Warning: Permanently added '[localhost]:40184' (ECDSA) to the list of known hosts. 2022/10/02 23:15:21 fuzzer started 2022/10/02 23:15:22 dialing manager at localhost:35095 syzkaller login: [ 38.282214] cgroup: Unknown subsys name 'net' [ 38.405335] cgroup: Unknown subsys name 'rlimit' 2022/10/02 23:15:38 syscalls: 2215 2022/10/02 23:15:38 code coverage: enabled 2022/10/02 23:15:38 comparison tracing: enabled 2022/10/02 23:15:38 extra coverage: enabled 2022/10/02 23:15:38 setuid sandbox: enabled 2022/10/02 23:15:38 namespace sandbox: enabled 2022/10/02 23:15:38 Android sandbox: enabled 2022/10/02 23:15:38 fault injection: enabled 2022/10/02 23:15:38 leak checking: enabled 2022/10/02 23:15:38 net packet injection: enabled 2022/10/02 23:15:38 net device setup: enabled 2022/10/02 23:15:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/02 23:15:38 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/02 23:15:38 USB emulation: enabled 2022/10/02 23:15:38 hci packet injection: enabled 2022/10/02 23:15:38 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/02 23:15:38 802.15.4 emulation: enabled 2022/10/02 23:15:38 fetching corpus: 50, signal 21069/22945 (executing program) 2022/10/02 23:15:39 fetching corpus: 100, signal 34083/37644 (executing program) 2022/10/02 23:15:39 fetching corpus: 150, signal 40892/46066 (executing program) 2022/10/02 23:15:39 fetching corpus: 200, signal 48240/54912 (executing program) 2022/10/02 23:15:39 fetching corpus: 250, signal 54210/62378 (executing program) 2022/10/02 23:15:39 fetching corpus: 300, signal 59739/69294 (executing program) 2022/10/02 23:15:39 fetching corpus: 350, signal 68574/79249 (executing program) 2022/10/02 23:15:39 fetching corpus: 400, signal 72449/84436 (executing program) 2022/10/02 23:15:40 fetching corpus: 450, signal 77361/90566 (executing program) 2022/10/02 23:15:40 fetching corpus: 500, signal 81034/95440 (executing program) 2022/10/02 23:15:40 fetching corpus: 550, signal 83977/99661 (executing program) 2022/10/02 23:15:40 fetching corpus: 600, signal 88304/105087 (executing program) 2022/10/02 23:15:40 fetching corpus: 650, signal 89557/107601 (executing program) 2022/10/02 23:15:40 fetching corpus: 700, signal 91756/110995 (executing program) 2022/10/02 23:15:40 fetching corpus: 750, signal 94041/114452 (executing program) 2022/10/02 23:15:40 fetching corpus: 800, signal 96375/117869 (executing program) 2022/10/02 23:15:40 fetching corpus: 850, signal 98310/120957 (executing program) 2022/10/02 23:15:41 fetching corpus: 900, signal 100156/123905 (executing program) 2022/10/02 23:15:41 fetching corpus: 950, signal 102026/126801 (executing program) 2022/10/02 23:15:41 fetching corpus: 1000, signal 104225/129953 (executing program) 2022/10/02 23:15:41 fetching corpus: 1050, signal 106423/133086 (executing program) 2022/10/02 23:15:41 fetching corpus: 1100, signal 109164/136704 (executing program) 2022/10/02 23:15:41 fetching corpus: 1150, signal 111721/140145 (executing program) 2022/10/02 23:15:41 fetching corpus: 1200, signal 114303/143491 (executing program) 2022/10/02 23:15:41 fetching corpus: 1250, signal 116428/146429 (executing program) 2022/10/02 23:15:42 fetching corpus: 1300, signal 118640/149457 (executing program) 2022/10/02 23:15:42 fetching corpus: 1350, signal 119583/151414 (executing program) 2022/10/02 23:15:42 fetching corpus: 1400, signal 121773/154342 (executing program) 2022/10/02 23:15:42 fetching corpus: 1450, signal 123639/156980 (executing program) 2022/10/02 23:15:42 fetching corpus: 1500, signal 125149/159349 (executing program) 2022/10/02 23:15:42 fetching corpus: 1550, signal 129638/164043 (executing program) 2022/10/02 23:15:42 fetching corpus: 1600, signal 131099/166294 (executing program) 2022/10/02 23:15:42 fetching corpus: 1650, signal 132063/168147 (executing program) 2022/10/02 23:15:43 fetching corpus: 1700, signal 133709/170521 (executing program) 2022/10/02 23:15:43 fetching corpus: 1750, signal 135739/173100 (executing program) 2022/10/02 23:15:43 fetching corpus: 1800, signal 137674/175662 (executing program) 2022/10/02 23:15:43 fetching corpus: 1850, signal 138593/177392 (executing program) 2022/10/02 23:15:43 fetching corpus: 1900, signal 139773/179379 (executing program) 2022/10/02 23:15:43 fetching corpus: 1950, signal 141378/181627 (executing program) 2022/10/02 23:15:43 fetching corpus: 2000, signal 142997/183865 (executing program) 2022/10/02 23:15:43 fetching corpus: 2050, signal 144301/185844 (executing program) 2022/10/02 23:15:44 fetching corpus: 2100, signal 145985/188065 (executing program) 2022/10/02 23:15:44 fetching corpus: 2150, signal 147165/189917 (executing program) 2022/10/02 23:15:44 fetching corpus: 2200, signal 147887/191398 (executing program) 2022/10/02 23:15:44 fetching corpus: 2250, signal 149291/193378 (executing program) 2022/10/02 23:15:44 fetching corpus: 2300, signal 150272/194989 (executing program) 2022/10/02 23:15:44 fetching corpus: 2350, signal 150892/196335 (executing program) 2022/10/02 23:15:44 fetching corpus: 2400, signal 152071/198064 (executing program) 2022/10/02 23:15:44 fetching corpus: 2450, signal 153157/199799 (executing program) 2022/10/02 23:15:45 fetching corpus: 2500, signal 154433/201631 (executing program) 2022/10/02 23:15:45 fetching corpus: 2550, signal 155160/203041 (executing program) 2022/10/02 23:15:45 fetching corpus: 2600, signal 157130/205283 (executing program) 2022/10/02 23:15:45 fetching corpus: 2650, signal 159091/207362 (executing program) 2022/10/02 23:15:45 fetching corpus: 2700, signal 159826/208711 (executing program) 2022/10/02 23:15:45 fetching corpus: 2750, signal 160675/210083 (executing program) 2022/10/02 23:15:45 fetching corpus: 2800, signal 161346/211402 (executing program) 2022/10/02 23:15:45 fetching corpus: 2850, signal 162177/212832 (executing program) 2022/10/02 23:15:46 fetching corpus: 2900, signal 162769/214073 (executing program) 2022/10/02 23:15:46 fetching corpus: 2950, signal 163671/215463 (executing program) 2022/10/02 23:15:46 fetching corpus: 3000, signal 165111/217284 (executing program) 2022/10/02 23:15:46 fetching corpus: 3050, signal 166159/218750 (executing program) 2022/10/02 23:15:46 fetching corpus: 3100, signal 167002/220081 (executing program) 2022/10/02 23:15:46 fetching corpus: 3150, signal 167532/221251 (executing program) 2022/10/02 23:15:46 fetching corpus: 3200, signal 168260/222505 (executing program) 2022/10/02 23:15:46 fetching corpus: 3250, signal 169402/223975 (executing program) 2022/10/02 23:15:46 fetching corpus: 3300, signal 170377/225370 (executing program) 2022/10/02 23:15:47 fetching corpus: 3350, signal 171049/226579 (executing program) 2022/10/02 23:15:47 fetching corpus: 3400, signal 171862/227826 (executing program) 2022/10/02 23:15:47 fetching corpus: 3450, signal 172820/229195 (executing program) 2022/10/02 23:15:47 fetching corpus: 3500, signal 173763/230482 (executing program) 2022/10/02 23:15:47 fetching corpus: 3550, signal 174430/231625 (executing program) 2022/10/02 23:15:47 fetching corpus: 3600, signal 175099/232795 (executing program) 2022/10/02 23:15:47 fetching corpus: 3650, signal 175933/234016 (executing program) 2022/10/02 23:15:47 fetching corpus: 3700, signal 176563/235124 (executing program) 2022/10/02 23:15:48 fetching corpus: 3750, signal 177267/236267 (executing program) 2022/10/02 23:15:48 fetching corpus: 3800, signal 177607/237240 (executing program) 2022/10/02 23:15:48 fetching corpus: 3850, signal 178877/238591 (executing program) 2022/10/02 23:15:48 fetching corpus: 3900, signal 179272/239523 (executing program) 2022/10/02 23:15:48 fetching corpus: 3950, signal 179791/240554 (executing program) 2022/10/02 23:15:48 fetching corpus: 4000, signal 180450/241698 (executing program) 2022/10/02 23:15:48 fetching corpus: 4050, signal 181093/242740 (executing program) 2022/10/02 23:15:48 fetching corpus: 4100, signal 182286/243969 (executing program) 2022/10/02 23:15:48 fetching corpus: 4150, signal 184060/245490 (executing program) 2022/10/02 23:15:49 fetching corpus: 4200, signal 185124/246665 (executing program) 2022/10/02 23:15:49 fetching corpus: 4250, signal 185702/247647 (executing program) 2022/10/02 23:15:49 fetching corpus: 4300, signal 186231/248581 (executing program) 2022/10/02 23:15:49 fetching corpus: 4350, signal 186552/249441 (executing program) 2022/10/02 23:15:49 fetching corpus: 4400, signal 187118/250381 (executing program) 2022/10/02 23:15:49 fetching corpus: 4450, signal 187973/251412 (executing program) 2022/10/02 23:15:49 fetching corpus: 4500, signal 188631/252351 (executing program) 2022/10/02 23:15:49 fetching corpus: 4550, signal 189036/253154 (executing program) 2022/10/02 23:15:49 fetching corpus: 4600, signal 189734/254118 (executing program) 2022/10/02 23:15:50 fetching corpus: 4650, signal 190313/255073 (executing program) 2022/10/02 23:15:50 fetching corpus: 4700, signal 190727/255917 (executing program) 2022/10/02 23:15:50 fetching corpus: 4750, signal 191168/256732 (executing program) 2022/10/02 23:15:50 fetching corpus: 4800, signal 191685/257653 (executing program) 2022/10/02 23:15:50 fetching corpus: 4850, signal 192860/258713 (executing program) 2022/10/02 23:15:50 fetching corpus: 4900, signal 193298/259492 (executing program) 2022/10/02 23:15:50 fetching corpus: 4950, signal 194390/260495 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/261272 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/261902 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/262589 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/263266 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/263922 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/264581 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/265253 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/265894 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/266563 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/267228 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/267882 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/268548 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/269169 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/269829 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/270469 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/271123 (executing program) 2022/10/02 23:15:50 fetching corpus: 4997, signal 194783/271759 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/272437 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/273101 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/273771 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/274396 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/275063 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/275749 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/276448 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/277090 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/277756 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/278412 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/279089 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/279750 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/280399 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/281052 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/281706 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/282321 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/282973 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/283637 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/284325 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/284984 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/285654 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/286331 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/286994 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/287654 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/288322 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/288974 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/289624 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/289891 (executing program) 2022/10/02 23:15:51 fetching corpus: 4997, signal 194783/289891 (executing program) 2022/10/02 23:15:53 starting 8 fuzzer processes 23:15:53 executing program 0: keyctl$setperm(0x5, 0x0, 0x4000000) r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="b3c99adf582c757796bee404d7563b030d3e3558cbeadfa82990a33aa99b1340a441b6319b20c6f45d637a2f05579014869980a9b5e1cc409a17ffa47e2bdae454044c08620f6a644220ff95a90f5b73aac8f783dee8c8c2249b0d64c113", 0x5e, 0xfffffffffffffff9) r1 = add_key(&(0x7f0000000100)='cifs.idmap\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="e0bf16876305793a6c19ed5e4f72f88de74becb833c060ce9ea738608e6d162f8c6502219bf0fabff43c6080c08c2e2878b4a27d137f3cdea993f2860c8bcfdec6e063be455fb9d95966085204416193bd787ad75d2a4c2a000f553a27c73415e805e8f07c41dd2da3c47cccd94612840eb74e6207d60ef561ffe0773bb8ec1676e2", 0x82, 0xfffffffffffffffc) r2 = request_key(&(0x7f0000000240)='syzkaller\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='\x00', 0xfffffffffffffff9) keyctl$KEYCTL_MOVE(0x1e, r0, r1, r2, 0x0) r3 = add_key$fscrypt_provisioning(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380)={0x2, 0x0, @c}, 0x29, r1) keyctl$update(0x2, r3, &(0x7f00000003c0)="814e3e4d0c3e367e69cd5b487ee4d9a4f64a69d2910769ff9970aeefdbba47e5a9ac993c6838ee03687865105ecf51799cefd6173d55962049836daf4e423e5f0daaee209021982f296c4e2e17dc655c4d6ab0cd75ba989c76af66fd56c495d3353b087de13995152d8d0503216856419c030a7e6812b3252ce58d1e1bf6c5a8e7d40881d3e3918ff37b8da9b41e5fb601a58625c5b73211b927a0571abf2a2489a86da7d9b86659aae973cc44c8032f599aa20b87b179869efb2228e4ff80360497c56355dfc2749bd4b4b23feaa53d4f9775765ec016716212c2127f3e2537edde70771a92f832c262589b21252df69b3ba4067246186b71142bdd84", 0xfd) r4 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, r2) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540), 0x200000, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r5, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x40, r1, '\x00', @a}) r6 = add_key$keyring(&(0x7f00000006c0), &(0x7f0000000700)={'syz', 0x3}, 0x0, 0x0, r4) add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x2}, 0x0, 0x0, r6) r7 = add_key$keyring(&(0x7f0000000800), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r8 = add_key(&(0x7f0000000740)='.dead\x00', &(0x7f0000000780)={'syz', 0x3}, &(0x7f00000007c0)="992deb67f0b0e497bca4613c70df9dea4eddd0c2bfc79ab62406ce1e36f6591cde220430ea34e087a9bb1de919799567128ccc99619b98b48d", 0x39, r7) add_key$keyring(&(0x7f0000000880), &(0x7f00000008c0)={'syz', 0x0}, 0x0, 0x0, r8) add_key(&(0x7f0000000900)='encrypted\x00', &(0x7f0000000940)={'syz', 0x1}, &(0x7f0000000980)="d0552c4412e7f8df9f66a0b145621d342d1366ab67b9281022b73dde88bf961223a3f4bc97845751927d57771619e734ee1e943830d5a301453c87f6d5215722cc59978b4040e3b2d9ad4f70ac9ac082e74c263c4cd6636b3a872f1d5462906cbab2b996caae083f8a7a7d31a00b678e8e66241ec8ef7013fdffe571fa08fde46633a6e9e5aa4f7375c42a01ad55e05387468732914885b1269a528f7bfead698a4176f70ff9", 0xa6, 0xfffffffffffffffe) keyctl$setperm(0x5, r0, 0x100) keyctl$chown(0x4, r4, 0x0, 0xee00) r9 = add_key$user(&(0x7f0000000a40), &(0x7f0000000a80)={'syz', 0x2}, &(0x7f0000000ac0)="f4376305698938b2d50a23e4cfe15bd3b7ae4442c6943215c8eb2dbef2867b8a571a31ffc7e1fffea49a7ce30da18e3ee06a6628617f1b64d919347ccd3f4b663f9c845402ae72379122d6dc69c316deb109e84cdb909f062b35230d4bf3a4c39c524ed596deb7fa68b8784d411e767872e2f67e2034ade7bc6b3f06fa5a2067044aeb7b7fd6eee1eb", 0x89, 0xfffffffffffffffd) keyctl$setperm(0x5, r9, 0x4) 23:15:53 executing program 2: syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000000c0)) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x77d925760ef871e2}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r1, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x100}, 0x200008c5) sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, 0x0, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}}, 0x4) r2 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f0000000500), 0x80c00) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000540), 0x800, 0x0) r4 = mq_open(&(0x7f0000000580)='l2tp\x00', 0x41, 0x100, &(0x7f00000005c0)={0x8, 0x89ca, 0x7}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000600)=[r0, r2, r0, r3, r0, r0, r0, r4], 0x8) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x40, 0x0, 0x4, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "0d8a0027617a34bb0b28ed48a6fd54e84198b82612b09350"}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}]]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0xf65e5c43363741d8) sendmsg$TIPC_CMD_SET_NETID(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x24, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x8, 0x2, 0x3ff}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x24000044}, 0x41) syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff) r5 = dup(r3) ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) mq_open(&(0x7f0000000880)='ethtool\x00', 0x40, 0x2, &(0x7f00000008c0)={0x8, 0x3d, 0x5, 0x100}) r6 = openat2(r5, &(0x7f0000000900)='./file0\x00', &(0x7f0000000940)={0x103042, 0x109, 0x10}, 0x18) r7 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7) 23:15:53 executing program 1: sched_setattr(0xffffffffffffffff, &(0x7f0000000000)={0x38, 0x6, 0x1, 0x1000, 0xffffffff, 0x5, 0x4, 0x7, 0x1, 0x81}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x50, 0x9, 0x8000, 0x6, 0x4, 0x2, 0x6, 0x7}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x5, 0x50, 0x5, 0x101, 0x0, 0x4, 0x100, 0x6, 0x800}, 0x0) r0 = getpgid(0xffffffffffffffff) sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x5, 0x40, 0x81, 0x10001, 0x6, 0x80fe, 0x19d6, 0x6}, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000100), r1) sched_setattr(r0, &(0x7f0000000140)={0x38, 0x0, 0x10000008, 0x3, 0x6, 0x0, 0x2, 0x47d, 0x8001, 0x954}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) sched_setattr(r2, &(0x7f00000001c0)={0x38, 0x2, 0x8, 0x1, 0x42, 0x4, 0x7f, 0x1f, 0x4, 0x7fff}, 0x0) r3 = getpgrp(r0) sched_setattr(r3, &(0x7f0000000200)={0x38, 0x3, 0x10000062, 0x0, 0x80000000, 0x101, 0x5ece, 0x0, 0x400, 0x5}, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000240)={0x38, 0x5, 0x10, 0x8, 0x10001, 0x1, 0x2, 0x144, 0x3, 0x5b64}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000280), r5) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000002c0)=0x0) sched_setattr(r6, &(0x7f0000000300)={0x38, 0x5, 0x8, 0x6, 0x2817, 0x3, 0x67, 0xffff, 0x20, 0x569d}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), r1) sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x2, 0x40, 0x9, 0xffff, 0x7fff, 0x9, 0x4, 0x313, 0x6}, 0x0) [ 69.504459] audit: type=1400 audit(1664752553.599:6): avc: denied { execmem } for pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 23:15:53 executing program 7: ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) r0 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TIOCSIG(r0, 0x40045436, 0xc) pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000000)="f32d2aa3a0962266b089adb32a5d0a18a3", 0x11}, {&(0x7f0000000040)="ebd7878e332e8751366b8919e4d6789656a972ae191fdfbe8cde63d26ad096955a0c036c26de", 0x26}, {&(0x7f0000000080)="1c", 0x1}, {&(0x7f00000000c0)="df30004f67301afa5ddf90dea3535119a7d1e0e96799bb3991395e49a0e32fcfbfb8058bf81b972168201b9b0d0ec4b65385bf33869f81f81977c872eb343451a87ed565b89d41c658764add937e8b0ab459c520a3ff4355d28f1ee9eebcd4bbcaa5bf51a2a3503d01235291841a46486b6b25a9daed7451a857a25de3b83b75a31c3e45e0240cb5024be128b3e3b2cdd2f09c232798c4bd1ca2061540472217315056950730ee04debfbdc312849ede4a64b3f68d1e9b5d23a243eac0b7c932f9dd07", 0xc3}, {&(0x7f00000001c0)="6229190b6e5d0c2a69b56b774c740e3464011632d11cd1077e1dfa732eda5c5e134eb52866d118953c8e2ca10c180abe98dbca4c6f5a0fecb0bbe258a0145f69263863b66711b51fe74d32b1ec23803b4ee86f2d84bc55f306c5ac732d142bad2b3a59a415814f85649d415c235fddcf0353c9e9e590b9e36a6071011230a2a8ee8827942e0dfb6bdc88eef968c71b086ac40d65538e1e3c299d32098e02bc140d8a25435742d6fd410717af3064e701882b78a6ed50ea3992dc102b991b9ab065", 0xc1}], 0x5, 0x8001, 0x7) r1 = openat2(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x220000, 0x184, 0x1}, 0x18) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000400)=0x0) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x2c, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_PID={0x8, 0x52, r2}, @NL80211_ATTR_NETNS_FD={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20048004) r3 = syz_open_dev$mouse(&(0x7f0000000500), 0x80000001, 0x100) ioctl$VT_ACTIVATE(r3, 0x5606, 0x40) lstat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000600)) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000780)={&(0x7f00000006c0)={0xa4, 0x0, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PMKID={0x14, 0x55, "9de23781519dc1c65b3487106d06560b"}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x58}, @NL80211_ATTR_PMKID={0x14, 0x55, "1efb176600860b863e7cf62eaeaa5c4e"}, @NL80211_ATTR_BSSID={0xa}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="e09f6249519a"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="e782bb9fd626"}, @NL80211_ATTR_PMKID={0x14, 0x55, "df345f8f55393afc1c0e5e9a749f36a8"}, @NL80211_ATTR_PMKID={0x14, 0x55, "6ddce73bb10b5db2410cb0fcf9550e21"}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20040050}, 0x80c8) fsetxattr$security_selinux(r3, &(0x7f0000000800), &(0x7f0000000840)='system_u:object_r:systemd_logind_var_run_t:s0\x00', 0x2e, 0x3) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r5, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x2c, r6, 0x784c82d9259e07b3, 0x70bd2b, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x40}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040}, 0x4040) write(r0, &(0x7f00000009c0)="52a2c2a3c806578ef4772b1f2620eee1b2f5046f6724453f25a24f721dc1544117e2aadcffd51ef02c5c0073082849593108e02b33b974ad071fd573a201c4f9c68519ee1a0b1ab1284477d82eb884b1cf8f747cddbd34234ee3670f3652811183fb710475", 0x65) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r7, &(0x7f0000000b80)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x38, 0x0, 0x800, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0xe8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000003}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 23:15:53 executing program 3: modify_ldt$write(0x1, &(0x7f0000000000)={0x6, 0xffffffffffffffff, 0x2000, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000040)={0x5, 0x1000, 0x400, 0x1, 0x2, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000080)={0xffff, 0x100000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000000c0)={0x4, 0x20000000, 0x1000, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000100)={0x8001, 0x20000800, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000140)={0x4, 0x20001000, 0x400, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000180)={0x116, 0x0, 0x400, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000001c0)={0x3, 0x20000000, 0x2000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000200)={0x1ff, 0xffffffffffffffff, 0x2000, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000240)={0x4, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000280)={0xffff, 0x20000800, 0x2000, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000002c0)={0x0, 0x20000000, 0x1000, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000300)={0x9, 0x20001000, 0x400, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000340)={0x4, 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000380)={0x372, 0x1000, 0x4000, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f00000003c0)={0x41, 0x1000, 0xe8cbe801f8da132a, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000400)={0x5, 0x1000, 0x2000, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000440)={0x5, 0x1000, 0x1000, 0x0, 0x1, 0x0, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000480)={0x400, 0x20000000, 0x4000, 0x1, 0x3}, 0x10) modify_ldt$write(0x1, &(0x7f00000004c0)={0x3, 0x20000000, 0x2000, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10) 23:15:53 executing program 4: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r2 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x1, 0x8, &(0x7f0000000740)=[{&(0x7f0000000100)="5304757c4e9d2e76c44b1c22429409cbf795de20befaaddbe0992d9cd8af4e717ca3b0c9cbe88a8eefa235ee4c44d607e1c54e398f2add3639f003e90ab8d1e9cf01a2740a3a6dfcc3f941e63e8d42687e79ab20b0272cf775e8e38be933c758f08dc3e85f6ac6e4a3a8c64ed000ee72032370", 0x73, 0x6}, {&(0x7f0000000180)="f4fa529f9b607e4cf9705342e0fe09bfc084a03fc81c70f50c8e935a4f2d57b52fc35fb35fd140c23755f553a6a3e60d886547a811b5d2d4127cb9a197b5bf910668b3b3b18dbaabae75269332d83880a937899526bb923546f9fcf2247cefeb06abb39be28f3bb2649c19e0c52d392546223834787ad0fdab4d61216f1ffe7e335310616d007c58d6086b6790fae3f93caf51da2c08a3613513b6bf56f43cf1e18136f407888f2872face21e5c8867824c030a5df4ca46778f59e5a2e9d1ac8eba8aaae04805dc52720e88b6934b9296d4badb7b0adfba5f13a9dcf3be2ab2b9c47a5fe09b56e3a2d9200b79a006b", 0xef, 0xfffffffffffff800}, {&(0x7f0000000280)="d6f2a6f46686eb47598a1b8dcb989119c1c5d57d2d4ce74133021e31b185", 0x1e, 0x1}, {&(0x7f00000002c0)="ce78b526311f790911c391c7e835bb52e99d5d1376293adbe2d0f1712e374303ae472aa58edae2605e38ce41e70b63db7ed2f91eb84f405231ab1eeb6a67be91bc1f5178172f29ba95e5526073c385fdfb2a482079749274837fd2fb1c7f0d1f0e4a9cc10b0d6098e7d3238f7031085306c33cf77fc339630a60c4ac4fb66c673a6bdeb567bf87372de1b734731f84c71832c09aa58790365d84efcb2d1a84d4", 0xa0, 0x2}, {&(0x7f0000000380)="b8d831d4314e9492e7eeb03af08aa22b3bc43a22fce52beeb20ce4c3c700f62a03b271213fd8cc46002ec74edfdbafca004b4c5bec8cae937b99987d7ed614a97fb4644eeabf7d34e308bbd9939e61226f91e7cba8eca30bb61e4fd14bebd30701b22800b4220d54d5990f5ff4b37387f783bde442ee142d303acd2847473d822a68a6b950dcf51ce7ab7495fba67d4ce584cee664b12c4fefca73cd4bbe54afbf9f2b1c722d4b65c8507ca4f2b7df4c99afa273e5bac2f0dcb22beea7d4d846d337bad4c84ec222f42d97b0", 0xcc, 0x3ff}, {&(0x7f0000000480)="3108e7c8e40d2cefaa3151f40fb8d6eb3f828ea5e8e3a3684a8e7a196c74dbb326979c73b31edd73368716cbe9c22109abf248bdfa9e67debc407a9cb6837e3653bdb4906522044b52f8a2a8939b438d637625d1ab499315a12dfecd65e884d8fe2fc082f10f4984d3e2385929bd47290d727619f3be59ad24b5604de62c5aec45ed1b4facf4648442a2e18034b907b33455d7c5e08b9b7f029b8103a6a4629d835df0ff00365705f2bc29f632b04fe4fa89159810e0f4ee7f4a4d37af877cacf6d05ba3d2f3ce20163449e5779e8fab3a2f5a9bd60ba6cf69ef0535", 0xdc, 0x6}, {&(0x7f0000000580)="344006a2d51130e85e5d41695c1b7514da79103f64d10eb328a4282c030091c6d03c583d3ebe4c7d216a3a3b36e794e3659bdd2be43fea8483a02ea34152fe134bc43a5bba97734810ffbfd54e76ab94989efb3f56e8c9fc9a4abcbd3d88b9115708965f72ec1cd8616fd912ef685b11bb54a219830e8b5bac0957479244d0dd603c8afefbd428652caf1c1cf7f883f7d8b4b1aaee0b641995de198974449147cd5e994621adf16e387fbb5ea880d7d509ffe7e4ef276edda5ba57b5edde2208e3a9a3529b752c9e3374c7e33b6ac95e1ec74f1532b4bcbd75428d9cdc928d04af318d5fcb0228ca019bfd", 0xeb, 0x3785d20a}, {&(0x7f0000000680)="39a4dacd42477c4f46e578eba85791a371f0b85e4bfd34ca1f148544a0fa564999286b1b4183577149a64ea7a25786a154381cce5d7909f81d787145d153e3bb0b3202ef519fed633783aed96829e939efa923aebca0d18cb8c664c8692c1399e40df7b273a59010668847c38ca3132f2e9c33551f840c00abad3feeb87bca8eaf", 0x81, 0x6}], 0x0, &(0x7f0000000800)={[{@huge_within_size}, {@mpol={'mpol', 0x3d, {'interleave', '=relative', @val={0x3a, [0x3a, 0x2d, 0x39, 0x2f, 0x31, 0x2c, 0x2d, 0x39]}}}}, {@huge_advise}], [{@fsuuid={'fsuuid', 0x3d, {[0x33, 0x34, 0x36, 0x37, 0x64, 0x34, 0x63, 0x34], 0x2d, [0x30, 0x66, 0x63, 0x39], 0x2d, [0x6a, 0x37, 0x31, 0x39], 0x2d, [0x34, 0x31, 0x33, 0x63], 0x2d, [0x30, 0x61, 0x6, 0x64, 0x36, 0x61, 0x31, 0x63]}}}, {@smackfstransmute={'smackfstransmute', 0x3d, '#{'}}, {@appraise_type}, {@euid_lt}, {@seclabel}]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000008c0)) r3 = openat(0xffffffffffffffff, &(0x7f0000000ac0)='./file0\x00', 0x10401, 0x82) r4 = epoll_create1(0x80000) pwritev(r4, &(0x7f0000000d40)=[{&(0x7f0000000b00)="00a09a8abcd25f419177d846ef232d95a636e90eaa72bd7abe153dabed78e357d7cb3764203a89fdfdceee5a0d78f0bcdd458840c2437620c987", 0x3a}, {&(0x7f0000000b40)="4164313d2b388d1c2ea1aa2038f0996561030000d7ffdf4d2e82f500bcfdfa3b96d60691b4ace875ef9cf66c8d9f6a8eff4e7a483db35738ec08732f4ac2d49dda0ab56956229c86cb58e95e40fc534af0d8e664d1cd59a9d0e8d2e9b948b80be63513448f6793ff9cf127e41487349b8fb71ff7ec7f73a2bcdfbfece7fb4c1f0236be021010da05caf783406af5438b25fe30a764c189d76ced5eacbc73400aac73e8a4af8993c95aff259ed58c1aa11738c1bbea0fb2464a0fc00a1e8559d45c898f28fdde9ec1585d91dc39daad4e4c8ce7a32cb3336fcaca11b53607e9ad776bf1224a4a183c46a5", 0xea}, {&(0x7f0000000c40)="213e569bb7d20f5396c6146f7ee4bdb312e6aa326eb83d6f093da142aedcff0c0ea4fc5f07a8113074c2db5f004234f07c7f2e5c0cfa9326b875027d30daf423f06387", 0x43}, {&(0x7f0000000cc0)="cb09b80e10031358f45f3e069ff73a7a7e7a749a214e5e4871146326d8928d37f2224aeb1181cf74e2ff22677e963f06f738bbe246bfb71b5b9f6397c1b2dea39f7f", 0x42}], 0x4, 0x7, 0x401) setxattr$security_capability(&(0x7f0000000d80)='./file0\x00', &(0x7f0000000dc0), &(0x7f0000000e00)=@v3={0x3000000, [{0x20, 0xe5}, {0x7f, 0x401}], 0xffffffffffffffff}, 0x18, 0x0) openat(r3, &(0x7f0000000e40)='./file0\x00', 0x200000, 0x2) recvmmsg$unix(r0, &(0x7f0000001840)=[{{&(0x7f0000000f00), 0x6e, &(0x7f0000001280)=[{&(0x7f0000000f80)=""/191, 0xbf}, {&(0x7f0000001040)=""/148, 0x94}, {&(0x7f0000001100)=""/149, 0x95}, {&(0x7f00000011c0)=""/191, 0xbf}], 0x4}}, {{&(0x7f00000012c0), 0x6e, &(0x7f0000001700)=[{&(0x7f0000001340)=""/211, 0xd3}, {&(0x7f0000001440)=""/254, 0xfe}, {&(0x7f0000001540)=""/80, 0x50}, {&(0x7f00000015c0)=""/96, 0x60}, {&(0x7f0000001640)=""/173, 0xad}], 0x5, &(0x7f0000001780)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xa8}}], 0x2, 0x2, 0x0) mount$cgroup2(0x0, &(0x7f0000000e80)='./file1\x00', &(0x7f0000000ec0), 0x8000, &(0x7f00000018c0)={[{@memory_recursiveprot}, {@memory_localevents}], [{@uid_eq={'uid', 0x3d, r6}}, {@obj_user={'obj_user', 0x3d, '}'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r7, 0x84009422, &(0x7f0000001940)={0x0, 0x0, {}, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001d40), 0x511000, 0x0) r10 = fcntl$dupfd(r9, 0x0, r8) epoll_pwait2(0xffffffffffffffff, &(0x7f0000001d80)=[{}, {}, {}], 0x3, &(0x7f0000001dc0)={0x77359400}, &(0x7f0000001e00)={[0x3]}, 0x8) r11 = syz_open_procfs(r5, &(0x7f0000001e80)='net/vlan/vlan0\x00') io_submit(0x0, 0x1, &(0x7f0000001f00)=[&(0x7f0000001ec0)={0x0, 0x0, 0x0, 0x6, 0x3f, r7, &(0x7f0000001e40)="5763bf93417c3579", 0x8, 0x9, 0x0, 0x7, r11}]) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r9, 0xc0189379, &(0x7f0000001f40)={{0x1, 0x1, 0x18, r10}, './file1\x00'}) fsconfig$FSCONFIG_SET_FD(r12, 0x5, &(0x7f0000001f80)='#\x00', 0x0, r2) fchmodat(0xffffffffffffffff, &(0x7f0000002000)='./file1\x00', 0x20) 23:15:53 executing program 5: keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000000)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000040)={'syz', 0x2}) keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x1}) keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x1}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x0}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000140)={'syz', 0x0}) keyctl$join(0x1, 0x0) keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x0}) keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000200)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000240)={'syz', 0x0}) keyctl$join(0x1, 0x0) keyctl$join(0x1, 0x0) r0 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x0}, 0x0, 0x0, 0x0) keyctl$search(0xa, 0x0, &(0x7f0000000280)='ceph\x00', &(0x7f00000002c0)={'syz', 0x0}, r0) keyctl$join(0x1, &(0x7f0000000380)={'syz', 0x0}) add_key(&(0x7f00000003c0)='rxrpc\x00', &(0x7f0000000400)={'syz', 0x2}, &(0x7f0000000440)="c213876590ca1e25a886b44c6dee2c9408f25c09c788e134565dd91614b5afff43eb33c6d31c1fb6af4b0867549cd4c444fe35fb7ae7c60217a190e8b840ee1d7cebfb27cda5dfb3d561002e68b24c7adea0e4eead6d5cb250396e25c315a673d2e21c003306bf8b0df96c5b77f409313be7f38ee941cf621c44b1d1f9d90fa90174c97012cf47c1a8736ea41557f933f25239f0ec216ce9e839f83acda6e56a5d181e4b2d290370c3a65cc45656a5190af520eeceb80e5bb395df7d2228f1bc6c9f0627c759a8e29271f1c676f44a20f6a665e13b2dc7298840c31cd47d979f", 0xe0, r0) 23:15:53 executing program 6: sendmsg$NL80211_CMD_START_NAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x40}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004000}, 0x8000) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x29, 0x2, 0x2, 0x6, 0x20, @local, @private1, 0x80, 0x0, 0x2, 0xfffff800}}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000300)={@initdev, @empty, 0x0}, &(0x7f0000000340)=0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@mcast1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@private}, 0x0, @in6=@remote}}, &(0x7f0000000480)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@initdev, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@loopback}}, &(0x7f0000000740)=0xe8) sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000780)={0x2f0, 0x0, 0x400, 0x70bd2a, 0x25dfdbff, {}, [{{0x8, 0x1, r0}, {0x80, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x7c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4c, 0x4, [{0xffc0, 0x91, 0x1, 0x80000001}, {0xff, 0x75, 0x4, 0x800}, {0x8, 0xac, 0x6, 0x2}, {0x5, 0x20, 0x8, 0x5}, {0x101, 0x9, 0x6, 0x7}, {0x40, 0x55, 0x4, 0xa11}, {0xffff, 0xff, 0x3, 0x1}, {0x0, 0x0, 0x7f, 0x20}, {0xe5d4, 0x9f, 0x0, 0x4}]}}}]}}, {{0x8, 0x1, r1}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}]}}, {{0x8}, {0x84, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7b}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3f}}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}]}}]}, 0x2f0}, 0x1, 0x0, 0x0, 0x4008081}, 0x14000) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000b00)={r0, 0x1, 0x6, @broadcast}, 0x10) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000b40)={0x6, 'macvlan1\x00', {0x7fff}, 0x4}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000c00)=@IORING_OP_OPENAT2={0x1c, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000b80)={0x40a800, 0x20, 0xd}, &(0x7f0000000bc0)='./file0\x00', 0x18, 0x0, 0x23456}, 0x6fb4b7dd) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000c40)='blkio.bfq.time_recursive\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000dc0)={'ip6_vti0\x00', &(0x7f0000000d40)={'syztnl2\x00', 0x0, 0x29, 0x0, 0x20, 0xc6, 0x72, @remote, @loopback, 0x20, 0x7, 0x3, 0x800}}) setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000e00)={r7, 0x1, 0x6}, 0x10) ioctl$sock_inet6_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000e40)={@mcast1, 0x4d, r2}) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r6, 0x89f5, &(0x7f0000000f40)={'syztnl0\x00', &(0x7f0000000ec0)={'ip6gre0\x00', r7, 0x29, 0x8, 0x7, 0x28d8, 0x8, @mcast2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x20, 0x7901, 0x9, 0x7fff}}) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f00000010c0)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001080)={&(0x7f0000000f80)={0xd0, 0x0, 0x102, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010102}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3b}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}]}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0xd0}, 0x1, 0x0, 0x0, 0x5}, 0x40000) setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000001100)={{{@in6=@mcast1, @in=@loopback, 0x4e21, 0x401, 0x4e21, 0x0, 0xa, 0x20, 0x20, 0xc, 0x0, r5}, {0xfffffffffffffffe, 0x7, 0x9, 0x8, 0x5, 0x7, 0x4, 0xfffffffffffff801}, {0x2, 0x2, 0x5, 0x400}, 0x0, 0x6e6bba, 0x0, 0x0, 0x3, 0x7cb4449203179bba}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4d4, 0x32}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x1, 0x0, 0x1, 0x1000, 0x101, 0x7}}, 0xe8) sendmsg$TIPC_NL_LINK_GET(r6, &(0x7f00000013c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x11000018}, 0xc, &(0x7f0000001380)={&(0x7f0000001240)={0x120, 0x0, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x20}]}, @TIPC_NLA_LINK={0x98, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0x60, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast1}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x9, @private1, 0x4}}}}]}]}, 0x120}}, 0x8c0) r9 = syz_io_uring_complete(0x0) syz_io_uring_setup(0x45d0, &(0x7f0000001400)={0x0, 0x6c3b, 0x10, 0x0, 0x1f4, 0x0, r9}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000001480), &(0x7f00000014c0)) [ 70.901051] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.902669] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.904384] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.905613] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.906920] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.908161] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.909704] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.913233] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.914445] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.916643] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.917925] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.919255] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.920464] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.936054] Bluetooth: hci2: HCI_REQ-0x0c1a [ 70.953478] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.955546] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.957264] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.958426] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 70.959558] Bluetooth: hci0: HCI_REQ-0x0c1a [ 70.966521] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.969540] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 70.972744] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.973497] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.975044] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.976660] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.977666] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.979531] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 70.981031] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.982229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.983312] Bluetooth: hci1: HCI_REQ-0x0c1a [ 70.984441] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 70.985669] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 70.986906] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 70.993172] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.994620] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 70.996504] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 70.997859] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.999715] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.001313] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.001897] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 71.004010] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 71.005382] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.007232] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 71.008616] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.010822] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 71.017338] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 71.017459] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 71.019407] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.032874] Bluetooth: hci4: HCI_REQ-0x0c1a [ 71.033824] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.040063] Bluetooth: hci7: HCI_REQ-0x0c1a [ 71.042698] Bluetooth: hci5: HCI_REQ-0x0c1a [ 71.044278] Bluetooth: hci3: HCI_REQ-0x0c1a [ 71.052557] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 71.058116] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 71.066457] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.972546] Bluetooth: hci2: command 0x0409 tx timeout [ 73.036089] Bluetooth: hci1: command 0x0409 tx timeout [ 73.036869] Bluetooth: hci0: command 0x0409 tx timeout [ 73.100304] Bluetooth: hci6: command 0x0409 tx timeout [ 73.101090] Bluetooth: hci3: command 0x0409 tx timeout [ 73.101685] Bluetooth: hci5: command 0x0409 tx timeout [ 73.102680] Bluetooth: hci7: command 0x0409 tx timeout [ 73.103302] Bluetooth: hci4: command 0x0409 tx timeout [ 75.020023] Bluetooth: hci2: command 0x041b tx timeout [ 75.084154] Bluetooth: hci0: command 0x041b tx timeout [ 75.084906] Bluetooth: hci1: command 0x041b tx timeout [ 75.148110] Bluetooth: hci4: command 0x041b tx timeout [ 75.148887] Bluetooth: hci7: command 0x041b tx timeout [ 75.149786] Bluetooth: hci5: command 0x041b tx timeout [ 75.150524] Bluetooth: hci3: command 0x041b tx timeout [ 75.151251] Bluetooth: hci6: command 0x041b tx timeout [ 77.068019] Bluetooth: hci2: command 0x040f tx timeout [ 77.132018] Bluetooth: hci1: command 0x040f tx timeout [ 77.132480] Bluetooth: hci0: command 0x040f tx timeout [ 77.196108] Bluetooth: hci6: command 0x040f tx timeout [ 77.196542] Bluetooth: hci3: command 0x040f tx timeout [ 77.197105] Bluetooth: hci5: command 0x040f tx timeout [ 77.197508] Bluetooth: hci7: command 0x040f tx timeout [ 77.197909] Bluetooth: hci4: command 0x040f tx timeout [ 79.116396] Bluetooth: hci2: command 0x0419 tx timeout [ 79.180068] Bluetooth: hci0: command 0x0419 tx timeout [ 79.180535] Bluetooth: hci1: command 0x0419 tx timeout [ 79.245991] Bluetooth: hci4: command 0x0419 tx timeout [ 79.246434] Bluetooth: hci7: command 0x0419 tx timeout [ 79.246836] Bluetooth: hci5: command 0x0419 tx timeout [ 79.247541] Bluetooth: hci3: command 0x0419 tx timeout [ 79.247930] Bluetooth: hci6: command 0x0419 tx timeout [ 132.731571] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 132.732484] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 132.734522] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 132.735252] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 132.736142] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 132.736654] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 132.739906] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 132.740445] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 132.742005] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 132.742527] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 132.743461] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 132.744106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 132.750911] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 132.768511] Bluetooth: hci1: HCI_REQ-0x0c1a [ 132.770377] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 132.771023] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 132.775736] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 132.776569] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 132.781155] Bluetooth: hci0: HCI_REQ-0x0c1a [ 132.782226] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 132.783583] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 132.784297] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 132.788597] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 132.789520] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 132.791117] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 132.791972] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 132.793010] Bluetooth: hci2: HCI_REQ-0x0c1a [ 132.793470] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 132.806284] Bluetooth: hci4: HCI_REQ-0x0c1a [ 132.812153] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 132.816110] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 132.819715] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 132.820370] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 132.822298] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 132.823132] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 132.824696] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 132.825321] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 132.825850] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 132.828350] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 132.829543] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 132.830483] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 132.831061] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 132.831684] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 132.835601] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 132.836289] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 132.839517] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 132.840293] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 132.841173] Bluetooth: hci3: HCI_REQ-0x0c1a [ 132.842561] Bluetooth: hci6: HCI_REQ-0x0c1a [ 132.876899] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 132.877467] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 132.878755] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 132.882607] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 132.885726] Bluetooth: hci5: HCI_REQ-0x0c1a [ 132.889277] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 132.915193] Bluetooth: hci7: HCI_REQ-0x0c1a [ 134.796127] Bluetooth: hci2: command 0x0409 tx timeout [ 134.796802] Bluetooth: hci0: command 0x0409 tx timeout [ 134.797347] Bluetooth: hci1: command 0x0409 tx timeout [ 134.860017] Bluetooth: hci3: command 0x0409 tx timeout [ 134.860528] Bluetooth: hci6: command 0x0409 tx timeout [ 134.861293] Bluetooth: hci4: command 0x0409 tx timeout [ 134.924026] Bluetooth: hci5: command 0x0409 tx timeout [ 134.988097] Bluetooth: hci7: command 0x0409 tx timeout [ 136.844033] Bluetooth: hci1: command 0x041b tx timeout [ 136.844528] Bluetooth: hci0: command 0x041b tx timeout [ 136.844976] Bluetooth: hci2: command 0x041b tx timeout [ 136.908029] Bluetooth: hci4: command 0x041b tx timeout [ 136.908442] Bluetooth: hci6: command 0x041b tx timeout [ 136.908840] Bluetooth: hci3: command 0x041b tx timeout [ 136.971997] Bluetooth: hci5: command 0x041b tx timeout [ 137.035982] Bluetooth: hci7: command 0x041b tx timeout [ 138.892049] Bluetooth: hci2: command 0x040f tx timeout [ 138.892488] Bluetooth: hci0: command 0x040f tx timeout [ 138.892900] Bluetooth: hci1: command 0x040f tx timeout [ 138.956080] Bluetooth: hci3: command 0x040f tx timeout [ 138.956517] Bluetooth: hci6: command 0x040f tx timeout [ 138.956917] Bluetooth: hci4: command 0x040f tx timeout [ 139.019984] Bluetooth: hci5: command 0x040f tx timeout [ 139.083985] Bluetooth: hci7: command 0x040f tx timeout [ 140.940056] Bluetooth: hci1: command 0x0419 tx timeout [ 140.940516] Bluetooth: hci0: command 0x0419 tx timeout [ 140.940906] Bluetooth: hci2: command 0x0419 tx timeout [ 141.004036] Bluetooth: hci4: command 0x0419 tx timeout [ 141.004454] Bluetooth: hci6: command 0x0419 tx timeout [ 141.004853] Bluetooth: hci3: command 0x0419 tx timeout [ 141.067985] Bluetooth: hci5: command 0x0419 tx timeout [ 141.132203] Bluetooth: hci7: command 0x0419 tx timeout [ 181.131999] INFO: task rcu_gp:3 blocked for more than 142 seconds. [ 181.132596] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.133033] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.133589] task:rcu_gp state:I stack:30328 pid:3 ppid:2 flags:0x00004000 [ 181.134257] Call Trace: [ 181.134450] [ 181.134630] __schedule+0x893/0x2470 [ 181.135112] ? io_schedule_timeout+0x150/0x150 [ 181.135458] ? do_raw_spin_lock+0x121/0x260 [ 181.136277] ? rwlock_bug.part.0+0x90/0x90 [ 181.136596] schedule+0xda/0x1b0 [ 181.137282] rescuer_thread+0x851/0xdb0 [ 181.137590] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.137986] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.138377] ? lockdep_hardirqs_on+0x79/0x100 [ 181.138724] ? worker_thread+0x1260/0x1260 [ 181.139070] kthread+0x2ed/0x3a0 [ 181.139336] ? kthread_complete_and_exit+0x40/0x40 [ 181.139712] ret_from_fork+0x22/0x30 [ 181.140028] [ 181.140211] INFO: task rcu_par_gp:4 blocked for more than 142 seconds. [ 181.140690] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.141101] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.141664] task:rcu_par_gp state:I stack:30944 pid:4 ppid:2 flags:0x00004000 [ 181.142303] Call Trace: [ 181.142508] [ 181.142690] __schedule+0x893/0x2470 [ 181.143008] ? io_schedule_timeout+0x150/0x150 [ 181.143363] ? do_raw_spin_lock+0x121/0x260 [ 181.143712] ? rwlock_bug.part.0+0x90/0x90 [ 181.144069] schedule+0xda/0x1b0 [ 181.144341] rescuer_thread+0x851/0xdb0 [ 181.144657] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.145074] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.145463] ? lockdep_hardirqs_on+0x79/0x100 [ 181.145819] ? worker_thread+0x1260/0x1260 [ 181.146184] kthread+0x2ed/0x3a0 [ 181.146458] ? kthread_complete_and_exit+0x40/0x40 [ 181.146845] ret_from_fork+0x22/0x30 [ 181.147171] [ 181.147389] INFO: task slub_flushwq:5 blocked for more than 142 seconds. [ 181.147911] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.148342] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.148950] task:slub_flushwq state:I stack:30944 pid:5 ppid:2 flags:0x00004000 [ 181.149595] Call Trace: [ 181.149790] [ 181.149993] __schedule+0x893/0x2470 [ 181.150309] ? io_schedule_timeout+0x150/0x150 [ 181.150670] ? do_raw_spin_lock+0x121/0x260 [ 181.151018] ? rwlock_bug.part.0+0x90/0x90 [ 181.151341] schedule+0xda/0x1b0 [ 181.151600] rescuer_thread+0x851/0xdb0 [ 181.151901] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.152287] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.152656] ? lockdep_hardirqs_on+0x79/0x100 [ 181.153014] ? worker_thread+0x1260/0x1260 [ 181.153334] kthread+0x2ed/0x3a0 [ 181.153591] ? kthread_complete_and_exit+0x40/0x40 [ 181.153970] ret_from_fork+0x22/0x30 [ 181.154271] [ 181.154449] INFO: task netns:6 blocked for more than 142 seconds. [ 181.154892] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.155296] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.155841] task:netns state:I stack:30944 pid:6 ppid:2 flags:0x00004000 [ 181.156449] Call Trace: [ 181.156643] [ 181.156818] __schedule+0x893/0x2470 [ 181.157125] ? io_schedule_timeout+0x150/0x150 [ 181.157464] ? do_raw_spin_lock+0x121/0x260 [ 181.157788] ? rwlock_bug.part.0+0x90/0x90 [ 181.158135] schedule+0xda/0x1b0 [ 181.158398] rescuer_thread+0x851/0xdb0 [ 181.158699] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.159086] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.159454] ? lockdep_hardirqs_on+0x79/0x100 [ 181.159788] ? worker_thread+0x1260/0x1260 [ 181.160124] kthread+0x2ed/0x3a0 [ 181.160382] ? kthread_complete_and_exit+0x40/0x40 [ 181.160743] ret_from_fork+0x22/0x30 [ 181.161051] [ 181.161228] INFO: task kworker/0:0H:8 blocked for more than 142 seconds. [ 181.161706] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.162125] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.162675] task:kworker/0:0H state:I stack:28952 pid:8 ppid:2 flags:0x00004000 [ 181.163311] Workqueue: 0x0 (kblockd) [ 181.163601] Call Trace: [ 181.163794] [ 181.163984] __schedule+0x893/0x2470 [ 181.164273] ? io_schedule_timeout+0x150/0x150 [ 181.164624] schedule+0xda/0x1b0 [ 181.164885] worker_thread+0x15f/0x1260 [ 181.165224] ? process_one_work+0x16a0/0x16a0 [ 181.165560] kthread+0x2ed/0x3a0 [ 181.165816] ? kthread_complete_and_exit+0x40/0x40 [ 181.166208] ret_from_fork+0x22/0x30 [ 181.166499] [ 181.166677] INFO: task mm_percpu_wq:10 blocked for more than 142 seconds. [ 181.167181] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.167570] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.168126] task:mm_percpu_wq state:I stack:30944 pid:10 ppid:2 flags:0x00004000 [ 181.168726] Call Trace: [ 181.168915] [ 181.169107] __schedule+0x893/0x2470 [ 181.169397] ? io_schedule_timeout+0x150/0x150 [ 181.169737] ? do_raw_spin_lock+0x121/0x260 [ 181.170085] ? rwlock_bug.part.0+0x90/0x90 [ 181.170405] schedule+0xda/0x1b0 [ 181.170668] rescuer_thread+0x851/0xdb0 [ 181.170986] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.171359] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.171728] ? lockdep_hardirqs_on+0x79/0x100 [ 181.172083] ? worker_thread+0x1260/0x1260 [ 181.172406] kthread+0x2ed/0x3a0 [ 181.172659] ? kthread_complete_and_exit+0x40/0x40 [ 181.173039] ret_from_fork+0x22/0x30 [ 181.173331] [ 181.173509] INFO: task rcu_tasks_kthre:11 blocked for more than 142 seconds. [ 181.174045] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.174437] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.175000] task:rcu_tasks_kthre state:I stack:29080 pid:11 ppid:2 flags:0x00004000 [ 181.175595] Call Trace: [ 181.175786] [ 181.175978] __schedule+0x893/0x2470 [ 181.176264] ? io_schedule_timeout+0x150/0x150 [ 181.176608] ? mark_held_locks+0x9e/0xe0 [ 181.176912] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.177302] schedule+0xda/0x1b0 [ 181.177564] rcu_tasks_one_gp+0x3db/0xc10 [ 181.177887] rcu_tasks_kthread+0x80/0xa0 [ 181.178213] ? rcu_tasks_postscan+0x10/0x10 [ 181.178530] kthread+0x2ed/0x3a0 [ 181.178786] ? kthread_complete_and_exit+0x40/0x40 [ 181.179168] ret_from_fork+0x22/0x30 [ 181.179460] [ 181.179633] INFO: task kworker/0:1:12 blocked for more than 142 seconds. [ 181.180125] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.180515] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.181073] task:kworker/0:1 state:I stack:27488 pid:12 ppid:2 flags:0x00004000 [ 181.181671] Workqueue: 0x0 (cgroup_destroy) [ 181.182016] Call Trace: [ 181.182214] [ 181.182387] __schedule+0x893/0x2470 [ 181.182684] ? io_schedule_timeout+0x150/0x150 [ 181.183055] ? rwlock_bug.part.0+0x90/0x90 [ 181.183397] schedule+0xda/0x1b0 [ 181.183666] worker_thread+0x15f/0x1260 [ 181.184033] ? __kthread_parkme+0x15a/0x220 [ 181.184367] ? process_one_work+0x16a0/0x16a0 [ 181.184719] kthread+0x2ed/0x3a0 [ 181.185018] ? kthread_complete_and_exit+0x40/0x40 [ 181.185394] ret_from_fork+0x22/0x30 [ 181.185697] [ 181.185883] INFO: task kworker/1:0H:21 blocked for more than 142 seconds. [ 181.186415] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.186830] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.187462] task:kworker/1:0H state:I stack:29760 pid:21 ppid:2 flags:0x00004000 [ 181.188112] Workqueue: 0x0 (events_highpri) [ 181.188454] Call Trace: [ 181.188655] [ 181.188849] __schedule+0x893/0x2470 [ 181.189166] ? io_schedule_timeout+0x150/0x150 [ 181.189535] schedule+0xda/0x1b0 [ 181.189803] worker_thread+0x15f/0x1260 [ 181.190159] ? process_one_work+0x16a0/0x16a0 [ 181.190512] kthread+0x2ed/0x3a0 [ 181.190782] ? kthread_complete_and_exit+0x40/0x40 [ 181.191199] ret_from_fork+0x22/0x30 [ 181.191508] [ 181.191694] INFO: task inet_frag_wq:23 blocked for more than 142 seconds. [ 181.192220] Not tainted 6.0.0-rc7-next-20220930 #1 [ 181.192631] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 181.193220] task:inet_frag_wq state:I stack:30704 pid:23 ppid:2 flags:0x00004000 [ 181.193852] Call Trace: [ 181.194076] [ 181.194262] __schedule+0x893/0x2470 [ 181.194561] ? io_schedule_timeout+0x150/0x150 [ 181.194918] ? do_raw_spin_lock+0x121/0x260 [ 181.195275] ? rwlock_bug.part.0+0x90/0x90 [ 181.195611] schedule+0xda/0x1b0 [ 181.195884] rescuer_thread+0x851/0xdb0 [ 181.196222] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.196618] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 181.197026] ? lockdep_hardirqs_on+0x79/0x100 [ 181.197379] ? worker_thread+0x1260/0x1260 [ 181.197713] kthread+0x2ed/0x3a0 [ 181.197997] ? kthread_complete_and_exit+0x40/0x40 [ 181.198395] ret_from_fork+0x22/0x30 [ 181.198701] [ 181.198964] [ 181.198964] Showing all locks held in the system: [ 181.199430] 2 locks held by kworker/u4:0/9: [ 181.199751] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 181.200555] #1: ffff88800861fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 181.201383] 1 lock held by rcu_tasks_kthre/11: [ 181.201730] #0: ffffffff85406850 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10 [ 181.202491] 1 lock held by khungtaskd/26: [ 181.202803] #0: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 181.203512] 2 locks held by kworker/u4:2/33: [ 181.203842] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 181.204637] #1: ffff888009337db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 181.205468] 1 lock held by kmemleak/55: [ 181.205773] 1 lock held by in:imklog/211: [ 181.206112] 2 locks held by kworker/u4:4/325: [ 181.206451] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 181.207252] #1: ffff88801ecb7db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 181.208087] 2 locks held by kworker/u4:5/327: [ 181.208427] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 181.209239] #1: ffff8880162f7db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 181.210089] 2 locks held by kworker/u4:6/329: [ 181.210426] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 181.211231] #1: ffff88801831fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 181.212072] 2 locks held by kworker/u4:7/331: [ 181.212419] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 181.213216] #1: ffff88801d7ffdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 181.214057] 2 locks held by kworker/u4:9/431: [ 181.214400] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 181.215209] #1: ffff88801a137db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 181.216030] 1 lock held by modprobe/7248: [ 181.216347] 3 locks held by modprobe/7250: [ 181.216669] 1 lock held by modprobe/7251: [ 181.217000] 1 lock held by modprobe/7252: [ 181.217313] 1 lock held by modprobe/7253: [ 181.217632] [ 181.217764] ============================================= [ 181.217764] 23:17:47 executing program 1: r0 = syz_io_uring_setup(0x2b2, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2, 0x184}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x4, 0x102, 0x285}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f00000003c0)=0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000500)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, &(0x7f0000000400)=0x80, &(0x7f0000000300)=@isdn, 0x0, 0x80800, 0x0, {0x0, r6}}, 0x3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r8 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r7, r8], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r9, 0x0, 0x0, 0x87ffffc) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000540), &(0x7f0000000580)=0x4) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x4}, 0x101) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0x7d28, 0x2, 0x1, 0x60}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) [ 183.760825] audit: type=1400 audit(1664752667.857:7): avc: denied { open } for pid=7385 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 183.762694] audit: type=1400 audit(1664752667.857:8): avc: denied { kernel } for pid=7385 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 183.788436] ------------[ cut here ]------------ [ 183.788459] [ 183.788462] ====================================================== [ 183.788466] WARNING: possible circular locking dependency detected [ 183.788470] 6.0.0-rc7-next-20220930 #1 Not tainted [ 183.788477] ------------------------------------------------------ [ 183.788480] syz-executor.1/7386 is trying to acquire lock: [ 183.788487] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 183.788531] [ 183.788531] but task is already holding lock: [ 183.788534] ffff88800f4a0420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 183.788564] [ 183.788564] which lock already depends on the new lock. [ 183.788564] [ 183.788567] [ 183.788567] the existing dependency chain (in reverse order) is: [ 183.788570] [ 183.788570] -> #3 (&ctx->lock){....}-{2:2}: [ 183.788586] _raw_spin_lock+0x2a/0x40 [ 183.788598] __perf_event_task_sched_out+0x53b/0x18d0 [ 183.788611] __schedule+0xedd/0x2470 [ 183.788627] schedule+0xda/0x1b0 [ 183.788642] exit_to_user_mode_prepare+0x114/0x1a0 [ 183.788657] syscall_exit_to_user_mode+0x19/0x40 [ 183.788672] do_syscall_64+0x48/0x90 [ 183.788691] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 183.788706] [ 183.788706] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 183.788721] _raw_spin_lock_nested+0x30/0x40 [ 183.788734] raw_spin_rq_lock_nested+0x1e/0x30 [ 183.788748] task_fork_fair+0x63/0x4d0 [ 183.788767] sched_cgroup_fork+0x3d0/0x540 [ 183.788783] copy_process+0x4183/0x6e20 [ 183.788795] kernel_clone+0xe7/0x890 [ 183.788806] user_mode_thread+0xad/0xf0 [ 183.788818] rest_init+0x24/0x250 [ 183.788831] arch_call_rest_init+0xf/0x14 [ 183.788851] start_kernel+0x4c6/0x4eb [ 183.788869] secondary_startup_64_no_verify+0xe0/0xeb [ 183.788884] [ 183.788884] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 183.788900] _raw_spin_lock_irqsave+0x39/0x60 [ 183.788913] try_to_wake_up+0xab/0x1930 [ 183.788932] up+0x75/0xb0 [ 183.788948] __up_console_sem+0x6e/0x80 [ 183.788966] console_unlock+0x46a/0x590 [ 183.788984] vprintk_emit+0x1bd/0x560 [ 183.789003] vprintk+0x84/0xa0 [ 183.789021] _printk+0xba/0xf1 [ 183.789034] kauditd_hold_skb.cold+0x3f/0x4e [ 183.789053] kauditd_send_queue+0x233/0x290 [ 183.789071] kauditd_thread+0x5f9/0x9c0 [ 183.789091] kthread+0x2ed/0x3a0 [ 183.789112] ret_from_fork+0x22/0x30 [ 183.789128] [ 183.789128] -> #0 ((console_sem).lock){....}-{2:2}: [ 183.789144] __lock_acquire+0x2a02/0x5e70 [ 183.789167] lock_acquire+0x1a2/0x530 [ 183.789185] _raw_spin_lock_irqsave+0x39/0x60 [ 183.789197] down_trylock+0xe/0x70 [ 183.789214] __down_trylock_console_sem+0x3b/0xd0 [ 183.789235] vprintk_emit+0x16b/0x560 [ 183.789256] vprintk+0x84/0xa0 [ 183.789275] _printk+0xba/0xf1 [ 183.789286] report_bug.cold+0x72/0xab [ 183.789306] handle_bug+0x3c/0x70 [ 183.789326] exc_invalid_op+0x14/0x50 [ 183.789345] asm_exc_invalid_op+0x16/0x20 [ 183.789359] group_sched_out.part.0+0x2c7/0x460 [ 183.789380] ctx_sched_out+0x8f1/0xc10 [ 183.789401] __perf_event_task_sched_out+0x6d0/0x18d0 [ 183.789413] __schedule+0xedd/0x2470 [ 183.789429] schedule+0xda/0x1b0 [ 183.789444] exit_to_user_mode_prepare+0x114/0x1a0 [ 183.789459] syscall_exit_to_user_mode+0x19/0x40 [ 183.789476] do_syscall_64+0x48/0x90 [ 183.789495] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 183.789510] [ 183.789510] other info that might help us debug this: [ 183.789510] [ 183.789513] Chain exists of: [ 183.789513] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 183.789513] [ 183.789531] Possible unsafe locking scenario: [ 183.789531] [ 183.789533] CPU0 CPU1 [ 183.789536] ---- ---- [ 183.789538] lock(&ctx->lock); [ 183.789547] lock(&rq->__lock); [ 183.789556] lock(&ctx->lock); [ 183.789564] lock((console_sem).lock); [ 183.789570] [ 183.789570] *** DEADLOCK *** [ 183.789570] [ 183.789572] 2 locks held by syz-executor.1/7386: [ 183.789580] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 183.789614] #1: ffff88800f4a0420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 183.789647] [ 183.789647] stack backtrace: [ 183.789650] CPU: 1 PID: 7386 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 183.789664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 183.789673] Call Trace: [ 183.789677] [ 183.789681] dump_stack_lvl+0x8b/0xb3 [ 183.789705] check_noncircular+0x263/0x2e0 [ 183.789726] ? format_decode+0x26c/0xb50 [ 183.789744] ? print_circular_bug+0x450/0x450 [ 183.789764] ? simple_strtoul+0x30/0x30 [ 183.789782] ? format_decode+0x26c/0xb50 [ 183.789805] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 183.789825] __lock_acquire+0x2a02/0x5e70 [ 183.789849] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 183.789877] lock_acquire+0x1a2/0x530 [ 183.789897] ? down_trylock+0xe/0x70 [ 183.789916] ? lock_release+0x750/0x750 [ 183.789942] ? vprintk+0x84/0xa0 [ 183.789963] _raw_spin_lock_irqsave+0x39/0x60 [ 183.789976] ? down_trylock+0xe/0x70 [ 183.789994] down_trylock+0xe/0x70 [ 183.790015] ? vprintk+0x84/0xa0 [ 183.790034] __down_trylock_console_sem+0x3b/0xd0 [ 183.790054] vprintk_emit+0x16b/0x560 [ 183.790093] vprintk+0x84/0xa0 [ 183.790113] _printk+0xba/0xf1 [ 183.790126] ? record_print_text.cold+0x16/0x16 [ 183.790146] ? report_bug.cold+0x66/0xab [ 183.790169] ? group_sched_out.part.0+0x2c7/0x460 [ 183.790190] report_bug.cold+0x72/0xab [ 183.790211] handle_bug+0x3c/0x70 [ 183.790234] exc_invalid_op+0x14/0x50 [ 183.790255] asm_exc_invalid_op+0x16/0x20 [ 183.790269] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 183.790293] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 183.790308] RSP: 0018:ffff88803d677c48 EFLAGS: 00010006 [ 183.790318] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.790327] RDX: ffff888009349ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 183.790336] RBP: ffff88801da28000 R08: 0000000000000005 R09: 0000000000000001 [ 183.790344] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f4a0400 [ 183.790353] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 183.790365] ? group_sched_out.part.0+0x2c7/0x460 [ 183.790391] ? group_sched_out.part.0+0x2c7/0x460 [ 183.790413] ctx_sched_out+0x8f1/0xc10 [ 183.790436] __perf_event_task_sched_out+0x6d0/0x18d0 [ 183.790454] ? lock_is_held_type+0xd7/0x130 [ 183.790470] ? __perf_cgroup_move+0x160/0x160 [ 183.790483] ? set_next_entity+0x304/0x550 [ 183.790503] ? update_curr+0x267/0x740 [ 183.790526] ? lock_is_held_type+0xd7/0x130 [ 183.790542] __schedule+0xedd/0x2470 [ 183.790562] ? io_schedule_timeout+0x150/0x150 [ 183.790581] ? rcu_read_lock_sched_held+0x3e/0x80 [ 183.790608] schedule+0xda/0x1b0 [ 183.790626] exit_to_user_mode_prepare+0x114/0x1a0 [ 183.790640] syscall_exit_to_user_mode+0x19/0x40 [ 183.790656] do_syscall_64+0x48/0x90 [ 183.790676] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 183.790696] RIP: 0033:0x7fea52c49b19 [ 183.790705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 183.790718] RSP: 002b:00007fea501bf218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 183.790731] RAX: 0000000000000001 RBX: 00007fea52d5cf68 RCX: 00007fea52c49b19 [ 183.790739] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fea52d5cf6c [ 183.790748] RBP: 00007fea52d5cf60 R08: 000000000000000e R09: 0000000000000000 [ 183.790756] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fea52d5cf6c [ 183.790765] R13: 00007ffce5e4ff1f R14: 00007fea501bf300 R15: 0000000000022000 [ 183.790783] [ 183.852931] WARNING: CPU: 1 PID: 7386 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 183.853689] Modules linked in: [ 183.853960] CPU: 1 PID: 7386 Comm: syz-executor.1 Not tainted 6.0.0-rc7-next-20220930 #1 [ 183.854615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 183.855517] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 183.855963] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 183.857669] RSP: 0018:ffff88803d677c48 EFLAGS: 00010006 [ 183.858228] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.858911] RDX: ffff888009349ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 183.859490] RBP: ffff88801da28000 R08: 0000000000000005 R09: 0000000000000001 [ 183.860061] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f4a0400 [ 183.860633] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 183.861214] FS: 00007fea501bf700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 183.861861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.862346] CR2: 00007f591d6f4620 CR3: 000000001630a000 CR4: 0000000000350ee0 [ 183.862925] Call Trace: [ 183.863138] [ 183.863322] ctx_sched_out+0x8f1/0xc10 [ 183.863649] __perf_event_task_sched_out+0x6d0/0x18d0 [ 183.864079] ? lock_is_held_type+0xd7/0x130 [ 183.864429] ? __perf_cgroup_move+0x160/0x160 [ 183.864797] ? set_next_entity+0x304/0x550 [ 183.865148] ? update_curr+0x267/0x740 [ 183.865473] ? lock_is_held_type+0xd7/0x130 [ 183.865831] __schedule+0xedd/0x2470 [ 183.866152] ? io_schedule_timeout+0x150/0x150 [ 183.866532] ? rcu_read_lock_sched_held+0x3e/0x80 [ 183.866933] schedule+0xda/0x1b0 [ 183.867219] exit_to_user_mode_prepare+0x114/0x1a0 [ 183.867618] syscall_exit_to_user_mode+0x19/0x40 [ 183.868011] do_syscall_64+0x48/0x90 [ 183.868333] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 183.868755] RIP: 0033:0x7fea52c49b19 [ 183.869063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 183.870530] RSP: 002b:00007fea501bf218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 183.871135] RAX: 0000000000000001 RBX: 00007fea52d5cf68 RCX: 00007fea52c49b19 [ 183.871708] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fea52d5cf6c [ 183.872276] RBP: 00007fea52d5cf60 R08: 000000000000000e R09: 0000000000000000 [ 183.872847] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fea52d5cf6c [ 183.873415] R13: 00007ffce5e4ff1f R14: 00007fea501bf300 R15: 0000000000022000 [ 183.873990] [ 183.874208] irq event stamp: 3884 [ 183.874498] hardirqs last enabled at (3883): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 183.875245] hardirqs last disabled at (3884): [] __schedule+0x1225/0x2470 [ 183.875910] softirqs last enabled at (3682): [] __irq_exit_rcu+0x11b/0x180 [ 183.876598] softirqs last disabled at (3673): [] __irq_exit_rcu+0x11b/0x180 [ 183.877277] ---[ end trace 0000000000000000 ]--- 23:17:48 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/107, 0x6b}], 0x300, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r2, &(0x7f0000008980)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x97, 0x0, 0xb, [0x1, 0x3, 0x5]}]}}}], 0x20}}], 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000040)={{r3}, 0xfff, 0x5, 0x8}) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'veth0_to_bridge\x00'}, 0x18) 23:17:48 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/107, 0x6b}], 0x300, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r2, &(0x7f0000008980)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x97, 0x0, 0xb, [0x1, 0x3, 0x5]}]}}}], 0x20}}], 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000040)={{r3}, 0xfff, 0x5, 0x8}) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'veth0_to_bridge\x00'}, 0x18) 23:17:48 executing program 1: r0 = syz_io_uring_setup(0x2b2, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2, 0x184}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x4, 0x102, 0x285}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f00000003c0)=0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000500)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, &(0x7f0000000400)=0x80, &(0x7f0000000300)=@isdn, 0x0, 0x80800, 0x0, {0x0, r6}}, 0x3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r8 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r7, r8], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r9, 0x0, 0x0, 0x87ffffc) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000540), &(0x7f0000000580)=0x4) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x4}, 0x101) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0x7d28, 0x2, 0x1, 0x60}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) 23:17:48 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/107, 0x6b}], 0x300, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r2, &(0x7f0000008980)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x97, 0x0, 0xb, [0x1, 0x3, 0x5]}]}}}], 0x20}}], 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000040)={{r3}, 0xfff, 0x5, 0x8}) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'veth0_to_bridge\x00'}, 0x18) 23:17:48 executing program 1: r0 = syz_io_uring_setup(0x2b2, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2, 0x184}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x4, 0x102, 0x285}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f00000003c0)=0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000500)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, &(0x7f0000000400)=0x80, &(0x7f0000000300)=@isdn, 0x0, 0x80800, 0x0, {0x0, r6}}, 0x3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r8 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r7, r8], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r9, 0x0, 0x0, 0x87ffffc) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000540), &(0x7f0000000580)=0x4) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x4}, 0x101) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0x7d28, 0x2, 0x1, 0x60}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) 23:17:48 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/107, 0x6b}], 0x300, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r2, &(0x7f0000008980)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x97, 0x0, 0xb, [0x1, 0x3, 0x5]}]}}}], 0x20}}], 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000040)={{r3}, 0xfff, 0x5, 0x8}) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'veth0_to_bridge\x00'}, 0x18) 23:17:48 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/107, 0x6b}], 0x300, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r2, &(0x7f0000008980)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x97, 0x0, 0xb, [0x1, 0x3, 0x5]}]}}}], 0x20}}], 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000040)={{r3}, 0xfff, 0x5, 0x8}) [ 185.029886] loop4: detected capacity change from 0 to 264192 [ 185.030988] tmpfs: Unsupported parameter 'huge' [ 185.049755] loop4: detected capacity change from 0 to 264192 [ 185.051263] tmpfs: Unsupported parameter 'huge' VM DIAGNOSIS: 23:17:45 Registers: info registers vcpu 0 RAX=ffff8880331a8001 RBX=ffff8880331a7c60 RCX=0000000000000001 RDX=ffff8880331a7c68 RSI=ffff8880331a7c30 RDI=0000000000000001 RBP=ffff8880331a0000 RSP=ffff8880331a74f0 R8 =ffffffff85ed09e2 R9 =ffffffff85ed09e6 R10=ffffed1006634ebc R11=ffff8880331a75b8 R12=ffff8880331a75b9 R13=ffff8880331a75d8 R14=ffff8880331a7578 R15=0000000000000007 RIP=ffffffff812035f0 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f22452bc540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2245796000 CR3=000000003d7f0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00ff000000000000 00000000000000ff YMM01=0000000000000000 0000000000000000 ff00ffffffffffff ffffffffffffff00 YMM02=0000000000000000 0000000000000000 4f0063305f315f31 5f4c53534e45504f YMM03=0000000000000000 0000000000000000 000000000000314e 5341006c756f7472 YMM04=0000000000000000 0000000000000000 65675f454c424154 5f474e495254535f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff823bb06c RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff8880087af840 R8 =0000000000000004 R9 =0000000000000010 R10=0000000000000010 R11=0000000000000001 R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0ecb584 R15=dffffc0000000000 RIP=ffffffff823bb0c1 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555bdfd264c8 CR3=000000003d7e4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM01=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000ff00000000ff YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000