_exc_invalid_op+0x16/0x20 [ 129.998167] group_sched_out.part.0+0x2c7/0x460 [ 129.998185] ctx_sched_out+0x8f1/0xc10 [ 129.998202] __perf_event_task_sched_out+0x6d0/0x18d0 [ 129.998213] __schedule+0xedd/0x2470 [ 129.998226] schedule+0xda/0x1b0 [ 129.998239] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.998250] syscall_exit_to_user_mode+0x19/0x40 [ 129.998262] do_syscall_64+0x48/0x90 [ 129.998279] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.998291] [ 129.998291] other info that might help us debug this: [ 129.998291] [ 129.998294] Chain exists of: [ 129.998294] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 129.998294] [ 129.998309] Possible unsafe locking scenario: [ 129.998309] [ 129.998311] CPU0 CPU1 [ 129.998314] ---- ---- [ 129.998316] lock(&ctx->lock); [ 129.998322] lock(&rq->__lock); [ 129.998328] lock(&ctx->lock); [ 129.998334] lock((console_sem).lock); [ 129.998340] [ 129.998340] *** DEADLOCK *** [ 129.998340] [ 129.998342] 2 locks held by syz-executor.5/3891: [ 129.998349] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 129.998378] #1: ffff888018ab3020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 129.998410] [ 129.998410] stack backtrace: [ 129.998412] CPU: 0 PID: 3891 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220929 #1 [ 129.998425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 129.998433] Call Trace: [ 129.998436] [ 129.998441] dump_stack_lvl+0x8b/0xb3 [ 129.998460] check_noncircular+0x263/0x2e0 [ 129.998477] ? format_decode+0x26c/0xb50 [ 129.998494] ? print_circular_bug+0x450/0x450 [ 129.998511] ? enable_ptr_key_workfn+0x20/0x20 [ 129.998527] ? format_decode+0x26c/0xb50 [ 129.998544] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 129.998562] __lock_acquire+0x2a02/0x5e70 [ 129.998584] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 129.998606] lock_acquire+0x1a2/0x530 [ 129.998623] ? down_trylock+0xe/0x70 [ 129.998640] ? lock_release+0x750/0x750 [ 129.998660] ? vprintk+0x84/0xa0 [ 129.998678] _raw_spin_lock_irqsave+0x39/0x60 [ 129.998689] ? down_trylock+0xe/0x70 [ 129.998705] down_trylock+0xe/0x70 [ 129.998721] ? vprintk+0x84/0xa0 [ 129.998737] __down_trylock_console_sem+0x3b/0xd0 [ 129.998755] vprintk_emit+0x16b/0x560 [ 129.998776] vprintk+0x84/0xa0 [ 129.998796] _printk+0xba/0xf1 [ 129.998807] ? record_print_text.cold+0x16/0x16 [ 129.998823] ? report_bug.cold+0x66/0xab [ 129.998841] ? group_sched_out.part.0+0x2c7/0x460 [ 129.998859] report_bug.cold+0x72/0xab [ 129.998878] handle_bug+0x3c/0x70 [ 129.998895] exc_invalid_op+0x14/0x50 [ 129.998913] asm_exc_invalid_op+0x16/0x20 [ 129.998926] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 129.998946] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 129.998957] RSP: 0018:ffff8880103d7c48 EFLAGS: 00010006 [ 129.998966] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.998974] RDX: ffff88801d31b580 RSI: ffffffff81565e67 RDI: 0000000000000005 [ 129.998982] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 129.998989] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888018ab3000 [ 129.998997] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 129.999008] ? group_sched_out.part.0+0x2c7/0x460 [ 129.999028] ? group_sched_out.part.0+0x2c7/0x460 [ 129.999048] ctx_sched_out+0x8f1/0xc10 [ 129.999067] __perf_event_task_sched_out+0x6d0/0x18d0 [ 129.999081] ? lock_is_held_type+0xd7/0x130 [ 129.999095] ? __perf_cgroup_move+0x160/0x160 [ 129.999106] ? set_next_entity+0x304/0x550 [ 129.999123] ? update_curr+0x267/0x740 [ 129.999142] ? lock_is_held_type+0xd7/0x130 [ 129.999156] __schedule+0xedd/0x2470 [ 129.999173] ? io_schedule_timeout+0x150/0x150 [ 129.999189] ? rcu_read_lock_sched_held+0x3e/0x80 [ 129.999210] schedule+0xda/0x1b0 [ 129.999224] exit_to_user_mode_prepare+0x114/0x1a0 [ 129.999237] syscall_exit_to_user_mode+0x19/0x40 [ 129.999250] do_syscall_64+0x48/0x90 [ 129.999268] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 129.999281] RIP: 0033:0x7fe16a178b19 [ 129.999289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.999300] RSP: 002b:00007fe1676ee218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 129.999311] RAX: 0000000000000001 RBX: 00007fe16a28bf68 RCX: 00007fe16a178b19 [ 129.999318] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe16a28bf6c [ 129.999326] RBP: 00007fe16a28bf60 R08: 000000000000000e R09: 0000000000000000 [ 129.999333] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe16a28bf6c [ 129.999340] R13: 00007ffc232218af R14: 00007fe1676ee300 R15: 0000000000022000 [ 129.999353] [ 130.056333] WARNING: CPU: 0 PID: 3891 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 130.057053] Modules linked in: [ 130.057304] CPU: 0 PID: 3891 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220929 #1 [ 130.057905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 130.058779] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 130.059197] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 130.060559] RSP: 0018:ffff8880103d7c48 EFLAGS: 00010006 [ 130.060961] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.061495] RDX: ffff88801d31b580 RSI: ffffffff81565e67 RDI: 0000000000000005 [ 130.062038] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 130.062588] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888018ab3000 [ 130.063128] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002 [ 130.063678] FS: 00007fe1676ee700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 130.064282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.064732] CR2: 00007fb481a6f368 CR3: 000000003ed08000 CR4: 0000000000350ef0 [ 130.065276] Call Trace: [ 130.065482] [ 130.065654] ctx_sched_out+0x8f1/0xc10 [ 130.065967] __perf_event_task_sched_out+0x6d0/0x18d0 [ 130.066375] ? lock_is_held_type+0xd7/0x130 [ 130.066729] ? __perf_cgroup_move+0x160/0x160 [ 130.067069] ? set_next_entity+0x304/0x550 [ 130.067404] ? update_curr+0x267/0x740 [ 130.067715] ? lock_is_held_type+0xd7/0x130 [ 130.068043] __schedule+0xedd/0x2470 [ 130.068341] ? io_schedule_timeout+0x150/0x150 [ 130.068703] ? rcu_read_lock_sched_held+0x3e/0x80 [ 130.069093] schedule+0xda/0x1b0 [ 130.069358] exit_to_user_mode_prepare+0x114/0x1a0 [ 130.069731] syscall_exit_to_user_mode+0x19/0x40 [ 130.070093] do_syscall_64+0x48/0x90 [ 130.070388] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 130.070786] RIP: 0033:0x7fe16a178b19 [ 130.071069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.072437] RSP: 002b:00007fe1676ee218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.073019] RAX: 0000000000000001 RBX: 00007fe16a28bf68 RCX: 00007fe16a178b19 [ 130.073558] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe16a28bf6c [ 130.074098] RBP: 00007fe16a28bf60 R08: 000000000000000e R09: 0000000000000000 [ 130.074650] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe16a28bf6c [ 130.075201] R13: 00007ffc232218af R14: 00007fe1676ee300 R15: 0000000000022000 [ 130.075743] [ 130.075923] irq event stamp: 772 [ 130.076174] hardirqs last enabled at (771): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 130.076875] hardirqs last disabled at (772): [] __schedule+0x1225/0x2470 [ 130.077494] softirqs last enabled at (624): [] __irq_exit_rcu+0x11b/0x180 [ 130.078140] softirqs last disabled at (515): [] __irq_exit_rcu+0x11b/0x180 [ 130.078781] ---[ end trace 0000000000000000 ]--- 11:21:06 executing program 4: r0 = socket$inet(0x2, 0xa, 0x0) accept$inet(r0, 0x0, 0x0) r1 = socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$inet_opts(r1, 0x0, 0x0, &(0x7f0000000000)=""/185, &(0x7f00000000c0)=0xb9) [ 130.094479] syz-executor.4 uses obsolete (PF_INET,SOCK_PACKET) 11:21:06 executing program 4: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00') fsetxattr$trusted_overlay_opaque(r0, &(0x7f00000000c0), 0x0, 0x0, 0x0) [ 130.174476] audit: type=1400 audit(1664536866.550:9): avc: denied { write } for pid=3888 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:21:06 executing program 7: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400000, 0x80) renameat(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f0000000080)='./file0\x00') stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) fsopen(0x0, 0x0) 11:21:06 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000002600)=[{{&(0x7f0000000100)={0x2, 0x4e27, @remote}, 0x10, 0x0, 0x0, &(0x7f0000001400)=[@ip_retopts={{0x30, 0x0, 0x7, {[@timestamp={0x44, 0x20, 0x1c, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}], 0x30}}], 0x1, 0x0) 11:21:06 executing program 4: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f0000000040)) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=@newpolicy={0xb8, 0x13, 0x221, 0x0, 0x0, {{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0xb8}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_REQ(r4, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f00000013c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_STATUS(r4, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r5, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x40) 11:21:06 executing program 7: r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', &(0x7f0000000080)={0x0, 0x0, 0x14}, 0x18) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000140)=0x0) syz_open_procfs(r3, &(0x7f0000000180)='net/bnep\x00') sendfile(r2, r1, 0x0, 0xfffffdef) mount_setattr(r0, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, &(0x7f00000000c0)={0x80084, 0x4, 0x80000, {r1}}, 0x20) [ 131.231144] syz-executor.7 (3960) used greatest stack depth: 23712 bytes left VM DIAGNOSIS: 11:21:06 Registers: info registers vcpu 0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823ba3c1 RDI=ffffffff8765a9c0 RBP=ffffffff8765a980 RSP=ffff8880103d7690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000039 R11=0000000000000001 R12=0000000000000039 R13=ffffffff8765a980 R14=0000000000000010 R15=ffffffff823ba3b0 RIP=ffffffff823ba419 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe1676ee700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb481a6f368 CR3=000000003ed08000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fe16a25f7c0 00007fe16a25f7c8 YMM02=0000000000000000 0000000000000000 00007fe16a25f7e0 00007fe16a25f7c0 YMM03=0000000000000000 0000000000000000 00007fe16a25f7c8 00007fe16a25f7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=ffffffff81af6dc7 RBX=ffffffff81359ce0 RCX=0000000000000000 RDX=1ffff1100730ee9a RSI=ffffffff81af6dc7 RDI=ffff888039877540 RBP=ffff888039877510 RSP=ffff888039877478 R8 =ffffffff85f1ee66 R9 =ffffffff85f1ee6a R10=ffffed100730ee9c R11=ffff8880398774b8 R12=ffff888039877540 R13=0000000000000000 R14=ffff88801821d040 R15=0000000000000000 RIP=ffffffff810acdbe RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00005555560e7400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 ffffc90000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005555560f0c58 CR3=000000003a656000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000