Warning: Permanently added '[localhost]:65364' (ECDSA) to the list of known hosts. 2022/09/26 08:12:02 fuzzer started 2022/09/26 08:12:03 dialing manager at localhost:38881 syzkaller login: [ 37.908597] cgroup: Unknown subsys name 'net' [ 37.993731] cgroup: Unknown subsys name 'rlimit' 2022/09/26 08:12:17 syscalls: 2215 2022/09/26 08:12:17 code coverage: enabled 2022/09/26 08:12:17 comparison tracing: enabled 2022/09/26 08:12:17 extra coverage: enabled 2022/09/26 08:12:17 setuid sandbox: enabled 2022/09/26 08:12:17 namespace sandbox: enabled 2022/09/26 08:12:17 Android sandbox: enabled 2022/09/26 08:12:17 fault injection: enabled 2022/09/26 08:12:17 leak checking: enabled 2022/09/26 08:12:17 net packet injection: enabled 2022/09/26 08:12:17 net device setup: enabled 2022/09/26 08:12:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/26 08:12:17 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/26 08:12:17 USB emulation: enabled 2022/09/26 08:12:17 hci packet injection: enabled 2022/09/26 08:12:17 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/26 08:12:17 802.15.4 emulation: enabled 2022/09/26 08:12:17 fetching corpus: 50, signal 19933/21760 (executing program) 2022/09/26 08:12:17 fetching corpus: 100, signal 31036/34564 (executing program) 2022/09/26 08:12:17 fetching corpus: 150, signal 38472/43634 (executing program) 2022/09/26 08:12:18 fetching corpus: 200, signal 47464/54060 (executing program) 2022/09/26 08:12:18 fetching corpus: 250, signal 59324/67130 (executing program) 2022/09/26 08:12:18 fetching corpus: 300, signal 62241/71475 (executing program) 2022/09/26 08:12:18 fetching corpus: 350, signal 65219/75831 (executing program) 2022/09/26 08:12:18 fetching corpus: 400, signal 70315/82169 (executing program) 2022/09/26 08:12:18 fetching corpus: 450, signal 76909/89728 (executing program) 2022/09/26 08:12:18 fetching corpus: 500, signal 80398/94348 (executing program) 2022/09/26 08:12:18 fetching corpus: 550, signal 84197/99267 (executing program) 2022/09/26 08:12:19 fetching corpus: 600, signal 85956/102228 (executing program) 2022/09/26 08:12:19 fetching corpus: 650, signal 88525/105887 (executing program) 2022/09/26 08:12:19 fetching corpus: 700, signal 90294/108809 (executing program) 2022/09/26 08:12:19 fetching corpus: 750, signal 92559/112127 (executing program) 2022/09/26 08:12:19 fetching corpus: 800, signal 96701/117075 (executing program) 2022/09/26 08:12:19 fetching corpus: 850, signal 98998/120350 (executing program) 2022/09/26 08:12:19 fetching corpus: 900, signal 101602/123875 (executing program) 2022/09/26 08:12:19 fetching corpus: 950, signal 103229/126497 (executing program) 2022/09/26 08:12:20 fetching corpus: 1000, signal 105094/129300 (executing program) 2022/09/26 08:12:20 fetching corpus: 1050, signal 108726/133524 (executing program) 2022/09/26 08:12:20 fetching corpus: 1100, signal 110692/136357 (executing program) 2022/09/26 08:12:20 fetching corpus: 1150, signal 112777/139220 (executing program) 2022/09/26 08:12:20 fetching corpus: 1200, signal 114387/141669 (executing program) 2022/09/26 08:12:20 fetching corpus: 1250, signal 115728/143900 (executing program) 2022/09/26 08:12:20 fetching corpus: 1300, signal 117177/146245 (executing program) 2022/09/26 08:12:20 fetching corpus: 1350, signal 118657/148514 (executing program) 2022/09/26 08:12:20 fetching corpus: 1400, signal 120530/151111 (executing program) 2022/09/26 08:12:21 fetching corpus: 1450, signal 121739/153128 (executing program) 2022/09/26 08:12:21 fetching corpus: 1500, signal 124040/155987 (executing program) 2022/09/26 08:12:21 fetching corpus: 1550, signal 126308/158797 (executing program) 2022/09/26 08:12:21 fetching corpus: 1600, signal 127024/160376 (executing program) 2022/09/26 08:12:21 fetching corpus: 1650, signal 128232/162290 (executing program) 2022/09/26 08:12:21 fetching corpus: 1700, signal 129194/164020 (executing program) 2022/09/26 08:12:21 fetching corpus: 1750, signal 129790/165523 (executing program) 2022/09/26 08:12:21 fetching corpus: 1800, signal 130956/167404 (executing program) 2022/09/26 08:12:21 fetching corpus: 1850, signal 132060/169259 (executing program) 2022/09/26 08:12:21 fetching corpus: 1900, signal 133268/171119 (executing program) 2022/09/26 08:12:22 fetching corpus: 1950, signal 134296/172839 (executing program) 2022/09/26 08:12:22 fetching corpus: 2000, signal 135562/174732 (executing program) 2022/09/26 08:12:22 fetching corpus: 2050, signal 137338/176932 (executing program) 2022/09/26 08:12:22 fetching corpus: 2100, signal 138241/178534 (executing program) 2022/09/26 08:12:22 fetching corpus: 2150, signal 139572/180378 (executing program) 2022/09/26 08:12:22 fetching corpus: 2200, signal 140707/182074 (executing program) 2022/09/26 08:12:22 fetching corpus: 2250, signal 141930/183881 (executing program) 2022/09/26 08:12:22 fetching corpus: 2300, signal 142814/185404 (executing program) 2022/09/26 08:12:22 fetching corpus: 2350, signal 143890/187023 (executing program) 2022/09/26 08:12:23 fetching corpus: 2400, signal 145388/188893 (executing program) 2022/09/26 08:12:23 fetching corpus: 2450, signal 146262/190401 (executing program) 2022/09/26 08:12:23 fetching corpus: 2500, signal 146949/191752 (executing program) 2022/09/26 08:12:23 fetching corpus: 2550, signal 148078/193367 (executing program) 2022/09/26 08:12:23 fetching corpus: 2600, signal 150328/195637 (executing program) 2022/09/26 08:12:23 fetching corpus: 2650, signal 152022/197487 (executing program) 2022/09/26 08:12:23 fetching corpus: 2700, signal 153043/198931 (executing program) 2022/09/26 08:12:23 fetching corpus: 2750, signal 153704/200156 (executing program) 2022/09/26 08:12:23 fetching corpus: 2800, signal 154423/201434 (executing program) 2022/09/26 08:12:24 fetching corpus: 2850, signal 155336/202808 (executing program) 2022/09/26 08:12:24 fetching corpus: 2900, signal 155819/203905 (executing program) 2022/09/26 08:12:24 fetching corpus: 2950, signal 156988/205407 (executing program) 2022/09/26 08:12:24 fetching corpus: 3000, signal 158089/206875 (executing program) 2022/09/26 08:12:24 fetching corpus: 3050, signal 159702/208554 (executing program) 2022/09/26 08:12:24 fetching corpus: 3100, signal 160991/210041 (executing program) 2022/09/26 08:12:24 fetching corpus: 3150, signal 161855/211294 (executing program) 2022/09/26 08:12:24 fetching corpus: 3200, signal 162588/212491 (executing program) 2022/09/26 08:12:24 fetching corpus: 3250, signal 163304/213618 (executing program) 2022/09/26 08:12:25 fetching corpus: 3300, signal 164171/214835 (executing program) 2022/09/26 08:12:25 fetching corpus: 3350, signal 165373/216208 (executing program) 2022/09/26 08:12:25 fetching corpus: 3400, signal 166200/217369 (executing program) 2022/09/26 08:12:25 fetching corpus: 3450, signal 166682/218366 (executing program) 2022/09/26 08:12:25 fetching corpus: 3500, signal 167327/219426 (executing program) 2022/09/26 08:12:25 fetching corpus: 3550, signal 168470/220708 (executing program) 2022/09/26 08:12:25 fetching corpus: 3600, signal 168883/221631 (executing program) 2022/09/26 08:12:25 fetching corpus: 3650, signal 169656/222686 (executing program) 2022/09/26 08:12:25 fetching corpus: 3700, signal 170438/223801 (executing program) 2022/09/26 08:12:26 fetching corpus: 3750, signal 170982/224789 (executing program) 2022/09/26 08:12:26 fetching corpus: 3800, signal 173092/226448 (executing program) 2022/09/26 08:12:26 fetching corpus: 3850, signal 173781/227425 (executing program) 2022/09/26 08:12:26 fetching corpus: 3900, signal 174920/228632 (executing program) 2022/09/26 08:12:26 fetching corpus: 3950, signal 175493/229533 (executing program) 2022/09/26 08:12:26 fetching corpus: 4000, signal 176180/230548 (executing program) 2022/09/26 08:12:26 fetching corpus: 4050, signal 176780/231468 (executing program) 2022/09/26 08:12:26 fetching corpus: 4100, signal 177607/232443 (executing program) 2022/09/26 08:12:27 fetching corpus: 4150, signal 178315/233351 (executing program) 2022/09/26 08:12:27 fetching corpus: 4200, signal 178941/234216 (executing program) 2022/09/26 08:12:27 fetching corpus: 4250, signal 179771/235195 (executing program) 2022/09/26 08:12:27 fetching corpus: 4300, signal 180438/236049 (executing program) 2022/09/26 08:12:27 fetching corpus: 4350, signal 180757/236781 (executing program) 2022/09/26 08:12:27 fetching corpus: 4400, signal 182120/237911 (executing program) 2022/09/26 08:12:27 fetching corpus: 4450, signal 182816/238795 (executing program) 2022/09/26 08:12:27 fetching corpus: 4500, signal 183948/239864 (executing program) 2022/09/26 08:12:27 fetching corpus: 4550, signal 184543/240714 (executing program) 2022/09/26 08:12:28 fetching corpus: 4600, signal 185950/241739 (executing program) 2022/09/26 08:12:28 fetching corpus: 4650, signal 186593/242528 (executing program) 2022/09/26 08:12:28 fetching corpus: 4700, signal 187054/243271 (executing program) 2022/09/26 08:12:28 fetching corpus: 4750, signal 188029/244183 (executing program) 2022/09/26 08:12:28 fetching corpus: 4800, signal 188769/245054 (executing program) 2022/09/26 08:12:28 fetching corpus: 4850, signal 189198/245732 (executing program) 2022/09/26 08:12:28 fetching corpus: 4900, signal 189495/246365 (executing program) 2022/09/26 08:12:28 fetching corpus: 4950, signal 190093/247089 (executing program) 2022/09/26 08:12:28 fetching corpus: 5000, signal 190456/247731 (executing program) 2022/09/26 08:12:29 fetching corpus: 5050, signal 190939/248391 (executing program) 2022/09/26 08:12:29 fetching corpus: 5100, signal 191428/249076 (executing program) 2022/09/26 08:12:29 fetching corpus: 5150, signal 192328/249856 (executing program) 2022/09/26 08:12:29 fetching corpus: 5200, signal 193398/250610 (executing program) 2022/09/26 08:12:29 fetching corpus: 5250, signal 193908/251283 (executing program) 2022/09/26 08:12:29 fetching corpus: 5300, signal 194330/251927 (executing program) 2022/09/26 08:12:29 fetching corpus: 5350, signal 194710/252538 (executing program) 2022/09/26 08:12:29 fetching corpus: 5400, signal 195385/253179 (executing program) 2022/09/26 08:12:30 fetching corpus: 5450, signal 195811/253840 (executing program) 2022/09/26 08:12:30 fetching corpus: 5500, signal 196608/254521 (executing program) 2022/09/26 08:12:30 fetching corpus: 5550, signal 197510/255181 (executing program) 2022/09/26 08:12:30 fetching corpus: 5600, signal 198014/255813 (executing program) 2022/09/26 08:12:30 fetching corpus: 5650, signal 198595/256422 (executing program) 2022/09/26 08:12:30 fetching corpus: 5700, signal 199333/257044 (executing program) 2022/09/26 08:12:30 fetching corpus: 5750, signal 199874/257637 (executing program) 2022/09/26 08:12:30 fetching corpus: 5800, signal 200610/258309 (executing program) 2022/09/26 08:12:31 fetching corpus: 5850, signal 201240/258855 (executing program) 2022/09/26 08:12:31 fetching corpus: 5900, signal 201985/259462 (executing program) 2022/09/26 08:12:31 fetching corpus: 5950, signal 202825/260002 (executing program) 2022/09/26 08:12:31 fetching corpus: 6000, signal 203144/260473 (executing program) 2022/09/26 08:12:31 fetching corpus: 6050, signal 203876/260989 (executing program) 2022/09/26 08:12:31 fetching corpus: 6100, signal 204361/261507 (executing program) 2022/09/26 08:12:31 fetching corpus: 6150, signal 204804/262011 (executing program) 2022/09/26 08:12:31 fetching corpus: 6200, signal 205376/262495 (executing program) 2022/09/26 08:12:32 fetching corpus: 6250, signal 205741/263013 (executing program) 2022/09/26 08:12:32 fetching corpus: 6300, signal 205954/263526 (executing program) 2022/09/26 08:12:32 fetching corpus: 6350, signal 206673/264000 (executing program) 2022/09/26 08:12:32 fetching corpus: 6400, signal 207250/264454 (executing program) 2022/09/26 08:12:32 fetching corpus: 6450, signal 207772/264952 (executing program) 2022/09/26 08:12:32 fetching corpus: 6500, signal 208235/265370 (executing program) 2022/09/26 08:12:32 fetching corpus: 6550, signal 208917/265797 (executing program) 2022/09/26 08:12:32 fetching corpus: 6600, signal 209616/265921 (executing program) 2022/09/26 08:12:32 fetching corpus: 6650, signal 210140/265921 (executing program) 2022/09/26 08:12:33 fetching corpus: 6700, signal 211202/265924 (executing program) 2022/09/26 08:12:33 fetching corpus: 6750, signal 211931/265924 (executing program) 2022/09/26 08:12:33 fetching corpus: 6800, signal 212481/265987 (executing program) 2022/09/26 08:12:33 fetching corpus: 6850, signal 213428/265988 (executing program) 2022/09/26 08:12:33 fetching corpus: 6900, signal 213869/265991 (executing program) 2022/09/26 08:12:33 fetching corpus: 6950, signal 214092/265991 (executing program) 2022/09/26 08:12:33 fetching corpus: 7000, signal 214591/265994 (executing program) 2022/09/26 08:12:33 fetching corpus: 7050, signal 215161/265994 (executing program) 2022/09/26 08:12:33 fetching corpus: 7100, signal 215748/265994 (executing program) 2022/09/26 08:12:34 fetching corpus: 7150, signal 216242/266001 (executing program) 2022/09/26 08:12:34 fetching corpus: 7200, signal 216577/266006 (executing program) 2022/09/26 08:12:34 fetching corpus: 7249, signal 216941/266006 (executing program) 2022/09/26 08:12:34 fetching corpus: 7249, signal 216941/266006 (executing program) 2022/09/26 08:12:36 starting 8 fuzzer processes 08:12:36 executing program 1: sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x300, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x42}, 0xc004) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4048081}, 0x4) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000002c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x24, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000400), r0) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x30, r3, 0x800, 0x70bd28, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000680)={&(0x7f0000000540)={0x110, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1000}, @IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'batadv_slave_0\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vxcan1\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}]}, @IPVS_CMD_ATTR_DEST={0x58, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@local}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xffffffff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x527}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4979adfc}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xe0}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x4004800) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_POWER_SAVE(r4, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x20, r5, 0x2, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x1527, 0x5a}}}}, ["", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x11) r6 = dup3(0xffffffffffffffff, r4, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000840), r6) r7 = open(&(0x7f0000000880)='./file0\x00', 0x204002, 0x2d) sendmsg$NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000980)={&(0x7f00000008c0), 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x14, r5, 0x400, 0x70bd28, 0x25dfdbfc, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000a40)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(r8, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x808218a0}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x34, r9, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004055}, 0x80) 08:12:36 executing program 0: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x6, 0x300, 0x70bd28, 0x25dfdbff, {0x9}, [@generic="c74bc23f94a5a2385d9a428b69fd0414ec5cad1bbd64", @nested={0xc, 0x90, 0x0, 0x1, [@typed={0x8, 0x50, 0x0, 0x0, @fd}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x8844}, 0x2004c001) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000800)={&(0x7f0000000140)={0x690, 0x0, 0x800, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x22}}}}, [@NL80211_ATTR_TX_RATES={0x218, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x5c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x28, 0x2, [{0x5, 0x7}, {0x5, 0x6}, {0x1, 0x6}, {0x4, 0x6}, {0x1, 0x6}, {0x4, 0x7}, {0x5, 0x5}, {0x4, 0x7}, {0x0, 0x5}, {0x6, 0x9}, {0x1, 0xa}, {0x1, 0x1}, {0x3, 0x4}, {0x4, 0x6}, {0x7, 0x3}, {0x2}, {0x0, 0x7}, {0x1, 0x3}, {0x2, 0x4}, {0x1, 0x6}, {0x2, 0x5}, {0x2, 0x7}, {0x7, 0x8}, {0x0, 0x3}, {0x7}, {0x0, 0x8}, {0x1, 0x4}, {0x1, 0x9}, {0x0, 0x8}, {0x0, 0x3}, {0x2, 0xa}, {0x4, 0xa}, {0x6, 0x7}, {0x3, 0x4}, {0x6, 0x3}, {0x4, 0xa}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xff, 0x2, 0xffff, 0x3, 0x0, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x3f, 0x8, 0x8, 0xb3, 0x4, 0xfffd]}}]}, @NL80211_BAND_5GHZ={0xb0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x9, 0x7f, 0xaca, 0xe0, 0x8, 0xd4d2]}}, @NL80211_TXRATE_HT={0xf, 0x2, [{0x1, 0x8}, {0x0, 0x2}, {0x7, 0x5}, {0x5, 0x6}, {0x5, 0x8}, {0x3, 0x4}, {0x2, 0x8}, {0x2, 0x7}, {0x1, 0xa}, {0x1, 0x6}, {0x7, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7670, 0x7ff, 0x1, 0x8, 0x9, 0x7, 0x1c0, 0x3]}}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x2, 0x4}, {0x3, 0x6}, {0x7, 0x2}, {0x3, 0x5}, {0x0, 0x3}, {0x6, 0x5}, {0x6, 0x5}, {0x1, 0x1}, {0x2, 0xa}, {0x2, 0x8}, {0x6, 0x6}, {0x6, 0x1}, {0x7, 0x6}, {0x1, 0x9}, {0x2, 0x5}, {0x7, 0x8}, {0x1, 0x5}, {0x0, 0x7}, {0x0, 0xa}, {0x4, 0x5}, {0x1, 0x3}, {0x7, 0x4}, {0x3, 0x1}, {0x6, 0x7}, {0x1, 0x5}]}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x38, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x20, 0x1, 0x7c46, 0x0, 0x0, 0x8, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x7, 0x3}, {0x3, 0x4}, {0x1}, {0x7, 0x7}, {0x1, 0x4}, {0x6, 0x2}, {0x2, 0x3}, {0x0, 0x8}, {0x5, 0x4}, {0x3, 0x5}, {0x2, 0x3}, {0x7, 0x7}, {0x4, 0x8}, {0x1, 0x1}, {0x3, 0x4}, {0x0, 0x5}, {0x1, 0x4}, {0x3, 0x6}, {0x5, 0x3}, {0x1, 0xa}, {0x6, 0x7}, {0x6, 0x7}, {0x2, 0x3}, {0x1, 0x3}, {0x0, 0x6}, {0x5, 0x7}, {0x7}, {0x0, 0x8}, {0x7, 0xa}, {0x0, 0x6}, {0x0, 0x9}, {0x5, 0xa}, {0x4, 0x7}, {0x5, 0x7}]}]}, @NL80211_BAND_5GHZ={0xc0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x34, 0x2, [{0x0, 0x7}, {0x6, 0x1}, {0x6, 0x1}, {0x5, 0x6}, {0x5, 0x9}, {0x1}, {0x4, 0x8}, {0x5, 0x8}, {0x6, 0x9}, {0x3, 0xa}, {0x4, 0x6}, {0x6, 0x3}, {0x0, 0x9}, {0x2, 0x7}, {0x6, 0xa}, {0x6, 0x2}, {0x4, 0x2}, {0x3, 0x5}, {0x3, 0x6}, {0x2, 0x2}, {0x4, 0x6}, {0x6, 0x8}, {0x3, 0x5}, {0x0, 0x1}, {0x0, 0x6}, {0x3, 0x3}, {0x3}, {0x7, 0x8}, {0x6, 0x4}, {0x2, 0x1}, {0x6, 0x2}, {0x5}, {0x0, 0xa}, {0x3, 0x2}, {0x0, 0x8}, {0x6, 0x5}, {0x2, 0x3}, {0x2, 0x9}, {0x1, 0x3}, {0x5, 0x2}, {0x3, 0x1}, {0x5, 0xa}, {0x6, 0x6}, {0x5, 0x6}, {0x1, 0x1}, {0x5, 0x6}, {0x7, 0x8}, {0x5, 0x8}]}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x30, 0x12, 0x4, 0x1, 0x1, 0x12, 0x12, 0x16, 0x48, 0x24, 0x1b, 0x16, 0x2, 0x6c, 0x5]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe4, 0x800, 0x400, 0x3, 0x40, 0x8001, 0x7, 0x9]}}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x0, 0x1}, {0x1, 0xa}, {0x7, 0x2}, {0x2, 0x1}, {0x6, 0x1}, {0x7, 0x1}, {0x6, 0x5}, {0x4, 0x3}, {0x4, 0x4}, {0x6, 0x4}, {0x7, 0x3}, {0x0, 0x5}, {0x1}, {0x6, 0x9}, {0x6, 0x7}, {0x0, 0x4}, {0x2, 0x4}, {0x1, 0x3}, {0x2, 0x3}, {0x4, 0x8}, {0x1, 0x3}, {0x3}, {0x0, 0x8}, {0x4, 0x4}, {0x1, 0x5}, {0x1, 0xa}, {0x7, 0x5}, {0x1, 0x5}, {0x3, 0x8}, {0x2, 0x9}, {0x3, 0x3}, {0x0, 0x9}, {0x2, 0x7}, {0x1, 0x2}, {0x0, 0x7}, {0x2, 0x8}, {0x4, 0x2}, {0x4, 0x8}, {0x1, 0xa}, {0x4, 0x3}, {0x4, 0x7}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0xa}, {0x7, 0x1}, {0x0, 0x7}, {0x1, 0x1}, {0x0, 0x3}, {0x4, 0x1}, {0x2, 0x5}, {0x6, 0x3}, {0x1, 0x8}, {0x6, 0xa}, {0x5}, {0x6, 0x1}, {0x4, 0x4}, {0x1, 0x4}, {0x3}, {0x1, 0x3}, {0x0, 0x6}, {0x2, 0x9}, {0x1, 0x5}]}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x1b, 0xb, 0x3, 0x16, 0x6c, 0x1, 0x6c, 0x2, 0x48, 0xc, 0x1b, 0x18, 0x60, 0x9, 0x48, 0x6c]}]}, @NL80211_BAND_60GHZ={0x48, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x44, 0x2, [{0x5, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x7, 0x4}, {0x4, 0xa}, {0x6, 0x2}, {0x0, 0x9}, {0x6, 0x5}, {0x2, 0x3}, {0x3}, {0x1, 0x3}, {0x2, 0x3}, {0x1, 0xa}, {0x4, 0x8}, {0x6, 0x6}, {0x4, 0xa}, {0x1}, {0x3, 0x3}, {0x2, 0xa}, {0x1, 0x2}, {0x7, 0x3}, {0x4, 0x7}, {0x4, 0x2}, {0x5, 0x9}, {0x3, 0x6}, {0x3, 0xa}, {0x6, 0x3}, {0x1, 0x4}, {0x3, 0x9}, {0x5}, {0x5, 0x4}, {0x0, 0x1}, {0x6, 0x2}, {0x2, 0x2}, {0x7, 0x1}, {0x0, 0x12}, {0x7, 0x6}, {0x0, 0x2}, {0x2, 0x4}, {0x5, 0x3}, {0x7, 0x8}, {0x0, 0x8}, {0x1, 0x5}, {0x2, 0x7}, {0x5}, {0x3}, {0x5}, {0x1, 0x9}, {0x2, 0x9}, {0x1, 0xf}, {0x2}, {0x1, 0x8}, {0x5, 0x6}, {0x6, 0x6}, {0x7, 0x1}, {0x2, 0x5}, {0x1, 0x8}, {0x6, 0x9}, {0x0, 0x7}, {}, {0x0, 0x9}, {0x3, 0x3}, {0x0, 0x4}, {0x6, 0xa}]}]}]}, @NL80211_ATTR_TX_RATES={0xa8, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x5c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x42, 0x2, [{0x1, 0x2}, {0x6, 0x3}, {0x3, 0x6}, {0x0, 0x5}, {0x2, 0x6}, {0x0, 0x4}, {0x1, 0x4}, {0x4, 0x3}, {0x4, 0x9}, {0x7, 0x4}, {0x2, 0x1}, {0x6, 0x2}, {0x4, 0x2}, {0x1, 0x4}, {0x1, 0x8}, {0x6, 0x5}, {0x4, 0x2}, {0x4, 0x1}, {0x3, 0x1}, {}, {0x4, 0x5}, {0x2, 0x2}, {0x5, 0x1}, {0x1, 0x9}, {0x0, 0x5}, {0x1, 0x7}, {0x7, 0x5}, {0x0, 0x8}, {0x2, 0x3}, {0x1, 0x8}, {0x1, 0x2}, {0x5, 0x2}, {0x3, 0x1}, {0x6, 0x5}, {}, {0x1}, {0x1, 0x3}, {0x2, 0x3}, {0x5, 0x1}, {0x0, 0x4}, {0x0, 0x2}, {0x7, 0x3}, {0x6, 0x2}, {0x0, 0x5}, {0x0, 0x8}, {0x0, 0x7}, {0x0, 0x8}, {0x0, 0x1}, {0x6, 0x4}, {0x1, 0x1}, {0x6, 0xa}, {0x5, 0x9}, {0x5, 0x8}, {0x2, 0x3}, {}, {0x7}, {0x7, 0x2}, {0x0, 0x6}, {0x5, 0x5}, {0x7, 0x2}, {0x4, 0xa}, {0x6, 0x7}]}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x18, 0x478053d044ef06a3, 0x6c, 0xb, 0x60, 0x1, 0x6c, 0x6c, 0x18, 0xb, 0x5, 0x6, 0x36, 0x30, 0x3]}]}, @NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x31, 0x2, [{0x7, 0xa}, {0x6, 0x3}, {0x2, 0xa}, {0x2, 0x2}, {0x5, 0x8}, {0x5, 0x8}, {0x7, 0x9}, {0x6, 0x3}, {0x1, 0x6}, {0x5, 0x5}, {0x1, 0x6}, {0x6, 0x5}, {0x4, 0x4}, {0x1, 0x1}, {0x2, 0x2}, {0x6, 0x8}, {0x0, 0x8}, {0x0, 0x9}, {0x2, 0x1}, {0x6}, {0x1, 0xa}, {0x5, 0x7}, {0x7, 0x2}, {0x1, 0x7}, {0x2, 0x7}, {0x5, 0x8}, {0x3, 0xa}, {0x0, 0x4}, {0x6, 0x2}, {0x4, 0x1}, {0x7, 0x3}, {0x2, 0x5}, {0x7, 0x8}, {0x6, 0x5}, {0x7, 0x3}, {0x2, 0x3}, {0x5, 0x8}, {0x7, 0x8}, {0x1, 0x9}, {0x5, 0xa}, {0x1, 0xa}, {0x4, 0x3}, {0x5, 0x2}, {0x0, 0x1}, {0x1, 0xa}]}]}]}, @NL80211_ATTR_TX_RATES={0x340, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x7, 0x2, [{0x7, 0x2}, {0x3, 0x9}, {0x7, 0x5}]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x0, 0x6, 0x5, 0x1, 0x6c, 0x24, 0x1b, 0x18, 0x30, 0x60, 0x6, 0x1, 0x5, 0x48, 0x48, 0x36, 0x1b, 0x16, 0x0, 0x36, 0x4, 0x60]}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x9d, 0x4, 0x36, 0x24, 0x24, 0x36, 0x4, 0x48]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0xdc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x7ac, 0x40, 0x2000, 0xac, 0x7f, 0x6, 0x800]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbe, 0x2, 0x3f, 0x240, 0x3, 0x1ff, 0x40, 0x4]}}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x1, 0x2}, {0x4, 0x2}, {0x6, 0x6}, {0x3, 0xa}, {0x2, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x0, 0x6, 0x2, 0x8000, 0x5, 0x8000, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x401, 0x5, 0x1a7, 0x1, 0x9bd5, 0x3, 0x46, 0x6]}}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x16, 0x1, 0x4, 0x6, 0x1b, 0x30, 0x5, 0x36, 0x9, 0x9, 0x60, 0x16, 0x9, 0xc, 0x1d, 0x0, 0x60, 0x6, 0x6, 0x9, 0x6c, 0x0, 0x24, 0x2d, 0x3, 0x48, 0x4, 0x1b, 0x30, 0x2, 0x4]}, @NL80211_TXRATE_HT={0x17, 0x2, [{0x3, 0xa}, {0x5, 0x2}, {0x0, 0x3}, {0x1, 0x4}, {}, {0x7, 0x3}, {0x0, 0x9}, {0x5, 0x5}, {0x6, 0x2}, {0x3, 0x4}, {0x6, 0x7}, {0x1, 0x1}, {0x2, 0x3}, {0x7, 0x5}, {0x0, 0x3}, {0x2}, {0x3, 0xa}, {0x0, 0x4}, {0x5, 0x5}]}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x60, 0x18, 0x60, 0x16, 0xc, 0x6b, 0x9, 0x6, 0x1b, 0x3, 0x60, 0x6, 0x36, 0x6c, 0x1b, 0x9, 0x48]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x20, 0x2, [{0x1, 0x3}, {0x2, 0x6}, {0x6, 0x6}, {0x3, 0x4}, {0x3}, {0x2, 0x8}, {0x3, 0x9}, {0x7, 0xa}, {0x4, 0x9}, {0x2}, {0x0, 0x2}, {0x3, 0x7}, {0x7, 0x3}, {0x1}, {0x4, 0x8}, {0x5, 0x4}, {0x7, 0x3}, {0x2}, {0x5}, {0x5, 0x6}, {0x0, 0x1}, {0x5, 0x2}, {0x0, 0x1}, {0x5, 0x4}, {0x0, 0x6}, {0x3, 0x9}, {}, {0x4, 0x1}]}]}, @NL80211_BAND_60GHZ={0xd4, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1e, 0x2, [{0x2, 0x4}, {0x1, 0x5}, {0x1, 0xa}, {0x4, 0x9}, {0x5, 0x2}, {0x2, 0x3}, {0x5, 0x3}, {0x4, 0x7}, {0x7}, {0x2, 0x3}, {0x5}, {0x1, 0x4}, {0x6, 0x9}, {0x7}, {0x5}, {0x6, 0x6}, {0x3, 0x1}, {0x6, 0x1}, {0x1, 0x4}, {0x0, 0x5}, {0x0, 0x7}, {0x1, 0x8}, {0x5}, {0x3, 0x6}, {0x1, 0x2}, {0x1, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0xfe, 0x40, 0x0, 0x1, 0xff, 0x7]}}, @NL80211_TXRATE_HT={0x7, 0x2, [{0x6}, {0x3}, {0x2, 0xa}]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x16, 0xedb9c583a2f1ba04, 0x12, 0x3, 0x1, 0x30, 0x24, 0x16, 0x2, 0x6c, 0x16, 0x2, 0x18, 0x30, 0x36, 0x12, 0x1, 0x1b, 0x16, 0x16, 0x5, 0x18]}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x2, 0x5}, {0x5, 0x8}, {0x7, 0x2}, {0x3, 0x1}, {}, {0x5, 0x8}, {0x2, 0x3}, {0x2, 0x7}, {0x0, 0x5}, {0x5, 0xa}, {0x7, 0x2}, {0x0, 0x9}, {0x1, 0x1}, {0x6, 0xa}, {0x0, 0xa}, {0x1}, {0x7, 0x3}, {0x2, 0x6}, {0x6, 0x6}, {0x2, 0xa}, {0x4, 0x1}, {0x1, 0x5}, {0x3, 0x3}, {0x0, 0x2}, {0x2, 0x7}, {0x4, 0x7}, {0x1, 0x8}, {0x5, 0x2}, {0x6, 0x7}, {0x4, 0x5}, {0x7, 0x1}, {0x7}, {}, {0x4, 0x4}, {0x0, 0x2}, {0x0, 0x5}, {0x3, 0x6}, {0x5, 0x5}, {0x3, 0x8}, {0x1, 0xa}, {0x2}, {0x1, 0x7}, {0x5, 0x6}, {0x1}, {0x5, 0x4}, {0x2, 0x4}, {0x7}, {0x2, 0x5}, {0x5, 0x5}, {0x4, 0x6}, {0x7, 0x3}, {0x5, 0x7}, {0x2, 0x2}, {0x6, 0x13}, {0x1, 0x7}, {0x6, 0xa}, {}, {0x7, 0x4}, {0x1, 0x1}, {0x2, 0x3}, {0x4, 0x6}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x60, 0x6c, 0x5, 0xbb52509e5db55f9c, 0x5, 0x78, 0x4, 0xc, 0x1, 0x2d, 0x6c, 0x36, 0x0, 0x18, 0x36, 0x16, 0x9, 0xc, 0xb, 0x3, 0x60, 0x0, 0x30, 0x4, 0x19, 0x36, 0x3, 0x24, 0x3, 0x16, 0x18, 0x48]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x3, 0x8}]}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x24, 0x13, 0x3, 0x6c, 0xb, 0x36, 0x2, 0x2, 0x9, 0x1, 0x12, 0x5, 0x0, 0x2, 0x5, 0x3, 0x2, 0x36, 0x9, 0x16, 0x3, 0x48, 0x26]}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x18, 0x18, 0x60, 0x60, 0x24, 0x48, 0x18, 0x6, 0x1, 0xc, 0xc, 0x16, 0x1b, 0x5, 0x6c, 0x1b, 0xb, 0x53, 0x30, 0x36, 0xb, 0x6, 0x5c, 0x32, 0x18, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x6, 0x7, 0x354, 0x8, 0x2c2, 0x531, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x9, 0x4, 0x3, 0x7f, 0x4, 0x7f, 0x3]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1f, 0x81, 0x7f, 0xb3e4, 0x2, 0x0, 0x1, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0xff, 0x0, 0x1, 0x8, 0x6, 0x8, 0x1]}}]}, @NL80211_BAND_5GHZ={0x5c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x12, 0x1, [0x6c, 0x6c, 0x36, 0x3, 0x5, 0x2, 0x5, 0x6, 0x9, 0x4, 0x4a, 0x60, 0x9f681ed56d926f35, 0x6]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0xffff, 0x8, 0x4, 0xfb, 0x8, 0x6, 0x8]}}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x3, 0xa}, {0x6, 0x4}, {0x0, 0x2}, {0x1, 0x3}, {0x2, 0x8}, {0x0, 0x6}, {0x0, 0x1}, {0x0, 0x3}, {0x3, 0xa}, {0x1, 0x9}, {0x3, 0x6}, {0x7, 0x4}, {0x3, 0x9}, {}, {0x3, 0x6}, {0x2, 0x1}, {0x1}, {0x6, 0x7}, {0x1, 0x6}, {0x2, 0x6}, {0x1}, {0x1, 0x5}, {0x3, 0x2}, {0x0, 0x7}, {0x1, 0x6}, {0x5, 0x6}, {0x7, 0x8}, {0x1, 0x2}, {0x1, 0x2}, {0x0, 0x7}, {0x3, 0x5}, {0x0, 0x3}, {0x4, 0x7}, {0x2, 0x5}, {0x6, 0x4}, {0x2, 0x6}, {0x1, 0x4}, {0x7, 0x4}, {0x2, 0xa}, {0x2, 0x9}, {0x1, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x5, 0x4}]}]}, @NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x1, 0x9}, {0x1, 0x4}, {0x3, 0x8}, {0x0, 0x2}, {0x1, 0xa}, {0x7, 0x6}, {0x6, 0xa}, {0x5, 0x4}, {0x4, 0x6}, {0x0, 0x7}, {0x1, 0x6}, {0x3, 0x6}, {0x2, 0x7}, {0x6, 0xa}, {0x3, 0x1}, {0x6, 0x3}, {0x2}, {0x1, 0x9}, {0x0, 0x2}, {0x7, 0x3}]}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x4, 0x16, 0x16, 0x12, 0x16, 0x16, 0x9, 0x16, 0xb, 0xe, 0xabed91ed61b1ec50, 0x16, 0x1, 0x24, 0x36, 0xb, 0x4, 0x0, 0xe7d9f818adca405a]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x401, 0x5d38, 0xab6, 0x2, 0x4, 0x7, 0x40, 0x5]}}]}]}, @NL80211_ATTR_TX_RATES={0x70, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x401, 0x2, 0x8, 0x5, 0x401, 0x6, 0x5]}}, @NL80211_TXRATE_HT={0x1a, 0x2, [{0x0, 0xa}, {0x1, 0x6}, {0x2, 0x4}, {0x5, 0x8}, {0x6, 0x7}, {0x2, 0x1}, {0x6}, {0x0, 0x7}, {0x0, 0x9}, {0x6, 0x2}, {0x7, 0x5}, {0x6, 0x3}, {}, {0x2, 0x3}, {0x7, 0x9}, {0x2, 0x3}, {0x6, 0x7}, {0x5, 0x6}, {0x7, 0x3}, {0x1, 0x2}, {0x0, 0x7}, {0x5, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xd4, 0x8, 0x8, 0x3ff, 0x2, 0x7dfd, 0x2, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x5, 0x4, 0x486, 0x696, 0x5, 0x3, 0x9]}}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x16, 0x48, 0x18]}]}]}]}, 0x690}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000880)=@abs, 0x6e, &(0x7f0000000c40)=[{&(0x7f0000000900)=""/121, 0x79}, {&(0x7f0000000980)=""/194, 0xc2}, {&(0x7f0000000a80)=""/222, 0xde}, {&(0x7f0000000b80)=""/181, 0xb5}], 0x4, &(0x7f0000000c80)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}, 0x40010021) sendmsg$IPSET_CMD_PROTOCOL(r1, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x2c, 0x1, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4080}, 0x40000) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), r0) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000001480)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x4000468}, 0xc, &(0x7f0000001440)={&(0x7f0000000e80)={0x5b4, r2, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffff9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffff846}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xd4c}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2000000}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_LINK={0x10c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xcc76}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x847}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9322}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NODE={0xb4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x6a, 0x3, "f3b660a212d2830b9d55bb988885eebcfb1fd028f10d4038579c2a401095cab2fe52ef864204c8ce8dd24873da79cb1f3f400b916f33a2e1a2ed076b8a01373998c3a8c6ee8305954bc07834f76a0e2a458660534b14ef370dedd68428d05b10d39225469a5e"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "915e66fd257e25a6f38aa00222882de86a9523f2"}}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "72bcaf1e922bfd9dc68a5553d364ca566dc2e313f2fe18322592398f99587ca8"}}]}, @TIPC_NLA_NET={0x64, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffb}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xb70}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfb2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffffff7f}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4f231686}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x35c}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}]}, @TIPC_NLA_NODE={0x8c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "e0835c2c91a38c72b924adb3ee3a0b5ee71da5df80"}}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "967872b52073934cfa445a034371e3ee2f8a796c5b3d38"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA={0xe0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x77d1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xcd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe5f}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1010}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}]}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x400}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xb5d5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK={0x13c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffe}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ff}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe46f}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}]}]}, 0x5b4}, 0x1, 0x0, 0x0, 0x8004}, 0x20044010) r3 = fcntl$dupfd(r1, 0x0, r0) sendmsg$TIPC_NL_MON_SET(r3, &(0x7f0000001840)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001800)={&(0x7f0000001500)={0x2cc, r2, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x5c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_MEDIA={0xa4, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x40008}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x900}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NODE={0x16c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x93, 0x3, "260ac8fef5d9ac77fc382906ea80c4cf7924bfcc0e02fb8efc13037416d59b217ec9852dc46036667f1fc9a405c1574419159590574dd298a40490dc8b82a582eb7803e4c4c82606cb01553debcd199641aba6a59f2c8b82ef9b9b92382dfb87e130e77bdea799491b88b9e914fd890c5f4ba5d162723c8576fa29c68c3de695e21a3dc27d5f68f0d24ed7b8c48832"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3ff}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "2cfe49cfe2272e99ac28c2fd1594d580f98d8c217874e93a6725a205c48cafbb33813f3d"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2938d7b2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "8cb3c4ceda7963b1050252efab1848b66d0d611c4b7f7c0b0d0fee184873bac58888"}}, @TIPC_NLA_NODE_ID={0x24, 0x3, "9efb39e0c6ce42be5823fa79d9b1b429ad4db7ceaece10f8f2780808f7969aee"}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}]}]}, 0x2cc}, 0x1, 0x0, 0x0, 0x4880}, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000018c0), r3) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001a00)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000019c0)={&(0x7f0000001900)={0xa8, r4, 0x200, 0x70bd2b, 0x1, {}, [@TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9c}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8000}]}, @TIPC_NLA_NET={0x40, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffff4a03}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10001}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}]}, @TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'xfrm0\x00'}}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0xd1}, 0x41) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001a80), r3) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000001c00)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001ac0)={0xf8, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @val={0x8}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "6f5c9049fb3f1ebeb3b7291cfae454f9f46b94e970016a27"}], @NL80211_ATTR_IFNAME={0x14, 0x4, 'wg2\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "a8c54017f8d2335897050b181c6121ba6cb96f893e701648"}, @NL80211_ATTR_MNTR_FLAGS={0x4}], @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth1_virt_wifi\x00'}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_macvtap\x00'}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4840}, 0x4008000) socket$nl_generic(0x10, 0x3, 0x10) sync_file_range(0xffffffffffffffff, 0x0, 0x47, 0x2) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000001c80), r0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000001d40)={&(0x7f0000001c40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001d00)={&(0x7f0000001cc0)={0x3c, r6, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x71}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10000}, 0x40000) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001dc0), r1) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r3, &(0x7f0000001e80)={&(0x7f0000001d80)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001e40)={&(0x7f0000001e00)={0x30, r7, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x26}, @void, @val={0xc, 0x99, {0x5, 0x4d}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x4e}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000000) recvmsg$unix(r1, &(0x7f0000002680)={&(0x7f0000002240)=@abs, 0x6e, &(0x7f00000025c0)=[{&(0x7f00000022c0)=""/238, 0xee}, {&(0x7f00000023c0)=""/227, 0xe3}, {&(0x7f00000024c0)=""/121, 0x79}, {&(0x7f0000002540)=""/118, 0x76}], 0x4, &(0x7f0000002600)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c}}], 0x70}, 0x10020) syz_mount_image$vfat(&(0x7f0000001ec0), &(0x7f0000001f00)='./file0\x00', 0x45, 0x4, &(0x7f00000021c0)=[{&(0x7f0000001f40)="edda54bbb0cc4debe8c9b18b", 0xc, 0x1ff}, {&(0x7f0000001f80)="55435082fd83fe7c26b3769ee1649111efc756cc797919dce8f08db3e7b9032fca63eae51b728b096c3fea67f20f7693fb15208ecfe47e9fae9946cdb1da9eb795af8adee74eefae41bdc56fb65ca86b759f52c9fbfd4412f81642291ab72bbd0c5c660a7ccfb345cc2d176ee160dc2cc9a72432da34802fb7d43fe25f4cb2f33f2128dbbde13964fe4c137ffb064e51eccc7e04b51a78deb713407b823bddb449ad68882afa614b1d05ed07ad4142e8a67dd114fc43452fb5ab0f9d572e2e57a6234229836607454ee27331309e54d07b015a560ef00e33568ea5b6595fcd4a4f1a", 0xe2, 0xffffffffffff0000}, {&(0x7f0000002080)="cdc79a61e4bc9a8ba80ad6690df3efb4b31a6cb482ffa582eed5c9a8b006859c7fbbee2b526c8be59a2db3d409b5302360bc2754d2ec857975a1b123c5a7dc4d415c00b8d706e71c9f954b81e17f138e5073ad30738e8eed7efde430c6b5dea1f989da4e354b18239046ce5627b90a295864ce7e3663e6208cb2f62258813aba7af336b68e80b46dae0e466909c7aa973982e2c2f4", 0x95, 0x8001}, {&(0x7f0000002140)="cdb8cad10dbeb2ad685088ed2581773b7faaa0535c55a4020975e28a92623f2a425535a7acfe9c9039ead99f589319e33f581b28c8cc9b495c742bbd7fd8551d1e7c07995a19590d66df99adaf2e89fb6e3e26ae63d2e4e160b0026bf14f0575809798ce8bbcfe1f1b687a7d65e0fd0f1b9167b403f00a36d08a257e", 0x7c, 0x6893}], 0x1, &(0x7f00000026c0)={[{@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@fat=@sys_immutable}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@rodir}, {@shortname_winnt}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'wg2\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@euid_lt={'euid<', r8}}, {@subj_role={'subj_role', 0x3d, 'syz1\x00'}}, {@measure}, {@pcr={'pcr', 0x3d, 0x29}}]}) 08:12:36 executing program 4: ioctl$MON_IOCQ_URB_LEN(0xffffffffffffffff, 0x9201) ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000000c0)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000040)=""/107, 0x6b}) ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000180)={&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000140)=""/45, 0x2d}) ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f0000000500)={{'\x00', 0x2}, {0x100000000}, 0x1, 0x0, 0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)="f837dd1220bc5ab57b4acc62f6532b95c17b5ed1a357af931583ae060c529356f9ff61d63084a098c2185d95324bea1f8ec58500c8dd5de295bb6ddb272a095db6214378b46341e6f6600a3b656f55cf6a72dd4a494c4f5d7b1c2ad7de3ef8fc041ac74c9dc7f5499596076f5770d8cb8268a0ab2de0ebaa6587e3dc17fbd2dd50997840b00bbcac1f6955aa76c02b5dda1ffdb71b6458cd847dd6e74cbcc487c90ef12e76e2873b995a24a083f358235b96f071c7e5b4418869a38c4f4fa87b0e3336b8ad5831a9ac8394c91fefc9db72aed50b294d47a4ffb6dafca43e1630fc1d299d8749d35dfc5ee5c25588b7b0a2c1b20d49a9fde95c635ce4879ddb7f30be0624ecebcbec58f8bdae198c8625ffa172aea827b4fc454bdf9ae7610975465f64a11607070c22b1c827b119654c069aabc8174817ed9c6438f0291f4bf55686ff11d497d5f88a06cc318c8cf51f6fc741a8b5f79356c022dd8d8e14024b56f3", 0x162, 0x0, &(0x7f00000003c0)={0x2, 0xea, {0x0, 0xc, 0x2d, "ab6280bfe795d173520f3821e23e421e5d3543bf9080940930999ceca4ec73791401ed0edfc14ebc233346d5ba", 0xb0, "014075e6ad3e2b0fb46f8c1e0ed11117aa7709b2d2872f7d2ff71d09d6ab62c05815420bfd4167ff88e3e8b3cfada57608e7ced779ef1953cb1c7397572d6f34a745cb1b89da8083fef38bba07d456335dc5ea18e203320d74abc5fe5e1e3c5b50b5943e3f4d199cd7d8112520ad54e2eea270e8f909f08c4d23331e7c214fe0bf2f2e12578bec3a8574e1622333e97d4500b615d240b90566b9a2b4ce3034b92e98224590193dd9d21e454381fab3cf"}, 0x20, "cd8959eb7705caf1f0d4e0d45269b2232fd8aecd55ed564cda62650fac0ea08d"}, 0x116}) r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000580)={0xa, 0x0, 0x0, @dev}, &(0x7f00000005c0)=0x1c, 0x80800) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000600)=0x2) r1 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000640), 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000680)) flistxattr(r0, &(0x7f0000000880)=""/146, 0x92) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = accept(r2, &(0x7f0000000980)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f0000000a00)=0x80) connect$inet6(r0, &(0x7f0000000a40)={0xa, 0x4e21, 0x8, @mcast1, 0x1ff}, 0x1c) r5 = memfd_secret(0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r4) sendmsg$NL80211_CMD_SET_KEY(r5, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x2c, r6, 0x400, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x3}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x0) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000c80)={@rand_addr, @remote, 0x0}, &(0x7f0000000cc0)=0xc) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000d00)={'wg0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r4, &(0x7f0000000e80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000d40)={0xd0, 0x0, 0x306, 0x70bd27, 0x25dfdbfc, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4810}, 0x9cd9d6a3cfbb0b45) r9 = openat$cgroup(r5, &(0x7f0000000ec0)='syz0\x00', 0x200002, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r9, 0x81f8943c, &(0x7f0000000f00)) 08:12:36 executing program 3: getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000000)={'raw\x00', 0xa5, "da835eaa5de88bddaa37a79fa422199df626ebda921f10776276ee823a044af16009cc45bd1a016fe8ecbef2bb8e4e3096bd65b1ede42acbf4126a0630fcc0413eda17b72a0399eff2270bdbc02f6dfc074ea82f22afb0e91239cb13425b6efcb64ee92177e9ea661e93e77350aa1aa8d577a1456ab19377a41ae859e8ecc2f3dedbf5248b75c474e66df4707df768b920b8ede60e3a1fb24a23a6231c3b8eb8490bc33e51"}, &(0x7f0000000100)=0xc9) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000140)={{{@in=@remote, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}}}, &(0x7f0000000240)=0xe8) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@empty, @in6=@mcast1, 0x4e23, 0x0, 0x4e22, 0x401, 0x2, 0x80, 0x20, 0x3b, r0}, {0x6, 0x401, 0x68c2, 0xfffffffffffffffd, 0x81, 0xbef1, 0xe239, 0xffffffffffffffa6}, {0x3, 0x10000, 0x6, 0xffff}, 0x3951, 0x0, 0x1, 0x1, 0x2, 0x3}, {{@in=@loopback, 0x4d2}, 0xa, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0x3505, 0x3, 0x1, 0x7f, 0x5, 0xfffffffb, 0x9}}, 0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000380)={{{@in6=@private0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6}}, 0xfffffffffffffffd) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000500)={'sit0\x00', &(0x7f0000000480)={'syztnl2\x00', r1, 0x2d, 0xf9, 0x8, 0x1ff, 0x30, @private2, @private2, 0x80, 0x7820, 0x5, 0x8}}) getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000540)={'nat\x00', 0x0, 0x0, 0x0, [0x6, 0x2bbd8e34, 0x80000000, 0x800, 0x81, 0xec57462]}, &(0x7f00000005c0)=0x78) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000600), 0x100, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x37, &(0x7f0000000640)=@routing={0x6c, 0x12, 0x2, 0x20, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @private1, @dev={0xfe, 0x80, '\x00', 0x36}, @empty, @mcast2, @mcast1, @dev={0xfe, 0x80, '\x00', 0x37}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, 0x98) r3 = dup(r2) sendmmsg$inet6(r3, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000700)="fa7363a8577c935d1812deba9448539e0da801ed5da823d0739118fa1ed66747574e7d301fdc3c123cab652059c94279fd897e8411585c7395723ea6a9b72df1ff75a7f275183684b95ef00c4b630da2f1ec3bac1a3cb0a0330b60f4b4171354c1b9810bfe5a720c08ee5bccd925a83565274e368725e6a866bb8a56beb1006b6356995a15b7eee9e8f018ca7195020400", 0x91}, {&(0x7f00000007c0)="7b0ff10a95cd7c5432a1ec1db4eb149b64b77e66742af5475c83a59f7b5bac6232b38ddaf1bfcd70c5f18fbdb7cb070b96fda984622ba5ce6a53597dd6feace33c079c9df1d1a8440a73e865ea6d9b42dd70f26491088b4d08ef7dd373e6877db812a2fee873996ddf09098568874f95206c64119ca9199f6a7efd8b4fa52dc60fb7b83174cf933008c8", 0x8a}, {&(0x7f0000000880)="c7a51908f8fb5f095808c5ed29bd470041f7b2799c5aba702ee1c4e6e5001339d4cbf978391041d08f1c26c4c661f739fff7ace58dc6", 0x36}], 0x3}}], 0x1, 0x8) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r3, 0x89f7, &(0x7f00000009c0)={'sit0\x00', &(0x7f0000000940)={'syztnl0\x00', r1, 0x2f, 0x0, 0x5, 0x1f, 0x47, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, 0x20, 0x7808, 0x0, 0x14}}) ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000a00)={@local, 0x16, r4}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) sendto(r5, &(0x7f0000000a40)="033968afb01e504f7e5b708000e314cbca1ac2f5fa7750532935bd6843d14db47f7c86d3053925bc5ef1934ce432283ba25c807ee7dbcae2b3b5520994bf02471a8fc3e00c3b4b789fdc2c7299ec1066562626a6366b48fbe87d0a2a5b7684793f68a7c5c256813f1017f0e3", 0x6c, 0x20000040, 0x0, 0x0) setxattr(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00)=@random={'system.', 'nat\x00'}, &(0x7f0000000b40)='\xff\xff', 0x2, 0x0) setsockopt$inet6_mreq(r3, 0x29, 0x14, &(0x7f0000000b80)={@mcast2}, 0x14) socket$inet6_udplite(0xa, 0x2, 0x88) recvfrom$inet(r2, &(0x7f0000000bc0)=""/127, 0x7f, 0x40000120, &(0x7f0000000c40)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000cc0)={{{@in, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private0}, 0x0, @in=@empty}}, &(0x7f0000000dc0)=0xe8) sendto$packet(r2, &(0x7f0000000c80)="405697250884ca5fc1095d90f54e5fa1ed67a4603641db2d5f370bc81ee1217a61c3963f7117fc5718d5cd662f84c57a74a3cd04a5829026", 0x38, 0x24004051, &(0x7f0000000e00)={0x11, 0x9, r6, 0x1, 0x6}, 0x14) 08:12:36 executing program 7: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'veth0_to_team\x00'}, 0x18) r0 = syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x3, 0x5, &(0x7f0000000380)=[{&(0x7f00000000c0)="b25ed628ec3ef3886cec99365a1ea46fb8cdff9c34b9cbf452a5f4ac6d6e38761f295b30eccdae784f448d5f97166fe8664a1fd31d97", 0x36, 0x7fff}, {&(0x7f0000000100)="cfbd106874ce1947cd8fcfb12a405c7981f5e5124ce20e8bca324fd0b90d5221052ec4ac954d7ef7994906810a5f2df77a02f176848a4fe2e556458e44a458908c2746252c237ca4eb41445b8e34eea8d5454a", 0x53, 0xffffffff}, {&(0x7f0000000180)="c255e3f313642f05c5966520b313394f138a4e840ddb03059b49b647eb7c5979a8601a7b586604e0974b94116650be67c83ef155b0aee63c91e372ffc875c261c2a439872bbc4877216ccac787ccd65523a27eab0fea78c2045753033260a04cfdf10553e5867a710bbaeff3e5f61124c4c5f0ff8e1ee78200e6f4169467e7a7088224f071d8e40c592b309b85cb806ef1d699f7f543ce3b674aa3fbf1d929f3b4d98bc16661017f98a9b078fff422cd6b5fbd654426aa12fb2b302b5be10e48f30a1c83e3188d286f1493c9c64284e7e2b8e2b029e10e0ae6a03a0a21375f2602d9", 0xe2, 0x1}, {&(0x7f0000000280)="1119fd91bc8275157cb5a4b4033ea51452d5ee0e40d61a3361bf2b8d27faed1f6c698b65cb3640a32c92085ae963", 0x2e, 0x6}, {&(0x7f00000002c0)="10b1aed2b277cfad887e576de5657770300b5659b7e4e9923039e0d8d3ce61bbd94a133107d89a881877d21ad61784eab1114ef8bc65a2ae28fa98319e399b20d70f2808880f395b6315e2d8375da1c2a68b7946833dc302cfd1d19fb8a2951867785d7e7d44613d168b73465698b6c6279af73287ad07cc02fe671f091d06b08ba9a69b0ec2", 0x86, 0x6}], 0x400, &(0x7f0000000400)={[{'veth0_to_team\x00'}, {'^\xf3'}, {'-'}], [{@dont_hash}, {@smackfsdef={'smackfsdef', 0x3d, 'veth0_to_team\x00'}}]}) fcntl$addseals(r0, 0x409, 0x0) rmdir(&(0x7f0000000440)='./file0\x00') move_mount(r0, &(0x7f0000000480)='./file0\x00', r0, &(0x7f00000004c0)='./file0\x00', 0x30) setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000500), 0x4) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000540)={0x1, 0x8000}) r1 = socket$inet6(0xa, 0xa, 0x2) fstatfs(r1, &(0x7f0000000580)=""/9) llistxattr(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)=""/175, 0xaf) faccessat(r0, &(0x7f00000006c0)='./file0\x00', 0x20) rmdir(&(0x7f0000000700)='./file0\x00') getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000740)={@remote}, &(0x7f0000000780)=0x14) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000007c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) connect$inet6(r2, &(0x7f0000000800)={0xa, 0x4e23, 0x3, @mcast2, 0xdc26}, 0x1c) r3 = accept$packet(r2, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000880)=0x14) ioctl$sock_TIOCOUTQ(r3, 0x5411, &(0x7f00000008c0)) setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f0000000900)={0x8, {{0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00', 0x4}}, {{0xa, 0x1000, 0x2, @remote}}}, 0x108) getgroups(0x4, &(0x7f0000000b00)=[0x0, 0xee01, 0xee01, 0xee01]) mount$9p_xen(&(0x7f0000000a40), &(0x7f0000000a80)='./file1\x00', &(0x7f0000000ac0), 0x10000, &(0x7f0000000e00)={'trans=xen,', {[{@mmap}, {@cache_fscache}, {@fscache}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@fscache}, {@cache_mmap}, {@cache_none}, {@cache_none}, {@dfltuid}], [{@func={'func', 0x3d, 'FILE_CHECK'}}, {@permit_directio}, {@dont_appraise}, {@appraise}, {@subj_user={'subj_user', 0x3d, ' \x01\x00'}}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@obj_user={'obj_user', 0x3d, '\''}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}]}}) [ 70.675625] audit: type=1400 audit(1664179956.084:6): avc: denied { execmem } for pid=286 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 08:12:36 executing program 6: set_tid_address(&(0x7f0000000000)) set_tid_address(&(0x7f0000000040)) set_tid_address(&(0x7f0000000080)) set_tid_address(&(0x7f00000000c0)) set_tid_address(&(0x7f0000000100)) set_tid_address(&(0x7f0000000140)) set_tid_address(&(0x7f0000000180)) set_tid_address(&(0x7f00000001c0)) set_tid_address(&(0x7f0000000200)) set_tid_address(&(0x7f0000000240)) set_tid_address(&(0x7f0000000280)) set_tid_address(&(0x7f00000002c0)) set_tid_address(&(0x7f0000000300)) set_tid_address(&(0x7f0000000340)) set_tid_address(&(0x7f0000000380)) set_tid_address(&(0x7f00000003c0)) set_tid_address(&(0x7f0000000400)) set_tid_address(&(0x7f0000000440)) set_tid_address(&(0x7f0000000480)) set_tid_address(&(0x7f00000004c0)) 08:12:36 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r0, 0x8008f512, &(0x7f0000000000)) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000002240)='/sys/module/nfsv4', 0x440002, 0x10) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000002280)={0x1, [0x3a, 0x100], 0xa4a}, 0x10) r2 = memfd_secret(0x0) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f00000022c0)={0x3, 0x6f9c, "61ce2b", 0x51}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000002300)) ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r1, 0x8983, &(0x7f0000002340)={0x1, 'veth0_to_team\x00', {}, 0x8}) syncfs(r0) r3 = syz_open_dev$mouse(&(0x7f0000002380), 0x1, 0x4000) read$snapshot(r3, &(0x7f00000023c0)=""/7, 0x7) r4 = dup(r3) write$binfmt_aout(r4, &(0x7f0000002400)={{0x107, 0x1f, 0x7, 0x2d5, 0x115, 0x3, 0x2a2}, "e5357b47ab029820bd613cce2225144872613abfd72971b7a999bd52fae98ce2547ed826af8214ccdd1cff655e5cdb16", ['\x00', '\x00']}, 0x250) r5 = open(&(0x7f0000002680)='./file0\x00', 0x84000, 0x83) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f00000027c0)=@buf={0xd1, &(0x7f00000026c0)="ba1d7b4e42d6868fba31577f73b9704b42d217293cc6463efcff274414baa9aa60d3f20cdcdcabfc34d0c687e289f68ea174d77c2edc6fd44727cef16e2522065699a7cadb1a7546d3acac89a850095909a4893431c0ba98e6aa3d619f138d8dd155d9b7357e20bc19dbaf4badd6ec93b8242158b31057068f5e899d82cbb78a2af06ef6eb5a540f1ff953dc6a2a0ec0cc8aa7d4ce0accf81838e2760a6755cf87ab10a2e300cdebff7427c4a358d9c5bb3138e254f410b03c3f1a219ee655ea63c37cd1533019081f7453cf86e2497ad9"}) ioctl$BTRFS_IOC_WAIT_SYNC(r5, 0x40089416, &(0x7f0000002800)) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r4, 0x8010671f, &(0x7f0000002940)={&(0x7f0000002840)=""/204, 0xcc}) open_tree(r5, &(0x7f0000002980)='./file0\x00', 0x9901) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000002a00)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000002ac0)={&(0x7f00000029c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002a80)={&(0x7f0000002a40)={0x30, 0x0, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x2404}, @NL80211_ATTR_BSSID={0xa}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x200400d1) 08:12:36 executing program 2: ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) r0 = perf_event_open$cgroup(&(0x7f0000000000)={0x2, 0x80, 0x65, 0x8, 0x20, 0x6, 0x0, 0x3, 0x3000, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x100, 0x1, @perf_config_ext={0xff, 0x401}, 0x1002, 0x81, 0x1, 0x1, 0x2, 0x0, 0x401, 0x0, 0x80000001, 0x0, 0x4}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x3) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x101, 0x402000) sendfile(r0, r1, 0x0, 0x10000) r2 = memfd_secret(0x80000) fsetxattr$trusted_overlay_origin(r2, &(0x7f00000000c0), &(0x7f0000000100), 0x2, 0x3) r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x3f, 0x40, 0x4, 0x1, 0x0, 0x6, 0x180, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000140), 0x3}, 0x100, 0x20, 0x8, 0x3, 0x7, 0x400, 0x307, 0x0, 0x7, 0x0, 0x5}, 0xffffffffffffffff, 0xd, r2, 0xa) r4 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xec, 0xb0, 0x71, 0x8, 0x0, 0x0, 0x10000, 0xb, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1f, 0x2, @perf_config_ext={0x7, 0x9}, 0x2040, 0x8, 0xfffffff2, 0x4, 0x3, 0x3, 0x9c43, 0x0, 0x8000, 0x0, 0x1}, 0x0, 0x0, r2, 0xa) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000280)=0x8) r5 = openat$cgroup_ro(r4, &(0x7f0000000340)='devices.list\x00', 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x3, 0x80, 0x5, 0x1, 0x8, 0x5, 0x0, 0x1, 0xc00, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351, 0x0, @perf_config_ext={0x0, 0x7ff}, 0x4005, 0x87, 0x80000000, 0x9, 0x66c0adf2, 0x5, 0x81, 0x0, 0x6, 0x0, 0x22e}, 0xffffffffffffffff, 0x6, r5, 0x1) close(r3) r6 = open_tree(r5, &(0x7f0000000440)='./file0\x00', 0x8000) ioctl$LOOP_SET_FD(r2, 0x4c00, r6) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0x400000, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) perf_event_open(&(0x7f00000006c0)={0x3, 0x80, 0x6, 0x6, 0x1, 0x5, 0x0, 0x7030, 0x1, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x800, 0x0, @perf_config_ext={0x1, 0x3}, 0x1, 0x3, 0x10001, 0x1, 0x10001, 0x4, 0x1, 0x0, 0xfffffffa, 0x0, 0x2}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x8) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000740)={{0x1, 0x1, 0x18, r3, {0xee01, 0xee01}}, './file0\x00'}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r11, 0xd000943e, &(0x7f0000000780)={r10, r9, "f6f2856921eaa5f30cb6c0ad7b36c52464ae90d976ceb232bbbcd3c250d95bb565ae5d40d772ed7e846e5700cc019bd6729739867222b9421c063913ca03b6765797a92a6e98eb9284279b35ef9d4ec178b52a81974b804aad07d9789f6a2a91ed42028c7c0b89a304f8b0697c503f0a512ed2166640128b1b04fb3e0875d4b3ffa5ea04f982e320b2fdea4094fee5429c3de885fd31e2d90bbbbfe7dee02adf97858569994f3ad638a09d7e1d6e8a4d58842c722347212db06565ae1e2a6d50c3805f5425e211e2227ed98298855470e1a7473e8702c8af78d9f6fc6989a34d72b10fe46abda483e239e12d3e8e896ba44dc84e0fac3b8fd32b4f5de14fc17e", "e9250f4628f34469eeb7acc6eba0d996a9dfc03a801fe3d44e24d9fb3d54459e4c2df0956f0c51099c43503a78fd974eb333844e4e7d687aa87edd4428fd836a6e56cccac99b4bfa0ee41c0beb73ae663b47961b5c5c36995b6fee68e9568b6c6a8e7fea71fae2a48efc4a311a4dc3245322aa0a280f2983e063c53b777f759c9db03f525a67886c8c72f66b4578bd44578f6e80106b1a709b4fe9ddca6970615dd485fff1daf0e9de0dfc2c252509786460d65e50a1c519848eda2d1eacbff7a2a60111d910160e5e48a1825f2574702e0b042fe27fbab198a681fbf113cd601b1ba9d9f8670c411c063e52b9cd2351b73e9fe43db42e0f24a83fc101fd6adc62ac7f2311c071b0f60bed6872e248a063b9cdf3d27574171430d91cbe19379ca9dc9bca3a19bcbf49293bb85fde9c94fdb1de81fc6a172c5c265f6a51633b2b9ad4ed0fb786c323748731a67d902d330798527704f73673a78a74a901ddf8188826ed8a27131de314923412cc98e765e33841b2a52dcda4f567570097c8aa04fbc610298e97672950e2ff9cae0fb9fc0fbf69816f60a19c378f286cc3dc22e7b3f07b000437065060399eaa567f93f2f9a955d0adf8b3698948388d1a672795f570e9796348522f96d5cee57e4c7ed65ee3b98d2cdd0c5416d41c5481050f7869b1ee24e1e069fa45968bc3972efb525e4cfe83e4b426f41ffd311dea3e538dea0678751cde51ad2d92328c1a862adcffa9ceacd3762620ce20783d2bf2429dc646cab016504ff7b09a854afd66607523aba54b431310b828d2cc882a11ee80feba556163364c456bebafcb0f9f2b8a3b47107ce2e3d62105c448af1dac70175817de7a6a4861252b53506049db74a2f748616daa0ae76c08ed8d726712373492d3ceb0bef6376ae745a2d0fe2f175e3780145fa6f7110fa82d262899317a2752dc8a331dba5aaf80539b13e072435e2f4a0bd85d3ad062bf4ea18801e2ecfe807993c6ca8f9d4165d37a53dbde8b7bb8a07a12898dcc32935b104564f4e91b869d3513f4b54998c70d3f61cd3e496708d731ff8ffb50054a2f74552d07905927e44bef5dd59d05011c2a5643f3b7b8edc165c917e2f7d63b08c05038d97dcc8201baa7bdea8584686fa2d7639f6270a9ca75ad2fd002e79d3195775dcac67b91cd849eb24f542cbe662585564e62a6be9d9e9316924671edaaacb1c8797b8d37ba6b213d5493cc2cf22cbb92664dd4d0260ab1f0df60755604700f7981771d7f93139b8766c9319543a6ed5103a634e57054cb1bd623939047b0f333395bb232248fcce66a1b8697dad3a3b8c66581bfa4538e2b532e0239f5fc9cf1d98acb841cd433eb7a1ee5f4f4616e20e847cf36c12b39f4983492a9bdd4111c86e28742c9c908aaf0b71d1492f8be551df0f8dbf01fa57496518028ef7a033ef026fd5783d73637964bb13ee9d9cad4c1f98a027cb4f9e7103f264e3aa944be6b89ac28d73ac81169128eab0aed3e9db6b0dcb03c8fe785c93f9c5884c424dc7318cc2297ee568e99cb477e28f52ca5591d25c78f506952d943742aef840fc4a9db4cac3712bb71673f73032037c738f3557b3705673f98637461eda52f58add403131a9bd620023fd61010db4e6d75d9f69bc824df56ae971ef10361ccd0fe3f83a5ef3bd2b701671b8e7e4012bf935ec396f943a171afbc8b204ae089f15029debe999e1fbed78c7959558a554678667b8214e58a7e3dd3e627d38266c880571ddaa20472e9302b031cd74b8dd34033e41a0757286f00bc005f4a3bba91f0cf4443d465233d60cf45d2d4c3035a75814e5548635b347108f90b00df71daacc0bf7a0396427f888452a4fac88e852249e7414ca2e9c356de9ca5eabc4f513287d2367ae650849cce6206aa98e6916326da20a353977e52df9f1677f27e223436b24409137fad3ff0df45905446c7027b61c90e1100299d693e7b7bc37070a1b5c0d87cf2ad25291de7dcd1907d93f71045acde8f4906f104277442a552ab383c5588684dc392a503c4dc5828e7221f60e542428ecee84948d909392bf2db390eecfa516464dec64289b812779b1c589efdafe4a34f0f9d3702cf5ec599cec7ef83fb15288111e507047b6a796fb8cb268c024af6cf8dc053bf9363883fc00c9be5173f96230ed91b42973a1ede7358555104e728f34f918ed17fc7d160f533004dd2711d9647af90eeed00614e92c3f490f53b2ecf3618bc17fb61cfd9aa0b05d1290a16ab94b40dfbb137e27ba56f2380ae27998bc41aee4f8bf6249c2481892432a47b89cf149e90ddff50bd53e42ec0b5c0be0c66be7e172d803a9804328b288aa048da1293aff7e98568020e26519270150bd932ef68ba406195b45a0610dc6744cce6d7a0bd4ca69d38d2f80555611d18b8b7156be977eeccdc38abccfaad92795549405089bbdc2970f32ace8f8a2400b9a3fd413aa4765d42cf49f05cb2174abbc4514e744812abac330ea8be8b4c20f47e2fa903f908dd374a6df74fcc7b3d1daed1f5dce23ed37648d21fd032df5ae008d3cb653b8d78c3102f9c3614eaa206e6cadc0ae827091c17d85baf8261b8fb9cd41a95b7c16f672aceeae0ce32faad1800621bd9ef47efa21addef1fd8803385ab50b46d46ecf2736b74b46655134bd6eb935fc0234ef97f11a6cfde6d95ffaffbd70ea990bd702b6914a3a8c34c033d95eb102312f50ebfbb4e1acd752c8a0b30f03054e1a6d5ba3496f9880c56658f7601526e64d947261780e03080bbdc4b38b63fd3c3981b5a072eb89a6a309766f6064a2e084212a43b272ec3bba4797fe7a98e0437a09ae094e08e680616addecd1b29177507dad5c75a360990a794c2b55676e88bb8fe586b4afd47f499e38724336ddf5130c55969cedd910f0a0c05f819cee51b69c55281e10cca8443bebfce15541e4e0513df69ce9ae5f88ef2168402deda46eda3ebdfc8deab988a390d81db1f11223bde1ff6f576e31929ca3bd85321ae3d7786afafb6c3065e6ea4415fc6934ca765cb66cbc1c5b84d7d079a677a65df88f4afefb312f3a2508a2c465e8bc5fba9f20b03ee5ea499e3f21c395552020c84e2cfb8cac01f43d88bd71ec03eebe18cc3217a2a5817a7afa5e12aa96450dd6489756ca8a1a513d5fb45ab5fd6471dd313566e3e35ef6e5b293dfd24741e77ae42db17d7c74fb864037f8b1397a17889a0a3a907e672ff7d12efe0ce35d56a790abc34dcd7379e4d5c8d6b6273a21c85c38bf65dc1ab1b5fac50f9f30eaa5bac2e687025647b6f0b64534c5681d5ab0e8c5df021106b30cb3ee7bc0109bacb7b91d45cd0c580b130b4524465f84af185f220b1949e532bcb8d0969b684d527ef59854c1645c1f22036d89c31b5365f82b4bf59cf7fe9a2603f77770cc40220c46a76fb0302d5b05b5464d27672628ce9a50c874a6394555b4c260061f442876b111ddaedcf2cd794910a1c9b712bf1537485e995b9dff7c40b10826e74ab31ce7f378defdebe6cbbfb7ccdbe0925742b5e088712777f12a9d5ab40836d80d7db443fc083e2ddb2ba5e66d2e93497316dbc019665f194c5e4ee0fb07c43ec821e5e5bd83f016f7e55e3a265e120a43a44c031d3b5bc08b75a2aa7c522a24665b5a01e9225165c164bf61247003e3cb39dbed2a4985328361485e43bf5e4850c4ca96df1d0af797246791db4d72b2030d256669cb707ce1058c476089adbe0d6a9834b8cfc91e548c4ae142d9d23642658b4b3ee1af4d7d0fc2d3cd0b5ff9a51c94806403adb4a6ee61ffe458d61e35026d84adfc99de7ce3e4e6be8d4554ca8798c91ec50290e2ddf955aa8dc800664c24a3013cf63b246005ecde370bd206868da2434a059c03e66694c704901c152979ae6034eb4960ceac295e44723e9ae69db4ebc9a061ad09dd51b09cc48692acae6472e1e277cc1a4d697bc24ec411c133c74cb5684356c50bc0dcfee6725794640d8853056a81f24370e4cca32fd09c3ba2dd9745bcfddb39fd5079b69bf19790b0f5dc71484b73f88f437bb1eb6ebf579d5a96be80c8c3a9311f7d2965c0facef5275d842aff6843659ebeaac959a3b8e8b4274eea51c6de630d97b3df76599347aa94ea8ac45f515a7073c487f1055c125d8529664e335507992528aaba9de26382751a60c15accedb004e482c5fe1fb351ba4494f18829192d0e01f46d19a993e258ba354d9bae8fe102cb1a7f5be489747599155d37cd8fafe98a61da21c2833f3b389fb217ddde059354b2286bc0d95e9052365f2604f940c57a9afd2537662991f2e5b751dc3d67dfe0ed0d53be7c134fd4bfe1053aff3332d4fde949198260a85367bfa77613e7c449999f3f87ecdc763eec3631aa104cc56f0a72967cb423f51f46d79b25ee058751c419b5db9cb923fa5c73e16a65bdd6b535023a8f60f3a9affadf07b4a438d3bbf197b6d07c7917647c004d9279c3b0c8ee6d95b6c6241ff7da6ff4615ab537cc2a2ad06b7c79fbfaabff83b085ca74578fb1dcf2765bd2c7acd78681a8b6f77d897f7534c1809d7ca18528ec983b22b6f78feb54897ec227359a8dcf9992dabc1f5f055e6263ab671ec1987cf169c3491d8ffaa7136b13b31625200b9a9b0fe33f7e6eb22686ecffef7e2407c236eba189c485e07ec5e86ecf1a340cb376861a351285fe463b2c22d5c3b0a776cb2fe0573931f6bfa9198b091ff6f209263f14eb8476fb5cdc6644674e263c4d1887d06eb318ddf811b7cfafaae25af854cf03f9e1104b688dc456bc40b4ece68aca1df460b81a4e7e9babb676b15ad637fcaad70635f1dc266bfd06cfdac881a31f5603860bb468cf7e81e66e43ce873666e0998a9948846d69ccf5a599f1c1d47bc3bdb1cb816158fb44362fe812f3f18c6fb64f096a5d1d0a63807070b79125e06d4e743e7a5c1f04b86c19d88e8b56d5fc009b38c418b0cdac78fc78e0dd2156aa3268f25cf8f74e263b6e12f2fd652e4b3a12dc0cf4a89479f1498a27a4cfc3ba9ddd60d244aba14db13a3b01c7c72b6e7777e43932291a8d6057435d39c1888a875ecc29d0aee561707162309879864a6fb31dbb6b25422ed830ed86a1f2b090ef0d46fa3a8804f6067f2c0431e06d3a08ca83e23c8863fe2ec5bfdbabcddf59f12f288674fa70ba1e1e2ce244c66bb72b481f242d9e535b8ccbb1a09e191cfa84201fc8528489d3acae35eeb045ecb8f5431de890ef0e5ac81808541b4ca571633ff75d6c897cb0a480db77f759263fed739d583a854347b8278a5dc0dab6c161f0ce7a5df6ccf532982524f064d1d204f554bae3737380b8b9bc42524c1fc469a6420ef838b8981c7d6dc39604fd70d502d47ec6f4f1ea25cf1e98bd71ccbdfd07054268d770414177cb3"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f0000067500)={0x2, [{}, {}, {r13}, {}, {0x0, r10}, {r8, r10}, {0x0, r12}, {r13, r10}, {r13}, {r13, r12}, {0x0, r12}, {0x0, r12}, {r13, r10}, {r8}, {0x0, r12}, {}, {r9, r10}, {r13}, {r8, r10}, {r13, r10}, {}, {r13}, {r8, r12}, {0x0, r10}, {0x0, r10}, {}, {r8, r10}, {r9}, {0x0, r10}, {r13, r10}, {r8}, {r8}, {0x0, r12}, {r13, r10}, {r9, r10}, {r8, r10}, {r8}, {0x0, r10}, {}, {r13, r10}, {r9}, {r8, r10}, {r9, r12}, {0x0, r12}, {r9, r12}, {r13}, {}, {r9, r12}, {0x0, r12}, {r9, r12}, {0x0, r12}, {0x0, r10}, {0x0, r10}, {r8, r12}, {r8}, {r8, r12}, {0x0, r10}, {r13}, {r13}, {r9, r10}, {r8, r10}, {r13}, {r9}, {0x0, r12}, {r13}, {0x0, r12}, {r13}, {}, {r13, r12}, {}, {0x0, r12}, {}, {}, {0x0, r12}, {0x0, r12}, {0x0, r10}, {r9, r12}, {r13, r10}, {r13, r10}, {r9, r12}, {0x0, r10}, {0x0, r12}, {r8}, {r9}, {0x0, r10}, {}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {0x0, r12}, {r13}, {0x0, r10}, {r8}, {r13}, {r8, r10}, {}, {0x0, r12}, {0x0, r12}, {r9}, {r8, r12}, {r13, r12}, {r9, r10}, {r13}, {r8, r10}, {r9}, {r8, r12}, {r9}, {0x0, r12}, {r9, r10}, {r8, r12}, {r9}, {}, {r13, r10}, {r9, r12}, {r9, r10}, {}, {r13, r10}, {0x0, r10}, {}, {0x0, r10}, {r8, r12}, {0x0, r12}, {r8}, {r13, r10}, {r9}, {r8, r10}, {r13}, {r8, r10}, {0x0, r10}, {r13, r10}, {}, {r13}, {r13, r12}, {r13}, {0x0, r12}, {r8, r10}, {r8}, {}, {r13}, {0x0, r10}, {r13, r12}, {r9, r10}, {0x0, r12}, {r8, r12}, {r8}, {}, {r8}, {r9}, {0x0, r12}, {0x0, r12}, {r13, r12}, {0x0, r10}, {r9}, {0x0, r12}, {r8}, {r9, r12}, {r9, r10}, {}, {0x0, r12}, {}, {r8}, {r13}, {r8}, {r13}, {r9}, {r8, r12}, {r9, r12}, {r8, r12}, {r9, r12}, {r9, r10}, {0x0, r12}, {r9, r10}, {r9, r12}, {r13}, {r9, r10}, {r13, r12}, {r9, r12}, {0x0, r12}, {r13, r10}, {r13}, {0x0, r12}, {r13, r10}, {0x0, r10}, {r13, r12}, {r13, r10}, {0x0, r12}, {}, {r13, r12}, {0x0, r10}, {0x0, r10}, {}, {r8, r12}, {0x0, r10}, {}, {r13, r10}, {r9, r12}, {}, {0x0, r10}, {r8}, {r13}, {r8, r10}, {r13, r10}, {r8, r10}, {r8}, {r13, r10}, {}, {0x0, r12}, {}, {0x0, r12}, {r8}, {r13}, {0x0, r10}, {0x0, r10}, {r8}, {0x0, r10}, {r8, r12}, {r9, r12}, {r8, r12}, {r9}, {}, {0x0, r12}, {r8, r10}, {r8}, {r13}, {0x0, r10}, {r13, r10}, {r13, r10}, {0x0, r12}, {r8, r12}, {0x0, r12}, {}, {r9, r12}, {r13, r12}, {r8, r12}, {r8}, {r13, r12}, {0x0, r10}, {}, {}, {0x0, r12}, {0x0, r12}, {0x0, r12}, {r9}, {r13}, {r9, r12}, {}, {r8, r12}, {r13}, {r9, r10}, {r8, r10}, {r9, r10}, {}, {}, {r13}, {r13, r10}], 0x2, "2e5aa83555ee3e"}) [ 71.901512] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.904628] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.905978] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.909165] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.910854] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.913203] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.917741] Bluetooth: hci0: HCI_REQ-0x0c1a [ 71.959459] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.961324] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.963082] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.964374] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.965902] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.967215] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.977109] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.987068] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.992179] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.993544] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 71.995748] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.000710] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.027098] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.031119] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.031324] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.032972] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.035265] Bluetooth: hci3: HCI_REQ-0x0c1a [ 72.045677] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.060591] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.062120] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.066118] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.067520] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.069158] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.071313] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.072165] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.075948] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.077460] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.078142] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.080564] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.084371] Bluetooth: hci4: HCI_REQ-0x0c1a [ 72.089302] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.091485] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.098120] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.099268] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.102230] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.108119] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.112285] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.116187] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.122244] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 72.122266] Bluetooth: hci5: HCI_REQ-0x0c1a [ 72.156072] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.168734] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.218663] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.228172] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.230767] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.289071] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.301131] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 72.308739] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.326934] Bluetooth: hci7: HCI_REQ-0x0c1a [ 73.928201] Bluetooth: hci0: command 0x0409 tx timeout [ 74.056245] Bluetooth: hci3: command 0x0409 tx timeout [ 74.056967] Bluetooth: hci1: command 0x0409 tx timeout [ 74.119871] Bluetooth: hci6: command 0x0409 tx timeout [ 74.120931] Bluetooth: hci4: command 0x0409 tx timeout [ 74.183894] Bluetooth: hci5: command 0x0409 tx timeout [ 74.184861] Bluetooth: hci2: command 0x0409 tx timeout [ 74.439886] Bluetooth: hci7: command 0x0409 tx timeout [ 75.975952] Bluetooth: hci0: command 0x041b tx timeout [ 76.103986] Bluetooth: hci1: command 0x041b tx timeout [ 76.104500] Bluetooth: hci3: command 0x041b tx timeout [ 76.167926] Bluetooth: hci4: command 0x041b tx timeout [ 76.168375] Bluetooth: hci6: command 0x041b tx timeout [ 76.231881] Bluetooth: hci2: command 0x041b tx timeout [ 76.232336] Bluetooth: hci5: command 0x041b tx timeout [ 76.487861] Bluetooth: hci7: command 0x041b tx timeout [ 78.023930] Bluetooth: hci0: command 0x040f tx timeout [ 78.151951] Bluetooth: hci3: command 0x040f tx timeout [ 78.152431] Bluetooth: hci1: command 0x040f tx timeout [ 78.215873] Bluetooth: hci6: command 0x040f tx timeout [ 78.216350] Bluetooth: hci4: command 0x040f tx timeout [ 78.279910] Bluetooth: hci5: command 0x040f tx timeout [ 78.280362] Bluetooth: hci2: command 0x040f tx timeout [ 78.535926] Bluetooth: hci7: command 0x040f tx timeout [ 80.072051] Bluetooth: hci0: command 0x0419 tx timeout [ 80.200017] Bluetooth: hci1: command 0x0419 tx timeout [ 80.200895] Bluetooth: hci3: command 0x0419 tx timeout [ 80.263926] Bluetooth: hci4: command 0x0419 tx timeout [ 80.264702] Bluetooth: hci6: command 0x0419 tx timeout [ 80.327905] Bluetooth: hci2: command 0x0419 tx timeout [ 80.328711] Bluetooth: hci5: command 0x0419 tx timeout [ 80.583989] Bluetooth: hci7: command 0x0419 tx timeout 08:13:31 executing program 4: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x11) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, 0x7, 0x1, 0x201}, 0x14}}, 0x0) 08:13:31 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000b80)) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0xa8420, &(0x7f0000000940)={'trans=unix,', {[{@cache_fscache}, {@access_client}, {@access_any}, {@access_uid={'access', 0x3d, 0xee01}}, {@privport}, {@dfltgid={'dfltgid', 0x3d, r1}}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@obj_user={'obj_user', 0x3d, 'environ\x00'}}, {@subj_role={'subj_role', 0x3d, 'environ\x00'}}, {@euid_eq={'euid', 0x3d, r2}}, {@measure}]}}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000100)="698e47f530eedc0ac4a44b633fc540035d", 0x11, 0x3}, {&(0x7f0000000140)="0b892a0734487e2dd6e74aed39", 0xd, 0x6}], 0x292000, &(0x7f0000000200)={[{@gid={'gid', 0x3d, r1}}, {@mode={'mode', 0x3d, 0x5}}, {@uid={'uid', 0x3d, 0xee00}}, {@huge_within_size}, {@gid={'gid', 0x3d, r3}}], [{@dont_hash}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}]}) [ 126.717677] FAT-fs (loop4): bogus number of reserved sectors [ 126.719054] FAT-fs (loop4): Can't find a valid FAT filesystem 08:13:32 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x75, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0x9}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x125c02, 0x0) fallocate(r0, 0x20, 0x0, 0x2) r1 = openat$incfs(r0, &(0x7f0000000380)='.log\x00', 0x101002, 0x11) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xa, 0x12, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') r3 = socket$unix(0x1, 0x5, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32, @ANYBLOB="001405000000000500070000080000000600005f3b7d36eff900000000"], 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_KEY(r4, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x1) ioctl$sock_TIOCINQ(r4, 0x541b, &(0x7f0000000040)) close(r3) read$hiddev(r2, &(0x7f0000000040)=""/169, 0x200000e9) r6 = fork() syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, &(0x7f0000000000), &(0x7f0000000200)=0x4) ptrace$setopts(0x4206, r6, 0x0, 0x0) ptrace$setopts(0x4206, r6, 0x0, 0x44) [ 126.996157] audit: type=1400 audit(1664180012.405:7): avc: denied { open } for pid=3608 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.998994] audit: type=1400 audit(1664180012.405:8): avc: denied { kernel } for pid=3608 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 127.032257] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 127.123783] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. 08:13:32 executing program 4: r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) openat$cgroup(r0, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) preadv2(r0, &(0x7f0000000440)=[{&(0x7f0000000200)=""/49, 0x31}, {&(0x7f00000003c0)=""/77, 0x4d}], 0x2, 0x1, 0x6, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000240)) ioctl$RTC_WIE_ON(r0, 0x700f) syz_io_uring_setup(0x5e2a, &(0x7f0000000000)={0x0, 0x9748}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000004, 0x11, r1, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000280)=0x1) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000004, 0x30, r1, 0xee6f5000) r2 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8ba}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48001}, 0x4008005) 08:13:33 executing program 4: r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) openat$cgroup(r0, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) preadv2(r0, &(0x7f0000000440)=[{&(0x7f0000000200)=""/49, 0x31}, {&(0x7f00000003c0)=""/77, 0x4d}], 0x2, 0x1, 0x6, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000240)) ioctl$RTC_WIE_ON(r0, 0x700f) syz_io_uring_setup(0x5e2a, &(0x7f0000000000)={0x0, 0x9748}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000004, 0x11, r1, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000280)=0x1) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000004, 0x30, r1, 0xee6f5000) r2 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8ba}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48001}, 0x4008005) 08:13:33 executing program 4: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, 0x0) mkdirat$cgroup(r1, &(0x7f0000000000)='syz0\x00', 0x1ff) close(r0) r2 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x6, &(0x7f0000000540)=[{&(0x7f0000000140)="87c6f63e1ea96d63a0974690ada69535de0a706f46241008ce841fd0a284578c239017a0fb6c09bd19926aef35de0371cbaa1846d68b5a65067f629fc4fc832191992c66a6f31f85f2d1a86601eb0afbcc7833ddf64b3d78243f0a2ebfe9dad9c0fb6e6b67592acfa228c6fd3009f96ebd07178c2e0fa961af94838f235b24da4a2c9ce4e1cc1fa9c4f120fa86b6185ce18208e45f00e90a199e93e3f81c5e665168ed3f6c9b8888ef0fb644435c8bedd6f93918c94c049ec8ffb587ee21dead0e26581cfdbc6292ee9d9bcf94d209d2cdec006d", 0xd4}, {&(0x7f0000000240)="952d154d320062da188f9c90409180745fd690577cd1e2675f5126cd1cb73bf5bced1c4a1543a5819538b8d0a718aa87ca4f731c52c28285635f0c2f831d281e38", 0x41, 0x8000}, {&(0x7f00000002c0), 0x0, 0x2}, {&(0x7f0000000300)="58620833173d661955d2654d74a5fd0d27c1d2695e8d4f414aaf4ace153fb7678735ed797077a865b347ebb65c3b04eeeec1556dbb6410f6f51ebf2a66b2c3b5be770895f1c3f8d3e54ee736f75700615d14728cf8ac2ec556aba24495cd0371e41f11beb65b0d237ad48ed432970f6839dcede7a9531667d42f8563aa2d30daae29f121841a1e6a405cf01ebf1410211bfd3146c21ad36be94d924d962ea793e40056213fa2852a7777556210aa39b44d7c4e1f2c5b59b56d6c63db4232f15f57", 0xc1, 0x2}, {&(0x7f0000000400)="4d54675ec4ef77dc953ab7801e915b15c97aab402ac7298948c7a531db9b632a527fcb0800812bb08bff902545bea91f3c908206614915d456cbc7d949185549cbd95b6dfbc4db90c529423c1d10f5e75bdf7f36687e2dd03ae528f762498e03339efbf96c4b44e8b0a509743f67b6c70f20ab8c4ea3ccb19483f634772b", 0x7e, 0x400}, {&(0x7f0000000480)="663a16042b260864f440ee0c00c96246353f60863d3710f20551b010a9c3f76cc76d6840a358e3c1b417995a80a5dafe115343d7ba60dc310db211a8a9a2b45cefc48803b11cf38686c46b2c92478611402a146cee4ed9a6027a93ae42e219becaee08daa14edb8767f796211a5430a5c06a66d830a2353fb9b657767d79d516ea7cb5", 0x83, 0x7}], 0x10001, &(0x7f0000000600)={[{'syz0\x00'}], [{@mask={'mask', 0x3d, 'MAY_READ'}}]}) openat(r2, &(0x7f0000000640)='./file0\x00', 0x400100, 0x3) [ 127.980101] ------------[ cut here ]------------ [ 127.980624] WARNING: CPU: 0 PID: 3666 at kernel/events/core.c:2233 event_filter_match+0x422/0x660 [ 127.981288] Modules linked in: [ 127.981532] CPU: 0 PID: 3666 Comm: modprobe Not tainted 6.0.0-rc6-next-20220923 #1 [ 127.982028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 127.982772] RIP: 0010:event_filter_match+0x422/0x660 [ 127.983205] Code: 00 00 00 e9 7c fc ff ff e8 1b 1e f1 ff 65 8b 2d e0 88 ad 7e 31 ff 89 ee e8 bb 1a f1 ff 85 ed 0f 84 ef 00 00 00 e8 fe 1d f1 ff <0f> 0b eb 9f e8 c5 80 23 00 e9 17 fc ff ff e8 eb 1d f1 ff 48 8d 7b [ 127.985957] RSP: 0018:ffff88806ce09c70 EFLAGS: 00010046 [ 127.986477] RAX: 0000000080010003 RBX: ffff88803f610000 RCX: 0000000000000000 [ 127.987148] RDX: ffff888010058000 RSI: ffffffff8154ecf2 RDI: 0000000000000005 [ 127.987845] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000001 [ 127.988504] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88803f610220 [ 127.989181] R13: 0000000000000000 R14: ffff88803f6100a8 R15: ffff88803f610220 [ 127.989870] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 127.990663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.991243] CR2: 00007fe2631c21f0 CR3: 0000000017c1e000 CR4: 0000000000350ef0 [ 127.991942] Call Trace: [ 127.992184] [ 127.992395] merge_sched_in+0x107/0x1110 [ 127.992806] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 127.993425] ? merge_sched_in+0x1110/0x1110 [ 127.993856] ? lock_is_held_type+0xd7/0x130 [ 127.994273] ctx_sched_in+0x2e6/0x770 [ 127.994658] ? lock_acquire+0x1b2/0x530 [ 127.995038] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 127.995641] ? lock_is_held_type+0xd7/0x130 [ 127.996052] perf_event_sched_in+0x75/0x80 [ 127.996469] ctx_resched+0x1ce/0x390 [ 127.996850] __perf_install_in_context+0x285/0x9c0 [ 127.997325] ? ctx_resched+0x390/0x390 [ 127.997692] remote_function+0x125/0x1b0 [ 127.998106] __flush_smp_call_function_queue+0x1df/0x5a0 [ 127.998619] ? perf_duration_warn+0x40/0x40 [ 127.999027] __sysvec_call_function_single+0x92/0x3a0 [ 127.999548] sysvec_call_function_single+0x89/0xc0 [ 128.000004] [ 128.000232] [ 128.000448] asm_sysvec_call_function_single+0x16/0x20 [ 128.000964] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x60 [ 128.001544] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 ca 0b 03 fd 48 89 ef e8 32 81 03 fd 80 e7 02 74 06 e8 a8 d5 25 fd fb bf 01 00 00 00 3d 2b f9 fc 65 8b 05 e6 61 db 7b 85 c0 74 07 5b 5d e9 9b 2e 39 [ 128.003289] RSP: 0018:ffff88803f5f7550 EFLAGS: 00000206 [ 128.003811] RAX: 0000000000002241 RBX: 0000000000000292 RCX: ffffffff81297aaf [ 128.004492] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 128.005163] RBP: ffff888007c4e900 R08: 0000000000000001 R09: ffffffff86ccf7ef [ 128.005846] R10: fffffbfff0d99efd R11: 0000000000000001 R12: ffff88801a34c510 [ 128.006535] R13: ffff888007c4f780 R14: ffff888007c4e900 R15: ffff888017654360 [ 128.007238] ? mark_lock.part.0+0xef/0x2f70 [ 128.007673] get_partial_node.part.0+0x1e5/0x3a0 [ 128.008120] ? mark_held_locks+0x9e/0xe0 [ 128.008520] ? ___slab_alloc+0x327/0x10c0 [ 128.008938] ? ___slab_alloc+0x327/0x10c0 [ 128.009367] ___slab_alloc+0xb57/0x10c0 [ 128.009745] ? __create_object+0x3d/0xc10 [ 128.010158] ? lock_release+0x3b2/0x750 [ 128.010528] ? kmem_cache_alloc+0x43/0x3e0 [ 128.010962] ? lock_is_held_type+0xd7/0x130 [ 128.011364] ? __create_object+0x3d/0xc10 [ 128.011775] __slab_alloc.constprop.0+0x45/0x90 [ 128.012247] ? __create_object+0x3d/0xc10 [ 128.012659] kmem_cache_alloc+0x2f1/0x3e0 [ 128.013085] __create_object+0x3d/0xc10 [ 128.013494] ? kasan_set_track+0x21/0x30 [ 128.013883] kmem_cache_alloc_bulk+0x3fe/0x7a0 [ 128.014351] mas_alloc_nodes+0x2ff/0x800 [ 128.014738] ? find_vma+0x10c/0x1b0 [ 128.015115] mas_preallocate+0x1bb/0x360 [ 128.015499] __vma_adjust+0x18a/0x1aa0 [ 128.015891] ? vm_area_alloc+0x100/0x100 [ 128.016314] ? vma_expand+0xb50/0xb50 [ 128.016677] ? anon_vma_clone+0x3b8/0x560 [ 128.017075] ? mas_find+0x209/0xdd0 [ 128.017468] __split_vma+0x4c3/0x5d0 [ 128.017825] ? mas_preallocate+0x15f/0x360 [ 128.018251] do_mas_align_munmap.constprop.0+0x62d/0x1000 [ 128.018779] ? __split_vma+0x5d0/0x5d0 [ 128.019183] ? mas_walk+0x48a/0x670 [ 128.019530] ? mas_find+0x209/0xdd0 [ 128.019904] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.020398] do_mas_munmap+0x1e8/0x2b0 [ 128.020799] mmap_region+0x21c/0x1a00 [ 128.021205] ? lock_release+0x750/0x750 [ 128.021582] ? inode_has_perm+0x171/0x1d0 [ 128.022003] ? do_munmap+0x100/0x100 [ 128.022363] ? security_mmap_addr+0x79/0xa0 [ 128.022793] ? get_unmapped_area+0x1e5/0x3e0 [ 128.023208] do_mmap+0x828/0xf40 [ 128.023573] vm_mmap_pgoff+0x1af/0x270 [ 128.023945] ? randomize_page+0xb0/0xb0 [ 128.024360] ksys_mmap_pgoff+0x3d0/0x4f0 [ 128.024774] do_syscall_64+0x3b/0x90 [ 128.025130] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.026074] RIP: 0033:0x7fe2631e2d82 [ 128.026713] Code: eb aa 66 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 33 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 56 5b 5d c3 0f 1f 00 c7 05 ae 03 01 00 16 00 [ 128.029706] RSP: 002b:00007ffe8ab6d938 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 128.030961] RAX: ffffffffffffffda RBX: 0000000000000812 RCX: 00007fe2631e2d82 [ 128.032145] RDX: 0000000000000001 RSI: 0000000000005000 RDI: 00007fe262cd5000 [ 128.033349] RBP: 00007fe262cd5000 R08: 0000000000000000 R09: 0000000000017000 [ 128.034520] R10: 0000000000000812 R11: 0000000000000206 R12: 00007fe2631c1f20 [ 128.035713] R13: 00007ffe8ab6d950 R14: 00007ffe8ab6d9b0 R15: 00007ffe8ab6dd40 [ 128.036890] [ 128.037335] irq event stamp: 8770 [ 128.037905] hardirqs last enabled at (8769): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 128.039435] hardirqs last disabled at (8770): [] sysvec_call_function_single+0xb/0xc0 [ 128.040955] softirqs last enabled at (7238): [] __irq_exit_rcu+0x11b/0x180 [ 128.042294] softirqs last disabled at (7233): [] __irq_exit_rcu+0x11b/0x180 [ 128.043569] ---[ end trace 0000000000000000 ]--- [ 128.044336] ------------[ cut here ]------------ [ 128.045031] WARNING: CPU: 0 PID: 3666 at kernel/events/core.c:2557 merge_sched_in+0xadb/0x1110 [ 128.046331] Modules linked in: [ 128.046822] CPU: 0 PID: 3666 Comm: modprobe Tainted: G W 6.0.0-rc6-next-20220923 #1 [ 128.048156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.049798] RIP: 0010:merge_sched_in+0xadb/0x1110 [ 128.050527] Code: ff ff e8 c8 1a ef ff 65 8b 05 8d 85 ab 7e 31 ff 89 c6 89 04 24 e8 65 17 ef ff 8b 04 24 85 c0 0f 84 13 02 00 00 e8 a5 1a ef ff <0f> 0b e9 c4 fb ff ff e8 99 1a ef ff 4c 89 e8 48 05 18 01 00 00 e9 [ 128.053206] RSP: 0018:ffff88806ce09cb0 EFLAGS: 00010046 [ 128.054007] RAX: 0000000080010003 RBX: ffff88806ce3d140 RCX: 0000000000000000 [ 128.055049] RDX: ffff888010058000 RSI: ffffffff8156f04b RDI: 0000000000000005 [ 128.056124] RBP: ffff88803f610000 R08: 0000000000000005 R09: 0000000000000001 [ 128.057174] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88806ce3d140 [ 128.058217] R13: ffff88806ce00000 R14: ffff88803f6100a8 R15: ffff88803f610220 [ 128.059276] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 128.060441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.061330] CR2: 00007fe2631c21f0 CR3: 0000000017c1e000 CR4: 0000000000350ef0 [ 128.062388] Call Trace: [ 128.062779] [ 128.063132] visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0 [ 128.064046] ? merge_sched_in+0x1110/0x1110 [ 128.064698] ? lock_is_held_type+0xd7/0x130 [ 128.065388] ctx_sched_in+0x2e6/0x770 [ 128.065974] ? lock_acquire+0x1b2/0x530 [ 128.066587] ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0 [ 128.067507] ? lock_is_held_type+0xd7/0x130 [ 128.068171] perf_event_sched_in+0x75/0x80 [ 128.068811] ctx_resched+0x1ce/0x390 [ 128.069398] __perf_install_in_context+0x285/0x9c0 [ 128.070143] ? ctx_resched+0x390/0x390 [ 128.070733] remote_function+0x125/0x1b0 [ 128.071369] __flush_smp_call_function_queue+0x1df/0x5a0 [ 128.072188] ? perf_duration_warn+0x40/0x40 [ 128.072857] __sysvec_call_function_single+0x92/0x3a0 [ 128.073664] sysvec_call_function_single+0x89/0xc0 [ 128.074413] [ 128.074762] [ 128.075112] asm_sysvec_call_function_single+0x16/0x20 [ 128.075917] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x60 [ 128.076742] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 ca 0b 03 fd 48 89 ef e8 32 81 03 fd 80 e7 02 74 06 e8 a8 d5 25 fd fb bf 01 00 00 00 3d 2b f9 fc 65 8b 05 e6 61 db 7b 85 c0 74 07 5b 5d e9 9b 2e 39 [ 128.079426] RSP: 0018:ffff88803f5f7550 EFLAGS: 00000206 [ 128.080238] RAX: 0000000000002241 RBX: 0000000000000292 RCX: ffffffff81297aaf [ 128.081305] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 128.082371] RBP: ffff888007c4e900 R08: 0000000000000001 R09: ffffffff86ccf7ef [ 128.083412] R10: fffffbfff0d99efd R11: 0000000000000001 R12: ffff88801a34c510 [ 128.084470] R13: ffff888007c4f780 R14: ffff888007c4e900 R15: ffff888017654360 [ 128.085570] ? mark_lock.part.0+0xef/0x2f70 [ 128.086259] get_partial_node.part.0+0x1e5/0x3a0 [ 128.086989] ? mark_held_locks+0x9e/0xe0 [ 128.087632] ? ___slab_alloc+0x327/0x10c0 [ 128.088280] ? ___slab_alloc+0x327/0x10c0 [ 128.088936] ___slab_alloc+0xb57/0x10c0 [ 128.089579] ? __create_object+0x3d/0xc10 [ 128.090226] ? lock_release+0x3b2/0x750 [ 128.090843] ? kmem_cache_alloc+0x43/0x3e0 [ 128.091512] ? lock_is_held_type+0xd7/0x130 [ 128.092186] ? __create_object+0x3d/0xc10 [ 128.092819] __slab_alloc.constprop.0+0x45/0x90 [ 128.093547] ? __create_object+0x3d/0xc10 [ 128.094180] kmem_cache_alloc+0x2f1/0x3e0 [ 128.094828] __create_object+0x3d/0xc10 [ 128.095438] ? kasan_set_track+0x21/0x30 [ 128.096077] kmem_cache_alloc_bulk+0x3fe/0x7a0 [ 128.096798] mas_alloc_nodes+0x2ff/0x800 [ 128.097433] ? find_vma+0x10c/0x1b0 [ 128.098007] mas_preallocate+0x1bb/0x360 [ 128.098633] __vma_adjust+0x18a/0x1aa0 [ 128.099243] ? vm_area_alloc+0x100/0x100 [ 128.099893] ? vma_expand+0xb50/0xb50 [ 128.100487] ? anon_vma_clone+0x3b8/0x560 [ 128.101123] ? mas_find+0x209/0xdd0 [ 128.101717] __split_vma+0x4c3/0x5d0 [ 128.102304] ? mas_preallocate+0x15f/0x360 [ 128.102961] do_mas_align_munmap.constprop.0+0x62d/0x1000 [ 128.103809] ? __split_vma+0x5d0/0x5d0 [ 128.104415] ? mas_walk+0x48a/0x670 [ 128.104997] ? mas_find+0x209/0xdd0 [ 128.105597] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.106397] do_mas_munmap+0x1e8/0x2b0 [ 128.107016] mmap_region+0x21c/0x1a00 [ 128.107611] ? lock_release+0x750/0x750 [ 128.108225] ? inode_has_perm+0x171/0x1d0 [ 128.108864] ? do_munmap+0x100/0x100 [ 128.109470] ? security_mmap_addr+0x79/0xa0 [ 128.110139] ? get_unmapped_area+0x1e5/0x3e0 [ 128.110831] do_mmap+0x828/0xf40 [ 128.111379] vm_mmap_pgoff+0x1af/0x270 [ 128.111984] ? randomize_page+0xb0/0xb0 [ 128.112569] ksys_mmap_pgoff+0x3d0/0x4f0 [ 128.113216] do_syscall_64+0x3b/0x90 [ 128.113815] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.114592] RIP: 0033:0x7fe2631e2d82 [ 128.115158] Code: eb aa 66 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 33 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 56 5b 5d c3 0f 1f 00 c7 05 ae 03 01 00 16 00 [ 128.117917] RSP: 002b:00007ffe8ab6d938 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 128.119082] RAX: ffffffffffffffda RBX: 0000000000000812 RCX: 00007fe2631e2d82 [ 128.120154] RDX: 0000000000000001 RSI: 0000000000005000 RDI: 00007fe262cd5000 [ 128.121202] RBP: 00007fe262cd5000 R08: 0000000000000000 R09: 0000000000017000 [ 128.122252] R10: 0000000000000812 R11: 0000000000000206 R12: 00007fe2631c1f20 [ 128.123330] R13: 00007ffe8ab6d950 R14: 00007ffe8ab6d9b0 R15: 00007ffe8ab6dd40 [ 128.124436] [ 128.124806] irq event stamp: 8770 [ 128.125313] hardirqs last enabled at (8769): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 128.126689] hardirqs last disabled at (8770): [] sysvec_call_function_single+0xb/0xc0 [ 128.128126] softirqs last enabled at (7238): [] __irq_exit_rcu+0x11b/0x180 [ 128.129434] softirqs last disabled at (7233): [] __irq_exit_rcu+0x11b/0x180 [ 128.130748] ---[ end trace 0000000000000000 ]--- [ 128.491879] loop4: detected capacity change from 0 to 128 [ 128.506287] nfs: Unknown parameter 'syz0' [ 128.526682] loop4: detected capacity change from 0 to 128 [ 128.541210] nfs: Unknown parameter 'syz0' 08:13:34 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x501c, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000700)={0x0, 0x573c, 0x4, 0x3, 0x309, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() syz_io_uring_setup(0xf95, &(0x7f00000004c0)={0x0, 0x23d1, 0x20, 0x3, 0x316, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), &(0x7f0000000580)) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x82bf, 0x20, 0x1, 0x1f}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000480), &(0x7f00000006c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) ftruncate(r1, 0xfffffffffffffff7) openat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x100000, 0x95) close(0xffffffffffffffff) syz_io_uring_setup(0xaaf, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000380)) finit_module(r0, &(0x7f00000005c0)='\x00', 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0xb447604bfb64757e) syz_io_uring_setup(0x6546, &(0x7f00000031c0)={0x0, 0x0, 0x41}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1, 0xff}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) [ 128.784698] ------------[ cut here ]------------ [ 128.784733] [ 128.784738] ====================================================== [ 128.784745] WARNING: possible circular locking dependency detected [ 128.784752] 6.0.0-rc6-next-20220923 #1 Tainted: G W [ 128.784765] ------------------------------------------------------ [ 128.784771] syz-executor.4/3692 is trying to acquire lock: [ 128.784782] ffffffff853faaf8 ((console_sem).lock){-...}-{2:2}, at: down_trylock+0xe/0x70 [ 128.784853] [ 128.784853] but task is already holding lock: [ 128.784858] ffff88803ebf2020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.784908] [ 128.784908] which lock already depends on the new lock. [ 128.784908] [ 128.784914] [ 128.784914] the existing dependency chain (in reverse order) is: [ 128.784920] [ 128.784920] -> #3 (&ctx->lock){....}-{2:2}: [ 128.784945] _raw_spin_lock+0x2a/0x40 [ 128.784979] __perf_event_task_sched_out+0x53b/0x18d0 [ 128.785002] __schedule+0xedd/0x2470 [ 128.785027] schedule+0xda/0x1b0 [ 128.785050] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.785071] syscall_exit_to_user_mode+0x19/0x40 [ 128.785094] do_syscall_64+0x48/0x90 [ 128.785124] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.785146] [ 128.785146] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 128.785171] _raw_spin_lock_nested+0x30/0x40 [ 128.785228] raw_spin_rq_lock_nested+0x1e/0x30 [ 128.785251] task_fork_fair+0x63/0x4d0 [ 128.785281] sched_cgroup_fork+0x3d0/0x540 [ 128.785306] copy_process+0x4183/0x6e20 [ 128.785325] kernel_clone+0xe7/0x890 [ 128.785343] user_mode_thread+0xad/0xf0 [ 128.785361] rest_init+0x24/0x250 [ 128.785382] arch_call_rest_init+0xf/0x14 [ 128.785413] start_kernel+0x4c1/0x4e6 [ 128.785440] secondary_startup_64_no_verify+0xe0/0xeb [ 128.785466] [ 128.785466] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 128.785490] _raw_spin_lock_irqsave+0x39/0x60 [ 128.785524] try_to_wake_up+0xab/0x1930 [ 128.785548] up+0x75/0xb0 [ 128.785573] __up_console_sem+0x6e/0x80 [ 128.785601] console_unlock+0x46a/0x590 [ 128.785629] vt_ioctl+0x2822/0x2ca0 [ 128.785652] tty_ioctl+0x7c4/0x1700 [ 128.785674] __x64_sys_ioctl+0x19a/0x210 [ 128.785701] do_syscall_64+0x3b/0x90 [ 128.785731] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.785753] [ 128.785753] -> #0 ((console_sem).lock){-...}-{2:2}: [ 128.785778] __lock_acquire+0x2a02/0x5e70 [ 128.785808] lock_acquire+0x1a2/0x530 [ 128.785836] _raw_spin_lock_irqsave+0x39/0x60 [ 128.785870] down_trylock+0xe/0x70 [ 128.785896] __down_trylock_console_sem+0x3b/0xd0 [ 128.785925] vprintk_emit+0x16b/0x560 [ 128.785955] vprintk+0x84/0xa0 [ 128.785983] _printk+0xba/0xf1 [ 128.786003] report_bug.cold+0x72/0xab [ 128.786032] handle_bug+0x3c/0x70 [ 128.786061] exc_invalid_op+0x14/0x50 [ 128.786091] asm_exc_invalid_op+0x16/0x20 [ 128.786112] group_sched_out.part.0+0x2c7/0x460 [ 128.786132] ctx_sched_out+0x8f1/0xc10 [ 128.786150] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.786172] __schedule+0xedd/0x2470 [ 128.786196] schedule+0xda/0x1b0 [ 128.786220] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.786239] syscall_exit_to_user_mode+0x19/0x40 [ 128.786261] do_syscall_64+0x48/0x90 [ 128.786290] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.786313] [ 128.786313] other info that might help us debug this: [ 128.786313] [ 128.786317] Chain exists of: [ 128.786317] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 128.786317] [ 128.786344] Possible unsafe locking scenario: [ 128.786344] [ 128.786349] CPU0 CPU1 [ 128.786353] ---- ---- [ 128.786357] lock(&ctx->lock); [ 128.786367] lock(&rq->__lock); [ 128.786379] lock(&ctx->lock); [ 128.786390] lock((console_sem).lock); [ 128.786401] [ 128.786401] *** DEADLOCK *** [ 128.786401] [ 128.786404] 2 locks held by syz-executor.4/3692: [ 128.786416] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 128.786469] #1: ffff88803ebf2020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.786520] [ 128.786520] stack backtrace: [ 128.786525] CPU: 0 PID: 3692 Comm: syz-executor.4 Tainted: G W 6.0.0-rc6-next-20220923 #1 [ 128.786549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.786564] Call Trace: [ 128.786569] [ 128.786577] dump_stack_lvl+0x8b/0xb3 [ 128.786609] check_noncircular+0x263/0x2e0 [ 128.786639] ? format_decode+0x26c/0xb50 [ 128.786668] ? print_circular_bug+0x450/0x450 [ 128.786699] ? enable_ptr_key_workfn+0x20/0x20 [ 128.786728] ? perf_swevent_event+0x6c/0x550 [ 128.786762] ? format_decode+0x26c/0xb50 [ 128.786793] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 128.786826] __lock_acquire+0x2a02/0x5e70 [ 128.786865] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.786906] lock_acquire+0x1a2/0x530 [ 128.786936] ? down_trylock+0xe/0x70 [ 128.786967] ? lock_release+0x750/0x750 [ 128.787005] ? vprintk+0x84/0xa0 [ 128.787037] _raw_spin_lock_irqsave+0x39/0x60 [ 128.787072] ? down_trylock+0xe/0x70 [ 128.787101] down_trylock+0xe/0x70 [ 128.787129] ? vprintk+0x84/0xa0 [ 128.787159] __down_trylock_console_sem+0x3b/0xd0 [ 128.787191] vprintk_emit+0x16b/0x560 [ 128.787225] vprintk+0x84/0xa0 [ 128.787257] _printk+0xba/0xf1 [ 128.787277] ? record_print_text.cold+0x16/0x16 [ 128.787306] ? report_bug.cold+0x66/0xab [ 128.787338] ? group_sched_out.part.0+0x2c7/0x460 [ 128.787359] report_bug.cold+0x72/0xab [ 128.787393] handle_bug+0x3c/0x70 [ 128.787424] exc_invalid_op+0x14/0x50 [ 128.787456] asm_exc_invalid_op+0x16/0x20 [ 128.787478] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.787503] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.787524] RSP: 0018:ffff888020187c48 EFLAGS: 00010006 [ 128.787540] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.787554] RDX: ffff88803db10000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 128.787569] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001 [ 128.787582] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88803ebf2000 [ 128.787596] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 128.787616] ? group_sched_out.part.0+0x2c7/0x460 [ 128.787641] ? group_sched_out.part.0+0x2c7/0x460 [ 128.787665] ctx_sched_out+0x8f1/0xc10 [ 128.787689] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.787717] ? lock_is_held_type+0xd7/0x130 [ 128.787742] ? __perf_cgroup_move+0x160/0x160 [ 128.787764] ? set_next_entity+0x304/0x550 [ 128.787796] ? update_curr+0x267/0x740 [ 128.787830] ? lock_is_held_type+0xd7/0x130 [ 128.787854] __schedule+0xedd/0x2470 [ 128.787885] ? io_schedule_timeout+0x150/0x150 [ 128.787914] ? trace_rcu_dyntick+0x1a7/0x250 [ 128.787952] schedule+0xda/0x1b0 [ 128.787979] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.788001] syscall_exit_to_user_mode+0x19/0x40 [ 128.788025] do_syscall_64+0x48/0x90 [ 128.788057] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.788080] RIP: 0033:0x7f023e5b0b19 [ 128.788095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.788115] RSP: 002b:00007f023bb26218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.788135] RAX: 0000000000000001 RBX: 00007f023e6c3f68 RCX: 00007f023e5b0b19 [ 128.788149] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f023e6c3f6c [ 128.788162] RBP: 00007f023e6c3f60 R08: 000000000000000e R09: 0000000000000000 [ 128.788176] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f023e6c3f6c [ 128.788189] R13: 00007ffe454e1c2f R14: 00007f023bb26300 R15: 0000000000022000 [ 128.788212] [ 128.886714] WARNING: CPU: 0 PID: 3692 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 128.888063] Modules linked in: [ 128.888544] CPU: 0 PID: 3692 Comm: syz-executor.4 Tainted: G W 6.0.0-rc6-next-20220923 #1 [ 128.889942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.891570] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.892366] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.895044] RSP: 0018:ffff888020187c48 EFLAGS: 00010006 [ 128.895813] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.896851] RDX: ffff88803db10000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 128.897905] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001 [ 128.898955] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88803ebf2000 [ 128.900000] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 128.901047] FS: 00007f023bb26700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 128.902235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.903085] CR2: 00007fd6e1629368 CR3: 000000003e882000 CR4: 0000000000350ef0 [ 128.904140] Call Trace: [ 128.904525] [ 128.904868] ctx_sched_out+0x8f1/0xc10 [ 128.905471] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.906226] ? lock_is_held_type+0xd7/0x130 [ 128.906857] ? __perf_cgroup_move+0x160/0x160 [ 128.907521] ? set_next_entity+0x304/0x550 [ 128.908162] ? update_curr+0x267/0x740 [ 128.908754] ? lock_is_held_type+0xd7/0x130 [ 128.909391] __schedule+0xedd/0x2470 [ 128.909950] ? io_schedule_timeout+0x150/0x150 [ 128.910637] ? trace_rcu_dyntick+0x1a7/0x250 [ 128.911305] schedule+0xda/0x1b0 [ 128.911825] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.912554] syscall_exit_to_user_mode+0x19/0x40 [ 128.913272] do_syscall_64+0x48/0x90 [ 128.913845] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.914599] RIP: 0033:0x7f023e5b0b19 [ 128.915151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.917810] RSP: 002b:00007f023bb26218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.918928] RAX: 0000000000000001 RBX: 00007f023e6c3f68 RCX: 00007f023e5b0b19 [ 128.919973] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f023e6c3f6c [ 128.921026] RBP: 00007f023e6c3f60 R08: 000000000000000e R09: 0000000000000000 [ 128.922080] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f023e6c3f6c [ 128.923127] R13: 00007ffe454e1c2f R14: 00007f023bb26300 R15: 0000000000022000 [ 128.924174] [ 128.924522] irq event stamp: 374 [ 128.925017] hardirqs last enabled at (373): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 128.926385] hardirqs last disabled at (374): [] __schedule+0x1225/0x2470 [ 128.927589] softirqs last enabled at (210): [] __irq_exit_rcu+0x11b/0x180 [ 128.928830] softirqs last disabled at (201): [] __irq_exit_rcu+0x11b/0x180 [ 128.930078] ---[ end trace 0000000000000000 ]--- 08:13:35 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x501c, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000700)={0x0, 0x573c, 0x4, 0x3, 0x309, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)) getpid() syz_io_uring_setup(0xf95, &(0x7f00000004c0)={0x0, 0x23d1, 0x20, 0x3, 0x316, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), &(0x7f0000000580)) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x82bf, 0x20, 0x1, 0x1f}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000480), &(0x7f00000006c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) ftruncate(r1, 0xfffffffffffffff7) openat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x100000, 0x95) close(0xffffffffffffffff) syz_io_uring_setup(0xaaf, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000380)) finit_module(r0, &(0x7f00000005c0)='\x00', 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0xb447604bfb64757e) syz_io_uring_setup(0x6546, &(0x7f00000031c0)={0x0, 0x0, 0x41}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1, 0xff}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) [ 131.064848] syz-executor.0 (297) used greatest stack depth: 24480 bytes left [ 133.217092] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 133.218590] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 133.221421] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 133.224745] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 133.226434] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 133.228956] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 133.232759] Bluetooth: hci1: HCI_REQ-0x0c1a [ 133.324081] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 133.324104] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 133.340109] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 133.340299] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 133.344508] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 133.347577] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 133.350028] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 133.351379] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 133.355795] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 133.356903] Bluetooth: hci2: HCI_REQ-0x0c1a [ 133.357111] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 133.362097] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 133.378385] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 133.379740] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 133.381572] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 133.382378] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 133.382957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 133.384473] Bluetooth: hci3: HCI_REQ-0x0c1a [ 133.391092] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 133.391718] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 133.400650] Bluetooth: hci6: HCI_REQ-0x0c1a [ 135.239873] Bluetooth: hci1: command 0x0409 tx timeout [ 135.367853] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 135.367945] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 135.368329] Bluetooth: hci2: command 0x0409 tx timeout [ 135.431851] Bluetooth: hci3: command 0x0409 tx timeout [ 135.431885] Bluetooth: hci6: command 0x0409 tx timeout [ 137.287875] Bluetooth: hci1: command 0x041b tx timeout [ 137.415891] Bluetooth: hci2: command 0x041b tx timeout [ 137.479897] Bluetooth: hci3: command 0x041b tx timeout [ 137.480692] Bluetooth: hci6: command 0x041b tx timeout [ 137.942031] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 137.947912] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 137.948522] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 137.949587] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 137.950407] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 137.951576] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 137.953527] Bluetooth: hci5: HCI_REQ-0x0c1a VM DIAGNOSIS: 08:13:33 Registers: info registers vcpu 0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88806ce09598 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000061 R11=0000000000000001 R12=0000000000000061 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe2631c21f0 CR3=0000000017c1e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000001e5ff RBX=1ffff11007ec4f84 RCX=ffffc900007c7000 RDX=0000000000040000 RSI=ffffffff813bb2f3 RDI=0000000000000005 RBP=ffff88803f627cc8 RSP=ffff88803f627c00 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000200 RIP=ffffffff813bb2f5 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f023bb26700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f78d66f6c50 CR3=000000003e882000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000