Warning: Permanently added '[localhost]:39393' (ECDSA) to the list of known hosts. 2022/10/04 04:49:14 fuzzer started 2022/10/04 04:49:14 dialing manager at localhost:35095 syzkaller login: [ 44.213846] cgroup: Unknown subsys name 'net' [ 44.328509] cgroup: Unknown subsys name 'rlimit' 2022/10/04 04:49:30 syscalls: 2215 2022/10/04 04:49:30 code coverage: enabled 2022/10/04 04:49:30 comparison tracing: enabled 2022/10/04 04:49:30 extra coverage: enabled 2022/10/04 04:49:30 setuid sandbox: enabled 2022/10/04 04:49:30 namespace sandbox: enabled 2022/10/04 04:49:30 Android sandbox: enabled 2022/10/04 04:49:30 fault injection: enabled 2022/10/04 04:49:30 leak checking: enabled 2022/10/04 04:49:30 net packet injection: enabled 2022/10/04 04:49:30 net device setup: enabled 2022/10/04 04:49:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/04 04:49:30 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/04 04:49:30 USB emulation: enabled 2022/10/04 04:49:30 hci packet injection: enabled 2022/10/04 04:49:30 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/04 04:49:30 802.15.4 emulation: enabled 2022/10/04 04:49:30 fetching corpus: 50, signal 23844/25708 (executing program) 2022/10/04 04:49:30 fetching corpus: 100, signal 33450/37061 (executing program) 2022/10/04 04:49:30 fetching corpus: 150, signal 43214/48455 (executing program) 2022/10/04 04:49:31 fetching corpus: 200, signal 51399/58169 (executing program) 2022/10/04 04:49:31 fetching corpus: 250, signal 58741/66988 (executing program) 2022/10/04 04:49:31 fetching corpus: 300, signal 65264/74887 (executing program) 2022/10/04 04:49:31 fetching corpus: 350, signal 67973/79033 (executing program) 2022/10/04 04:49:31 fetching corpus: 400, signal 71468/83905 (executing program) 2022/10/04 04:49:31 fetching corpus: 450, signal 76845/90502 (executing program) 2022/10/04 04:49:31 fetching corpus: 500, signal 80063/95041 (executing program) 2022/10/04 04:49:32 fetching corpus: 550, signal 83213/99482 (executing program) 2022/10/04 04:49:32 fetching corpus: 600, signal 87236/104695 (executing program) 2022/10/04 04:49:32 fetching corpus: 650, signal 89079/107839 (executing program) 2022/10/04 04:49:32 fetching corpus: 700, signal 91598/111577 (executing program) 2022/10/04 04:49:32 fetching corpus: 750, signal 94251/115379 (executing program) 2022/10/04 04:49:32 fetching corpus: 800, signal 97758/119931 (executing program) 2022/10/04 04:49:32 fetching corpus: 850, signal 100049/123357 (executing program) 2022/10/04 04:49:32 fetching corpus: 900, signal 101666/126171 (executing program) 2022/10/04 04:49:33 fetching corpus: 950, signal 104003/129597 (executing program) 2022/10/04 04:49:33 fetching corpus: 1000, signal 106656/133258 (executing program) 2022/10/04 04:49:33 fetching corpus: 1050, signal 108455/136118 (executing program) 2022/10/04 04:49:33 fetching corpus: 1100, signal 111136/139785 (executing program) 2022/10/04 04:49:33 fetching corpus: 1150, signal 112406/142148 (executing program) 2022/10/04 04:49:33 fetching corpus: 1200, signal 114221/144951 (executing program) 2022/10/04 04:49:33 fetching corpus: 1250, signal 117268/148773 (executing program) 2022/10/04 04:49:33 fetching corpus: 1300, signal 118489/151061 (executing program) 2022/10/04 04:49:33 fetching corpus: 1350, signal 120109/153682 (executing program) 2022/10/04 04:49:34 fetching corpus: 1400, signal 122096/156557 (executing program) 2022/10/04 04:49:34 fetching corpus: 1450, signal 124179/159508 (executing program) 2022/10/04 04:49:34 fetching corpus: 1500, signal 125853/162091 (executing program) 2022/10/04 04:49:34 fetching corpus: 1550, signal 127495/164635 (executing program) 2022/10/04 04:49:34 fetching corpus: 1600, signal 129086/167091 (executing program) 2022/10/04 04:49:34 fetching corpus: 1650, signal 130339/169306 (executing program) 2022/10/04 04:49:34 fetching corpus: 1700, signal 131420/171315 (executing program) 2022/10/04 04:49:34 fetching corpus: 1750, signal 132853/173618 (executing program) 2022/10/04 04:49:35 fetching corpus: 1800, signal 134410/175996 (executing program) 2022/10/04 04:49:35 fetching corpus: 1850, signal 135394/177915 (executing program) 2022/10/04 04:49:35 fetching corpus: 1900, signal 138698/181533 (executing program) 2022/10/04 04:49:35 fetching corpus: 1950, signal 141560/184815 (executing program) 2022/10/04 04:49:35 fetching corpus: 2000, signal 143418/187306 (executing program) 2022/10/04 04:49:35 fetching corpus: 2050, signal 144556/189281 (executing program) 2022/10/04 04:49:35 fetching corpus: 2100, signal 145735/191235 (executing program) 2022/10/04 04:49:35 fetching corpus: 2150, signal 146549/192852 (executing program) 2022/10/04 04:49:36 fetching corpus: 2200, signal 147102/194349 (executing program) 2022/10/04 04:49:36 fetching corpus: 2250, signal 147676/195783 (executing program) 2022/10/04 04:49:36 fetching corpus: 2300, signal 148259/197277 (executing program) 2022/10/04 04:49:36 fetching corpus: 2350, signal 149275/199045 (executing program) 2022/10/04 04:49:36 fetching corpus: 2400, signal 150371/200899 (executing program) 2022/10/04 04:49:36 fetching corpus: 2450, signal 151101/202466 (executing program) 2022/10/04 04:49:36 fetching corpus: 2500, signal 152172/204254 (executing program) 2022/10/04 04:49:36 fetching corpus: 2550, signal 153037/205859 (executing program) 2022/10/04 04:49:36 fetching corpus: 2600, signal 153721/207374 (executing program) 2022/10/04 04:49:37 fetching corpus: 2650, signal 154658/209011 (executing program) 2022/10/04 04:49:37 fetching corpus: 2700, signal 155807/210803 (executing program) 2022/10/04 04:49:37 fetching corpus: 2750, signal 156647/212361 (executing program) 2022/10/04 04:49:37 fetching corpus: 2800, signal 157269/213796 (executing program) 2022/10/04 04:49:37 fetching corpus: 2850, signal 157933/215221 (executing program) 2022/10/04 04:49:37 fetching corpus: 2900, signal 158621/216646 (executing program) 2022/10/04 04:49:37 fetching corpus: 2950, signal 159231/218005 (executing program) 2022/10/04 04:49:37 fetching corpus: 3000, signal 159742/219282 (executing program) 2022/10/04 04:49:37 fetching corpus: 3050, signal 160732/220897 (executing program) 2022/10/04 04:49:37 fetching corpus: 3100, signal 161661/222437 (executing program) 2022/10/04 04:49:38 fetching corpus: 3150, signal 162233/223798 (executing program) 2022/10/04 04:49:38 fetching corpus: 3200, signal 162973/225194 (executing program) 2022/10/04 04:49:38 fetching corpus: 3250, signal 163700/226641 (executing program) 2022/10/04 04:49:38 fetching corpus: 3300, signal 164777/228243 (executing program) 2022/10/04 04:49:38 fetching corpus: 3350, signal 165558/229604 (executing program) 2022/10/04 04:49:38 fetching corpus: 3400, signal 166325/231012 (executing program) 2022/10/04 04:49:38 fetching corpus: 3450, signal 167373/232528 (executing program) 2022/10/04 04:49:38 fetching corpus: 3500, signal 167975/233803 (executing program) 2022/10/04 04:49:39 fetching corpus: 3550, signal 169019/235310 (executing program) 2022/10/04 04:49:39 fetching corpus: 3600, signal 170215/236916 (executing program) 2022/10/04 04:49:39 fetching corpus: 3650, signal 171009/238208 (executing program) 2022/10/04 04:49:39 fetching corpus: 3700, signal 171783/239544 (executing program) 2022/10/04 04:49:39 fetching corpus: 3750, signal 173459/241346 (executing program) 2022/10/04 04:49:39 fetching corpus: 3800, signal 174447/242743 (executing program) 2022/10/04 04:49:39 fetching corpus: 3850, signal 175392/244150 (executing program) 2022/10/04 04:49:39 fetching corpus: 3900, signal 176692/245626 (executing program) 2022/10/04 04:49:40 fetching corpus: 3950, signal 177515/246903 (executing program) 2022/10/04 04:49:40 fetching corpus: 4000, signal 178690/248340 (executing program) 2022/10/04 04:49:40 fetching corpus: 4050, signal 179489/249606 (executing program) 2022/10/04 04:49:40 fetching corpus: 4100, signal 180949/251154 (executing program) 2022/10/04 04:49:40 fetching corpus: 4150, signal 181937/252453 (executing program) 2022/10/04 04:49:40 fetching corpus: 4200, signal 182868/253767 (executing program) 2022/10/04 04:49:40 fetching corpus: 4250, signal 183371/254833 (executing program) 2022/10/04 04:49:41 fetching corpus: 4300, signal 183691/255852 (executing program) 2022/10/04 04:49:41 fetching corpus: 4350, signal 184004/256823 (executing program) 2022/10/04 04:49:41 fetching corpus: 4400, signal 184637/257940 (executing program) 2022/10/04 04:49:41 fetching corpus: 4450, signal 185619/259200 (executing program) 2022/10/04 04:49:41 fetching corpus: 4500, signal 186837/260549 (executing program) 2022/10/04 04:49:41 fetching corpus: 4550, signal 187657/261727 (executing program) 2022/10/04 04:49:41 fetching corpus: 4600, signal 188676/263030 (executing program) 2022/10/04 04:49:41 fetching corpus: 4650, signal 189580/264207 (executing program) 2022/10/04 04:49:41 fetching corpus: 4700, signal 191194/265601 (executing program) 2022/10/04 04:49:42 fetching corpus: 4750, signal 191719/266595 (executing program) 2022/10/04 04:49:42 fetching corpus: 4800, signal 192422/267719 (executing program) 2022/10/04 04:49:42 fetching corpus: 4850, signal 192813/268671 (executing program) 2022/10/04 04:49:42 fetching corpus: 4900, signal 193329/269639 (executing program) 2022/10/04 04:49:42 fetching corpus: 4950, signal 193892/270631 (executing program) 2022/10/04 04:49:42 fetching corpus: 5000, signal 194754/271744 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/272532 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/273302 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/274054 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/274785 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/275566 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/276366 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/277104 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/277874 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/278624 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/279428 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/280195 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/280990 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/281764 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/282520 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/283270 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/284050 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/284838 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/285623 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/286401 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/287171 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/287920 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/288715 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/289459 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/290181 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/290977 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/291757 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/292488 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/293277 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/294068 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/294805 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/295537 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/296333 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/297110 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/297876 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/298658 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/299461 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/300211 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/300992 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/301751 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/302543 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/303336 (executing program) 2022/10/04 04:49:42 fetching corpus: 5012, signal 194825/304141 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/304926 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/305702 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/306482 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/307219 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/307953 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/308750 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/309527 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/310265 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/311006 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/311796 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/312596 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/313383 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/314127 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/314824 (executing program) 2022/10/04 04:49:43 fetching corpus: 5012, signal 194825/314824 (executing program) 2022/10/04 04:49:45 starting 8 fuzzer processes 04:49:45 executing program 0: ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000000)) ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) ioctl$FIOCLEX(0xffffffffffffffff, 0x5451) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x103100, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000080), 0x6e, &(0x7f0000000400)=[{&(0x7f0000000100)=""/4, 0x4}, {&(0x7f0000000140)=""/194, 0xc2}, {&(0x7f0000000240)=""/212, 0xd4}, {&(0x7f0000000340)=""/133, 0x85}], 0x4, &(0x7f0000000440)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x50}, 0x0) ioctl$RTC_ALM_READ(r2, 0x80247008, &(0x7f0000000500)) ioctl$RTC_ALM_READ(r5, 0x80247008, &(0x7f0000000540)) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f00000005c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'}) fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000580)='#$%\x00', 0x0, r8) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x4000010, 0xffffffffffffffff, 0x47214000) r9 = pidfd_open(r6, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000600)='system.posix_acl_default\x00', &(0x7f0000000640)={{}, {0x1, 0x7}, [], {0x4, 0x4}, [{0x8, 0x4, r7}, {0x8, 0xb, r7}], {0x10, 0x4}}, 0x34, 0x0) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000680)='/sys/module/e1000', 0x210001, 0x176) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r10, 0x4008941a, &(0x7f00000006c0)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000700)={{0x1, 0x1, 0x18, r3, {r0}}, './file0\x00'}) ioctl$RTC_PIE_ON(r12, 0x7005) ioctl$RTC_PIE_ON(r11, 0x7005) openat2(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x2}, 0x18) syz_io_uring_setup(0x24b9, &(0x7f00000007c0)={0x0, 0x3044, 0x10, 0x0, 0x174, 0x0, r3}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000840)=0x0, &(0x7f0000000880)) syz_io_uring_submit(r13, 0x0, &(0x7f0000000900)=@IORING_OP_OPENAT={0x12, 0x8, 0x0, r8, 0x0, &(0x7f00000008c0)='./file0\x00', 0xc1, 0x8100, 0x23456}, 0x8001) 04:49:45 executing program 1: sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000040)={0x1c4, 0x0, 0x420, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffd}]}, @TIPC_NLA_MEDIA={0x40, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xcdc7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1000}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x806}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3ff}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffff8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x400}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x20}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x101}]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4004040}, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x20, 0x3, 0x8, 0x401, 0x0, 0x0, {0x5, 0x0, 0x3}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24004000}, 0x20000000) r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, r0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000045}, 0x4004000) getsockname(0xffffffffffffffff, &(0x7f0000000500)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, &(0x7f0000000580)=0x80) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r1, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x44, r2, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x87f, 0x5c}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x3b}, @NL80211_ATTR_COOKIE={0xc}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x33}]}, 0x44}, 0x1, 0x0, 0x0, 0x4804}, 0x4008810) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SCAN_REQ(r3, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x2c, r0, 0x10, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0xc}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x8}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x480d0}, 0x20004000) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000880), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(r4, &(0x7f0000000980)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x30, r5, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x7ff}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000000}, 0x800) sendmsg$IEEE802154_LIST_PHY(r4, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, r0, 0x1, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4008000) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000b00)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x2c, 0x0, 0x800, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x2c}}, 0x4) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADDDEF(r9, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x30, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x28}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x24004010) syz_genetlink_get_family_id$nl80211(&(0x7f0000000d00), r1) 04:49:45 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0x480000, 0x100) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0x1, 0x4}, 0x6) fcntl$addseals(r1, 0x409, 0x3) r2 = fcntl$dupfd(r0, 0x406, r0) ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f00000000c0)=""/173) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000180)=""/232, &(0x7f0000000280)=0xe8) ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f00000002c0)) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000300)=0x2) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/66, 0x42, 0x1, &(0x7f00000003c0)=""/39, 0x27}, &(0x7f0000000440)=0x40) r3 = socket$inet6(0xa, 0x5, 0x2) getsockopt$IP_SET_OP_GET_BYNAME(r3, 0x1, 0x53, &(0x7f0000000480)={0x6, 0x7, 'syz2\x00'}, &(0x7f00000004c0)=0x28) ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000500)=""/90) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000580)={{0x1, 0x1, 0x18, r2, {0x1}}, './file0\x00'}) sendmsg$TIPC_NL_PUBL_GET(r4, &(0x7f0000000800)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000600)={0x1a0, 0x0, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "7ead5fdc4cf08866c088514f41c2768b930c6940e5bfe869914ae310736f1f"}}]}, @TIPC_NLA_LINK={0x34, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2836}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x715}]}]}, @TIPC_NLA_SOCK={0x20, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x100}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x200}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x401}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x50273b48}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xf9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x80000001}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}]}, @TIPC_NLA_NODE={0xb0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80000001}, @TIPC_NLA_NODE_KEY={0x4b, 0x4, {'gcm(aes)\x00', 0x23, "53d7120546c710ecf3f43c8905f30212285ece2f8bd1c0529a22ae55efc2125ab73715"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "8c3b09a62f590faa408f479d0211e7c83b727f47b8cd6b25a72b426aed30367706e21efe"}}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x10}, 0x8040) syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r4) fcntl$getflags(0xffffffffffffffff, 0x401) r5 = syz_io_uring_complete(0x0) connect$inet6(r5, &(0x7f0000000880)={0xa, 0x4e20, 0x216, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0x1000}, 0x1c) pwritev(r4, &(0x7f0000000900)=[{&(0x7f00000008c0)="217653034d923300ff962330acb45fe865eb5c481c061f8d29718811bf471ab26eef4469f72ef2bfe732b59a", 0x2c}], 0x1, 0x4, 0x48) 04:49:45 executing program 2: getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@private0, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private0}, 0x0, @in=@private}}, &(0x7f0000000140)=0xe8) fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', r0, 0xffffffffffffffff, 0x1000) newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x6000) lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)={{}, {0x1, 0x1}, [{0x2, 0x2, r0}, {0x2, 0x4, r0}, {0x2, 0x2, r0}, {0x2, 0x4, r0}], {}, [{0x8, 0x2, 0xee01}, {0x8, 0x4, 0xffffffffffffffff}, {0x8, 0x7, 0xffffffffffffffff}, {0x8, 0xc694f59a0b1ec6a4, 0xee01}, {0x8, 0x6, r1}, {0x8, 0x2, 0xee01}, {}, {0x8, 0x2, 0xffffffffffffffff}], {0x10, 0x3}, {0x20, 0x3}}, 0x84, 0x3) newfstatat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) statx(0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', 0x4000, 0x7ff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000980)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r0, r1}}, './file0\x00'}) mount$9p_tcp(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x3200000, &(0x7f00000009c0)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@msize={'msize', 0x3d, 0x7}}, {@nodevmap}, {@access_uid={'access', 0x3d, r2}}, {@nodevmap}, {@loose}, {@loose}, {@noextend}, {@dfltuid={'dfltuid', 0x3d, r0}}], [{@seclabel}, {@uid_gt={'uid>', r4}}, {@obj_role}, {@context={'context', 0x3d, 'root'}}, {@context={'context', 0x3d, 'user_u'}}, {@fowner_lt={'fowner<', r6}}]}}) truncate(&(0x7f0000000ac0)='./file0\x00', 0xfff) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000bc0)={{{@in6=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private2}, 0x0, @in6=@ipv4={""/10, ""/2, @initdev}}}, &(0x7f0000000cc0)=0xe8) mount$9p_tcp(&(0x7f0000000b00), &(0x7f0000000b40)='./file0/file0\x00', &(0x7f0000000b80), 0x49000, &(0x7f0000000d00)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@nodevmap}, {@access_client}], [{@func={'func', 0x3d, 'MODULE_CHECK'}}, {@dont_appraise}, {@appraise_type}, {@subj_user={'subj_user', 0x3d, 'msize'}}, {@subj_type={'subj_type', 0x3d, 'port'}}, {@fowner_lt={'fowner<', r7}}]}}) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000e00)={{{@in6=@private0, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@empty}}, &(0x7f0000000f00)=0xe8) lchown(&(0x7f0000000dc0)='./file0/file0\x00', r8, r3) syncfs(r5) chmod(&(0x7f0000000f40)='./file0\x00', 0x108) mount$9p_tcp(&(0x7f0000000f80), &(0x7f0000000fc0)='./file0\x00', &(0x7f0000001000), 0x2000000, &(0x7f0000001040)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@version_L}, {@cachetag={'cachetag', 0x3d, 'uid>'}}], [{@obj_user={'obj_user', 0x3d, '\x9f($\\('}}]}}) r9 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000010c0), 0x1c3d061d9c921334, 0x0) mkdirat(r9, &(0x7f0000001100)='./file0/file0\x00', 0x100) faccessat(r5, &(0x7f0000001140)='./file0/file0\x00', 0x100) sendmsg$inet(r9, &(0x7f0000002840)={&(0x7f0000001180)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f00000026c0)=[{&(0x7f00000011c0)="322e4662660f7f663b9e9b7eeb", 0xd}, {&(0x7f0000001200)="7ab564ca9e011468f63cf792574bbfd9c6465981aa5b278383cfc31078447699b78ee57f3369b85a82c6a93a1af1851f4f840a6a617e1e0cd947dc0695f3a5e15b73d84cea235cc5f353a1b329c8777ef916220e884bd5b372bb914285567e8a39ee57cb9ff423d35523d1e5fdca2f96c997e5d96a34587cf3f712ec4018cefe653e0cd771caf4638c954a58a4883467238eba1b99f0fa6ba013467555e5b012ae150fc1071ccf0cd83b5cb6248b649a35db528f208af7cbdd", 0xb9}, {&(0x7f00000012c0)="aaa8be363055e51a7c2ba965b2ebcc304a2365e3d1afe16fa9542b6d591c894308e5e11ea14e3c560926e5866b75f87ce5dbc384d42a8365d4b8b360befa1cdb00afef62fd4959e31d6fa086d7d48a5d092cfec04c9851f00ed488ccbfa31f3efe47c403914efc6738e7bb0561ece7c66fe1db2b2119748edd84f857e25ca6c5a753d021a6eb0c99ce78f484363c9dbdcec6b3da5000a99535601391fcb96c9e1aaea11e46e26b58f8e85ded7a7a1f6f77cd44e5d2d3988d0f6ebe3ccb976275b6653b97a986892d3390d75a2066686585e98b8477ea79a7d018982902c152ef46a90bd639bd4312fb83f26c55a205e01d596eee363d4f2f20eca73e2163f4a1e4acf791872dc2351ec843ba7a8e2cb2190cd76ef0adab4bec0cd6ca1361bef6b05ca6058db1e0ee815610e46fe538947ae38979efbd2eebee6f7f03e02798000e7702143eb219a07133d43835c85c3e5608633c6aada964aa623f24ee2d70b8dcb58ef0c861bb2b2815b3e9c9769ccecbcbfe38b80168c959eb1996cc2f4b0a8a4a4c61567c871d8238a92a5f3ca057ec1f60034fed4d73a94dde3023d1ba8863f97f2d8fb4cb479649c809cef44bc3e9da8768649f6316b3206ce0bd3e8b98b3ee67fc74b853cbf6c8c8400274d17c663c848a1cb4f1ebab529db1a1fd6cfe592acae7f7503664cb2dde8b7da3757bb7bd2805ed5bcbcb5ed1376428e7e58b379be4a7dd8e08ee2344bffc62f349f16b1342c0296c072c6a764436b18d7b6dcae80a3cacfd841d15e16f62605db9637ee4c3ca9347cc79de7bc1b1f8b65b8d792bf5378eff7f3608bd7b583e3cdebd8b721237ef91423a2b69feb2da3c2a07e7153f93924fc7268f54c8f210ba5dbbdc42995f9faad1647f54820d0652baa5b3acea9f86f55872ef3e72840bc5ac31e64dce208bdae25bd5369968257b17a007dc825d4ca8d06be24ad4b505ae2fc3b561b9ccc6e1a4da1b1f1687aded334a0baddd19b761069bfd6f25cecca405fa7a8e1a8815e9473050ef20aa9da93a79d0375d2b76294dbf63a0d7d3ee3eba3ac40c041be7a0e56bc4debeda45e9418f2a59dc6ee759b3c4b4bbbeb1de47565d597c81b67a751c175de2808b93c4690057a7abec47b39a3bbd42d0659c1af30057556c822726a55535ae0b7124b24cff0c89bbfc87d65ac8fdd1e71754fe9678e7e81a2c74dd2ea023affc9dbc33ddc26982039965b2c660036e23794007ee4413be8430413e9bb433651edb53ceb10d1783472610809853ba9039f1f23fe634883d25da5db5e146e16f4152aca4c5baa8e8620dd3a57a548ea96ece3181ba6ea96a18ec0bf60c7bce226ec2e275660b794352822d810ccdefcf09dffe49bcfe160ae6961b1f2a5f871705f2fe18af8f44c6f071049d06c968fa197fe73d012799303aac19c49cf60d42d0faa5a8c71d34443a94cfb3e77bb58de88dcf91ad2b69b2c1410d4a6f67e4209b7cf06ae00a4cc078f66fcd4113df252283006541cf3cdc31c8a0389e458d5af4716209184c2b213c64d25d8b7082143a8814992d04bd348fa85852a2b899343510fe3989ce14cb8ff8ba7dcc52e4e2ac5e91052549d6ab432d066ddf31d747a5d506bb75b92d1dfb312ec65bb096a3c87e380d322ff2db4dda6eddf977cf7c4231a84ecd605f7d74b4d9dcece9045dc7808f8a61502dba20519e15dfa5bd8d5c490a5c89a184e9fdab3cd21c9ccf96147e7d4030434d12a2f22cffe68c2171dc0f32b8ee70aa00aa6d8b73911a9efa9c11b7aa4995dd13e77c4be7f8dc0001623efbffde08031b8e8655e92f7f40e1f8d5a8d46c7c7fee100175748d039bcc14957b02dbb8d946cb78a214e66dd60aef6820f6645a9966488ddfb6fe920200d0bf2c3bdf11079908a7f2eef702e5642ee2b01c44dd592f3d2404b7c9504e41ef7f725628585d99a376020c16567458e614575597e24a96820a6dd6942934656e4023fa057cf082988ae0a0a89c73a7ad42eff9bccc0e999f2258d31b915fa114ec30850d3eb9add8d5b1c9a6f748b793962f3ec7b4487aaae991087d0f9901fb83b36c4dcbd3315386046476e214e0069d51f8a09c60081a3fe9d7875002ee72684c2e4e48c69539b372c552a01c5a63cf4f19ed77add0db07236dba7389e04c48b67c64f27e3f20bb21c53b87856fd093c0b56d88721c07997d6265fea1afa3db4b0fe0e5bfd2703e8381417cd3a4ac13df3700f1c3c0dde698cd746e85dcfced81d085a92089d84d2ae680678c1c7fb8fd2e6278414146216b8ee50445b65fd48b773a782193c30cd8ec337fdd37cfbe101f82920a1edab0c17274fb7710d4d77e375fe3a2c28cf2d8afea744f57e96fa564ca4258224b38c27ee535f767190f4c0745e7ee4bfd727fe3439ea59a2929865e89ca734856312753823f2b7dc792d0b80ddb80d87264665e5a62f245608c89d8b62477175e5af3e3964d2abab50d58c6b1ceba5b39480545881df3cb6caa757e5e4024136fa7916c3c211c5e8b0b1d1c794cf52284b4e40f56bfd05061dbd317cd91ac9e91bed1016bf815e2b9daef4956f17170c7436c9aff3495b62d201b7b522ef862c49d3d690d62eeafb3decbcea7abf26d2d695a2ae7126821eeb397ca6562bc0806233423c28169ef5a7ab7db366593d0c89b0a9b0d26e53d8b08a8f7f4ba663195398066f0ce4bf2cc4ac0ebd75bd9d5977dc4a7e04b056678f5cde292f84aeb506ba8d741ec74201715aa8475d1db60c93d26b981cb9a254aca2c90e49e162b70022a493392df94199c80aeb6e66416bf583d3eaaf69812921ee7679b577103e3e03bfb878fc7608583878e55a7a70fa13efa9c800af5d8fca4061592c0675a7d911b20d6e7be08b89d3082bd18eefce82171376385d8b0f5ba4ae5d1c2c79f0b16bc611eefc0cbd4144821e2a1c20025952347e480d81b7f0ad390e6b6f98bafb11bf3ea0223071e7a4f6ac418c33115366290092abd517e03f8b845557ccd7550d6149d71f3b469a430fcbce3a1ddc328e96faa48f039831b2f2463a9819b6a45fe7099afd58918d61889ddb48cd76f18bac2e3c372f805ab82c1dd9b1bb6bc2f4a391565270254f9c5528bb38222387b52293ece08f4d814440dfcb713228235cb0bbec682f9f9d54267090532da3849ee5dc910c9af532abb0241c0053ec780cbb23a21066de91056474b3d19fdf6bc8f2570d7e6b0d02be752d1adc9f24764bde0d178710fe848ac4cfc810c65ccfd745fbe7c82e8323efcb94d3161442e1075f3778e039f42c57357c0529a3903727417c4103520585dedfe465ab8205b1979b9950f3a8e28d8d1855ea01133d3b4f6a310ddcd90b194f9aeabe82c33d9a6a29fb22689485d9c1f72053a7701815a5f2cd46dc254903dbbfd8e6982339b94295468bf2aaa1473658616d51a49ded6e0fda52e6502aa34526ab7d5165074ad81c825d17226d6d1792a6ccf08491f165a324c7d8615b5ecc42ab548bb88456d9e14aaa7bd636e8ff07a729087dbbe8cd0d931a4030d02a2cd36227037c713b8afde2c140395f91316935e1a969cbc8c28abfd3f887f62b7f2e93f952869699f93d111e5f8fec67ab05d24ac0e92306e1e3fac6c9ebcd915d991eb13ac7d67f646a8f19e119b84b2edb3a0b148209d6b4f1fe90fa195be2a2d0eae32567e193f6efca68b71baa4e0ec42a5ed69595f55b5fac38be737332fed6446c6fb8fc4efd5cd8bcfe6862de216b7c699e515544ade05248bd67e03a781f134ccda83173ebc7d1c94399669d85e9e9f506aa8c8bfdc0ed441dbaab5e8034b3d1060cafbfac9caffc836837df99e17837b072c87d73d8bf3e222f129cf89bf7fe89c7e99f52bf7a33f32f0bae6e8810e57257fb02fdd495c9be1407e9eb45424f42bf221bcfc6a88072d1ce41a2cabeaae47a6dfce7b92a19e0c08417bd4f32e7ad052cc07c53d102541dd79280a7e9cc2b861e4bbc8d29f1adad0130a87ad1437cf90c7fc7adc052e6597911b7ce3971dede4c656540fb8ba4d64c640b52e74a5f010a1691e8941f07c8aa51571784cc7304c3aa964dfd48d3c41e68c32bdf06ee0b1bd1c358772359ad080e07be9e5522bc78c394e94490db718c42a9b63e827de1325ca3e5594272b194476fe4243cf06def68c55808d51b591f456d7a4f85771c5c14279711e0fcf0483866d62ec4f43347ef19ddaa8cd58e81876a749ffb0afe1d32a76f0b17c2a808e49418ffaf6ea1ed8f822ff656694c22e76e476eb918ac113da8445088745f5b3e325cb2a3e3e0ac801b9a199ed0ad7503785e48101ffbc536197a06314c5e3d9bba641c237c3f069263a11bb973bf7c93e53bfc7574afecf83d072795c7d48600485fa3d9c138d1d98d5ac80093c683a5f529e53cee5019d75348024bb504777ddd313490a42ac9cc9141bc9ca70df4198feb10d753199ebce7a76c5cc8b03bc96e9576aff01101fdb5be2f310f273e5597167fd91d093bed2e13f335aa93ccbb2dd3b1431487c7f75ea286435bcea447184ad749a4d1f1d6589fc0cfe0c5a72e0987d9262b1d11b773c3dfc0646033470eab429e7de082354bf29a98e5386ca2e2e6ee2e5c5042cb12f9a7b88fb2d270f3a755bd47a015c94763e949efcfd9b8c1583c756395380f0e95986e431fadeb72f62db8a08390492ccb96acf7187d1ee4f095f882e869491ec8a828605efb2637a25295eb55ce5951ede51ed88f5ddb1bf6117ecd6fb2daccc2c0e5b9dfce71559aaef698e35491a025eb3ad252182660a3d4d9b75c4d01808d61f31c492c34cd0028d195c0fb4620625400ba7e9074b179a73c5d61655b4a01a909f9d9e0e4443fe8f398fc90d9ab8611059a8848f613c0884ea7696e913e29afa81bf6f7c80e151e10441e9e59dff2b18e1c062ffb5e9d075a4e688c882445d894940f2e6a59e88ec72136eee51ffaf7297d6c6e3b05ad00755ae6a4271e8083661a718b065921696c1f8ebce6a06c4c2a6a23fa326517e4561b2708eb21404904930f05473310dda391cfb95f962076856e9b5804b1a1bb21fbf872ba26d7586c2b789fe79374eb90e6901b00a819e06ad069338f4f2741c147d8d5507958344e6b0b66bc128abf3a1aeead6b1f2d5b4535150df0ce083e82d73573703bc9c4cbd857658074a8b3f4c58c92667b96ceae5159e4d698d9339500ac636ee73c2bc7c0371285a0bdef2bec3a599262719770ee8fda3943e809ba2c7ad61e346386b4cc1e2e3e20090d66aec130c1e9307564bc8364d50932a5b23b1ddb2fab9c8f688c002fafe67f645a63ed25643f90a2a154cfc89d0fc0888ed83334a4933f2bf650bbb2055175762d7e86d3d23b11b63e09d72ca8da1a748de3d7761b8926bfa7e91e6b028d3c6189381d0d518ae21029ca3a3d1ecf0c4708b0a3773d2365f0dae5a1d256b0043029128e2dceacb1604d94881b82ce71a337f1296b3e0a5fd2702da2ea3736a4e489616d922cb46292240e34c438044ef012cf52edabf0a78b9e64d2f080e6fbc0ef16778e903bc266bbd455664a710aa146dd3ec5a12f13bf2f0d4c801c78eb7f2efadef5b54ccc5b04571e022e7bc22cbc9baf15265533575140acf13fc3e2ee92ad810c86441fae6916d4349ed1f4e2b4b2ebc2c14f4b3391add8c821d522144b833653fb91ffad49e72c74e1299dabc1cbc9486f65d89a9c7b45b40cccf8b4217b690cd03ab434c68e99b1d5d5d9c42d86dd28020beac9c225019f2abdf82ac89c7231560e4ab4cbae0909c9af9486aff", 0x1000}, {&(0x7f00000022c0)="1a76386a428f8a486f75dc3683faf8887281a9f6e3753dcd803c0799b1fb6a54c4f20277abf1f8e74b437ddb2c6ae000b9a567a4c9427e54f5f1afb0fb07a48c37cfd673533137c0758e1f281d288b283dc6", 0x52}, {&(0x7f0000002340)="9bce7b222a21dccd79921b577843e9224743cf9cf6cab87d6f84f7dcb1f8e9f9830cbcf33cabcb6f7d02f7f0d810ab60fbdda24b92afc479b490a2443b0788c665eadbf47f275c5d810f1484008db86b07c64b94795f9b84155523e581df984eb92af50fb18c714e7e6953b37bdc76d70f9a2159f18b9980c256baae10d49892c557ef7f4d6a2e09c51873143b16900d4bcc7d1ded34062fec7af0142814f765599d", 0xa2}, {&(0x7f0000002400)="3ba65d677a1dce29da340cbcdb8f03913eefa9d1728e4c24a04eb63f185a4578fdcabab64542bb64410e019e9593e4d89ede811e398e05e056e2141ebc8688f28b5b19a4cb9993259fe635aff2a728bb094331ccddbc3a58d27216f60324b039feab33549b5d5f9cd32129c0c13a7b662cb204af557ce76d7c1d31a4ff70b7b62a49cb1422659cdad8fac427277f26418441e1499fce3d19fb518fad3e5ee73a94dbb9a88f4fadbdf5edd6f66df94ab08d18c3d66b12d0ab6b4bfdc26b6e5b3e8dcc6e706f67152174cf6d17baf284c6a37b1f3edabd", 0xd6}, {&(0x7f0000002500)="21e7b83282dd7cbc55537114bb0de386e9a261d8532ead379506198d7cb50f21a7fd5194ba9d6b198035ec", 0x2b}, {&(0x7f0000002540)="c8612fd5f1dbbbbca71bf3d9c3a7333dc8fd79a6d30aed28dd4d5bac3d5869ecd6ce6702127fe529d1ba15814b8448edffb0a9f79cbbf2f0801b774c539f5a4cb27d78332e1068660a9f15233cb92c7d3e715ac6c54b8da07026095f7c1ff73273c21502a13f729a8d7082a52bdd0ddf0892b696678d417682ffddae6f04196fe9e5270f2a8b4ab3359257b4ac14dc0a037ea13c427c1c71d6f1804985d5d69e138c4e83c76db3ec0663b10344d0cc161f8c9888a57190236c8d5a9256f1c28b14948e924191086525f70b3bf3674c190d0a6d537ad3ae2e2f9113f82235ca9631248c1d", 0xe4}, {&(0x7f0000002640)}, {&(0x7f0000002680)="3609e41458f6156c4c4e8c3dccd355099517162d127d42c78dafc49c2933fc069d958a10fd10c461b0e8ffe7eb6c4819697242175bae1a3ed58941f564deb477", 0x40}], 0xa, &(0x7f0000002780)=[@ip_retopts={{0x90, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x14, 0x98, 0x3, 0x3, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@private=0xa010102, 0x101}]}, @timestamp_addr={0x44, 0x2c, 0x55, 0x1, 0x2, [{@rand_addr=0x64010102, 0xfffffffe}, {@empty, 0x4}, {@empty}, {@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}]}, @noop, @cipso={0x86, 0xa, 0xffffffffffffffff, [{0x1, 0x4, "a701"}]}, @generic={0x94, 0x5, "7b1923"}, @timestamp_prespec={0x44, 0x14, 0x27, 0x3, 0x7, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty, 0x6}]}, @end, @rr={0x7, 0x7, 0xff, [@broadcast]}, @timestamp_prespec={0x44, 0x14, 0x7c, 0x3, 0x1, [{@loopback, 0x7}, {@multicast1, 0xc146}]}]}}}], 0x90}, 0x104) 04:49:45 executing program 4: r0 = shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffb000/0x4000)=nil) shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x5000) r1 = shmget(0x3, 0x2000, 0x4, &(0x7f0000ffd000/0x2000)=nil) shmat(r1, &(0x7f0000ffd000/0x1000)=nil, 0x4000) shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x6000) r2 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmat(0xffffffffffffffff, &(0x7f0000ffc000/0x4000)=nil, 0x3000) r3 = shmget$private(0x0, 0x1000, 0x40, &(0x7f0000ffd000/0x1000)=nil) shmat(r3, &(0x7f0000ff9000/0x4000)=nil, 0x5000) r4 = shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000ffc000/0x2000)=nil) r5 = shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ff9000/0x3000)=nil) shmat(r5, &(0x7f0000ffc000/0x2000)=nil, 0x1000) shmat(r2, &(0x7f0000ffd000/0x2000)=nil, 0x2000) shmctl$IPC_RMID(0x0, 0x0) shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffb000/0x4000)=nil) shmat(r4, &(0x7f0000ffd000/0x3000)=nil, 0x1000) r6 = shmget(0x3, 0x1000, 0x8, &(0x7f0000ffe000/0x1000)=nil) shmctl$SHM_STAT_ANY(r6, 0xf, &(0x7f0000000000)=""/34) shmat(r5, &(0x7f0000fff000/0x1000)=nil, 0x2000) shmget(0x1, 0x2000, 0x10, &(0x7f0000ffc000/0x2000)=nil) [ 74.822950] audit: type=1400 audit(1664858985.352:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 04:49:45 executing program 5: ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(0xffffffffffffffff, 0x4008941a, &(0x7f0000000000)=0x2) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x141280, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r0) r2 = syz_open_dev$vcsn(&(0x7f0000000080), 0x1f, 0x46c001) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f00000000c0)=@gcm_128={{0x304}, "ebd11f0934ec5e10", "1957ef0953985261357e9a7990713f8c", "23381cb0", "2ba3cd004d28fcef"}, 0x28) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000100), &(0x7f0000000140)=0x14) fcntl$getownex(r1, 0x10, &(0x7f0000000240)={0x0, 0x0}) perf_event_open(&(0x7f00000001c0)={0x7, 0x80, 0x83, 0x1, 0xe4, 0x62, 0x0, 0x1, 0x400, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x80000001, 0x7, @perf_bp={&(0x7f0000000180), 0x2}, 0x10801, 0x5, 0x3ff, 0x6, 0x7, 0x2, 0x5, 0x0, 0x3, 0x0, 0x400}, r3, 0x1, r1, 0x12) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x222a05, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) r5 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r5) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) mbind(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x3, &(0x7f00000002c0)=0x1, 0x3, 0x6) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil) 04:49:45 executing program 6: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IEEE802154_SET_MACPARAMS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x100, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0x80}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0xe1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x840) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_NAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, r2, 0x10, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x3}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xf}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004880}, 0x80) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), r0) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r3, 0x210, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4080}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x40, r2, 0x164, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x0, 0x21}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x1e0}]}, 0x40}, 0x1, 0x0, 0x0, 0x50}, 0x4000000) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x30, r5, 0x22a, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x28}, @val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x3ff, 0x30}}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x8014) sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x2c, r2, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xfff, 0x2d}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="850f6e2d080d"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c082}, 0x4000010) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000007c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x80, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x4c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x4}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x4}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) r7 = accept$inet(0xffffffffffffffff, &(0x7f0000000900)={0x2, 0x0, @private}, &(0x7f0000000940)=0x10) ioctl$sock_SIOCGIFBR(r7, 0x8940, &(0x7f00000009c0)=@get={0x1, &(0x7f0000000980)=""/44, 0x2}) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000a00)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7, 0x7}}, './file0\x00'}) sendmsg$TIPC_NL_NODE_GET(r8, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000b80)={&(0x7f0000000a80)={0xe8, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7f}]}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'vlan0\x00'}}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x100000001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x81}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x24004040}, 0x24000040) ioctl$sock_inet_SIOCSARP(r7, 0x8955, &(0x7f0000000c00)={{0x2, 0x4e23, @private=0xa010100}, {0x6, @multicast}, 0x5c, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2e}}, 'vcan0\x00'}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f0000000d80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000d40)={&(0x7f0000000cc0)={0x50, 0x0, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_KEY={0x3c, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "4e14da53e22d36795743fe231a2e5302e285587441dc448fd1af404b0ab84426"}, @NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xb66}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x40000) 04:49:45 executing program 7: r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x800, 0x1) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000080)={{r0}, 0x3, &(0x7f0000000040)=[0x1, 0x1, 0x6], 0xa50a, 0x7, [0x6, 0x15, 0x5, 0x7]}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'veth0_to_hsr\x00', 0x0}) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x242000, 0x0) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f00000001c0)={r3, 0x1, 0x6, @remote}, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000200)={'wg0\x00', 0x0}) setsockopt$packet_drop_memb(r4, 0x107, 0x2, &(0x7f0000000240)={r5, 0x1, 0x6, @multicast}, 0x10) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000280)={r5, @loopback, @rand_addr=0x64010101}, 0xc) r6 = syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x3f, 0x5, &(0x7f00000006c0)=[{&(0x7f0000000340)="dbc1b51f20d008f08f027a281e613b254e4b9d918967f738125829046d174bdeb923c62e0ffdf3214bc8990ff168cf87549bbf3e5bf78f81e14a53d17f4039d1793e47e37906cd9cec0f67e653c3fdc97b0b7802d0b59889c28afe6e4dbf62afe67aeadc4bf5172114a881245832", 0x6e, 0xf9a8}, {&(0x7f00000003c0)="f801be3eb225bd7e35ed96d0806a5a01d3c06f58d2ace833f68d209852fb34942b6d9c481f6433bb42f663fac6441c5c90700ec1c3412adef575a3554732ea6081afea03fdde1ac41eb99ae856527e17380ee475c2572b72cba26da589c9a5b972caa5e69c2e19a6439191dc3672744ac07850085eafe7b428b394a7eb88634ddb9ccf4d1b4008f58992ae86d1d34d3b738dc33ff75b28d3f6f22924c363be7349a3f6d351fa15b5c59e8349b24ba170f0fb404ddd02b23ba0429aa977e6bc5b94d0c8c29eb57b3f988a5e6714db588ee4794c58f53cde8517", 0xd9, 0xbea}, {&(0x7f00000004c0)="be0bfdbd56b93f0d43f66b9daaf0c27b2001a434c6927db596263a946204186b550e2a7a60f17da5449411d082bc6f2a7c4c43f88be31fa5c3201c714f9e5e97503348f92fe5955a5184de8c28d65f606cbe456185dc3304c35feb3e42bc0ce1759a706ed308d7c16f25c675c217998b931bde", 0x73}, {&(0x7f0000000540)="32bc7e6e930c96f2dab9c369667b9563d2ad47cab6bbd7411f039ed6ba2cc411adb2f562a7aed24278117bd9261816478ce226f854b12a75c3027f93562635cc8659744b264b8cffc973f4e5fdc6f0c0671a0c7b731bbf080b34bd606c12542b917ea6b7165c693f3580b48bd9c0e99e7345294ae0b2fe0a13b405eb43e47c7e657f6af50f3229ae6318a03b37850edd09eca79f7c4dd5fa314c09f34ac8753a", 0xa0, 0x4}, {&(0x7f0000000600)="6bdf5e578cc18db28a47865dfc1409d324967e15202fd99dd416f31bd68eee6bb51ebc36d3c698ac91bc0981b784b25a4dfdc305a7e8660fea0ea0172644ac1fcf6e2cdb6fb97ff9da81ffe6c4e16413ef386e3a8e4ac9cdf4349f6dc3d5d83db9d95c4d53ce79a702fa34903eddecde43da0eaf518afece909866d8b567fedb3b74db459539b5f3092e0a4265716871146d56", 0x93}], 0x800000, &(0x7f0000000740)={[{@fat=@nfs_nostale_ro}, {@numtail}], [{@audit}, {@euid_lt={'euid<', 0xee00}}, {@uid_lt={'uid<', 0xee00}}, {@dont_appraise}, {@subj_user={'subj_user', 0x3d, '\xaa\xaa\xaa\xaa\xaa'}}]}) poll(&(0x7f00000007c0)=[{r4, 0x2040}, {r6}, {r0, 0x4000}, {r0, 0x400}, {r4, 0x2040}, {r2, 0x202}, {r4, 0x208}], 0x7, 0x7fff) r7 = pidfd_getfd(r4, r1, 0x0) setsockopt$inet6_mreq(r7, 0x29, 0x15, &(0x7f0000000800)={@remote, r5}, 0x14) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r7, 0xc018937b, &(0x7f0000000880)={{0x1, 0x1, 0x18, r4, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) fsetxattr$security_capability(r6, &(0x7f0000000840), &(0x7f00000008c0)=@v3={0x3000000, [{0x80000001}, {0x80000000, 0x5}], r8}, 0x18, 0x0) r9 = socket$inet(0x2, 0x10080d, 0x5) setsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000900)={r5, @dev={0xac, 0x14, 0x14, 0x1c}, @broadcast}, 0xc) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000000, 0x80010, r9, 0x1319d000) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000940)={r5, 0x1, 0x6, @multicast}, 0x10) mknodat$loop(0xffffffffffffffff, &(0x7f00000009c0)='./file0\x00', 0x4, 0x0) [ 76.110986] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.114710] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.117542] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.122282] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.125556] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.127359] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.133088] Bluetooth: hci0: HCI_REQ-0x0c1a [ 76.171956] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.181476] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.189770] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.192972] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.194895] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 76.196335] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.209873] Bluetooth: hci1: HCI_REQ-0x0c1a [ 76.243238] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.248279] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 76.255376] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 76.263190] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 76.265779] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 76.271618] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 76.275513] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 76.278316] Bluetooth: hci2: HCI_REQ-0x0c1a [ 76.281010] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 76.284341] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 76.289338] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 76.291625] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 76.293432] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 76.298483] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 76.299964] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 76.307340] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 76.308782] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 76.312057] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 76.321187] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 76.321429] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 76.323031] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 76.323636] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 76.326078] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 76.327789] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 76.329046] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 76.331366] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 76.333341] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 76.333441] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 76.335843] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 76.338702] Bluetooth: hci6: HCI_REQ-0x0c1a [ 76.344630] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 76.353587] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 76.381728] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 76.382880] Bluetooth: hci4: HCI_REQ-0x0c1a [ 76.385608] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 76.386573] Bluetooth: hci7: HCI_REQ-0x0c1a [ 76.392346] Bluetooth: hci5: HCI_REQ-0x0c1a [ 76.393339] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 76.405649] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 76.410073] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 76.415933] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.427758] Bluetooth: hci3: HCI_REQ-0x0c1a [ 78.196479] Bluetooth: hci0: command 0x0409 tx timeout [ 78.260650] Bluetooth: hci1: command 0x0409 tx timeout [ 78.324316] Bluetooth: hci2: command 0x0409 tx timeout [ 78.388238] Bluetooth: hci6: command 0x0409 tx timeout [ 78.452184] Bluetooth: hci3: command 0x0409 tx timeout [ 78.452225] Bluetooth: hci5: command 0x0409 tx timeout [ 78.452800] Bluetooth: hci4: command 0x0409 tx timeout [ 78.453438] Bluetooth: hci7: command 0x0409 tx timeout [ 80.244297] Bluetooth: hci0: command 0x041b tx timeout [ 80.308336] Bluetooth: hci1: command 0x041b tx timeout [ 80.372226] Bluetooth: hci2: command 0x041b tx timeout [ 80.437178] Bluetooth: hci6: command 0x041b tx timeout [ 80.500208] Bluetooth: hci7: command 0x041b tx timeout [ 80.501275] Bluetooth: hci4: command 0x041b tx timeout [ 80.501996] Bluetooth: hci5: command 0x041b tx timeout [ 80.503228] Bluetooth: hci3: command 0x041b tx timeout [ 82.292213] Bluetooth: hci0: command 0x040f tx timeout [ 82.356191] Bluetooth: hci1: command 0x040f tx timeout [ 82.420224] Bluetooth: hci2: command 0x040f tx timeout [ 82.484161] Bluetooth: hci6: command 0x040f tx timeout [ 82.548208] Bluetooth: hci3: command 0x040f tx timeout [ 82.548786] Bluetooth: hci5: command 0x040f tx timeout [ 82.549191] Bluetooth: hci4: command 0x040f tx timeout [ 82.549691] Bluetooth: hci7: command 0x040f tx timeout [ 84.340256] Bluetooth: hci0: command 0x0419 tx timeout [ 84.404186] Bluetooth: hci1: command 0x0419 tx timeout [ 84.468276] Bluetooth: hci2: command 0x0419 tx timeout [ 84.532180] Bluetooth: hci6: command 0x0419 tx timeout [ 84.596260] Bluetooth: hci7: command 0x0419 tx timeout [ 84.597033] Bluetooth: hci4: command 0x0419 tx timeout [ 84.597987] Bluetooth: hci5: command 0x0419 tx timeout [ 84.598810] Bluetooth: hci3: command 0x0419 tx timeout [ 133.063748] loop7: detected capacity change from 0 to 249 [ 133.067636] FAT-fs (loop7): Unrecognized mount option "audit" or missing value [ 133.444577] loop7: detected capacity change from 0 to 249 [ 133.445490] FAT-fs (loop7): Unrecognized mount option "audit" or missing value 04:50:44 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r2, 0x8000000) dup2(r2, r1) 04:50:44 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r2, 0x8000000) dup2(r2, r1) 04:50:44 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r2, 0x8000000) dup2(r2, r1) 04:50:44 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r2, 0x8000000) dup2(r2, r1) 04:50:44 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) dup2(r2, r1) 04:50:44 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) dup2(0xffffffffffffffff, r1) 04:50:44 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) dup2(0xffffffffffffffff, r1) 04:50:45 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = socket$netlink(0x10, 0x3, 0x7) dup2(0xffffffffffffffff, r1) [ 137.931082] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 137.947968] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 137.953403] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 137.954671] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 137.958436] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 137.960021] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 137.965730] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 137.969595] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 137.971184] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 137.994407] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 137.998296] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 138.000297] Bluetooth: hci2: HCI_REQ-0x0c1a [ 138.028451] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 138.034228] Bluetooth: hci1: HCI_REQ-0x0c1a [ 138.063730] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 138.065009] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 138.072259] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 138.075325] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 138.076599] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 138.077795] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 138.078439] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 138.079095] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 138.079960] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 138.083989] Bluetooth: hci4: HCI_REQ-0x0c1a [ 138.113367] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 138.128378] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 138.141344] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 138.146931] Bluetooth: hci6: HCI_REQ-0x0c1a [ 139.956171] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 140.021191] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 140.021231] Bluetooth: hci2: command 0x0409 tx timeout [ 140.084444] Bluetooth: hci1: command 0x0409 tx timeout [ 140.148179] Bluetooth: hci4: command 0x0409 tx timeout [ 140.213293] Bluetooth: hci6: command 0x0409 tx timeout [ 142.068260] Bluetooth: hci2: command 0x041b tx timeout [ 142.132214] Bluetooth: hci1: command 0x041b tx timeout [ 142.196193] Bluetooth: hci4: command 0x041b tx timeout [ 142.261324] Bluetooth: hci6: command 0x041b tx timeout [ 142.455898] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 142.457727] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 142.458641] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 142.461563] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 142.462726] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 142.463510] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 142.467709] Bluetooth: hci0: HCI_REQ-0x0c1a [ 142.520092] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 142.522023] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 142.523174] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 142.528278] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 142.535269] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 142.536023] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 142.543210] Bluetooth: hci3: HCI_REQ-0x0c1a [ 144.116193] Bluetooth: hci2: command 0x040f tx timeout [ 144.180506] Bluetooth: hci1: command 0x040f tx timeout [ 144.244357] Bluetooth: hci4: command 0x040f tx timeout [ 144.308269] Bluetooth: hci6: command 0x040f tx timeout [ 144.500196] Bluetooth: hci0: command 0x0409 tx timeout [ 144.565242] Bluetooth: hci3: command 0x0409 tx timeout [ 146.164194] Bluetooth: hci2: command 0x0419 tx timeout [ 146.228455] Bluetooth: hci1: command 0x0419 tx timeout [ 146.292191] Bluetooth: hci4: command 0x0419 tx timeout [ 146.356210] Bluetooth: hci6: command 0x0419 tx timeout [ 146.548169] Bluetooth: hci0: command 0x041b tx timeout [ 146.612187] Bluetooth: hci3: command 0x041b tx timeout [ 148.597168] Bluetooth: hci0: command 0x040f tx timeout [ 148.661703] Bluetooth: hci3: command 0x040f tx timeout [ 150.645191] Bluetooth: hci0: command 0x0419 tx timeout [ 150.709173] Bluetooth: hci3: command 0x0419 tx timeout [ 187.316331] INFO: task rcu_gp:3 blocked for more than 143 seconds. [ 187.317546] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.318506] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.319957] task:rcu_gp state:I stack:30328 pid:3 ppid:2 flags:0x00004000 [ 187.322324] Call Trace: [ 187.322758] [ 187.323192] __schedule+0x893/0x2470 [ 187.323850] ? io_schedule_timeout+0x150/0x150 [ 187.324645] ? do_raw_spin_lock+0x121/0x260 [ 187.325402] ? rwlock_bug.part.0+0x90/0x90 [ 187.326185] schedule+0xda/0x1b0 [ 187.326730] rescuer_thread+0x851/0xdb0 [ 187.327346] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.328071] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.328832] ? lockdep_hardirqs_on+0x79/0x100 [ 187.329532] ? worker_thread+0x1260/0x1260 [ 187.330189] kthread+0x2ed/0x3a0 [ 187.330712] ? kthread_complete_and_exit+0x40/0x40 [ 187.331450] ret_from_fork+0x22/0x30 [ 187.332016] [ 187.332392] INFO: task rcu_par_gp:4 blocked for more than 143 seconds. [ 187.333319] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.334068] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.335207] task:rcu_par_gp state:I stack:30944 pid:4 ppid:2 flags:0x00004000 [ 187.336421] Call Trace: [ 187.336802] [ 187.337171] __schedule+0x893/0x2470 [ 187.337728] ? io_schedule_timeout+0x150/0x150 [ 187.338440] ? do_raw_spin_lock+0x121/0x260 [ 187.339077] ? rwlock_bug.part.0+0x90/0x90 [ 187.339744] schedule+0xda/0x1b0 [ 187.340282] rescuer_thread+0x851/0xdb0 [ 187.340863] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.341610] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.342369] ? lockdep_hardirqs_on+0x79/0x100 [ 187.343051] ? worker_thread+0x1260/0x1260 [ 187.343729] kthread+0x2ed/0x3a0 [ 187.344275] ? kthread_complete_and_exit+0x40/0x40 [ 187.345013] ret_from_fork+0x22/0x30 [ 187.345631] [ 187.345996] INFO: task slub_flushwq:5 blocked for more than 143 seconds. [ 187.347001] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.347838] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.348987] task:slub_flushwq state:I stack:30944 pid:5 ppid:2 flags:0x00004000 [ 187.350253] Call Trace: [ 187.350645] [ 187.350996] __schedule+0x893/0x2470 [ 187.351609] ? io_schedule_timeout+0x150/0x150 [ 187.352312] ? do_raw_spin_lock+0x121/0x260 [ 187.352964] ? rwlock_bug.part.0+0x90/0x90 [ 187.353646] schedule+0xda/0x1b0 [ 187.354214] rescuer_thread+0x851/0xdb0 [ 187.354830] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.355608] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.356379] ? lockdep_hardirqs_on+0x79/0x100 [ 187.357070] ? worker_thread+0x1260/0x1260 [ 187.357735] kthread+0x2ed/0x3a0 [ 187.358295] ? kthread_complete_and_exit+0x40/0x40 [ 187.359043] ret_from_fork+0x22/0x30 [ 187.359662] [ 187.360018] INFO: task netns:6 blocked for more than 143 seconds. [ 187.360930] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.361736] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.362886] task:netns state:I stack:30944 pid:6 ppid:2 flags:0x00004000 [ 187.364140] Call Trace: [ 187.364534] [ 187.364888] __schedule+0x893/0x2470 [ 187.365494] ? io_schedule_timeout+0x150/0x150 [ 187.366233] ? do_raw_spin_lock+0x121/0x260 [ 187.366893] ? rwlock_bug.part.0+0x90/0x90 [ 187.367574] schedule+0xda/0x1b0 [ 187.368099] rescuer_thread+0x851/0xdb0 [ 187.368738] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.369512] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.370303] ? lockdep_hardirqs_on+0x79/0x100 [ 187.370987] ? worker_thread+0x1260/0x1260 [ 187.371659] kthread+0x2ed/0x3a0 [ 187.372209] ? kthread_complete_and_exit+0x40/0x40 [ 187.372951] ret_from_fork+0x22/0x30 [ 187.373571] [ 187.373926] INFO: task kworker/0:0H:8 blocked for more than 143 seconds. [ 187.374938] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.375752] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.376885] task:kworker/0:0H state:I stack:29072 pid:8 ppid:2 flags:0x00004000 [ 187.378148] Workqueue: 0x0 (kblockd) [ 187.378724] Call Trace: [ 187.379154] [ 187.379508] __schedule+0x893/0x2470 [ 187.380093] ? io_schedule_timeout+0x150/0x150 [ 187.380833] schedule+0xda/0x1b0 [ 187.381394] worker_thread+0x15f/0x1260 [ 187.382054] ? process_one_work+0x16a0/0x16a0 [ 187.382786] kthread+0x2ed/0x3a0 [ 187.383347] ? kthread_complete_and_exit+0x40/0x40 [ 187.384092] ret_from_fork+0x22/0x30 [ 187.384723] [ 187.385083] INFO: task mm_percpu_wq:10 blocked for more than 143 seconds. [ 187.386133] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.386923] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.388068] task:mm_percpu_wq state:I stack:30944 pid:10 ppid:2 flags:0x00004000 [ 187.389343] Call Trace: [ 187.389737] [ 187.390090] __schedule+0x893/0x2470 [ 187.390706] ? io_schedule_timeout+0x150/0x150 [ 187.391426] ? do_raw_spin_lock+0x121/0x260 [ 187.392079] ? rwlock_bug.part.0+0x90/0x90 [ 187.392763] schedule+0xda/0x1b0 [ 187.393320] rescuer_thread+0x851/0xdb0 [ 187.393936] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.394748] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.395528] ? lockdep_hardirqs_on+0x79/0x100 [ 187.396250] ? worker_thread+0x1260/0x1260 [ 187.396904] kthread+0x2ed/0x3a0 [ 187.397454] ? kthread_complete_and_exit+0x40/0x40 [ 187.398242] ret_from_fork+0x22/0x30 [ 187.398840] [ 187.399225] INFO: task rcu_tasks_kthre:11 blocked for more than 143 seconds. [ 187.400272] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.401043] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.402201] task:rcu_tasks_kthre state:I stack:29272 pid:11 ppid:2 flags:0x00004000 [ 187.403450] Call Trace: [ 187.403842] [ 187.404227] __schedule+0x893/0x2470 [ 187.404807] ? io_schedule_timeout+0x150/0x150 [ 187.405523] ? mark_held_locks+0x9e/0xe0 [ 187.406208] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.406953] schedule+0xda/0x1b0 [ 187.407510] rcu_tasks_one_gp+0x3db/0xc10 [ 187.408191] rcu_tasks_kthread+0x80/0xa0 [ 187.408799] ? rcu_tasks_postscan+0x10/0x10 [ 187.409484] kthread+0x2ed/0x3a0 [ 187.410019] ? kthread_complete_and_exit+0x40/0x40 [ 187.410793] ret_from_fork+0x22/0x30 [ 187.411413] [ 187.411769] INFO: task kworker/1:0H:21 blocked for more than 143 seconds. [ 187.412774] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.413589] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.414745] task:kworker/1:0H state:I stack:29760 pid:21 ppid:2 flags:0x00004000 [ 187.415977] Workqueue: 0x0 (events_highpri) [ 187.416675] Call Trace: [ 187.417063] [ 187.417447] __schedule+0x893/0x2470 [ 187.418039] ? io_schedule_timeout+0x150/0x150 [ 187.418781] schedule+0xda/0x1b0 [ 187.419340] worker_thread+0x15f/0x1260 [ 187.419966] ? process_one_work+0x16a0/0x16a0 [ 187.420707] kthread+0x2ed/0x3a0 [ 187.421261] ? kthread_complete_and_exit+0x40/0x40 [ 187.422019] ret_from_fork+0x22/0x30 [ 187.422645] [ 187.423048] INFO: task inet_frag_wq:23 blocked for more than 143 seconds. [ 187.424083] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.424896] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.426040] task:inet_frag_wq state:I stack:30704 pid:23 ppid:2 flags:0x00004000 [ 187.427291] Call Trace: [ 187.427678] [ 187.428029] __schedule+0x893/0x2470 [ 187.428646] ? io_schedule_timeout+0x150/0x150 [ 187.429357] ? do_raw_spin_lock+0x121/0x260 [ 187.430022] ? rwlock_bug.part.0+0x90/0x90 [ 187.430704] schedule+0xda/0x1b0 [ 187.431267] rescuer_thread+0x851/0xdb0 [ 187.431874] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.432662] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.433451] ? lockdep_hardirqs_on+0x79/0x100 [ 187.434189] ? worker_thread+0x1260/0x1260 [ 187.434835] kthread+0x2ed/0x3a0 [ 187.435391] ? kthread_complete_and_exit+0x40/0x40 [ 187.436158] ret_from_fork+0x22/0x30 [ 187.436746] [ 187.437101] INFO: task kblockd:31 blocked for more than 143 seconds. [ 187.438053] Not tainted 6.0.0-rc7-next-20220930 #1 [ 187.438867] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 187.440013] task:kblockd state:I stack:30176 pid:31 ppid:2 flags:0x00004000 [ 187.441275] Call Trace: [ 187.441665] [ 187.442035] __schedule+0x893/0x2470 [ 187.442654] ? io_schedule_timeout+0x150/0x150 [ 187.443376] ? do_raw_spin_lock+0x121/0x260 [ 187.444030] ? rwlock_bug.part.0+0x90/0x90 [ 187.444710] schedule+0xda/0x1b0 [ 187.445273] rescuer_thread+0x851/0xdb0 [ 187.445881] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.446674] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 187.447456] ? lockdep_hardirqs_on+0x79/0x100 [ 187.448176] ? worker_thread+0x1260/0x1260 [ 187.448818] kthread+0x2ed/0x3a0 [ 187.449375] ? kthread_complete_and_exit+0x40/0x40 [ 187.450177] ret_from_fork+0x22/0x30 [ 187.450770] [ 187.451216] [ 187.451216] Showing all locks held in the system: [ 187.452144] 1 lock held by rcu_tasks_kthre/11: [ 187.452818] #0: ffffffff85406850 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10 [ 187.454274] 1 lock held by khungtaskd/25: [ 187.454871] #0: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 187.456220] 2 locks held by in:imklog/201: [ 187.456825] #0: ffff88800d15ad68 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe7/0x100 [ 187.458090] #1: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: __schedule+0x1cf/0x2470 [ 187.459371] 2 locks held by syz-executor/6576: [ 187.460031] [ 187.460324] ============================================= [ 187.460324] 04:51:39 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) dup2(r1, 0xffffffffffffffff) 04:51:39 executing program 5: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_WANTACK(r0, 0x0, 0x0, &(0x7f0000000000), 0x4) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0), 0x4) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00'}) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r2, 0x8000000) lseek(r2, 0x9, 0x1) 04:51:39 executing program 4: r0 = open$dir(&(0x7f0000000200)='.\x00', 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) getdents64(r0, &(0x7f00000000c0)=""/120, 0x78) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab', 0x0, 0x0) lseek(r2, 0x2000005, 0x0) getdents64(r2, &(0x7f0000000240)=""/226, 0x20000258) perf_event_open(&(0x7f0000000140)={0xbdecc0a787704c2c, 0x80, 0x7, 0x1, 0x8, 0x9, 0x0, 0x101, 0x4004, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7ff, 0x4, @perf_config_ext={0x3, 0xaf72}, 0x0, 0xffffffff, 0x7ff, 0x2, 0x5, 0x4, 0x1f, 0x0, 0xffffffff, 0x0, 0xffff}, 0x0, 0xa, r2, 0xa) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r3, 0x8000000) syncfs(r3) 04:51:39 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000240), 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = fork() r3 = perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x40, 0x3f, 0xff, 0x3, 0x0, 0x0, 0x2200, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_bp={&(0x7f0000000300), 0xf}, 0x430be, 0x1, 0x7, 0x1d, 0x1ff, 0x76a4, 0x7, 0x0, 0x6, 0x0, 0x8}, r2, 0xd, 0xffffffffffffffff, 0x9) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/locks\x00', 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x81, 0x0, 0x8, 0x7, 0x0, 0x7, 0x101, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000140), 0x4}, 0x880, 0x1, 0xffff, 0x8, 0x40, 0x6, 0x1ff, 0x0, 0x5, 0x0, 0x8}, 0x0, 0xd, r1, 0x0) fcntl$setlease(r4, 0x400, 0x0) fcntl$setlease(r4, 0x400, 0x2) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) syz_open_procfs(0xffffffffffffffff, &(0x7f00000005c0)='net/protocols\x00') prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000700)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000006c0)}, 0x68) fcntl$setlease(r3, 0x400, 0x1) sendfile(0xffffffffffffffff, r0, 0x0, 0xd7) perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x3, 0x7, 0x3f, 0xcf, 0x0, 0x12000, 0x10009, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7f, 0x1, @perf_config_ext={0x1}, 0x8000, 0x9, 0x7, 0x7, 0x8000, 0x6, 0x6, 0x0, 0x7, 0x0, 0xadc}, 0x0, 0x7, 0xffffffffffffffff, 0x8) r6 = syz_mount_image$nfs4(&(0x7f0000000340), &(0x7f0000000680)='./file1\x00', 0x0, 0x1, &(0x7f0000000780)=[{&(0x7f00000006c0)="a2d4199ca8e4113e33c0ddec272f7f77ba428997fda02e054df3152ef0692fb4efe3e9a5", 0x24, 0xfffffffffffffffd}], 0x2000004, &(0x7f00000007c0)={[{'-,'}, {}], [{@euid_gt}, {@obj_type={'obj_type', 0x3d, ':[%\\(!}'}}, {@fsmagic={'fsmagic', 0x3d, 0x9}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@uid_lt}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}]}) r7 = openat(r6, &(0x7f0000000100)='./file1\x00', 0x10000, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r7, 0x6611) sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="5e86055208c76b76260f12789c15eae935f5bb1c937a789ee55575adc7a85afd4f3795ca060d900f96d1d928d9a777ffffffffffffffff7ca9d5df00cf408eacff4be721287e051772e0df31fcb79599e7ffb3d0f1b611500325e43144cbc91557de6fe786a4102694772a9193c8d73791847d0adab07062d9ab1869297daf608f6b84234da2523aef4f9c85ee082035acad968b15d60bab9aded71b8e0c8b97017431b1a7421413865a7c472ec18fef5449545e8ef2db24afa2fc518d4fa9df6822665cc46a621c760f10f04cb65626971573a0693e948ec2050000000000000065563be4e04b4b955443aa706382513cdb358ef591d2c3222ed276f58219f46a38d2cf3633adfbfa", @ANYRES16=r5, @ANYBLOB="010600000000000000002a00000008002f0000000000080002001d9a84996501", @ANYRES32, @ANYBLOB], 0x24}}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000380)=""/90, 0x5a}, {&(0x7f0000000400)=""/208, 0xd0}], 0x2, &(0x7f0000000540)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}, 0x3) read$hiddev(0xffffffffffffffff, &(0x7f0000002b80)=""/251, 0xfb) 04:51:39 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r0, 0x8000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4013, r3, 0x8000000) r4 = syz_open_dev$usbmon(&(0x7f0000000100), 0xfffffffffffffffa, 0xc002) sendfile(r3, r4, &(0x7f0000000140)=0x1, 0x65) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYRES32, @ANYRES32, @ANYBLOB="084d01"], 0x24}}, 0x0) sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x40, r2, 0x200, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0xd9, 0x6}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x200008c0) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000880)={0x0, "4105a9dd3221be53c0760d8b0e9ffd3e"}) syz_open_dev$sg(&(0x7f0000000840), 0x0, 0x2e000) 04:51:39 executing program 2: r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$eventfd(r0, &(0x7f0000000000), 0x8) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000000c0)='9', 0x1, 0x8040000) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000380)={0x0, 0x3ff}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0xa015000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r1, 0x0, 0xfffffdef) 04:51:39 executing program 1: syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002900)) r0 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x3d3, 0x4, &(0x7f0000000380)=[{&(0x7f0000000080)="252d3aa960defcc07aceee", 0xb, 0x8}, {&(0x7f00000000c0)="0cc9753dbbeb5505649075e62d2c34fcca989cd285ef79b25119d5d7cae73cfd1f364e2cde1c457a2f3390c14cdea67f9f33", 0x32, 0x7}, {&(0x7f0000000100)="da17e19801f324cddab12744249053530862fbb982acca64a7ba5bc172f288abee8ed0ebee2994c08addaed874a04e5cbc36b6782925c78216f6de88fc6fcd6cba06e93776a724499260760d1cde9129c02ac350cf09e366a24c5e92de884a0cea8f3a9000616221dc57209bdda9e2eaa2ed32f48b845e6e54da28d6d8e379c0a6f56c68f01c13a252df5c9d55277b7fd03cc37e19dd729b", 0x98, 0x5}, {&(0x7f00000001c0)="c60d062ec5188f0ef82fa7bac527ecda8126fd5b2c75b1124914c17d44b117a5402edc751a26e8e586939851d2d56a0144008032086c899e3e84c9abc7dcbe98d6af790b37c4ecaafda707995cdaa17b46ca5df390eb162e43053f75fcee48fa1ae73eed46f70680a764a74566ec781b2ebeb64ba878e4e9427c5d82df8c6ce634b821c07361ceae69b84056205cdbcd12877fdeb83024136331da4d598df13f23038bb45e5bba343e45b5feca3fd72e969b15fdbc1e22b4c85b248a5c41070f4ef95aee4a25cb9be8b6e7e2", 0xcc, 0x5e}], 0x84008, &(0x7f0000000500)=ANY=[@ANYBLOB="65787434002c402f2c6d6561737572652c6d61736b3d5e4d41595f43a305e0ba674cae3542415050454e442c6673636f6e746578743d73746166665f752c666f776e65723d9ee51e6f093a265523cc7b193c54edadc9a5d8a242578255d3450a91280b034ff9ee55c3633654a569c4c1126d575e2afaaa77c26a", @ANYRESDEC=0xee00, @ANYBLOB=',pcr=00000000000000000004,fscontext=unconfined_u,smackfstransmute=\x00,dont_appraise,smackfsfloor=/@,mask=MAY_EXEC,\x00']) syz_io_uring_setup(0x74b6, &(0x7f0000002a00), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) removexattr(&(0x7f0000002f00)='./file0\x00', &(0x7f0000002f40)=@random={'user.', 'bh'}) open$dir(&(0x7f00000002c0)='.\x00', 0x800, 0x2) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000880), 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000400)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000480)="49c5f52d434ab15eb8699e072172b4c4d79305db5a67d70219d41a487009ad7cadfeb043ef8e7a8369aeed955a18b1f51371f6f02f43a311a9547965c95510661ea9a298053e5873aa08f3d89f7727d5af1f1667f7676ba2977fbc8f3b5b72", 0x5f}, {&(0x7f0000000600)="e314fb", 0x3}, {&(0x7f0000000640)="2fbbb1d6b8152d288548", 0xa}, {&(0x7f0000000680)="73fbbfdf7346296704fd86c10644d2410ddc798850797db19c791ce8f00f19502e62b03f81f2b7bc557ed73cbdd98fe3f1c47a0d5e62a2d4f3083f9756325f487988686ec1304f1be14c3956419b1248299610888b222f278fc21c3fe30871740f6bf5071ba955f705dd68f33ae250abd5c258157870e1ff68cce13eaf6fdfe9757b6382f52cce6880f0b5d613da525b404d9fe79fe71455f645dcef35dc24704989265ba6b19822", 0xa8}, {&(0x7f0000000740)="0acf998682bf0f1c69054d36772fc0f92426e399866cecfc63f51bd3c9133972687540a459e883f931062f477751d5ee1f4ecdb5fb3718a5cc37fa33fba203db340ad94aa63d1c6a6dd756eb26d6717035572697dd575a016671c3c125b26f1b72ab1380075e5bde46bc92aeabfd37b8ffc54cf84d06df70cb1293356dcfd36f0c8865618d143de4fe025093234b560b132c707da57613634e52edb7a53929811a", 0xa1}], 0x5, &(0x7f00000008c0)=[@rights={{0x18, 0x1, 0x1, [r0, r1]}}], 0x18, 0x20000000}, 0x80) 04:51:39 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffe, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801002000400003000000000000008000293fe737f153595a4b414c4c4552202046415431362020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100028e870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200028e870325132510000e870325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200028e870325132510000e870325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200028e870325132510000e87032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e20202020202020202020100028e870325132510000e87032510300000000002e2e202020202020202020100028e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200028e870325132510000e870325104001a040000", 0x80, 0x1a00}, {&(0x7f0000010800)="73797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6cc99b39c1bfd9af696c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c000000000000", 0x420, 0x1c00}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x2200}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4800}], 0x0, &(0x7f0000010f00)) chroot(&(0x7f0000000040)='./file0\x00') [ 188.516858] audit: type=1400 audit(1664859099.046:7): avc: denied { open } for pid=6578 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 188.521193] audit: type=1400 audit(1664859099.046:8): avc: denied { kernel } for pid=6578 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 188.540030] ------------[ cut here ]------------ [ 188.540062] [ 188.540067] ====================================================== [ 188.540072] WARNING: possible circular locking dependency detected [ 188.540079] 6.0.0-rc7-next-20220930 #1 Not tainted [ 188.540089] ------------------------------------------------------ [ 188.540094] syz-executor.6/6584 is trying to acquire lock: [ 188.540104] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 188.540161] [ 188.540161] but task is already holding lock: [ 188.540166] ffff8880401c7420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 188.540206] [ 188.540206] which lock already depends on the new lock. [ 188.540206] [ 188.540211] [ 188.540211] the existing dependency chain (in reverse order) is: [ 188.540216] [ 188.540216] -> #3 (&ctx->lock){....}-{2:2}: [ 188.540237] _raw_spin_lock+0x2a/0x40 [ 188.540255] __perf_event_task_sched_out+0x53b/0x18d0 [ 188.540273] __schedule+0xedd/0x2470 [ 188.540294] schedule+0xda/0x1b0 [ 188.540315] exit_to_user_mode_prepare+0x114/0x1a0 [ 188.540333] syscall_exit_to_user_mode+0x19/0x40 [ 188.540353] do_syscall_64+0x48/0x90 [ 188.540380] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 188.540399] [ 188.540399] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 188.540424] _raw_spin_lock_nested+0x30/0x40 [ 188.540441] raw_spin_rq_lock_nested+0x1e/0x30 [ 188.540461] task_fork_fair+0x63/0x4d0 [ 188.540486] sched_cgroup_fork+0x3d0/0x540 [ 188.540508] copy_process+0x4183/0x6e20 [ 188.540524] kernel_clone+0xe7/0x890 [ 188.540539] user_mode_thread+0xad/0xf0 [ 188.540555] rest_init+0x24/0x250 [ 188.540573] arch_call_rest_init+0xf/0x14 [ 188.540599] start_kernel+0x4c6/0x4eb [ 188.540623] secondary_startup_64_no_verify+0xe0/0xeb [ 188.540644] [ 188.540644] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 188.540665] _raw_spin_lock_irqsave+0x39/0x60 [ 188.540682] try_to_wake_up+0xab/0x1930 [ 188.540702] up+0x75/0xb0 [ 188.540724] __up_console_sem+0x6e/0x80 [ 188.540749] console_unlock+0x46a/0x590 [ 188.540773] vprintk_emit+0x1bd/0x560 [ 188.540798] vprintk+0x84/0xa0 [ 188.540823] _printk+0xba/0xf1 [ 188.540840] kauditd_hold_skb.cold+0x3f/0x4e [ 188.540866] kauditd_send_queue+0x233/0x290 [ 188.540889] kauditd_thread+0x5f9/0x9c0 [ 188.540911] kthread+0x2ed/0x3a0 [ 188.540933] ret_from_fork+0x22/0x30 [ 188.540951] [ 188.540951] -> #0 ((console_sem).lock){....}-{2:2}: [ 188.540973] __lock_acquire+0x2a02/0x5e70 [ 188.540998] lock_acquire+0x1a2/0x530 [ 188.541023] _raw_spin_lock_irqsave+0x39/0x60 [ 188.541039] down_trylock+0xe/0x70 [ 188.541062] __down_trylock_console_sem+0x3b/0xd0 [ 188.541087] vprintk_emit+0x16b/0x560 [ 188.541112] vprintk+0x84/0xa0 [ 188.541137] _printk+0xba/0xf1 [ 188.541153] report_bug.cold+0x72/0xab [ 188.541178] handle_bug+0x3c/0x70 [ 188.541203] exc_invalid_op+0x14/0x50 [ 188.541229] asm_exc_invalid_op+0x16/0x20 [ 188.541248] group_sched_out.part.0+0x2c7/0x460 [ 188.541275] ctx_sched_out+0x8f1/0xc10 [ 188.541301] __perf_event_task_sched_out+0x6d0/0x18d0 [ 188.541318] __schedule+0xedd/0x2470 [ 188.541339] schedule+0xda/0x1b0 [ 188.541360] exit_to_user_mode_prepare+0x114/0x1a0 [ 188.541376] syscall_exit_to_user_mode+0x19/0x40 [ 188.541396] do_syscall_64+0x48/0x90 [ 188.541421] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 188.541441] [ 188.541441] other info that might help us debug this: [ 188.541441] [ 188.541445] Chain exists of: [ 188.541445] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 188.541445] [ 188.541468] Possible unsafe locking scenario: [ 188.541468] [ 188.541472] CPU0 CPU1 [ 188.541476] ---- ---- [ 188.541479] lock(&ctx->lock); [ 188.541488] lock(&rq->__lock); [ 188.541498] lock(&ctx->lock); [ 188.541507] lock((console_sem).lock); [ 188.541516] [ 188.541516] *** DEADLOCK *** [ 188.541516] [ 188.541519] 2 locks held by syz-executor.6/6584: [ 188.541530] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 188.541575] #1: ffff8880401c7420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 188.541616] [ 188.541616] stack backtrace: [ 188.541620] CPU: 0 PID: 6584 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.541640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 188.541652] Call Trace: [ 188.541657] [ 188.541663] dump_stack_lvl+0x8b/0xb3 [ 188.541692] check_noncircular+0x263/0x2e0 [ 188.541717] ? format_decode+0x26c/0xb50 [ 188.541742] ? print_circular_bug+0x450/0x450 [ 188.541769] ? simple_strtoul+0x30/0x30 [ 188.541794] ? format_decode+0x26c/0xb50 [ 188.541820] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 188.541848] __lock_acquire+0x2a02/0x5e70 [ 188.541881] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 188.541916] lock_acquire+0x1a2/0x530 [ 188.541942] ? down_trylock+0xe/0x70 [ 188.541969] ? lock_release+0x750/0x750 [ 188.542022] ? vprintk+0x84/0xa0 [ 188.542050] _raw_spin_lock_irqsave+0x39/0x60 [ 188.542068] ? down_trylock+0xe/0x70 [ 188.542093] down_trylock+0xe/0x70 [ 188.542117] ? vprintk+0x84/0xa0 [ 188.542144] __down_trylock_console_sem+0x3b/0xd0 [ 188.542171] vprintk_emit+0x16b/0x560 [ 188.542200] vprintk+0x84/0xa0 [ 188.542227] _printk+0xba/0xf1 [ 188.542245] ? record_print_text.cold+0x16/0x16 [ 188.542270] ? report_bug.cold+0x66/0xab [ 188.542298] ? group_sched_out.part.0+0x2c7/0x460 [ 188.542326] report_bug.cold+0x72/0xab [ 188.542356] handle_bug+0x3c/0x70 [ 188.542383] exc_invalid_op+0x14/0x50 [ 188.542411] asm_exc_invalid_op+0x16/0x20 [ 188.542431] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 188.542463] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 188.542480] RSP: 0018:ffff888037f77c48 EFLAGS: 00010006 [ 188.542494] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.542506] RDX: ffff8880406a0000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 188.542518] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 188.542530] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff8880401c7400 [ 188.542541] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 188.542558] ? group_sched_out.part.0+0x2c7/0x460 [ 188.542590] ? group_sched_out.part.0+0x2c7/0x460 [ 188.542621] ctx_sched_out+0x8f1/0xc10 [ 188.542651] __perf_event_task_sched_out+0x6d0/0x18d0 [ 188.542673] ? lock_is_held_type+0xd7/0x130 [ 188.542695] ? __perf_cgroup_move+0x160/0x160 [ 188.542711] ? set_next_entity+0x304/0x550 [ 188.542739] ? update_curr+0x267/0x740 [ 188.542770] No source specified [ 188.542772] ? lock_is_held_type+0xd7/0x130 [ 188.542800] __schedule+0xedd/0x2470 [ 188.542830] ? io_schedule_timeout+0x150/0x150 [ 188.542860] ? rcu_read_lock_sched_held+0x3e/0x80 [ 188.542896] schedule+0xda/0x1b0 [ 188.542923] exit_to_user_mode_prepare+0x114/0x1a0 [ 188.542945] syscall_exit_to_user_mode+0x19/0x40 [ 188.542970] do_syscall_64+0x48/0x90 [ 188.543001] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 188.543025] RIP: 0033:0x7f8d5b3a4b19 [ 188.543039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 188.543059] RSP: 002b:00007f8d5891a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 188.543078] RAX: 0000000000000001 RBX: 00007f8d5b4b7f68 RCX: 00007f8d5b3a4b19 [ 188.543091] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d5b4b7f6c [ 188.543104] RBP: 00007f8d5b4b7f60 R08: 000000000000000e R09: 0000000000000000 [ 188.543116] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8d5b4b7f6c [ 188.543129] R13: 00007ffcc5bff7ff R14: 00007f8d5891a300 R15: 0000000000022000 [ 188.543152] [ 188.552961] loop1: detected capacity change from 0 to 1 [ 188.553102] WARNING: CPU: 0 PID: 6584 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 188.558635] loop2: detected capacity change from 0 to 40 [ 188.558756] Modules linked in: [ 188.629877] CPU: 0 PID: 6584 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.630745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 188.631965] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 188.632572] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 188.634547] RSP: 0018:ffff888037f77c48 EFLAGS: 00010006 [ 188.635123] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.635900] RDX: ffff8880406a0000 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 188.636693] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 188.637465] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff8880401c7400 [ 188.638231] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 188.639012] FS: 00007f8d5891a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 188.639877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.640505] CR2: 00007f3d42a83f64 CR3: 0000000017d9e000 CR4: 0000000000350ef0 [ 188.641267] Call Trace: [ 188.641556] [ 188.641811] ctx_sched_out+0x8f1/0xc10 [ 188.642257] __perf_event_task_sched_out+0x6d0/0x18d0 [ 188.642816] ? lock_is_held_type+0xd7/0x130 [ 188.643293] ? __perf_cgroup_move+0x160/0x160 [ 188.643780] ? set_next_entity+0x304/0x550 [ 188.644250] ? update_curr+0x267/0x740 [ 188.644689] ? lock_is_held_type+0xd7/0x130 [ 188.645165] __schedule+0xedd/0x2470 [ 188.645586] ? io_schedule_timeout+0x150/0x150 [ 188.646108] ? rcu_read_lock_sched_held+0x3e/0x80 [ 188.646651] schedule+0xda/0x1b0 [ 188.647035] exit_to_user_mode_prepare+0x114/0x1a0 [ 188.647564] syscall_exit_to_user_mode+0x19/0x40 [ 188.648078] do_syscall_64+0x48/0x90 [ 188.648496] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 188.649071] RIP: 0033:0x7f8d5b3a4b19 [ 188.649475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 188.651430] RSP: 002b:00007f8d5891a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 188.652252] RAX: 0000000000000001 RBX: 00007f8d5b4b7f68 RCX: 00007f8d5b3a4b19 [ 188.653023] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d5b4b7f6c [ 188.653788] RBP: 00007f8d5b4b7f60 R08: 000000000000000e R09: 0000000000000000 [ 188.654551] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8d5b4b7f6c [ 188.655314] R13: 00007ffcc5bff7ff R14: 00007f8d5891a300 R15: 0000000000022000 [ 188.656109] [ 188.656374] irq event stamp: 692 [ 188.656741] hardirqs last enabled at (691): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 188.657740] hardirqs last disabled at (692): [] __schedule+0x1225/0x2470 [ 188.658652] softirqs last enabled at (562): [] __irq_exit_rcu+0x11b/0x180 [ 188.659585] softirqs last disabled at (553): [] __irq_exit_rcu+0x11b/0x180 [ 188.660499] ---[ end trace 0000000000000000 ]--- [ 188.673126] hrtimer: interrupt took 16661 ns [ 188.693255] No source specified [ 188.696179] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 188.700462] loop1: detected capacity change from 0 to 1 [ 188.711055] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 188.824899] loop3: detected capacity change from 0 to 127 [ 189.109027] loop6: detected capacity change from 0 to 16383 [ 189.111660] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 189.447850] loop6: detected capacity change from 0 to 16383 [ 189.453041] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 VM DIAGNOSIS: 04:51:38 Registers: info registers vcpu 0 RAX=1ffff11001c69374 RBX=ffff88800e349b68 RCX=ffffffff817bd091 RDX=0000000000000000 RSI=0000000000000001 RDI=ffff88800e349ba0 RBP=ffffe8ffffd33f28 RSP=ffff88803fbf7a70 R8 =0000000000000000 R9 =ffff888034b80007 R10=ffffed1006970000 R11=0000000000000001 R12=dffffc0000000000 R13=ffffffff8209ca53 R14=ffffffff8209ca53 R15=0000000000000086 RIP=ffffffff817bb82f RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055555572c400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffc0995a080 CR3=000000003f43e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00000000ff000000 0000000000000000 YMM01=0000000000000000 0000000000000000 636f6c63006b6165 6c6d656d6b2f6775 YMM02=0000000000000000 0000000000000000 0000000000ffffff ff00000000000000 YMM03=0000000000000000 0000000000000000 0000ff0000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffff000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800902f988 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000030 R11=0000000000000001 R12=0000000000000030 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560ceb6be648 CR3=0000000008c70000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 0000000000000000 4184b0a180000000 YMM03=0000000000000000 0000000000000000 0000ff0000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 732f6c61636f6c2f 7273752f3d485441 YMM05=0000000000000000 0000000000000000 622f6c61636f6c2f 7273752f3a6e6962 YMM06=0000000000000000 0000000000000000 73752f3a6e696273 2f7273752f3a6e69 YMM07=0000000000000000 0000000000000000 6e69622f3a6e6962 732f3a6e69622f72 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000