Warning: Permanently added '[localhost]:29866' (ECDSA) to the list of known hosts. 2022/10/02 02:43:45 fuzzer started 2022/10/02 02:43:45 dialing manager at localhost:35095 syzkaller login: [ 37.711070] cgroup: Unknown subsys name 'net' [ 37.803722] cgroup: Unknown subsys name 'rlimit' 2022/10/02 02:43:58 syscalls: 2215 2022/10/02 02:43:58 code coverage: enabled 2022/10/02 02:43:58 comparison tracing: enabled 2022/10/02 02:43:58 extra coverage: enabled 2022/10/02 02:43:58 setuid sandbox: enabled 2022/10/02 02:43:58 namespace sandbox: enabled 2022/10/02 02:43:58 Android sandbox: enabled 2022/10/02 02:43:58 fault injection: enabled 2022/10/02 02:43:58 leak checking: enabled 2022/10/02 02:43:58 net packet injection: enabled 2022/10/02 02:43:58 net device setup: enabled 2022/10/02 02:43:58 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 02:43:58 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 02:43:58 USB emulation: enabled 2022/10/02 02:43:58 hci packet injection: enabled 2022/10/02 02:43:58 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 02:43:58 802.15.4 emulation: enabled 2022/10/02 02:43:58 fetching corpus: 50, signal 29035/30810 (executing program) 2022/10/02 02:43:59 fetching corpus: 100, signal 40491/43902 (executing program) 2022/10/02 02:43:59 fetching corpus: 150, signal 46728/51704 (executing program) 2022/10/02 02:43:59 fetching corpus: 200, signal 54700/61092 (executing program) 2022/10/02 02:43:59 fetching corpus: 250, signal 61006/68707 (executing program) 2022/10/02 02:43:59 fetching corpus: 300, signal 64226/73324 (executing program) 2022/10/02 02:43:59 fetching corpus: 350, signal 67317/77741 (executing program) 2022/10/02 02:43:59 fetching corpus: 400, signal 71959/83616 (executing program) 2022/10/02 02:43:59 fetching corpus: 450, signal 77691/90402 (executing program) 2022/10/02 02:44:00 fetching corpus: 500, signal 81627/95488 (executing program) 2022/10/02 02:44:00 fetching corpus: 550, signal 84150/99166 (executing program) 2022/10/02 02:44:00 fetching corpus: 600, signal 86561/102703 (executing program) 2022/10/02 02:44:00 fetching corpus: 650, signal 89999/107146 (executing program) 2022/10/02 02:44:00 fetching corpus: 700, signal 91679/109937 (executing program) 2022/10/02 02:44:00 fetching corpus: 750, signal 93525/112886 (executing program) 2022/10/02 02:44:00 fetching corpus: 800, signal 95941/116325 (executing program) 2022/10/02 02:44:00 fetching corpus: 850, signal 98358/119699 (executing program) 2022/10/02 02:44:00 fetching corpus: 900, signal 101285/123525 (executing program) 2022/10/02 02:44:01 fetching corpus: 950, signal 102954/126149 (executing program) 2022/10/02 02:44:01 fetching corpus: 1000, signal 104197/128413 (executing program) 2022/10/02 02:44:01 fetching corpus: 1050, signal 106362/131395 (executing program) 2022/10/02 02:44:01 fetching corpus: 1100, signal 108059/134001 (executing program) 2022/10/02 02:44:01 fetching corpus: 1150, signal 109585/136483 (executing program) 2022/10/02 02:44:01 fetching corpus: 1200, signal 111805/139473 (executing program) 2022/10/02 02:44:01 fetching corpus: 1250, signal 114772/143004 (executing program) 2022/10/02 02:44:01 fetching corpus: 1300, signal 116631/145600 (executing program) 2022/10/02 02:44:02 fetching corpus: 1350, signal 120329/149603 (executing program) 2022/10/02 02:44:02 fetching corpus: 1400, signal 122675/152483 (executing program) 2022/10/02 02:44:02 fetching corpus: 1450, signal 123479/154192 (executing program) 2022/10/02 02:44:02 fetching corpus: 1500, signal 124855/156281 (executing program) 2022/10/02 02:44:02 fetching corpus: 1550, signal 125837/158116 (executing program) 2022/10/02 02:44:02 fetching corpus: 1600, signal 128162/160881 (executing program) 2022/10/02 02:44:02 fetching corpus: 1650, signal 129829/163129 (executing program) 2022/10/02 02:44:02 fetching corpus: 1700, signal 130685/164771 (executing program) 2022/10/02 02:44:02 fetching corpus: 1750, signal 131860/166646 (executing program) 2022/10/02 02:44:03 fetching corpus: 1800, signal 133698/168971 (executing program) 2022/10/02 02:44:03 fetching corpus: 1850, signal 134573/170541 (executing program) 2022/10/02 02:44:03 fetching corpus: 1900, signal 135503/172175 (executing program) 2022/10/02 02:44:03 fetching corpus: 1950, signal 136555/173873 (executing program) 2022/10/02 02:44:03 fetching corpus: 2000, signal 138965/176463 (executing program) 2022/10/02 02:44:03 fetching corpus: 2050, signal 139847/177997 (executing program) 2022/10/02 02:44:03 fetching corpus: 2100, signal 142856/181015 (executing program) 2022/10/02 02:44:03 fetching corpus: 2150, signal 143747/182517 (executing program) 2022/10/02 02:44:03 fetching corpus: 2200, signal 144981/184228 (executing program) 2022/10/02 02:44:04 fetching corpus: 2250, signal 145809/185610 (executing program) 2022/10/02 02:44:04 fetching corpus: 2300, signal 146399/186877 (executing program) 2022/10/02 02:44:04 fetching corpus: 2350, signal 147326/188405 (executing program) 2022/10/02 02:44:04 fetching corpus: 2400, signal 148688/190138 (executing program) 2022/10/02 02:44:04 fetching corpus: 2450, signal 149845/191718 (executing program) 2022/10/02 02:44:04 fetching corpus: 2500, signal 152684/194346 (executing program) 2022/10/02 02:44:04 fetching corpus: 2550, signal 153697/195773 (executing program) 2022/10/02 02:44:05 fetching corpus: 2600, signal 154457/197025 (executing program) 2022/10/02 02:44:05 fetching corpus: 2650, signal 156012/198787 (executing program) 2022/10/02 02:44:05 fetching corpus: 2700, signal 156697/200016 (executing program) 2022/10/02 02:44:05 fetching corpus: 2750, signal 157838/201457 (executing program) 2022/10/02 02:44:05 fetching corpus: 2800, signal 158339/202584 (executing program) 2022/10/02 02:44:05 fetching corpus: 2850, signal 159170/203849 (executing program) 2022/10/02 02:44:05 fetching corpus: 2900, signal 159872/205110 (executing program) 2022/10/02 02:44:05 fetching corpus: 2950, signal 160821/206508 (executing program) 2022/10/02 02:44:05 fetching corpus: 3000, signal 161545/207698 (executing program) 2022/10/02 02:44:06 fetching corpus: 3050, signal 162350/208954 (executing program) 2022/10/02 02:44:06 fetching corpus: 3100, signal 163346/210251 (executing program) 2022/10/02 02:44:06 fetching corpus: 3150, signal 164263/211473 (executing program) 2022/10/02 02:44:06 fetching corpus: 3200, signal 165392/212797 (executing program) 2022/10/02 02:44:06 fetching corpus: 3250, signal 166459/214115 (executing program) 2022/10/02 02:44:06 fetching corpus: 3300, signal 167655/215424 (executing program) 2022/10/02 02:44:06 fetching corpus: 3350, signal 168460/216519 (executing program) 2022/10/02 02:44:06 fetching corpus: 3400, signal 169725/217813 (executing program) 2022/10/02 02:44:07 fetching corpus: 3450, signal 170413/218852 (executing program) 2022/10/02 02:44:07 fetching corpus: 3500, signal 171542/220054 (executing program) 2022/10/02 02:44:07 fetching corpus: 3550, signal 172521/221199 (executing program) 2022/10/02 02:44:07 fetching corpus: 3600, signal 173627/222426 (executing program) 2022/10/02 02:44:07 fetching corpus: 3650, signal 175025/223684 (executing program) 2022/10/02 02:44:07 fetching corpus: 3700, signal 175917/224732 (executing program) 2022/10/02 02:44:07 fetching corpus: 3750, signal 176426/225617 (executing program) 2022/10/02 02:44:07 fetching corpus: 3800, signal 177293/226634 (executing program) 2022/10/02 02:44:08 fetching corpus: 3850, signal 178698/227910 (executing program) 2022/10/02 02:44:08 fetching corpus: 3900, signal 179910/229068 (executing program) 2022/10/02 02:44:08 fetching corpus: 3950, signal 180414/229962 (executing program) 2022/10/02 02:44:08 fetching corpus: 4000, signal 181187/230879 (executing program) 2022/10/02 02:44:08 fetching corpus: 4050, signal 182136/231876 (executing program) 2022/10/02 02:44:08 fetching corpus: 4100, signal 183059/232834 (executing program) 2022/10/02 02:44:08 fetching corpus: 4150, signal 183804/233736 (executing program) 2022/10/02 02:44:08 fetching corpus: 4200, signal 184822/234696 (executing program) 2022/10/02 02:44:09 fetching corpus: 4250, signal 185586/235553 (executing program) 2022/10/02 02:44:09 fetching corpus: 4300, signal 186034/236299 (executing program) 2022/10/02 02:44:09 fetching corpus: 4350, signal 186958/237150 (executing program) 2022/10/02 02:44:09 fetching corpus: 4400, signal 187600/237933 (executing program) 2022/10/02 02:44:09 fetching corpus: 4450, signal 188361/238713 (executing program) 2022/10/02 02:44:09 fetching corpus: 4500, signal 188781/239431 (executing program) 2022/10/02 02:44:09 fetching corpus: 4550, signal 189606/240255 (executing program) 2022/10/02 02:44:09 fetching corpus: 4600, signal 190378/241049 (executing program) 2022/10/02 02:44:10 fetching corpus: 4650, signal 191002/241757 (executing program) 2022/10/02 02:44:10 fetching corpus: 4700, signal 191990/242605 (executing program) 2022/10/02 02:44:10 fetching corpus: 4750, signal 193401/243509 (executing program) 2022/10/02 02:44:10 fetching corpus: 4800, signal 193943/244185 (executing program) 2022/10/02 02:44:10 fetching corpus: 4850, signal 194560/244837 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/245376 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/245915 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/246424 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/246946 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/247428 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/247944 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/248422 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/248929 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/249433 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/249927 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/250440 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/250972 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/251493 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/252011 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/252534 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/253060 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/253605 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/254128 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/254606 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/255109 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/255635 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/256163 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/256663 (executing program) 2022/10/02 02:44:10 fetching corpus: 4874, signal 194680/257158 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/257668 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/258166 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/258672 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/259149 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/259669 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/260153 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/260666 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/261151 (executing program) 2022/10/02 02:44:11 fetching corpus: 4874, signal 194680/261151 (executing program) 2022/10/02 02:44:14 starting 8 fuzzer processes 02:44:14 executing program 0: ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x6) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, 0x0, 0x580, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x2, 0x1c}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x8000) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x8) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) flistxattr(r1, &(0x7f00000001c0)=""/48, 0x30) ioctl$KDSKBLED(r0, 0x4b65, 0x4) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r2, {0xad}}, './file0\x00'}) ioctl$TCSETA(r4, 0x5406, &(0x7f0000000300)={0xed, 0xfffd, 0x3, 0x401, 0x10, "93814e523eac7896"}) mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x80020, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '/dev/ptmx\x00'}}, {@dfltgid={'dfltgid', 0x3d, 0xffffffffffffffff}}], [{@fsname={'fsname', 0x3d, '\xff\xff\xff\xff\xff\xff'}}]}}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r4, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x20, 0x0, 0x8, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x1f, 0x65}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x4004851) sendmsg$NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x14, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x804) r5 = open_tree(r4, &(0x7f0000000640)='./file0\x00', 0xc000) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_P2P_DEVICE(r5, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r6, 0x8, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8800) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000800)=0xfb) 02:44:14 executing program 1: r0 = memfd_secret(0x80000) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000000)) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x800) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5de}}, './file0\x00'}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r1, 0x50009418, &(0x7f00000000c0)={{r2}, 0x0, 0xe, @unused=[0x7fff, 0x7, 0x4, 0x5], @name="4dd7363817981dc564316b124927ec2c184648fafedc30a191dbcd2362a4e9418f890cbbc9cef9fe13e570a101797770a0533da5179cf88eac5b3c0414868d42e62ad45a77e2ab71cad0a701dbb28e834572e8b1af5ae8f8065367d77f96e7a5d5f50c57fc0e7d8ad2e0fca69c74d3811d2724d7f6623cc37d02fb4d131e30db4d854bd9488a1e3dd20020f0e661ecbf9c79f381e94c0848499400d7337b767b26189afdf6de9e827875f3c1ebf3b4816d59570da13121dba6f5f1f006e52c1799c61c215515853b670dbb1258018c46dccb00fa82114b1f1c0145e7e51719e4e610c184944096333694c9e2eaa931503a5c33a1a06e4815bf1767dfd4f495570d5e7e9985121a50b0dcdcaf2762d2fed2a6092a1f1025cb84870d66e1b72914d3cbdd7decb38908f3216b223991151c544ad6faa76cda382b2c964eccc1c8b27627d9996c877071c93aa419ebe987ed78c012ede869901bdd4b87818572f525f377b8d8681a6d157d8a419fd40e4a7e174f883f7a9bda47f55532517e6100e599716665b36be272e2fbe2f7fde0db617cb219ed6c8b1b97a7eaf44f1134c03ef662d1882a26ca00d63e7ae94d91692c7c90039a031a70112a31213ff515d56d0b37cc9a829f697895d99daf3b06ae73b26bbc6c30b720bb1c10340185bffe8ee9d298472d14d25459d0d842f5201eea317db22dbb0ec350ec756847600a81c33d197933775b97515ffa3f4f67e2cb20762355fc15c314acc643461b2b68d850b65f3b897fe02ab349f046c5a0340f24e387335195719d5af7f28d08964dabd0bfa4c6dec9b72d80343a742e2465b8cebc6c7d27399c57a7611c6ca3c47cffd4c4aff92986052ff44d485dd1a8729e0e6b3c71b6b499bcfff04baea443be50d907230a520e739aed2d65f633caf5d1a038d6177d02acf98fcd1e00f67e8b23c18b500c91d018fde6684eecd001a0b806b1df1380e3121fd0543d16fa8034363f2188e800a880a543f127d8beb4c896f3952f0ec3fcbf63e67a9127b0cd6be1fcf9fe4505f64ef4f3bc3c001b62717f9b07dc538294355c1be959a70cbe6b9b4503cb7aa80b5a903bc6e036543a158cee1c94271a6498363e4750eb463494f965e79344aa119bfe7cba82569f1cb8afb41cb759be9bcbff47b58fd82cdcb918f535a40cc8912ca5d3efc0d477b2c79ee52df346674c12cdec989b194922b9bdc62d3b05023a53ed08833dcb9406967ad27bcdd9183aabd0b37c5aaf3f89d28772d949b95e6a3da1af215c6de73558dba424dd1db2bee9acc51ac4b4c3f593a848c812708305721dc2ca7138ebe005789c829d3ef4fa6033da31efd07143f6c5ac7d6ab77c9b51289c5a95dceb08cab34d8ea9c8629c82c79b982378571fb4ad3064fb94c22edf3145e25d882491a9cc5dae13ecb19012e59bddb18b124f22b075fdd9657da85e36325a6442f49d279717d606657dc37c6bbb6de71f2b690f839726e92eaab9cd11cc17e4ff264ce207acd1a3ff756131571a8cee83db5f1b479887b4ff87d26d2058188dd1cd4cfba44972e7d1c7d6547c914858083582338adbffa626bdc2e4632ce7d8ea812beeda33e982381bc54e00b44bca59f7fddee73131b65759f9655f1aa3c21f4f7498f66af90c9a4fd0079898a1ae640335e0289b49ebbce76aeb69e0008ff2d828ae6165b44539a9205d197edf3615fc67e0d93d4b7cc7c4fa295580228fc179e3e20531e8ef216c15585018e7083920a958a4ba7099fbd6d63670f5008f57434cf155e6077c79966e286efe64e25406afb46a57aebba4bcc98df84eeac9818cb207286254105a4990c82e8a70705ec329d367b9a0be070dfd69bf5de346a6d3f4000318c634ac2a691db48c5e3e95cd912edf01aa16a9f6c3552413578c0ae64ddeb64f75db3793bd2f8909b1bf998f39e740a715ec90dd22669042717fad424b0f22a66f26c18b56f922aa7dd21e1f152553c2c72e2c49b6c4cbba36a16975b0ac9303e88b74f324f8ad14a97ceffc098c8d2b0f05d42c7b75da8859762517cad3c6558e8f5209f937d8027c1ad81492e5748ea0ba4873fd0e669dbcabcb1b93e2b2550b2595026fcbdcd1dbd2ce4a4b6b54de7aa14d8baab707727555f06f7884fdc8988e4bb9bf82fb8bb9b5524cd7f5391df877007f098beb38709ccd340b2750edf5ecb09e1dfd67293eba3ac48378b3a6cc0c8df69ab86489204d5b678ddd21f5636821a390c50458815c9dc688a23068145bf6db099a6296e9e66326765d8c8d1496c73908a8f102c4e39e5909fe54b329db58e0f1f362e36ef4b437b7d1ff17ae7a6a545a8e21fd2a91ab1752cea648909ed17b5867c53a8e7df86b021dd12566c6a38d7b0dde57a9ba7dc891f7441ab8e71247614451c5a17a493bf8add60013e1cdab80f80723e161aba84a55aec5fcb54d15ed5c64bfda679b04036d195d11d8d60dc2fdc3b26815a3c8f97b13e30b637e8e67cee58094fb2242e342d54deb14f01e93424fa920da582550a12047b35575b6a42963fc1aab8d7afa395aee62322121dd230aca6f86993515e5649c69bcb1aac8737e8ab9ff341ea688a99b96ed79a24eebd14c925a6d05c03198928f5e3ff7d900ba05e7d89fe9b7dd8838e48ef265037899c6783eed12dbe1b53a49b95391c601f6dbcb467051613260a9c48324e9a8207ed354ccb7de0b1e8a9fd5b68867bd19ec0543d1659f1755e76d7c3cc93a980df32379234a8a9ae11f7b3b0fbd66e3a02136e3b3a1cba74747baf5ef7acf77ea4e02853b0983233955ebeda3bef011113b79a28ea4f6b76cfc1eecbe40a30e1007e192f886b129572fe08b3d228dd18db8fa54d18b53748c7efc6f8056a38614e38efc83f72bcf706ee552c0406c936ecba91f46f123f916f7aed7065f6fed7d2be016f3c020606ec8faa9aba61f2f43c1c6763aa12d17c73a6fc1febe2076a544595d87497f89fb67243de3792359565d46a182c9e58abef93020db18fe79d58c73ba392477def1fa81b0e50dfbf1eeb10a634673f93a2ccfaa27f957708e2e2a3496060af3ca14d82db55279bfa20ca99e20b03444bb2c13ed08f659192dc2726d61e097ed4248bdfbc87318d2d5fba4dd0adc4ac1e8266f33120348c60fd4a2e519820daac9fbfb70954ecf6cc3dacebcf73973c0542350046657f7187e330e660a4ea5f7c55db58cbcbd3a990bd44a965e8b6489cefa7c95a72fcb9e9ab0e561b4d19a1c4bb9a737e381c8b7e7d8d9840846bff0d9a57181c6206bc1649a91ac0bcbee3b78a8dcf464241b4ccb523c0647b1f8c38d79ccd9d380b8681df2f529dc19039ba82bab46d3408c26ef5b25d9557fca2cc25f4852382e010d66a9ff7e20f9a81a87aa05ad869691bd28ddd1a71f48b41fb038e05db4d106ea1efbb92190fd7b88df9fc83867d8a420e40cb9e334ca25b17c74b06e1b2ef5c8aa73583bf98eb5f47653bea24c47ee331ae7c7594501ca4ecacb80a289bad91c4b6fc21d1cf8ef25a39e60b8ec65940fc706af6e2b89d36edc2aa4c0f3ba38778c42ad2289af187edfdec325baefbfb5326b3952376feebd4daccb32c985f7d3a6fff8c3b9a915fe6aed76b7a46495ae3ebbe6c814559d426493749c265e5140a235db5ec012c9e3292f915e2584107dd29f14343ab0c2a5a875c6c8b3a4c72a5dd333ceffce62221bbc595816f60d8af6d5ec49fb676d772827271ac729e3133bd2ea215d4dab999d30449b12799a957b31531ec4121da1317e59dcb3e5057f3a54bde79bdf68158e78338a085af1352ee0c22f5c322a924f1a0f8a3726f81ac52866166b7e4aaface398ee5295524e1e08baf9bec37440b26f84de7e64466808a65b82936a78a940c54c308796b6ca0bfd7925638ff12951724987b244d6223ef23b4675367c9e82b4585a126d79da8435e1ced2bdf4d4aaf2cccb1c1308ec77a5d89a33ce5c30050ba793a6e258ccce4adc039f046afe24da2189baed2aa582e0a1004a21ff673d600309ebf6cb141a70f2d29834d31d077933f7b61d9d8eb1e1051e83e0a787035d018385ed3dd2ffa76992596358311d97510187e294a73bdb36a11b9584b931cf5e0b9b90e1caec1557f2671c3d843f0fb20bbb7e3aff300dde5fe9b24d96490d72bd00cf32d1d1775a059993a3f58e5a52070ac1c30e2824099e495fced3bdfb61e2cac44de876ea02bb9636ab0c0ff535d11c54a2b8f81d86dbf367ddfbeab71d0b750f226e45da4d7bcb488929e2202301028d81d5c6c41e0a23de17d1c919abb05f5764ba2ff7d66f109ae8f812332373890736244edd71da5d88b16a28699518120a4722d43fff1d9bfd1d27fb86ad314e7ffea43b9068f9fb8f290e9c85930eef4ffcf2ab324fcd891e90db91e221f7c4236e5756c8927b81b1b2b2fcca9fede675d2d0f9ea343d8e719df533cf8fcb087dc1e4d1f86a233b6f61c21e934ff5651d90d26322a44bf7b8d8e84ca56c8469edd08300c7741805300066b3d06dd890cbfc0d9e4442180fac58f60b10d52561c8fa8fa4044559d4fbb5beb2e8b369fe174cb9e3146d0405b7d6f6fae515280caed888ba600c5f0841d0483d5491484ab7e91de94c3c4aed10080f7a4394d1f17b8e5cc303c2e85b335d17a216aa2c5bf4c3b0b588f47b3c4d7167ebd8a4e3d758722ae3950e41ed5a4a95dbaa217509db56542d08d7309dd1c864daad47147d587250c830c1928714a75dec48b735c8044a09a1b5b6cb88edb97b81e50c4652c5713be4e678c40306bc1290ea3c33653efef28d3797643876855da5c895bc01ee614a75d284670beba1a200db6335ad614a8f2faefb0a27a66d859d401d0ae290c213b30522ef6df71f154950ae587b3501eaf3f2990d4cd84e07dfe7c823f52d5aadefa463c5f9b7335c540d935b139f9af9360e979fbd2c2cd25603ea3a4b92bf87951ab6899a897107c558f0b1b8ed79c49e1253747c46c50f58ef5f4cc685b6192bc8ab26fd3ba6521ced0194a0234c60d31d095b7cfe29ec72f41db4ee1e02ebd4be263eda0a202f624cbb6ea82440e814e651a4779966598a117b3dcaab934f72b4e4ca977bcdb21cf7b8bd239fc7b82a16ab8cdb113d897e1049bac349d910cec0bfd9aaa0bf82942d966c9db780a133ba56895febffcf46b45ec53b9b624cd0ff12f4edeae0aec63be1a7c64811368975f0206529139c29ae0cb1b5ab06862097a8f79a50b5090b304e0c59df836e4602d2ab0dfed3b1f86a47737ce98c58b3866e1bbeff8b4ad17ed4af99c7fe549823e1f23696ac672ce3d89cd8d4836cf1a131d30e1eef4b66a5f84f58dc6522aa3966ad427272bdad32dc5a9e8971798b122a58a57dac79e0c6c8ef18c392545d6de0bbd25631b263f213625c9bb3f1641977de5632bddbd5255d1ccc3ad8e60042c32cf5b1011a157875c71d80acfb4921455ae547e1a3ae1b59c6f4b3c97d9caeffd2dba08a47f6b0c9a938b2fb8abcecff06c03928df9f293ca4ae86f98f99c23bfc271b08ab5b39106dc410e1643641fc44e3a980db79672a67a092f09055a72fafc6b54fba5b0e4f5e003999d9674b0877340c8600e5e0e4d4b6ffb5a73bd76231e553cb36ef1776a1d1cb1a6755bec7d6b2ca11639b349eacb17adc19904aeba791445c3112673ad69efb1174271d8becddd839ad438f1986fe2264b21bedac58"}) pipe2(&(0x7f00000010c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) ioctl$SG_EMULATED_HOST(r3, 0x2203, &(0x7f0000001100)) openat$nvram(0xffffffffffffff9c, &(0x7f0000001140), 0x80000, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000001180), 0x408000, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r4, 0x5) flistxattr(r2, &(0x7f00000011c0)=""/1, 0x1) close(r1) r5 = syz_open_dev$vcsu(&(0x7f0000001200), 0x69, 0x2) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x80489439, &(0x7f0000001240)) r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000012c0), 0x511000, 0x0) r7 = fcntl$getown(r6, 0x9) r8 = syz_open_procfs(r7, &(0x7f0000001300)='net/sctp\x00') openat(r8, &(0x7f0000001340)='./file0\x00', 0x406002, 0x1) ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, &(0x7f0000001380)) [ 66.313428] audit: type=1400 audit(1664678654.195:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:44:14 executing program 3: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'dummy0\x00', 0x0}) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast1, @remote, 0x1000, 0x9, 0x7, 0x400, 0x2, 0x1020104, r0}) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000000c0), 0x1000, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000100)={@ipv4={'\x00', '\xff\xff', @broadcast}, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x3, 0x6, 0x4, 0x400, 0x6, 0x400000, r0}) ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f00000001c0)={0x0, @sco, @vsock={0x28, 0x0, 0x2711, @host}, @qipcrtr={0x2a, 0x2, 0x2}, 0x7ff, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000180)='veth0_virt_wifi\x00', 0x8, 0x61d6, 0x6}) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000240)={'syztnl0\x00', r0, 0x2f, 0x2, 0x8, 0x1000, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x10, 0x7, 0x80, 0x1}}) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000300)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @loopback, 0x720, 0xfff7, 0x20, 0x400, 0x4, 0x80002, r2}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000003c0)={0x3, &(0x7f0000000380)=[{0x101, 0x1, 0x0, 0xfffff801}, {0x20, 0x9, 0x8, 0x9}, {0xee3, 0x1, 0xff, 0x9}]}, 0x10) sendmsg$IPSET_CMD_DEL(r1, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, 0xa, 0x6, 0x5, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x3f}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xfff}]}, 0x44}, 0x1, 0x0, 0x0, 0x880}, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000540)) r3 = syz_io_uring_complete(0x0) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000000580)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @private0, @mcast1, 0xfffffffa, 0x4, 0x800, 0x400, 0x7c, 0x8, r0}) r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000600), 0x1, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f0000000640)={0x0, @aes256, 0x0, @desc4}) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f0000000680)) r5 = openat$full(0xffffffffffffff9c, &(0x7f00000006c0), 0x84000, 0x0) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000000700)={@mcast1, @private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000, 0xe79e, 0x4, 0x400, 0x8, 0x83, r2}) r6 = openat$incfs(r1, &(0x7f0000000780)='.log\x00', 0x40000, 0x28) ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f00000007c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9, 0x8, 0x3, 0x100, 0x3, 0x1, r2}) ioctl$TCSETS2(r5, 0x402c542b, &(0x7f0000000840)={0x5, 0x3, 0x3, 0x0, 0x1, "b5ce85113a04dd21a04540ad3e7c098844317a", 0x8000, 0x1}) 02:44:14 executing program 6: syz_open_dev$hiddev(&(0x7f0000000000), 0x9, 0x101c80) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0) ioctl$HIDIOCGDEVINFO(r0, 0x801c4803, &(0x7f0000000080)=""/252) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) fremovexattr(r1, &(0x7f0000000200)=@known='com.apple.system.Security\x00') r3 = signalfd(r1, &(0x7f0000000240)={[0x8]}, 0x8) ioctl$INOTIFY_IOC_SETNEXTWD(r3, 0x40044900, 0x57f915e0) r4 = syz_open_dev$hiddev(&(0x7f0000000280), 0x1115a8dc, 0x10442) ioctl$HIDIOCGREPORT(r4, 0x400c4807, &(0x7f00000002c0)={0x1, 0x2, 0x80000000}) r5 = dup2(r2, r1) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7fffffff}}, './file0\x00'}) r7 = dup(r5) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0xffffffffffffffff, 0x7, r7, &(0x7f0000000340)={r6, r2, 0xeb9}) r8 = fsmount(r5, 0x0, 0x0) epoll_ctl$EPOLL_CTL_DEL(r8, 0x2, r0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r4, 0xf503, 0x0) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(0xffffffffffffffff, 0x89fa, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000380)={'ip6_vti0\x00', 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x0, @private2, @empty, 0x7, 0x7800, 0x9}}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000540)={'ip_vti0\x00', &(0x7f0000000440)={'erspan0\x00', r9, 0x8040, 0x710, 0x7, 0x8000, {{0x30, 0x4, 0x0, 0x35, 0xc0, 0x68, 0x0, 0x3, 0x29, 0x0, @rand_addr=0x64010100, @broadcast, {[@timestamp={0x44, 0x18, 0x97, 0x0, 0xe, [0x2, 0xfff, 0x1f, 0x400, 0x7fffffff]}, @noop, @noop, @cipso={0x86, 0x57, 0x2, [{0x7, 0x4, "c20e"}, {0x6, 0x9, "75af0e2f16c9ff"}, {0x5, 0xc, "abb18d27567aefa963e0"}, {0x1, 0x5, "673ebe"}, {0x6, 0xd, "795011d551ff7e5e98b784"}, {0x7, 0x11, "5faa9c7027f6ba9e24785b6ab7e0b7"}, {0x7, 0xc, "4aaa3d76b88a5e580975"}, {0x5, 0x3, 'B'}, {0x1, 0x6, '.1cg'}]}, @timestamp_addr={0x44, 0xc, 0xaf, 0x1, 0x2, [{@multicast1, 0x6}]}, @generic={0x88, 0x6, "f277b55f"}, @lsrr={0x83, 0xf, 0x80, [@dev={0xac, 0x14, 0x14, 0x3c}, @loopback, @multicast1]}, @noop, @ssrr={0x89, 0x17, 0xb5, [@dev={0xac, 0x14, 0x14, 0x13}, @multicast1, @local, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}) writev(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f0000000580)="77b55570666302bcd489864063caef4a6f04b81071e37e46db1f772b1c485568bdaa25d0b2c8f1cab1ebd04f2be530e19785f1e1d38e0bcce7c6234682733218810d85ebcb64d8d621bc8a92acbf056303e78a5cd4f5aeb1807fc32e0e67cfceb5c2ec08d80597cda736e5177c1aa0a5e30bfc34003a72d49800a207e89c6b9c7786b466201c006eb90c46760d67d39c086a4e9211ccee65708171192d21011be852a8033cbe872a52b894f0a78089e584de468be7e41a2caa358dffd84b7cc82322080fa0917c92f6be59fadce4b0c249b9573e044a72a1504c781d970aeffd22bca23fb4366059bb7c50bb2a457ec630c963ce59057605e388ad97431c67", 0xff}], 0x1) 02:44:14 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x4, 0xa, 0x801, 0x0, 0x0, {0x9, 0x0, 0x5}, [@NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0xc4) r1 = syz_open_dev$vcsu(&(0x7f0000000140), 0x6c, 0x80) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000080}, 0x24040019) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x80000000, 0x70}}}}, [@NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x7}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), r1) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r1, &(0x7f0000000640)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000440)={0x184, r2, 0x26f55ebd337dc495, 0x70bd28, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8}, {0x6, 0x16, 0x9}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x4}, {0x6, 0x16, 0x401}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x9}, {0x6, 0x16, 0x1}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x100}, {0x6, 0x16, 0x7}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0xff}, {0x6, 0x16, 0x1}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1000}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}}]}, 0x184}, 0x1, 0x0, 0x0, 0x30000000}, 0x10) sendmsg$sock(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000680)="1adad3a23cb468b7a5f6227d857cc51b5af9c1c9d7b938ec1592922c3ed5bb654250cc33d5770065cb3960ba782d4ad136c29a77a5b48970", 0x38}, {&(0x7f00000006c0)}, {&(0x7f0000000700)="cebfac804ea71a6ef4bd8677552a7a61d7aa15ed57e92b3e55d65cfa71a87d6deb72bc62cebe10d93647fe61143bae4b7ac1c1529b", 0x35}, {&(0x7f0000000740)="7c2c4ff2f0f00b6807467b06da78abb07509b8acece22716e6751804f238d41e095cfe1bd987e760feee6733682f62c9cfc626e77778b6dc387d6d24a230f81bf8afcf0d1c9f7fbf47c4eeeb0277870633f63fa329a664498dcb894f568622a751da31723700f662eeafa839a15067bbe7459f2c31fa6f938e678a96e43144276e5714e612decfb71267548424bb12c21d55435c7bb2b7812259f400b917", 0x9e}], 0x4, &(0x7f0000000840)=[@mark={{0x14, 0x1, 0x24, 0x76000}}, @mark={{0x14, 0x1, 0x24, 0x7fffffff}}, @mark={{0x14, 0x1, 0x24, 0xe8}}], 0x48}, 0xd0) sendto(r1, &(0x7f0000000900), 0x0, 0x40010, &(0x7f0000000940)=@can, 0x80) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000009c0), 0x20080, 0x0) sendmsg$AUDIT_TTY_GET(r3, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x10, 0x3f8, 0x400, 0x70bd2b, 0x25dfdbfd, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x4000) r4 = inotify_init1(0x800) ioctl$BTRFS_IOC_SNAP_DESTROY(r4, 0x5000940f, &(0x7f0000000b00)={{r3}, "6cc159922a46e971e9d97d3adc9f60e8715caf41853b2898cd711a47ffc6c8545a4206935803d66e1797baaa1f330eaaf459c56a24fafaa9254b59d519524a328c87a18580a3b640f1ef47e6468b344246ba074d464731928580b6f63a6a712cbac8cad5ac9a911768135fe326a26a90a0822a59535e6ed1ba87c0685bec610454b9ecacd4cc22640ea80614137679788a4f6bc9f0e152dc5de945b95d9d71a5f808dd83d249239b139e3cb9beeb0e70b35b953512244af992c16ababbb65b878f8169507fa7a1bb39d949416dfa72e6906af67105b658785b32af6e8396557998a48b1032c44fa9e321ae590af391f5f0d4baecc0d6bfd4d3835656e5efa8d5b2c7173987c810a69ad62ba3238a591d036b236ecdd8916432aa2b19fc453ddc14c14e9f3190a42fdf4978f5c0aa773e5e13eef275801abde42f9bace3f4511806f3749ef20c5bf9978c7fc1047c1c1af8b36e19fd377feebd5e13e9163ea72df115c723edc5067957736bb86ec271a522f96bf47c10e31ee2f263b5694949bc6ad1f4625949c05c8062c062b8c2a8494af3e51ea74460b1cb993eeb45589ee8d09f357ea7bf996443b16d69746f608ffa3c64593589cb46f4079ff6d134a4a1ce03d27d287b089ac54dfc21ed2c2f0f1ba00300ec68b3f0f961e411dc9188a4bab7dd0da61ead305ea8dd226fad02943b84f93bd7e09fd40bc93d5cb313f04794036959bbf44d2645cc7535f8349114ac711a8005879ca79f0f104f9e09b5f9da13b66199fb638d5107b61cbaeb6d5c38cf1f3cb90bb4195deaac5118c1ddc480f5a9495071a98726e32b5f1663d0bc35cfd1bf41ac3475c26cf1f942eb3789db5245985fe7a968c83b99ef8877271889a1564c5f155ed4ea71bb6a7f3617cce7288cc4f8527ffab69d9c82e877f43e162f3b195d54f2e6a8da38dab503f535d0eb7966c15d8451a0128084777a9ae4a2d8ed7cc6d9521ee4faa8a8d4e69b1a58c41210f3c7a0345953eac6983cc44523f95d25db964dc22286b5570e4e3183c8084cd7cc0fccc2980075f888550a13f32680cdeff8fb0b19a3613abfe152fb9c1807cc85fb7bb3724883fc48c184a4a22a387c7d06eddfe7b08630ec53bb209615c29a27a642d681e8517d4a11f04564d184bc18f173bec001753ab310640500c3e0520109b5983b0b44b745aab7cd993ae169200f467d0b7d3a114ebe3882844d0859875252cf4ced0f15849b093af4fec01371f04bdb13f4549535c6543cdad84087dd04453d1d62677c15f67475dfd51b01451210632a524980763a8ffb318bcd2e25b84e8a73279c3d56d11dede83e04779d404c42b0b3fc96c31ea78cf96afbda42cd52a99250b3166a458bbe13c4b98e21d7e58326bd08540fe2f92e16175bb76f9cf3cd24e2e96e1ab6987b77ae26f41b2cc0985bd6ebbb50263edab329a5288d885d3fbd870cd6aa1f704d3800723c55514170ba113f5430ed6253a874a761f885a0b32ce4d1735d1b63d7c19915ae03da963c3765f92d0fd2b5abfc41de2bdbc522d2679d23e5e8b5a49f89fafeb732a0ddc0627967f7cb36f24bd003949c5d6d368b4980b33345dfd3e4f49fcd0de024faf1df5d3dad1f3995e44eab605a0ed47e9de3ca110e81a2228c0cf915fa93911da228cab4803ef2bbf46a881f6b73ef99374756b15fe446f6c5ca034a0fda5a2e10f76421de288e5af9402dd7645e46a9157d49a3840eea37312d50b65befa0a13d1b4ebb324c811272e6a088b1e1a0d29c20c340f1cc04200f5d5230b80b62839ca75cbc9e710feb6867f014e751a07e61abdb5b6235ea0be0b2a0a56b01dfa64239652fe1bc453ac8124a116503f6859bc3a5d7d890f432864c059a83f84548c23ae23bdfc28f9f2cdf0e70e2becf9d2f3cad5d828319e6a9d17d0ecd23d6d03b75c9d8e3c63bb140b890c683b2ae545009e575b0b850da9575097f11a34b4d1d3bcfb09f86010069fab639f4b422fa7bda31da87be107ef9b5d267784c82933f9f5904c41fe6a72250ec4b1604482a59ad6c82fa2bf5bf542f4cf23f7bb96ca5b48267ff1e1cc97b12d25cd1612d2a7bfd077aa57a32c94ff701404854aa22bd09d2dfd94a6227110a6dd8945f35debf9f82cbd029c0f7f14702a2cec3f104fcee6a44b72b5cff519a2b8056705aedf6c4439913708ffdd3a76b68b2289ee22e15a7721e81dd77054aae7ae73854883992ed7b992747034e8ccbd9323de979ac58ccfae7ba8922489da7bc0920eb136ca5235056965a0a16db05028c0f7f68f8062868aea9c1f399d376a59b5581158ec2829f82033688ea412acd1cd4f31e0f624939a59d1ba382091d6a789743fe7a020d420ebbead8c1030f653ccf4a5e32e1d45ee95a74bb7b3a94fd433d6e55faddc33eed7ac385301d4ea37eb6e2098cd215644d301d409057c3e950adb245b52567b5addff201bd1adfe03df65c1f0ad83ab59adf0f1617fa585b4f1dd34805871ae0607b6cee330b1f686c267dd7078a540309c2e4b5627a666d16be5d284c529fca28fd2221c955e53a5bb09f6ae45be522c2a1cb883e017ecfc6f9d2b36078b92c8009b80ea45501096988da91a4884d20c71b39baeaee157cbad30f859a7098bdc7ebda99809bce5fc86ba388bbc962c2c26581c37207efec542c8de014d4618b9e99b4a2a63979e2a77bfcc34ff3f2645cc73dff9a345290d1125a8fe1b53921ca9acfa1f088a4a062bee006395c3eec059d5a17b7d073f1240c6c799be03f56e103401e8cf8496221190eaacac3b5a604292b043ec1e3d2562c0b32137147c51c9e0bb2b699d7d58c9bfad08084d5073caee05bfb7454d49460f0d7f93bb3c174aa5e08ccea62d0a8d2b013e75f8cde0046228f3e2057356cb550d685730c4e2efe8238e5ae6da6e9d02a02ddceba9fe845c79d349cb1b79c88db1a67ebd58b9cf56a1a803f41c724711b8fbc32579276e230ca18122e95699e67993127531d4988122b01ec90e43facd70c7304b54fe823eb2c34ab1c24d02259994cff6375335163556ade6fa214f20fbbf6bc46800c7b10baec54b3611afb0436553d6e8c8ba4cb8b8c660d85cdbb8b07e7aeaf21dc54bd183f9744aec14ed14dac5dad948360a870f2bcd20001a3756580c348ed00a3f7d9f2039ee4b8a22f9c6c4d6237aa3bb11645698effa74a4a1a945cabed6338418dbcd4034f6dd09a74d28dc7e4c32787a25e0bd990a4debf23b8ce9a9d1be965d94360e8a50e1627aaf0aa9d7958c4cc53ac8dc4d5ec4ebedca89ad75a7f4c3f128fa998bd549b15e0274584677fdb4785b8137cefadf8a8e5f3a2a16f6bab0b8215d89b91e4f8b92116d713b80de3d164d5387b9abbe7766e23852a5ce02d3d74a6685aa6a29dd5235f13cede4d0a45b4811ae678d5708d3df431212617fed9a156e8ae369be7a67033afe8c789c58ab510ee5e1deaf48da8bea35d36a7c45eb67aa2e2c859dd412578806b760db6ee3db40df70d1a64d68d160e1f6ffa05231a77e2a9262c8e848939e14fe686b5459d136be54660b4667e905fb1bfffe83a4c4a98f9601102d92ccfce7e768733da31156075660d4dd7d4d1107acd811e3e3e72d2fdfd9d11585a03f8247ba05c07f2d28cc20abf1dc1f26da651a1a284c80b1590601a02f781d24ef060f4f88afef6ab677f25594e6c9665fd4dc0165f3642f90ce8104f9ed0a121a664151ac9b4d86c78a84363950ca180a2b613fe307310842c6de74f0bbdfbe230d4595b63662323130f4476cd9fb2f219b2b72315a8795033d18200b08af529cabdbd1b81185ae098afd2a7b67662a28b425fa9ba8fa2c73e83c8bc518ebecf11c0a6bebaf060a20a86227430e9b42a2dd0539af8e222e9d132c73073fe228d7a8452c15d5a8df8e784bd193c4a7a4680615b61966f32f1c7cd004164ebbcbcfeeb3d63cb74c7b3581dc71b9d09c1da7eef5acb444b19c95a0f36b4df9a83317ea4fe2d298f30fb44d2fea11376d81e4ce5251f9735faf670717aadeeba2e3fd0defcdd549a0e74a49007644d11152ff9ddc42d3a17bbcaafb6ecf6f4c33e242ce110e89d01954ed39d8cef0ec2896fbb4380fe80a2f838551eb75a8a3ffd4b1d1c0fd7cb84209e480259360ee86696ba8b53a59a75f6ccbcd163e08cadc6f8768132926b9a608dcc227f7ba8967e97ca3a286927042e327c2994cb60d88d3ab64350437b1f65db43d93faf32c0b244f96ea1d4fc2e96c9fdb129bf4a5448c8f90b1d5edfac643ccf490738bdb0f354aea19b509affb176a61d1fa5bfac7e2a2e47eb21ec4b7f2050e4b7f5cf0ca95f19349302c181ee69952177a45cc3824145f5fd10b9820027c067299a8a6db19250ed9f0350440712a46bff8c259db0ba6d336bda64344966dcb6d12f136d4a8df190dee417a1e5a66d04a20a3e79e0e4ad7064f7076c2d1b3f15c43acdc8944e9ffa632f26dc74684bd03b9e4869c6819437e3dc06737584fb5fddd41b7cada39dbfbf94a0d699b1fe630450b7e13656f7af84dea491215d4be12ab24c2212c445379791c9ad936c75dd711d4b4ab724fbdf54f11eff70a6dbc08d29d8025930f0ca4280b68ba492482a294b6c2ea2e21853c9043a1f52a9d84128f65ffd47617bb02f320658fd970e524ab8c3b2dabd116cbc1d69f4e0492579c4d61b224f096c8ef1a6b18e13bea418a009838ddcbb20c0f34df22124f9f0b896a78d11edaf11998ff5f3dc6bd15988979c98acfa2c17a3aefc5dde3cee9662843cd6a0e3311cc995024997261033ddf8351acf2948782ff3aa58df543ec4351f3f13ff545fd4073ba9432035882b75c9a4d551f913f39d278cbe57d7b83b49724e1521871366b9567b120069e5f5760ccc8e49bc7e82999c142fae4a3e4106c75262cd103034bbdcbef65f5bd01438d81e768a463fa6561f35935ffc670902cc80e0d4ba72677cddd5941638c6c4921a1769d54d774c00a20e05d72aec94a1603833d3c45d6e6cf8647a30ec0e7a3c21b4a325f5bde3ad439acd66e6cab98dcdf34f414aa4f83ad6e42298275c73ba4525aea85c064dbcd16cc5166a5697e3c7d3c935d2d629c195ef7c88eb21aa1977e0fcd5d9e7bb2ff86fa258183b1a61c0544d8b00a8cdb3f449fb0f54e20bb60743e954ca127808eb814ec9b777f4ead2c742c42e427d0b31b42c4648ea603bd97c0395409a55d118f42b4347f6ef5410531187e44a0092a078d1c5697c243bd697ebc5dbf546d294bbb05b66469cc7a52039d8d7ae0e607db4b61455b842e31005cb42b1bda098b2e32a237b9ae6d873a6e60bd8e5390985461208c7473744a115e9a6554fa94a58e348099a3425a26636941679eb360c9442e49f88285099f217196929bb0cf24a9df59b8e38f0a5ef6dd6b5ea3bf57b3f0d4861d35ba72bab183d066545844c2bf4e4933e021c00e31d2707d84dd0903d88f869a8b281c12e34016b17eb29f3c6cf0ece32c462d20fd6dd43375597eb62ffc89fef278e641a8307274912158ad15e3edb597a5cd08c2265385e37a06aae9c1062885b8f95f355551e804e03705923d6503f38a2f6e3678ef1455134e4c60cd09714a17e87f0a9000bb3fbeeaf8efe560db300dea877ad38cef7f8bfdbd4dd52d66b992395fdc0ef622150dd010bd5930b531aed6223240520a285c5db42f50460aba610af7c49f8df1ecb836096439de9c10391a992b63671b9bc0900c66ae4b2ef90aa326ef5805095fb85d321c3f12fddc92f18eb54e429995d"}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b40), r3) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000001b80)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_STATION(r3, &(0x7f0000001d00)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001bc0)={0xf0, r5, 0x710, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0xb2, 0xac, "6aa9b45b5769c451cc414ceb6ef3f66638cc34a1f53bcbc23eabf472d674b27ab91f3f5669bd8a28f5aa10985fd5abc172e9511ad7e03d67d800802c546964e9d32e023fdc3e3501b480afe2f98a0dabf0beb7e6ec600203e06f00aa5d22a70a4d6084f55d40851ea59e5c0eb6371cdcf6b355c7de27ba45baf756ded06d384b569bfa20038ed0dc2a1f5e24d967080766e53e68417e7c1167008e9dbb76c64af88c574f52a7cd57ffa35c0388d8"}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x441}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x3}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x2}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}]}, 0xf0}, 0x1, 0x0, 0x0, 0x40048c1}, 0x0) ioctl$CDROM_DEBUG(r3, 0x5330, 0x0) copy_file_range(r0, 0x0, r0, &(0x7f0000001d40)=0xff, 0xfff, 0x0) sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000001e40)={&(0x7f0000001d80)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001e00)={&(0x7f0000001dc0)={0x1c, r5, 0x0, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10004001}, 0x81) read$rfkill(0xffffffffffffffff, &(0x7f0000001ec0), 0x8) 02:44:14 executing program 5: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, '\x00'}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000040)={0x0, 0x3, 0x6, 0x0, 0x2}) r1 = syz_io_uring_setup(0x6fa2, &(0x7f00000000c0)={0x0, 0xc99c, 0x2, 0x3, 0x1fa, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000140), &(0x7f0000000180)) r2 = io_uring_setup(0x2f95, &(0x7f00000001c0)={0x0, 0x27a, 0x8, 0x3, 0x3e4}) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0) r4 = memfd_create(&(0x7f0000000280)='/\x00', 0x1) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f00000002c0)=[r4], 0x1) ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x4004f50d, &(0x7f0000000300)) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000340)=0x7fff) write$binfmt_misc(r1, &(0x7f0000000380)={'syz0', "dd13da56a999ea17f181813046cc785034a92fc8c9411bb23d94ee00cbd7cd61f76d4b484f2d1fc9a44a4da84bcf3e2611abadee78f5a00949833493d3685864a9042385f078be9ce2b15d55b009b217789da8103c102d9a660522d1abd6cfef699e1ccc64b3e9bc3981737686e2aebddbdee72e5a4111dd7d6e4f6b26f7dd36662d83d449ebe84fd5c6"}, 0x8e) pipe2(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r7 = syz_mount_image$nfs4(&(0x7f0000000480), &(0x7f00000004c0)='./file0\x00', 0x100000000, 0x1, &(0x7f0000000600)=[{&(0x7f0000000500)="04942f848a6a8ad2d85c6806cdb8e2762e83e5b1a87b38f04a2a6ea49cd9e190a93e965860036f26140a9fcfa49511b7fcafb28b212d91567c902937ac61b824c4df13c2b8eab51b33b2886270b3381dfb4a452ee7b244ac815f21656f7f8898b8e99e1567dd321794a75afc7fc744c9d2cd7e990719b520c19f019c8d7acab43bb896240a715f273ce81611f8c6440d4077c3cb5c8228807cb53fdb26a4bd8b8bd31229bb754d5dbbd0ea90d4499634fe9d874f4d27d47fd939026b4296598305b9cb90a0cdee254593490a139c58a65ba956", 0xd3, 0x6ea}], 0x8001, &(0x7f0000000640)={[{'\x00'}, {'syz0'}, {','}, {}], [{@uid_gt={'uid>', 0xee00}}, {@obj_role={'obj_role', 0x3d, '\x00'}}, {@permit_directio}, {@seclabel}, {@subj_type={'subj_type', 0x3d, 'syz0'}}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@obj_role={'obj_role', 0x3d, '/\x00'}}, {@dont_measure}, {@euid_lt={'euid<', 0xee00}}]}) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000740)={0x1, 0x0, &(0x7f0000000700)=[r2, r2, r5, r4, r0, r7, r0]}, 0x7) ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000780)={0x3d, 0x11f0, 0x3, 0x1, 0x0, [0x6e8a, 0x0, 0x1, 0x200]}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff}) ftruncate(r8, 0x7) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r5) r9 = accept$inet(r6, &(0x7f0000000800), &(0x7f0000000840)=0x10) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000000880)={{0x1, 0x1, 0x18, r9, {0x6}}, './file0\x00'}) preadv2(0xffffffffffffffff, &(0x7f0000001e40)=[{&(0x7f0000000900)=""/213, 0xd5}, {&(0x7f0000000a00)=""/72, 0x48}, {&(0x7f0000000a80)=""/4096, 0x1000}, {&(0x7f0000001a80)=""/136, 0x88}, {&(0x7f0000001b40)=""/55, 0x37}, {&(0x7f0000001b80)=""/255, 0xff}, {&(0x7f0000001c80)=""/174, 0xae}, {&(0x7f0000001d40)=""/22, 0x16}, {&(0x7f0000001d80)=""/172, 0xac}], 0x9, 0x0, 0x4, 0x1d) 02:44:14 executing program 4: sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x4, 0x1, 0x201, 0x0, 0x0, {0x0, 0x0, 0x3}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000) sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, 0x0, 0x300, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'wlan1\x00'}}}, ["", "", "", "", "", "", "", "", ""]}, 0x2c}}, 0x40080) sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x40, 0x0, 0x9, 0x301, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x6}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_STATUS={0x8}]}, 0x40}}, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300), 0x8003, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x15100047}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x44, 0x3, 0x1, 0x301, 0x0, 0x0, {0xc, 0x0, 0x8}, [@CTA_ID={0x8}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0xffffffff}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'Q.931\x00'}}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c4}, 0x40000) sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x70, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10000}]}, @TIPC_NLA_SOCK={0x28, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffff}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x8000}, 0x40010) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000005c0), 0x480001, 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000700)={&(0x7f0000000600), 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x58, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x44, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x58, 0x17, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x58}}, 0x8004) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000880)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) sendmsg$NL80211_CMD_NEW_STATION(r2, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x28, 0x0, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x200, 0x27}}}}, [@NL80211_ATTR_STA_VLAN={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x804}, 0x20000054) r3 = openat$cgroup_netprio_ifpriomap(r2, &(0x7f00000009c0), 0x2, 0x0) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000a00)={0x80, 0x7, 0x0, 0x6, 0x1, [{0x5, 0x7f, 0x7, '\x00', 0x580}]}) sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x34, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0xc}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4800}, 0x4000) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000c40)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x1c, 0x2, 0x2, 0x5, 0x0, 0x0, {0x9, 0x0, 0x7}, [@CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x3968}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) r4 = dup(r2) lseek(r4, 0x1f, 0x4) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000cc0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000d80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x3c, 0x0, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x3c}}, 0x0) sendmsg$TIPC_NL_BEARER_ADD(r2, &(0x7f0000001380)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0xb32c9b1d983e421b}, 0xc, &(0x7f0000001340)={&(0x7f0000000e00)={0x520, 0x0, 0x10, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x124, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1cd6}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0xffff, 0x200, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1b407e71}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xa0000000}}}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5da}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x2, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @remote}}, {0x14, 0x2, @in={0x2, 0x4e24, @local}}}}]}, @TIPC_NLA_MON={0x54, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_NODE={0x178, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xd6, 0x3, "9b9163d58cc0d65069d4de99784ad97899a0ca0db697d805b852944b7c15c3a8b073ccaf7291ad87bbdd83eb38f0a0a121f44dc38d808e2ee597c47f38fd3c5396325c2cc945104f7477471f6b19a136ef61f9172b37f875edfe09c82dcb80a348c0d11f409402ba5d0389be3ddd3ce976c8088a4cee4f1f73a7b607cb47651eccb89b9c6dcc41a148a2e2e34db1ae936c962a93b9e26addd0cf66853e6db5ca9c63f1888fc48c89246dea3f1e605e30455158d65be8fbe124e2b4147229cfd1678b68d5e7d14f40923af280486a2902e74d"}, @TIPC_NLA_NODE_ID={0x9a, 0x3, "12b6ebacc64a6cd00deaf903059153098b0e5be590eb51f34d8a70036857a3fdef1287db4f95b9737ee1a11c88b986cb37aac1373e5e2185ec6ba18527ab60c352ca541c334dfa6642a0b9648c6db083b9e358f533632f9c0242f30b33e94488b6bd10c358ba73f055b2cfd7ea4df85dfddfbff959cf3b4e0e908c9303251431eb92991f720e14c00f6db9edefb51c75777f2401d5ae"}]}, @TIPC_NLA_NODE={0x8c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x329e619a}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x200}, @TIPC_NLA_NODE_ID={0x70, 0x3, "a32d4b04f33e0aaf7822e670b0bf33d3413789b01fce3f6011b9c486d08db42b547ee41db904b10de4e2211eac28fa7f17dbf643c4287b5683221112c843695267482f1fa74bb3ab8d65a0db4a99e4414e19fb566bc0dbc2e5c2cccba1db9ced8e55d6ad8df25959ca49480c"}]}, @TIPC_NLA_NODE={0xf0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x3d, 0x3, "967a06137803822c0ad048631299bc692950c782006a2ee87c0a84d2d29b943d4eedf24062fef3529f06e1457592d9b6159b2524238f9a69ab"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3e}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "cd5baf17b9a2d7df72651853d9757e05c92b12694c87ad60da7b7085c7bad4c8"}}, @TIPC_NLA_NODE_ID={0x5b, 0x3, "cf92dd66a267d15950c778da56d6fceb8d1dee5346319ff5590fea519d1618ee5948a02067ad5218e01b746a6f0cdf419eda1cfe9be7b8a9c1404152ddeb4fe2a9d18be4c7648f6f885708a35b97419a84acebab6a9a77"}]}, @TIPC_NLA_MEDIA={0xa0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8e8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x520}}, 0x8050) 02:44:14 executing program 7: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r0, 0x400, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xac, 0x62}}}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x1000}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40000) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000140)=""/50, 0x32}, {&(0x7f0000000180)=""/204, 0xcc}, {&(0x7f0000000280)=""/112, 0x70}, {&(0x7f0000000300)=""/124, 0x7c}, {&(0x7f0000000380)=""/2, 0x2}, {&(0x7f00000003c0)=""/253, 0xfd}], 0x6, &(0x7f0000000540)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}], 0x110}, 0x40010000) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x30, r0, 0x121, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x65}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x4}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0xb11}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), r2) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r1, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x34, r11, 0x800, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x1}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x1f}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x1}]}, 0x34}}, 0x40800) sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x1c, 0x0, 0x4, 0x70bd2a, 0x25dfdbfb, {}, [@GTPA_VERSION={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20040880) recvmsg$unix(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000a40)=""/211, 0xd3}], 0x1, &(0x7f0000000b80)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0xe8}, 0x2021) sendmsg$NL80211_CMD_VENDOR(r13, &(0x7f0000000f00)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000d00)={0x1b4, r0, 0x100, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void, @val={0xc, 0x99, {0x10001, 0x18}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x20}, @NL80211_ATTR_VENDOR_DATA={0xd3, 0xc5, "3d2c697ce7e9959a1e65c9d33073eb51d5932fc23d7bfbca03235028b2c63746b4c3fba2c0bb07d0a0f33f74fd84563b4965f1916826a0f452ecfdae7f7345ee513948b76bb15e7d63fa3dbc80230c9cf68fb36883eb32b32f8db5d37ae79bd2caccac99f12b7a4589dd664a2b6ca022b2329abfcdac1867730a03aaed326cdf906df444cb1fc76b5138bc9d8e87f4e698ed8ed96817abdc86ff3443896aab62dc58716a9d26789c3bfdc3e7ef49e917b513b59a2ad872485f220451706cc3390cd085978738392a433cf06a216ef2"}, @NL80211_ATTR_VENDOR_DATA={0xb8, 0xc5, "91822f15df1e1b5f027097bd02dfd96e70cf917e4be727752d3bff0dccdbb4d2019a3a96dee04d36c79f738f60a46cb4700dad1007b5acadc26ce7f1fc88139c34e1e435782c5f06316bf6293e7123cf1de708607324046b7af0bb79d9551ff18bcd759c0236fb4f4f4f3edbcf6ce6ef74a8fbf26f60408eca413a848495eba7ab3e23905622640d630d82fe3f3e16354c6eee559da0a42999243be279bd7996a1e3db53730ce024bfbf24d3e9871add6e4cffd2"}]}, 0x1b4}, 0x1, 0x0, 0x0, 0x20054081}, 0x2404c001) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r7, &(0x7f0000001000)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x1c, 0x0, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x80) r15 = syz_open_procfs(r14, &(0x7f0000001040)='net/snmp\x00') sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r15, &(0x7f0000001140)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x34, r0, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x9, 0x48}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000c0}, 0x20040081) r16 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000011c0), 0xffffffffffffffff) sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x10090000}, 0xc, &(0x7f0000001240)={&(0x7f0000001200)={0x40, r16, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0x4c}, @IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0x6}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x7}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f00000012c0)={{0x1, 0x1, 0x18, r12, {r8, r9}}, './file0\x00'}) sendmsg$NFNL_MSG_ACCT_NEW(r17, &(0x7f00000013c0)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001380)={&(0x7f0000001340)={0x20, 0x0, 0x7, 0x201, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x2000000}, 0x0) r18 = open_tree(r6, &(0x7f0000001400)='./file0\x00', 0x81000) sendmsg$NFNL_MSG_CTHELPER_GET(r18, &(0x7f0000001580)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001540)={&(0x7f0000001480)={0xa4, 0x1, 0x9, 0x801, 0x0, 0x0, {0x7}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x4}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1b}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x11}, @NFCTH_STATUS={0x8}, @NFCTH_STATUS={0x8}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x17}, @NFCTH_TUPLE={0x44, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x10}, 0x40) read$hiddev(0xffffffffffffffff, &(0x7f0000001600)=""/218, 0xda) [ 67.684607] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.686152] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.688072] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.697380] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.698717] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.702109] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.704515] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.707219] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.708672] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.710540] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.711842] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.713770] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.717782] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.730022] Bluetooth: hci0: HCI_REQ-0x0c1a [ 67.768553] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.769785] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.771080] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 67.774086] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.776157] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.779074] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.782697] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.784315] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 67.785964] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.787781] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.789130] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.791062] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.792604] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 67.793952] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.795184] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.799287] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.800302] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.804351] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.806513] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.814526] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.814650] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.817348] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 67.820116] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.822385] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.827319] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.827407] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.832256] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.833491] Bluetooth: hci4: HCI_REQ-0x0c1a [ 67.834216] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.834503] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.837894] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.839387] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.842164] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.846019] Bluetooth: hci2: HCI_REQ-0x0c1a [ 67.851637] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 67.853139] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 67.885446] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.886757] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.890624] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.897783] Bluetooth: hci3: HCI_REQ-0x0c1a [ 67.903033] Bluetooth: hci6: HCI_REQ-0x0c1a [ 67.947243] Bluetooth: hci5: HCI_REQ-0x0c1a [ 69.769661] Bluetooth: hci0: command 0x0409 tx timeout [ 69.770777] Bluetooth: hci1: command 0x0409 tx timeout [ 69.898152] Bluetooth: hci7: command 0x0409 tx timeout [ 69.899175] Bluetooth: hci2: command 0x0409 tx timeout [ 69.900115] Bluetooth: hci4: command 0x0409 tx timeout [ 69.962139] Bluetooth: hci3: command 0x0409 tx timeout [ 69.963228] Bluetooth: hci6: command 0x0409 tx timeout [ 70.026706] Bluetooth: hci5: command 0x0409 tx timeout [ 71.817081] Bluetooth: hci1: command 0x041b tx timeout [ 71.817745] Bluetooth: hci0: command 0x041b tx timeout [ 71.944986] Bluetooth: hci4: command 0x041b tx timeout [ 71.945542] Bluetooth: hci2: command 0x041b tx timeout [ 71.946094] Bluetooth: hci7: command 0x041b tx timeout [ 72.009001] Bluetooth: hci6: command 0x041b tx timeout [ 72.009551] Bluetooth: hci3: command 0x041b tx timeout [ 72.073047] Bluetooth: hci5: command 0x041b tx timeout [ 73.864970] Bluetooth: hci0: command 0x040f tx timeout [ 73.865452] Bluetooth: hci1: command 0x040f tx timeout [ 73.993050] Bluetooth: hci7: command 0x040f tx timeout [ 73.993539] Bluetooth: hci2: command 0x040f tx timeout [ 73.994011] Bluetooth: hci4: command 0x040f tx timeout [ 74.057014] Bluetooth: hci3: command 0x040f tx timeout [ 74.057588] Bluetooth: hci6: command 0x040f tx timeout [ 74.121144] Bluetooth: hci5: command 0x040f tx timeout [ 75.913028] Bluetooth: hci1: command 0x0419 tx timeout [ 75.913497] Bluetooth: hci0: command 0x0419 tx timeout [ 76.040999] Bluetooth: hci4: command 0x0419 tx timeout [ 76.041442] Bluetooth: hci2: command 0x0419 tx timeout [ 76.041845] Bluetooth: hci7: command 0x0419 tx timeout [ 76.104974] Bluetooth: hci6: command 0x0419 tx timeout [ 76.105431] Bluetooth: hci3: command 0x0419 tx timeout [ 76.169006] Bluetooth: hci5: command 0x0419 tx timeout [ 129.432986] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 129.434834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 129.439683] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 129.443409] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 129.445453] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 129.452692] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 129.460865] Bluetooth: hci0: HCI_REQ-0x0c1a [ 129.612545] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 129.614291] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 129.615954] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 129.618318] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 129.619766] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 129.620757] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 129.625385] Bluetooth: hci5: HCI_REQ-0x0c1a [ 129.626835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 129.626859] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 129.630473] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 129.631361] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 129.632715] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 129.637443] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 129.640310] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 129.640773] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 129.642712] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 129.645284] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 129.646303] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 129.647538] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 129.650595] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 129.651396] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 129.652236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 129.653438] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 129.654288] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 129.655164] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 129.657586] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 129.658857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 129.659448] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 129.661792] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 129.663423] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 129.664056] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 129.672784] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 129.674796] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 129.677463] Bluetooth: hci6: HCI_REQ-0x0c1a [ 129.677522] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 129.679231] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 129.680237] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 129.682938] Bluetooth: hci3: HCI_REQ-0x0c1a [ 129.687522] Bluetooth: hci4: HCI_REQ-0x0c1a [ 129.688512] Bluetooth: hci1: HCI_REQ-0x0c1a [ 129.717097] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 129.726412] Bluetooth: hci2: HCI_REQ-0x0c1a [ 129.728329] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 129.730233] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 129.731789] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 129.734423] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 129.736255] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 129.737677] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 129.742848] Bluetooth: hci7: HCI_REQ-0x0c1a [ 131.529166] Bluetooth: hci0: command 0x0409 tx timeout [ 131.657015] Bluetooth: hci5: command 0x0409 tx timeout [ 131.721194] Bluetooth: hci4: command 0x0409 tx timeout [ 131.722315] Bluetooth: hci3: command 0x0409 tx timeout [ 131.723331] Bluetooth: hci1: command 0x0409 tx timeout [ 131.724287] Bluetooth: hci6: command 0x0409 tx timeout [ 131.785078] Bluetooth: hci7: command 0x0409 tx timeout [ 131.786139] Bluetooth: hci2: command 0x0409 tx timeout [ 133.577965] Bluetooth: hci0: command 0x041b tx timeout [ 133.704981] Bluetooth: hci5: command 0x041b tx timeout [ 133.768998] Bluetooth: hci6: command 0x041b tx timeout [ 133.769552] Bluetooth: hci1: command 0x041b tx timeout [ 133.770123] Bluetooth: hci3: command 0x041b tx timeout [ 133.770663] Bluetooth: hci4: command 0x041b tx timeout [ 133.832984] Bluetooth: hci2: command 0x041b tx timeout [ 133.833558] Bluetooth: hci7: command 0x041b tx timeout [ 135.624974] Bluetooth: hci0: command 0x040f tx timeout [ 135.752983] Bluetooth: hci5: command 0x040f tx timeout [ 135.816963] Bluetooth: hci4: command 0x040f tx timeout [ 135.817436] Bluetooth: hci3: command 0x040f tx timeout [ 135.817848] Bluetooth: hci1: command 0x040f tx timeout [ 135.818280] Bluetooth: hci6: command 0x040f tx timeout [ 135.881014] Bluetooth: hci7: command 0x040f tx timeout [ 135.881568] Bluetooth: hci2: command 0x040f tx timeout [ 137.673971] Bluetooth: hci0: command 0x0419 tx timeout [ 137.800948] Bluetooth: hci5: command 0x0419 tx timeout [ 137.866063] Bluetooth: hci6: command 0x0419 tx timeout [ 137.866483] Bluetooth: hci1: command 0x0419 tx timeout [ 137.867019] Bluetooth: hci3: command 0x0419 tx timeout [ 137.867565] Bluetooth: hci4: command 0x0419 tx timeout [ 137.928998] Bluetooth: hci2: command 0x0419 tx timeout [ 137.929568] Bluetooth: hci7: command 0x0419 tx timeout [ 180.680984] INFO: task rcu_gp:3 blocked for more than 143 seconds. [ 180.681541] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.681955] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.682504] task:rcu_gp state:I stack:30328 pid:3 ppid:2 flags:0x00004000 [ 180.683115] Call Trace: [ 180.683307] [ 180.683478] __schedule+0x893/0x2470 [ 180.683996] ? io_schedule_timeout+0x150/0x150 [ 180.684338] ? do_raw_spin_lock+0x121/0x260 [ 180.684826] ? rwlock_bug.part.0+0x90/0x90 [ 180.685414] schedule+0xda/0x1b0 [ 180.685661] rescuer_thread+0x851/0xdb0 [ 180.686327] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.686674] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.687043] ? lockdep_hardirqs_on+0x79/0x100 [ 180.687359] ? worker_thread+0x1260/0x1260 [ 180.687658] kthread+0x2ed/0x3a0 [ 180.687929] ? kthread_complete_and_exit+0x40/0x40 [ 180.688271] ret_from_fork+0x22/0x30 [ 180.688550] [ 180.688719] INFO: task rcu_par_gp:4 blocked for more than 143 seconds. [ 180.689173] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.689530] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.690054] task:rcu_par_gp state:I stack:30944 pid:4 ppid:2 flags:0x00004000 [ 180.690610] Call Trace: [ 180.690789] [ 180.690968] __schedule+0x893/0x2470 [ 180.691240] ? io_schedule_timeout+0x150/0x150 [ 180.691558] ? do_raw_spin_lock+0x121/0x260 [ 180.691875] ? rwlock_bug.part.0+0x90/0x90 [ 180.692193] schedule+0xda/0x1b0 [ 180.692437] rescuer_thread+0x851/0xdb0 [ 180.692721] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.693081] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.693425] ? lockdep_hardirqs_on+0x79/0x100 [ 180.693742] ? worker_thread+0x1260/0x1260 [ 180.694053] kthread+0x2ed/0x3a0 [ 180.694292] ? kthread_complete_and_exit+0x40/0x40 [ 180.694632] ret_from_fork+0x22/0x30 [ 180.694930] [ 180.695098] INFO: task slub_flushwq:5 blocked for more than 143 seconds. [ 180.695539] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.695912] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.696420] task:slub_flushwq state:I stack:30944 pid:5 ppid:2 flags:0x00004000 [ 180.696994] Call Trace: [ 180.697174] [ 180.697338] __schedule+0x893/0x2470 [ 180.697607] ? io_schedule_timeout+0x150/0x150 [ 180.697938] ? do_raw_spin_lock+0x121/0x260 [ 180.698240] ? rwlock_bug.part.0+0x90/0x90 [ 180.698540] schedule+0xda/0x1b0 [ 180.698785] rescuer_thread+0x851/0xdb0 [ 180.699080] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.699422] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.699771] ? lockdep_hardirqs_on+0x79/0x100 [ 180.700102] ? worker_thread+0x1260/0x1260 [ 180.700398] kthread+0x2ed/0x3a0 [ 180.700640] ? kthread_complete_and_exit+0x40/0x40 [ 180.700993] ret_from_fork+0x22/0x30 [ 180.701268] [ 180.701435] INFO: task netns:6 blocked for more than 143 seconds. [ 180.701847] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.702217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.702728] task:netns state:I stack:30944 pid:6 ppid:2 flags:0x00004000 [ 180.703305] Call Trace: [ 180.703483] [ 180.703645] __schedule+0x893/0x2470 [ 180.703942] ? io_schedule_timeout+0x150/0x150 [ 180.704258] ? do_raw_spin_lock+0x121/0x260 [ 180.704559] ? rwlock_bug.part.0+0x90/0x90 [ 180.704859] schedule+0xda/0x1b0 [ 180.705117] rescuer_thread+0x851/0xdb0 [ 180.705397] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.705745] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.706111] ? lockdep_hardirqs_on+0x79/0x100 [ 180.706423] ? worker_thread+0x1260/0x1260 [ 180.706720] kthread+0x2ed/0x3a0 [ 180.706973] ? kthread_complete_and_exit+0x40/0x40 [ 180.707315] ret_from_fork+0x22/0x30 [ 180.707588] [ 180.707756] INFO: task kworker/0:0H:8 blocked for more than 143 seconds. [ 180.708211] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.708567] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.709092] task:kworker/0:0H state:I stack:29464 pid:8 ppid:2 flags:0x00004000 [ 180.709647] Workqueue: 0x0 (kblockd) [ 180.709929] Call Trace: [ 180.710111] [ 180.710274] __schedule+0x893/0x2470 [ 180.710548] ? io_schedule_timeout+0x150/0x150 [ 180.710876] schedule+0xda/0x1b0 [ 180.711137] worker_thread+0x15f/0x1260 [ 180.711430] ? process_one_work+0x16a0/0x16a0 [ 180.711759] kthread+0x2ed/0x3a0 [ 180.712023] ? kthread_complete_and_exit+0x40/0x40 [ 180.712362] ret_from_fork+0x22/0x30 [ 180.712636] [ 180.712801] INFO: task mm_percpu_wq:10 blocked for more than 143 seconds. [ 180.713265] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.713619] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.714143] task:mm_percpu_wq state:I stack:30944 pid:10 ppid:2 flags:0x00004000 [ 180.714700] Call Trace: [ 180.714877] [ 180.715060] __schedule+0x893/0x2470 [ 180.715328] ? io_schedule_timeout+0x150/0x150 [ 180.715644] ? do_raw_spin_lock+0x121/0x260 [ 180.715963] ? rwlock_bug.part.0+0x90/0x90 [ 180.716264] schedule+0xda/0x1b0 [ 180.716506] rescuer_thread+0x851/0xdb0 [ 180.716789] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.717147] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.717491] ? lockdep_hardirqs_on+0x79/0x100 [ 180.717805] ? worker_thread+0x1260/0x1260 [ 180.718118] kthread+0x2ed/0x3a0 [ 180.718359] ? kthread_complete_and_exit+0x40/0x40 [ 180.718702] ret_from_fork+0x22/0x30 [ 180.718995] [ 180.719165] INFO: task rcu_tasks_kthre:11 blocked for more than 143 seconds. [ 180.719637] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.720013] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.720518] task:rcu_tasks_kthre state:I stack:29272 pid:11 ppid:2 flags:0x00004000 [ 180.721092] Call Trace: [ 180.721270] [ 180.721434] __schedule+0x893/0x2470 [ 180.721715] ? io_schedule_timeout+0x150/0x150 [ 180.722051] ? mark_held_locks+0x9e/0xe0 [ 180.722336] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.722686] schedule+0xda/0x1b0 [ 180.722942] rcu_tasks_one_gp+0x3db/0xc10 [ 180.723246] rcu_tasks_kthread+0x80/0xa0 [ 180.723533] ? rcu_tasks_postscan+0x10/0x10 [ 180.723861] kthread+0x2ed/0x3a0 [ 180.724117] ? kthread_complete_and_exit+0x40/0x40 [ 180.724456] ret_from_fork+0x22/0x30 [ 180.724731] [ 180.724915] INFO: task kworker/1:0H:21 blocked for more than 143 seconds. [ 180.725372] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.725729] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.726253] task:kworker/1:0H state:I stack:29256 pid:21 ppid:2 flags:0x00004000 [ 180.726809] Workqueue: 0x0 (events_highpri) [ 180.727133] Call Trace: [ 180.727311] [ 180.727474] __schedule+0x893/0x2470 [ 180.727751] ? io_schedule_timeout+0x150/0x150 [ 180.728098] schedule+0xda/0x1b0 [ 180.728340] worker_thread+0x15f/0x1260 [ 180.728631] ? process_one_work+0x16a0/0x16a0 [ 180.728963] kthread+0x2ed/0x3a0 [ 180.729204] ? kthread_complete_and_exit+0x40/0x40 [ 180.729543] ret_from_fork+0x22/0x30 [ 180.729816] [ 180.729996] INFO: task inet_frag_wq:23 blocked for more than 143 seconds. [ 180.730440] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.730794] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.731316] task:inet_frag_wq state:I stack:30704 pid:23 ppid:2 flags:0x00004000 [ 180.731874] Call Trace: [ 180.732067] [ 180.732232] __schedule+0x893/0x2470 [ 180.732515] ? io_schedule_timeout+0x150/0x150 [ 180.732832] ? do_raw_spin_lock+0x121/0x260 [ 180.733157] ? rwlock_bug.part.0+0x90/0x90 [ 180.733458] schedule+0xda/0x1b0 [ 180.733700] rescuer_thread+0x851/0xdb0 [ 180.733996] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.734344] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.734689] ? lockdep_hardirqs_on+0x79/0x100 [ 180.735021] ? worker_thread+0x1260/0x1260 [ 180.735318] kthread+0x2ed/0x3a0 [ 180.735558] ? kthread_complete_and_exit+0x40/0x40 [ 180.735926] ret_from_fork+0x22/0x30 [ 180.736203] [ 180.736371] INFO: task kblockd:31 blocked for more than 143 seconds. [ 180.736791] Not tainted 6.0.0-rc7-next-20220930 #1 [ 180.737165] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 180.737670] task:kblockd state:I stack:30176 pid:31 ppid:2 flags:0x00004000 [ 180.738240] Call Trace: [ 180.738423] [ 180.738587] __schedule+0x893/0x2470 [ 180.738856] ? io_schedule_timeout+0x150/0x150 [ 180.739186] ? do_raw_spin_lock+0x121/0x260 [ 180.739486] ? rwlock_bug.part.0+0x90/0x90 [ 180.739791] schedule+0xda/0x1b0 [ 180.740049] rescuer_thread+0x851/0xdb0 [ 180.740334] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.740680] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 180.741047] ? lockdep_hardirqs_on+0x79/0x100 [ 180.741365] ? worker_thread+0x1260/0x1260 [ 180.741663] kthread+0x2ed/0x3a0 [ 180.741919] ? kthread_complete_and_exit+0x40/0x40 [ 180.742258] ret_from_fork+0x22/0x30 [ 180.742532] [ 180.742729] [ 180.742729] Showing all locks held in the system: [ 180.743273] 2 locks held by kworker/u4:0/9: [ 180.743589] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 180.744395] #1: ffff88800861fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 180.745205] 1 lock held by rcu_tasks_kthre/11: [ 180.745543] #0: ffffffff85406850 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10 [ 180.746280] 1 lock held by khungtaskd/25: [ 180.746589] #0: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 180.747280] 2 locks held by kworker/u4:1/26: [ 180.747606] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 180.748396] #1: ffff888009037db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 180.749258] 2 locks held by kworker/u4:2/39: [ 180.749599] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 180.750407] #1: ffff88800b06fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 180.751250] 1 lock held by kmemleak/55: [ 180.751549] 1 lock held by in:imklog/204: [ 180.751885] 2 locks held by kworker/u4:4/284: [ 180.752383] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 180.753160] #1: ffff888021c67db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 180.753954] 2 locks held by kworker/u4:6/336: [ 180.754277] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 180.755033] #1: ffff888015e2fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 180.755813] 2 locks held by kworker/u4:7/338: [ 180.756153] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 180.756915] #1: ffff88801ab07db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 180.757693] 2 locks held by kworker/u4:8/340: [ 180.758031] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 180.758778] #1: ffff888017f27db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 180.759581] 1 lock held by modprobe/6853: [ 180.759887] 1 lock held by modprobe/6854: [ 180.760205] 1 lock held by modprobe/6855: [ 180.760505] 2 locks held by modprobe/6856: [ 180.760807] [ 180.760951] ============================================= [ 180.760951] 02:46:13 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') epoll_wait(0xffffffffffffffff, &(0x7f0000000300)=[{}, {}, {}], 0x3, 0x5) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r0) acct(&(0x7f00000001c0)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000380)={0x8, {{0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, '\x00', 0x2}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) openat$incfs(r2, &(0x7f0000000180)='.pending_reads\x00', 0x0, 0x1) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=']{\x00', &(0x7f0000000480)='!\x00', 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x6, 0x0, 0x0, 0x0) [ 185.435426] loop2: detected capacity change from 0 to 40 [ 185.465085] audit: type=1400 audit(1664678773.346:7): avc: denied { open } for pid=7187 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 185.467863] audit: type=1400 audit(1664678773.346:8): avc: denied { kernel } for pid=7187 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 185.493380] ------------[ cut here ]------------ [ 185.493414] [ 185.493419] ====================================================== [ 185.493425] WARNING: possible circular locking dependency detected [ 185.493432] 6.0.0-rc7-next-20220930 #1 Not tainted [ 185.493444] ------------------------------------------------------ [ 185.493449] syz-executor.2/7190 is trying to acquire lock: [ 185.493461] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 185.493526] [ 185.493526] but task is already holding lock: [ 185.493531] ffff88801005f820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 185.493577] [ 185.493577] which lock already depends on the new lock. [ 185.493577] [ 185.493582] [ 185.493582] the existing dependency chain (in reverse order) is: [ 185.493588] [ 185.493588] -> #3 (&ctx->lock){....}-{2:2}: [ 185.493613] _raw_spin_lock+0x2a/0x40 [ 185.493633] __perf_event_task_sched_out+0x53b/0x18d0 [ 185.493653] __schedule+0xedd/0x2470 [ 185.493678] schedule+0xda/0x1b0 [ 185.493703] exit_to_user_mode_prepare+0x114/0x1a0 [ 185.493724] syscall_exit_to_user_mode+0x19/0x40 [ 185.493752] do_syscall_64+0x48/0x90 [ 185.493782] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 185.493806] [ 185.493806] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 185.493830] _raw_spin_lock_nested+0x30/0x40 [ 185.493850] raw_spin_rq_lock_nested+0x1e/0x30 [ 185.493872] task_fork_fair+0x63/0x4d0 [ 185.493903] sched_cgroup_fork+0x3d0/0x540 [ 185.493928] copy_process+0x4183/0x6e20 [ 185.493947] kernel_clone+0xe7/0x890 [ 185.493964] user_mode_thread+0xad/0xf0 [ 185.493983] rest_init+0x24/0x250 [ 185.494004] arch_call_rest_init+0xf/0x14 [ 185.494034] start_kernel+0x4c6/0x4eb [ 185.494061] secondary_startup_64_no_verify+0xe0/0xeb [ 185.494086] [ 185.494086] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 185.494111] _raw_spin_lock_irqsave+0x39/0x60 [ 185.494131] try_to_wake_up+0xab/0x1930 [ 185.494155] up+0x75/0xb0 [ 185.494180] __up_console_sem+0x6e/0x80 [ 185.494208] console_unlock+0x46a/0x590 [ 185.494237] vt_ioctl+0x2822/0x2ca0 [ 185.494257] tty_ioctl+0x785/0x16b0 [ 185.494276] __x64_sys_ioctl+0x19a/0x210 [ 185.494300] do_syscall_64+0x3b/0x90 [ 185.494330] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 185.494353] [ 185.494353] -> #0 ((console_sem).lock){....}-{2:2}: [ 185.494378] __lock_acquire+0x2a02/0x5e70 [ 185.494409] lock_acquire+0x1a2/0x530 [ 185.494438] _raw_spin_lock_irqsave+0x39/0x60 [ 185.494457] down_trylock+0xe/0x70 [ 185.494484] __down_trylock_console_sem+0x3b/0xd0 [ 185.494514] vprintk_emit+0x16b/0x560 [ 185.494543] vprintk+0x84/0xa0 [ 185.494572] _printk+0xba/0xf1 [ 185.494592] report_bug.cold+0x72/0xab [ 185.494621] handle_bug+0x3c/0x70 [ 185.494652] exc_invalid_op+0x14/0x50 [ 185.494683] asm_exc_invalid_op+0x16/0x20 [ 185.494704] group_sched_out.part.0+0x2c7/0x460 [ 185.494736] ctx_sched_out+0x8f1/0xc10 [ 185.494767] __perf_event_task_sched_out+0x6d0/0x18d0 [ 185.494787] __schedule+0xedd/0x2470 [ 185.494812] schedule+0xda/0x1b0 [ 185.494836] exit_to_user_mode_prepare+0x114/0x1a0 [ 185.494856] syscall_exit_to_user_mode+0x19/0x40 [ 185.494879] do_syscall_64+0x48/0x90 [ 185.494909] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 185.494932] [ 185.494932] other info that might help us debug this: [ 185.494932] [ 185.494937] Chain exists of: [ 185.494937] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 185.494937] [ 185.494964] Possible unsafe locking scenario: [ 185.494964] [ 185.494968] CPU0 CPU1 [ 185.494972] ---- ---- [ 185.494976] lock(&ctx->lock); [ 185.494986] lock(&rq->__lock); [ 185.494997] lock(&ctx->lock); [ 185.495009] lock((console_sem).lock); [ 185.495019] [ 185.495019] *** DEADLOCK *** [ 185.495019] [ 185.495023] 2 locks held by syz-executor.2/7190: [ 185.495035] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 185.495089] #1: ffff88801005f820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 185.495137] [ 185.495137] stack backtrace: [ 185.495142] CPU: 0 PID: 7190 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.495164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 185.495178] Call Trace: [ 185.495183] [ 185.495190] dump_stack_lvl+0x8b/0xb3 [ 185.495224] check_noncircular+0x263/0x2e0 [ 185.495254] ? format_decode+0x26c/0xb50 [ 185.495283] ? print_circular_bug+0x450/0x450 [ 185.495314] ? simple_strtoul+0x30/0x30 [ 185.495343] ? format_decode+0x26c/0xb50 [ 185.495375] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 185.495407] __lock_acquire+0x2a02/0x5e70 [ 185.495447] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 185.495488] lock_acquire+0x1a2/0x530 [ 185.495519] ? down_trylock+0xe/0x70 [ 185.495550] ? lock_release+0x750/0x750 [ 185.495588] ? vprintk+0x84/0xa0 [ 185.495620] _raw_spin_lock_irqsave+0x39/0x60 [ 185.495641] ? down_trylock+0xe/0x70 [ 185.495671] down_trylock+0xe/0x70 [ 185.495700] ? vprintk+0x84/0xa0 [ 185.495730] __down_trylock_console_sem+0x3b/0xd0 [ 185.495762] vprintk_emit+0x16b/0x560 [ 185.495797] vprintk+0x84/0xa0 [ 185.495853] _printk+0xba/0xf1 [ 185.495874] ? record_print_text.cold+0x16/0x16 [ 185.495903] ? report_bug.cold+0x66/0xab [ 185.495936] ? group_sched_out.part.0+0x2c7/0x460 [ 185.495970] report_bug.cold+0x72/0xab [ 185.496004] handle_bug+0x3c/0x70 [ 185.496036] exc_invalid_op+0x14/0x50 [ 185.496069] asm_exc_invalid_op+0x16/0x20 [ 185.496093] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 185.496130] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 185.496150] RSP: 0018:ffff888040bb7c48 EFLAGS: 00010006 [ 185.496167] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.496180] RDX: ffff88803dd91ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 185.496194] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 185.496208] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88801005f800 [ 185.496222] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 185.496242] ? group_sched_out.part.0+0x2c7/0x460 [ 185.496279] ? group_sched_out.part.0+0x2c7/0x460 [ 185.496315] ctx_sched_out+0x8f1/0xc10 [ 185.496351] __perf_event_task_sched_out+0x6d0/0x18d0 [ 185.496377] ? lock_is_held_type+0xd7/0x130 [ 185.496403] ? __perf_cgroup_move+0x160/0x160 [ 185.496422] ? set_next_entity+0x304/0x550 [ 185.496454] ? update_curr+0x267/0x740 [ 185.496488] ? lock_is_held_type+0xd7/0x130 [ 185.496514] __schedule+0xedd/0x2470 [ 185.496546] ? io_schedule_timeout+0x150/0x150 [ 185.496576] ? rcu_read_lock_sched_held+0x3e/0x80 [ 185.496613] schedule+0xda/0x1b0 [ 185.496640] exit_to_user_mode_prepare+0x114/0x1a0 [ 185.496663] syscall_exit_to_user_mode+0x19/0x40 [ 185.496688] do_syscall_64+0x48/0x90 [ 185.496720] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 185.496745] RIP: 0033:0x7fd82b9a1b19 [ 185.496760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 185.496780] RSP: 002b:00007fd828f17218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 185.496799] RAX: 0000000000000001 RBX: 00007fd82bab4f68 RCX: 00007fd82b9a1b19 [ 185.496813] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd82bab4f6c [ 185.496826] RBP: 00007fd82bab4f60 R08: 000000000000000e R09: 0000000000000000 [ 185.496840] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fd82bab4f6c [ 185.496853] R13: 00007ffc740313ef R14: 00007fd828f17300 R15: 0000000000022000 [ 185.496876] [ 185.594329] WARNING: CPU: 0 PID: 7190 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 185.595576] Modules linked in: [ 185.596027] CPU: 0 PID: 7190 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.597093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 185.598591] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 185.599347] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 185.601690] RSP: 0018:ffff888040bb7c48 EFLAGS: 00010006 [ 185.602382] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.603302] RDX: ffff88803dd91ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 185.604227] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 185.605135] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88801005f800 [ 185.606051] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 185.606975] FS: 00007fd828f17700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 185.608020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.608768] CR2: 00007fb158534260 CR3: 000000000f49a000 CR4: 0000000000350ef0 [ 185.609690] Call Trace: [ 185.610032] [ 185.610335] ctx_sched_out+0x8f1/0xc10 [ 185.610864] __perf_event_task_sched_out+0x6d0/0x18d0 [ 185.611539] ? lock_is_held_type+0xd7/0x130 [ 185.612121] ? __perf_cgroup_move+0x160/0x160 [ 185.612704] ? set_next_entity+0x304/0x550 [ 185.613262] ? update_curr+0x267/0x740 [ 185.613784] ? lock_is_held_type+0xd7/0x130 [ 185.614345] __schedule+0xedd/0x2470 [ 185.614850] ? io_schedule_timeout+0x150/0x150 [ 185.615454] ? rcu_read_lock_sched_held+0x3e/0x80 [ 185.616102] schedule+0xda/0x1b0 [ 185.616559] exit_to_user_mode_prepare+0x114/0x1a0 [ 185.617204] syscall_exit_to_user_mode+0x19/0x40 [ 185.617825] do_syscall_64+0x48/0x90 [ 185.618335] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 185.619011] RIP: 0033:0x7fd82b9a1b19 [ 185.619504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 185.621831] RSP: 002b:00007fd828f17218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 185.622809] RAX: 0000000000000001 RBX: 00007fd82bab4f68 RCX: 00007fd82b9a1b19 [ 185.623726] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd82bab4f6c [ 185.624648] RBP: 00007fd82bab4f60 R08: 000000000000000e R09: 0000000000000000 [ 185.625562] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fd82bab4f6c [ 185.626480] R13: 00007ffc740313ef R14: 00007fd828f17300 R15: 0000000000022000 [ 185.627409] [ 185.627720] irq event stamp: 1702 [ 185.628183] hardirqs last enabled at (1701): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 185.629396] hardirqs last disabled at (1702): [] __schedule+0x1225/0x2470 [ 185.630465] softirqs last enabled at (1602): [] __irq_exit_rcu+0x11b/0x180 [ 185.631572] softirqs last disabled at (1579): [] __irq_exit_rcu+0x11b/0x180 [ 185.632690] ---[ end trace 0000000000000000 ]--- 02:46:13 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x9, &(0x7f0000000140)) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="46efffff00fe00002e2f66696c653000102e9ba71e90108368fbb10dd2a5d66063"]) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r2, 0x8000000) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x882d00, 0x0) mount_setattr(r1, &(0x7f0000000040)='./file0\x00', 0x1800, &(0x7f0000000100)={0x200072, 0x4, 0xe0000, {r3}}, 0x20) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00') sendfile(r5, r4, 0x0, 0x409afb) pread64(r0, &(0x7f00000006c0)=""/4096, 0x1000, 0x1e7) [ 185.738413] loop2: detected capacity change from 0 to 40 [ 185.741310] Process accounting resumed [ 185.782331] Process accounting resumed 02:46:13 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') epoll_wait(0xffffffffffffffff, &(0x7f0000000300)=[{}, {}, {}], 0x3, 0x5) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r0) acct(&(0x7f00000001c0)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000380)={0x8, {{0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, '\x00', 0x2}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) openat$incfs(r2, &(0x7f0000000180)='.pending_reads\x00', 0x0, 0x1) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=']{\x00', &(0x7f0000000480)='!\x00', 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x6, 0x0, 0x0, 0x0) 02:46:13 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x9, &(0x7f0000000140)) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="46efffff00fe00002e2f66696c653000102e9ba71e90108368fbb10dd2a5d66063"]) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r2, 0x8000000) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x882d00, 0x0) mount_setattr(r1, &(0x7f0000000040)='./file0\x00', 0x1800, &(0x7f0000000100)={0x200072, 0x4, 0xe0000, {r3}}, 0x20) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00') sendfile(r5, r4, 0x0, 0x409afb) pread64(r0, &(0x7f00000006c0)=""/4096, 0x1000, 0x1e7) [ 185.836268] loop2: detected capacity change from 0 to 40 02:46:13 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x9, &(0x7f0000000140)) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="46efffff00fe00002e2f66696c653000102e9ba71e90108368fbb10dd2a5d66063"]) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r2, 0x8000000) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x882d00, 0x0) mount_setattr(r1, &(0x7f0000000040)='./file0\x00', 0x1800, &(0x7f0000000100)={0x200072, 0x4, 0xe0000, {r3}}, 0x20) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00') sendfile(r5, r4, 0x0, 0x409afb) pread64(r0, &(0x7f00000006c0)=""/4096, 0x1000, 0x1e7) [ 185.955793] Process accounting resumed 02:46:13 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') epoll_wait(0xffffffffffffffff, &(0x7f0000000300)=[{}, {}, {}], 0x3, 0x5) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000180)=']{\x00', 0x0, r0) acct(&(0x7f00000001c0)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000340)={{0x101, 0x7}, 0x100, './file1\x00'}) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000380)={0x8, {{0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, '\x00', 0x2}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) openat$incfs(r2, &(0x7f0000000180)='.pending_reads\x00', 0x0, 0x1) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=']{\x00', &(0x7f0000000480)='!\x00', 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x6, 0x0, 0x0, 0x0) 02:46:13 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x9, &(0x7f0000000140)) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="46efffff00fe00002e2f66696c653000102e9ba71e90108368fbb10dd2a5d66063"]) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r2, 0x8000000) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x882d00, 0x0) mount_setattr(r1, &(0x7f0000000040)='./file0\x00', 0x1800, &(0x7f0000000100)={0x200072, 0x4, 0xe0000, {r3}}, 0x20) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00') sendfile(r5, r4, 0x0, 0x409afb) pread64(r0, &(0x7f00000006c0)=""/4096, 0x1000, 0x1e7) [ 186.004194] loop2: detected capacity change from 0 to 40 [ 186.075365] Process accounting resumed 02:46:13 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x9, &(0x7f0000000140)) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="46efffff00fe00002e2f66696c653000102e9ba71e90108368fbb10dd2a5d66063"]) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r2, 0x8000000) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x882d00, 0x0) mount_setattr(r1, &(0x7f0000000040)='./file0\x00', 0x1800, &(0x7f0000000100)={0x200072, 0x4, 0xe0000, {r3}}, 0x20) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00') sendfile(r5, r4, 0x0, 0x409afb) pread64(r0, &(0x7f00000006c0)=""/4096, 0x1000, 0x1e7) [ 188.078323] loop5: detected capacity change from 0 to 264192 [ 188.093629] loop5: detected capacity change from 0 to 264192 VM DIAGNOSIS: 02:46:08 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=0000000000000001 RDX=0000000000000000 RSI=ffffffff85437678 RDI=ffffffff8486f280 RBP=ffffffff8486f280 RSP=ffff88801879fbb8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffff88801017d040 R13=0000000000000000 R14=00000000ffffffff R15=ffff88801017d9b8 RIP=ffffffff84254289 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe02213c900 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe0215ba760 CR3=000000000f4be000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 494e4f544f4e4f4d 5f454352554f535f YMM01=0000000000000000 0000000000000000 4d49545f43494e4f 544f4e4f4d5f4543 YMM02=0000000000000000 0000000000000000 3830306234386136 3036386166633561 YMM03=0000000000000000 0000000000000000 2f6c616e72756f6a 2f676f6c2f6e7572 YMM04=0000000000000000 0000000000000000 c89c186d75a229e5 000000000013e618 YMM05=0000000000000000 0000000000000000 d3fdd5f48436fbd7 00000000000aead0 YMM06=0000000000000000 0000000000000000 4752b3234b44cf09 00000000000ae988 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 44495f474f4c5359 530069253d595449 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0020000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800902f898 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000061 R11=0000000000000001 R12=0000000000000061 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f930e011260 CR3=0000000035f94000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 2e6f747079726362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00312e312e6f732e 6f74707972636269 YMM03=0000000000000000 0000000000000000 6c2f756e672d7875 6e696c2d34365f36 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000