Warning: Permanently added '[localhost]:50428' (ECDSA) to the list of known hosts. 2022/10/01 07:22:21 fuzzer started 2022/10/01 07:22:21 dialing manager at localhost:35095 syzkaller login: [ 45.857671] cgroup: Unknown subsys name 'net' [ 45.961454] cgroup: Unknown subsys name 'rlimit' 2022/10/01 07:22:37 syscalls: 2215 2022/10/01 07:22:37 code coverage: enabled 2022/10/01 07:22:37 comparison tracing: enabled 2022/10/01 07:22:37 extra coverage: enabled 2022/10/01 07:22:37 setuid sandbox: enabled 2022/10/01 07:22:37 namespace sandbox: enabled 2022/10/01 07:22:37 Android sandbox: enabled 2022/10/01 07:22:37 fault injection: enabled 2022/10/01 07:22:37 leak checking: enabled 2022/10/01 07:22:37 net packet injection: enabled 2022/10/01 07:22:37 net device setup: enabled 2022/10/01 07:22:37 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 07:22:37 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 07:22:37 USB emulation: enabled 2022/10/01 07:22:37 hci packet injection: enabled 2022/10/01 07:22:37 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 07:22:37 802.15.4 emulation: enabled 2022/10/01 07:22:37 fetching corpus: 50, signal 21168/22967 (executing program) 2022/10/01 07:22:37 fetching corpus: 100, signal 35092/38440 (executing program) 2022/10/01 07:22:37 fetching corpus: 150, signal 42084/46935 (executing program) 2022/10/01 07:22:38 fetching corpus: 200, signal 48848/55056 (executing program) 2022/10/01 07:22:38 fetching corpus: 250, signal 54076/61593 (executing program) 2022/10/01 07:22:38 fetching corpus: 300, signal 58882/67627 (executing program) 2022/10/01 07:22:38 fetching corpus: 350, signal 66697/76335 (executing program) 2022/10/01 07:22:38 fetching corpus: 400, signal 71637/82230 (executing program) 2022/10/01 07:22:38 fetching corpus: 450, signal 76159/87695 (executing program) 2022/10/01 07:22:38 fetching corpus: 500, signal 81634/93914 (executing program) 2022/10/01 07:22:39 fetching corpus: 550, signal 84955/98150 (executing program) 2022/10/01 07:22:39 fetching corpus: 600, signal 86474/100657 (executing program) 2022/10/01 07:22:39 fetching corpus: 650, signal 89286/104324 (executing program) 2022/10/01 07:22:39 fetching corpus: 700, signal 92185/108000 (executing program) 2022/10/01 07:22:39 fetching corpus: 750, signal 94445/111109 (executing program) 2022/10/01 07:22:39 fetching corpus: 800, signal 99866/116834 (executing program) 2022/10/01 07:22:39 fetching corpus: 850, signal 102246/119879 (executing program) 2022/10/01 07:22:39 fetching corpus: 900, signal 104001/122340 (executing program) 2022/10/01 07:22:40 fetching corpus: 950, signal 106194/125136 (executing program) 2022/10/01 07:22:40 fetching corpus: 1000, signal 108775/128303 (executing program) 2022/10/01 07:22:40 fetching corpus: 1050, signal 112689/132429 (executing program) 2022/10/01 07:22:40 fetching corpus: 1100, signal 114281/134708 (executing program) 2022/10/01 07:22:40 fetching corpus: 1150, signal 115821/136842 (executing program) 2022/10/01 07:22:40 fetching corpus: 1200, signal 118292/139679 (executing program) 2022/10/01 07:22:40 fetching corpus: 1250, signal 120356/142194 (executing program) 2022/10/01 07:22:41 fetching corpus: 1300, signal 122124/144465 (executing program) 2022/10/01 07:22:41 fetching corpus: 1350, signal 124430/147044 (executing program) 2022/10/01 07:22:41 fetching corpus: 1400, signal 126097/149154 (executing program) 2022/10/01 07:22:41 fetching corpus: 1450, signal 127073/150704 (executing program) 2022/10/01 07:22:41 fetching corpus: 1500, signal 128488/152509 (executing program) 2022/10/01 07:22:41 fetching corpus: 1550, signal 129909/154295 (executing program) 2022/10/01 07:22:41 fetching corpus: 1600, signal 131583/156204 (executing program) 2022/10/01 07:22:41 fetching corpus: 1650, signal 132352/157529 (executing program) 2022/10/01 07:22:42 fetching corpus: 1700, signal 134568/159805 (executing program) 2022/10/01 07:22:42 fetching corpus: 1750, signal 135677/161299 (executing program) 2022/10/01 07:22:42 fetching corpus: 1800, signal 137977/163549 (executing program) 2022/10/01 07:22:42 fetching corpus: 1850, signal 139986/165623 (executing program) 2022/10/01 07:22:42 fetching corpus: 1900, signal 142473/167933 (executing program) 2022/10/01 07:22:42 fetching corpus: 1950, signal 143755/169448 (executing program) 2022/10/01 07:22:42 fetching corpus: 2000, signal 145047/170936 (executing program) 2022/10/01 07:22:42 fetching corpus: 2050, signal 146307/172396 (executing program) 2022/10/01 07:22:43 fetching corpus: 2100, signal 147051/173506 (executing program) 2022/10/01 07:22:43 fetching corpus: 2150, signal 147913/174633 (executing program) 2022/10/01 07:22:43 fetching corpus: 2200, signal 149565/176296 (executing program) 2022/10/01 07:22:43 fetching corpus: 2250, signal 151082/177816 (executing program) 2022/10/01 07:22:43 fetching corpus: 2300, signal 152101/179032 (executing program) 2022/10/01 07:22:43 fetching corpus: 2350, signal 152823/180053 (executing program) 2022/10/01 07:22:43 fetching corpus: 2400, signal 153774/181138 (executing program) 2022/10/01 07:22:43 fetching corpus: 2450, signal 154681/182190 (executing program) 2022/10/01 07:22:43 fetching corpus: 2500, signal 156345/183744 (executing program) 2022/10/01 07:22:44 fetching corpus: 2550, signal 157179/184692 (executing program) 2022/10/01 07:22:44 fetching corpus: 2600, signal 158087/185704 (executing program) 2022/10/01 07:22:44 fetching corpus: 2650, signal 159093/186794 (executing program) 2022/10/01 07:22:44 fetching corpus: 2700, signal 160336/187913 (executing program) 2022/10/01 07:22:44 fetching corpus: 2750, signal 161180/188827 (executing program) 2022/10/01 07:22:44 fetching corpus: 2800, signal 161961/189659 (executing program) 2022/10/01 07:22:44 fetching corpus: 2850, signal 163071/190719 (executing program) 2022/10/01 07:22:44 fetching corpus: 2900, signal 163695/191478 (executing program) 2022/10/01 07:22:44 fetching corpus: 2950, signal 164527/192309 (executing program) 2022/10/01 07:22:44 fetching corpus: 3000, signal 164996/192967 (executing program) 2022/10/01 07:22:45 fetching corpus: 3050, signal 166429/194035 (executing program) 2022/10/01 07:22:45 fetching corpus: 3100, signal 167045/194730 (executing program) 2022/10/01 07:22:45 fetching corpus: 3150, signal 167664/195474 (executing program) 2022/10/01 07:22:45 fetching corpus: 3200, signal 168262/196165 (executing program) 2022/10/01 07:22:45 fetching corpus: 3250, signal 169367/196992 (executing program) 2022/10/01 07:22:45 fetching corpus: 3300, signal 170746/197880 (executing program) 2022/10/01 07:22:45 fetching corpus: 3350, signal 172594/198970 (executing program) 2022/10/01 07:22:45 fetching corpus: 3400, signal 173883/199831 (executing program) 2022/10/01 07:22:45 fetching corpus: 3450, signal 174341/200343 (executing program) 2022/10/01 07:22:46 fetching corpus: 3500, signal 174908/200910 (executing program) 2022/10/01 07:22:46 fetching corpus: 3550, signal 175393/201414 (executing program) 2022/10/01 07:22:46 fetching corpus: 3600, signal 176335/202092 (executing program) 2022/10/01 07:22:46 fetching corpus: 3650, signal 177056/202693 (executing program) 2022/10/01 07:22:46 fetching corpus: 3700, signal 177549/203194 (executing program) 2022/10/01 07:22:46 fetching corpus: 3750, signal 178032/203701 (executing program) 2022/10/01 07:22:46 fetching corpus: 3800, signal 179108/204388 (executing program) 2022/10/01 07:22:46 fetching corpus: 3850, signal 179676/204909 (executing program) 2022/10/01 07:22:46 fetching corpus: 3900, signal 180129/205317 (executing program) 2022/10/01 07:22:47 fetching corpus: 3950, signal 180730/205792 (executing program) 2022/10/01 07:22:47 fetching corpus: 4000, signal 181697/206334 (executing program) 2022/10/01 07:22:47 fetching corpus: 4050, signal 182571/206844 (executing program) 2022/10/01 07:22:47 fetching corpus: 4100, signal 183404/207328 (executing program) 2022/10/01 07:22:47 fetching corpus: 4150, signal 184501/207898 (executing program) 2022/10/01 07:22:47 fetching corpus: 4200, signal 184983/208288 (executing program) 2022/10/01 07:22:47 fetching corpus: 4250, signal 185689/208729 (executing program) 2022/10/01 07:22:47 fetching corpus: 4300, signal 186125/209121 (executing program) 2022/10/01 07:22:47 fetching corpus: 4350, signal 186605/209479 (executing program) 2022/10/01 07:22:48 fetching corpus: 4400, signal 187391/209858 (executing program) 2022/10/01 07:22:48 fetching corpus: 4450, signal 188202/210253 (executing program) 2022/10/01 07:22:48 fetching corpus: 4500, signal 190055/210844 (executing program) 2022/10/01 07:22:48 fetching corpus: 4550, signal 191042/211190 (executing program) 2022/10/01 07:22:48 fetching corpus: 4600, signal 191655/211502 (executing program) 2022/10/01 07:22:48 fetching corpus: 4650, signal 192575/211805 (executing program) 2022/10/01 07:22:48 fetching corpus: 4700, signal 193116/212065 (executing program) 2022/10/01 07:22:49 fetching corpus: 4750, signal 193700/212321 (executing program) 2022/10/01 07:22:49 fetching corpus: 4800, signal 194096/212552 (executing program) 2022/10/01 07:22:49 fetching corpus: 4850, signal 194494/212845 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/213081 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/213257 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/213443 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/213630 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/213828 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/214027 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/214213 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/214398 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/214442 (executing program) 2022/10/01 07:22:49 fetching corpus: 4870, signal 194679/214442 (executing program) 2022/10/01 07:22:52 starting 8 fuzzer processes 07:22:52 executing program 0: fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040), 0x2, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xc8, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x54, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x1}, @NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x2}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x7ff}, @NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0x800}, @NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x9}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}, @NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0x38}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x9}, @NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5, 0x11, 0x1}]}, @NL80211_ATTR_MESH_CONFIG={0x3c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x2}, @NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x3}, @NL80211_MESHCONF_ELEMENT_TTL={0x5, 0xf, 0x6}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x100}, @NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x3}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x63}, @NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME={0x6, 0xd, 0x40}]}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xfffffffa}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x5}]}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5}, @NL80211_ATTR_MCAST_RATE={0x8}]}, 0xc8}, 0x1, 0x0, 0x0, 0x20040800}, 0x24000084) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_DELSET={0x3c, 0xb, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0xa}, @NFTA_SET_POLICY={0x8}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0xffff0dee}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x8000) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/timer_list\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/ip6_tables_matches\x00') ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000540)={&(0x7f0000000400), 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x64, 0x0, 0x4, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x0, 0x19}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x40) sendfile(r0, r0, &(0x7f0000000580)=0xffffffff7fffffff, 0x6) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0), 0x2080, 0x0) sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x4c, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_OPERATION={0x5}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_TDLS_OPERATION={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040}, 0x4) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000740), 0x101080, 0x0) r4 = openat$cgroup_int(r1, &(0x7f0000000780)='memory.swap.high\x00', 0x2, 0x0) fsetxattr$security_ima(r4, &(0x7f00000007c0), &(0x7f0000000800)=@ng={0x4, 0x7, "fdf8271854f5403a587f271277b957df"}, 0x12, 0x1) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000840)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @in_args={0x2}}, './file0\x00'}) sendfile(r5, r6, &(0x7f0000000880)=0x8a7a, 0x5) r7 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSBRK(r7, 0x5409, 0x0) r8 = openat(0xffffffffffffffff, &(0x7f00000008c0)='./file0\x00', 0x2a2202, 0x10) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000940)=@IORING_OP_SEND={0x1a, 0x5, 0x0, r8, 0x0, &(0x7f0000000900)="046f822bdbce7f805857b40d513a6427cbb3285073a7752cf424f310580c02adc908de8e8492aef8571ef56ac9a4784628ba7868bdd322", 0x37, 0x4800}, 0x7) 07:22:52 executing program 1: ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000000)={0xd6b, {{0xa, 0x4e20, 0x8, @private1}}, 0x1, 0x2, [{{0xa, 0x4e23, 0x40, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}}, {{0xa, 0x4e24, 0x8001, @remote, 0x4}}]}, 0x190) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x10001, 0x0) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x5, 0x1f}}}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26f}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1590}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x28b}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x4044085) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), r0) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000600)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000480)={0x120, r1, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x9}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x80000001}, {0x6, 0x11, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x200}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x6}}]}, 0x120}}, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000680), r0) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40a0400}, 0xc, &(0x7f0000000780)={&(0x7f00000006c0)={0x9c, r2, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xe4}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_SERVICE={0x58, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x8}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3e}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x38}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x5}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x1d}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40814}, 0x20000004) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000ac0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000a80)={&(0x7f0000000840)={0x220, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_NET={0x50, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7f}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffff801}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK={0xd4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xcac9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}]}, @TIPC_NLA_NODE={0xdc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xcb, 0x3, "3742b5a3eca80480fdfcd4f3f5705dd5dac6c46fe3907190cd1afc5e007afcad2c9d92e2e66dd2926a698363588896c6ca50d4a4ea52e81e5d48697606e6d2e1715338753c47f8f3421dee3b696a169bb23cef8e0c0055fa5adcbb418229a009ccb8b940cdedb35859af1b87bd22e831960298bb88fa54864a9198b03375efd0be708a027200cb05567f9585ea602bd491f1c009cbc2126ef42d89f0101326ccbcc991bad54bd6f14c3457ecd11ccb1310c1a772c50fc6ff342af26a2c8501dd6ce58048b2a29e"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x220}, 0x1, 0x0, 0x0, 0x4000}, 0x4040100) r3 = signalfd(r0, &(0x7f0000000b00), 0x8) pidfd_getfd(r3, r3, 0x0) r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x3) ioctl$BTRFS_IOC_SET_FEATURES(r4, 0x40309439, &(0x7f0000000b40)={0x0, 0x3, 0xc}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000b80)={{0x1, 0x1, 0x18, r3, {0x2}}, './file0\x00'}) openat(r5, &(0x7f0000000bc0)='./file0\x00', 0x10240, 0x20) r6 = epoll_create1(0x0) ioctl$BTRFS_IOC_SET_FEATURES(r6, 0x40309439, &(0x7f0000000c00)={0x0, 0x1, 0x8}) r7 = accept4$inet(r3, &(0x7f0000000c40)={0x2, 0x0, @loopback}, &(0x7f0000000c80)=0x10, 0x0) ioctl$FICLONE(r4, 0x40049409, r7) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000000cc0)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) 07:22:52 executing program 2: r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000040)={0x0, ""/256, 0x0, 0x0}) r3 = syz_mount_image$nfs(&(0x7f0000000240), &(0x7f0000000280)='./file0/file0\x00', 0x3, 0x6, &(0x7f0000000600)=[{&(0x7f00000002c0)="75d9534b7529fb18aa8129630367c028afa33f9dbd60a8b7a816e28af28447fef51008a051413337c3b98a8c559d6bc70954cbc62e2f16ee506a7ea8400cf5bdf7fb5fd93b5422fd137e373fc49d1207107219b14435c07bdba1f01b8805267fb8c3940a2a457948a38cf24c85cc7392840087ed64d1f116", 0x78, 0x8}, {&(0x7f0000000340)="ada2bd9f24492c83f2edb0950f239ebf2cc9c37d7708a8a57a7ff28ee148aea921efb38b5f6d3eb66be8ba933ff735b0ff65e875ca1a4dd90d5b53a1e6a8eea329b810051e55bab3618d45eb87e12fe7fd6c2ecaa30ef3d0ee3d47c1173585849345a85021a2697ac9837145ad03ce7a00631c7d03fb74f650273e45e3e5aa5121e566fe32d7ac7b74f4", 0x8a, 0x21bb7bdc}, {&(0x7f0000000400)="77602594448c2afd4d03f0305f5d530e17bfa2b6db46efe2a8d42e6512d74dcb7699577e58a5db53df67566428dfd8e6a43aa34f5cd75087e18d14dad2a4a003c6b5b736c644dc7ca9ce96176911731470aacbfcdc3b1c942aa3bdcdd1a13d2ff0", 0x61, 0x486a}, {&(0x7f0000000480)="3f4faa83e3dbbd062c1cee8c32cb71ea00d9b41cb93b1c9171fde0971ba77c8f304dd14e038d", 0x26, 0x7fff}, {&(0x7f00000004c0)="08a424da15", 0x5, 0x6000000}, {&(0x7f0000000500)="f4f7756542cc39d804b27f15459a7db9d16ef5481c53f1f7d80e3bd4d817545db51824dae9478b06a094d80f0a3fb98a4b7f33ad6f7e54e890234063c658490d28c9d4971466b423e27548968db6d3030b5dfd381f232c79fb2dc16ed50e7552d4e889cb5ec1e49cf01f13fa278d8eccbc18a86714f524078cfd639f917a1f7d45f28a9c460dd5bd0e2e895b62431612fa36d414620e652232b6a35d9dc2d68a3c0689b425f0162dc2cd62b8efa8e0e36af646baa8af317419617412bfc50e1971a1b3ddda428e7023b66719cb28117cb5e8ec7b0b15d8b2faca0d70aac42f", 0xdf, 0x86}], 0x0, &(0x7f00000006c0)={[{'@^\x8d-:}^*^]-$'}], [{@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}]}) sendfile(r0, r3, 0x0, 0x5) lsetxattr$security_selinux(&(0x7f0000000700)='./file0/file0\x00', &(0x7f0000000740), &(0x7f0000000780)='system_u:object_r:random_device_t:s0\x00', 0x25, 0x2) ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f00000007c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000a00)={{r1, 0xd8d, 0x3a54, 0x0, 0x0, 0x4, 0x2, 0x7, 0x6, 0x339, 0x4, 0xa106, 0xa029, 0x1f, 0x4}, 0x28, [0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000000ac0)={r2, r4, "ab6c21381645e12e686103866776535712eee3edf5e3d49a55a30db6c6f117cf3dbb02a16ee347d6b38a2aa5b927c7a20f0cf41e0878d21910cc54f1ba13564926e4c032a6bcac035b0e866379a52912fe74ec25e673cc45189e745e70c050bfe5c1702f37da2c84d55e09681f82fe6162b1f74faf24d979c7cb2070140dc7cf47d845c7df30b82e80eb6703f9d83b0c3bf8cd0103e26fac122fb9a664dede5fc50579077c0c6d3c1194c14d57c4054f79237920e44576338d728a46b784b47d051636b62e31309c7d31622f3551f56830921eaebaa5bd5eac3e002108716d45ee679a76c90e9384fccdcf0c1e29b1c2b9472e2e4ca6b7ccdd690ccd6ceac0fc", "7448351e62533b5f3f0ee03f6015817b978bea2d6bfac623e823589667513a7b71b9b1fc7c02699931be53ee7a6fce36211eb3d5d272f9970062c75650fe71500b3102aea72e73dab914eccaf9a6c4a697bde2c336b781fe9c913c738bcbee1ccc08506a12ffc14da6d38922c4d2a5877e49a97bdf61b0a197d94339657a2dda09cb640dc5f4d2e1f9230ed7d540f29c755f07b92214e09e5875d5106b1ce43572373191fcae5c2ecf2b27e765b36013b07533102a074bc2c5a859e51a8be9897d1637ccf2a97aa2bb5081a070d43fc39bfd71b0414f6571ff4db01bf1549a7a59a1d787a04604a05054b48c82108b5323defd7b026b359dba9fbd24bcbdb04c7ead09cee68aea488ccf6ada91982e58dd36ef6a3370917ad8263b3cf9676edd6c3cc5bb82248fc7f3c09037f3c20e793e840a0159cdb99f31c040a96f50530db30f16f82a788b42a04b1626ac189fb67acc951dcbe24008bfcbb2937566c8fcbcdc9e112b98ba076513e5938679afdb11b0dcebc0b60c781497ea596080d446f561917f2e698c555abfa1e548726e4ce2829e7e1d9149c39b0c7a58feba012543320c0a15309a4318fe9ee80fe008091be60376aa9b22bb9e907be7cd2723904a8ba2b7e68910b4e248a7ba48cc833838a2efb093becaebb7c81851e7491a07a2cbb59f302db7696bd788bd57ea219c7d3b108499cfffab042f331352888a92d02f4c398c962d82f57ea40d9ee037d131c4243c5c591430ff1183e7dfa8cfe5860e668ce864d2c1b0291ca36d8b861c9812fa2368c124b1d0642ed5255b5d84434c188ffe279cc5bd5a710363b67e825a5ac7e3d5948559af8b0b121c8f9713ffb0eaf87107418017a00a12a8f6e26087a70a0a0bf2bba22bbea94ce5c0f52095c3ac59ed2a4f3e36688565c82fb6f665a93763f228018db82216f2e3b9c37a7de43145ac916c02d888d774ffc26198e225f542c2962e36d5557229b3fdfcd5126b5116766ce9c98e28b33fba72afa2d9f3068119962ba88d25810d3576a68c049dafb5a5669fc30ec59fed92dae58f66a985d8b310cc10de40e7f4da3b1f94d4afcd0c32f5fecfd62c1798c6b29b3b0803407640d859f32b4e64be98876ab5e8699016e6d7fbd08181b1f4bb1f6b6ae2f7bea8dc4dd6d10e61450ef80805dfbd70999a696c61750584f1b0e6b1ae806340c81bfb33c457647b7f2ec11403fc2f6329ae6ec0dd122819659cab4be8744aef1b1e68028119a752dc047a17d44e9d4d638c2e9bbaae63bbf69d0ff33934a5a0c50626a6c981ff7711f4b51c3d69067ca162dc7e6ba2d8cf49c20b83703e461302fc28ed9a2bce8a1b4cdac8bf1d75813721da7d9e944abae8f8a363d90e85ee5711cc83e4fd60798114bf8eb9a4036a7335eba5ec86682e0bc97fa4c2880fa31ccd47ee2a3bd0881e9ea793ff29c172b49b084e54e50e7c28f7d4e3443b7bd72678a855b19d5f5114e4bfea42e6c6aabb2700518c3c3bd209ac8a1cc0a258d81a24d5b0c2b29999d2993dd5260d369897efd593b641a9971e9df819a5831bcef4336a691766a43897433871447eb0af7954b128b6b9d509881d0ff9e535c054a0850783f1dd23ab0045447a316e83b07b03833bc33243c4f54a8f00336c619770cb4e524c8a1391911cf86c787c81be2fc32dc36c86dc707a75aa349e97c4ce6077f661d71a2de4e26652a29670ee310b7303696eb1ccd99dc343bd2846c57f8c42139520ca53f407cdb898846fd23148443b1bc11a66e5de494376851e4e3ace665eed33a5a87e21ef83431e3f6d40e8c95eb3f102c3a7fc1d60082ce24fb7b5763237852a3a80a5dcf5d1b856a6cced9ce4911e3fc51391ce566e8c1cdacd2cd4be2bfa1962bddf3e2230a9c540088dc08a7474d1783987647323658db7bc704bffa2a49582918cf9d818ae7932e9db26296938ed92bbd15ef5d3ad4c82f126ba2d0b1be10839c720a579afcd9e516a865d0354725ed5a0bc64b0e5136641595751590dd29389d2ed5395e0f1ddfa32da38afc8510e044278cda7eddbbd49d92af6f21bd1015b9f3c89ae31cefbed7dce38d373ff3393808db23a16e05f094f747685831603a9dd18db170cc594280cbaddcd448385499116c1f2cc2a0f97376feb059dc09278d9946681df8b9aef9dabe4c9900b74f2412c72f38165536f3c10b6f8dfc08cdef4d7e51f26a16386d88ff3d0cccfe42278483fcfe03d45feddba1fc88f7eb84627515d0f138f874e02187aabb163486e875fe3e4b9b8685cd5d5afb4af455a97d72ff8734c27006c5779995487b211aa8860dc1d5329505861837cda07983fa7a0904838ba73f73e19260cb94857b311e5523d651c07a5b976403620b6ed0c316ede918bbd1cabfd312feb089bb66ab226cb07f819fbbfd12d9d444f166c8aa6477ae911269d8a369e8b53acacf1da8979af356ee3f2229b73845229b097ab34d8c507e3a89991da0cd2af39b7c7daf8f36d190e846d5d04f35a0d2a57571517658a82396f4de83f5a6532578b79310ded84c90418a459fa67930cbce3bdef575893ce09636f965fe23f7a25a9ab992aa237950e66eb20efc8eb25139b1fc3ecf031e1c43eb26f8d4219d5e1e3f56397906bc7e22e61ca56b46005ad515ae26a5d0aa2012426f851253488a1b772ed56b4383824569bdeb5e389b11e7ec133b7877d329474faf53ef446149a19cdabd075f7fed45494402313d75107d3aa1492500883e62b5c0f337901b4aaf12f279396e201f71875d81c4931d18f9d1d47f6acffe3b6714be59af857077c3da8285b043c4e965ea98fb0f1cb966e8eb42aa2aa1e28e53c82438d21d088a69c0f6c4cf03d75edf70edbeb325e2cbc0c4b50ade64702f90061688fdf2b0ad57c665b5790333270152c96c16a51574d298dd5d1497732fad21491d6c99f6780bc175070e40bcde5eac378e5d358c4fd3bad5476427d4ea1d3fa142daaa6b96a9720695502b224adee4e4aa7fc2d1f73a2766d3d2cf6eda76dc9516701992a96b9c64c2396d0fe246677953461dc2d68614351e12e9a575fc5b922b645d75a7dee63e4ac00c74c12d2baf8d3f8140fa318d213d322d3061264dce2433c8e83036a1c189bf233ec3c9e93b9e50828b664f04bc6fec28e554e1e18e13095e3855842aec8cf57881c36dfc2a3461d74310e147d50c8ec4d75080a56e7a8d6fd84dfc641c610f4e78445ece23bbacd58f13e94a840da2a82c83309a20c0c1a1e66c77377fe7778ed3f1bf5bf32962d237b2042070ca3d27945580e9f63344cbdfe043e04164f807fe616ecf5af045b1bc91818674c2936ecee767f7b9e85b783927cc416a548e35c8cd30e30ff0887b8d110c1ad38cedf85eb93fad68ea40c2f85aaecd4835bc2f5fb054bc7c4b8fb0e550d53a91da5b765d96293fdd67874dc01d613fa6ef419c3a8be4be6a9eaa16aebf59db14fd4dee18b8bc541473bedcef5f3997c6aa43ee9b535732f3296a4423bd45d4c8676a59435106296e4de1991c96dd7dda27a36fbb3aceafdcdc4b94602041a7666504d891c9131d501988c320e4bdbc04ec6bfea22ca9d4b7afb8028045789dad4171877ceafa1fc15b5bb8203e26dbb3bd7bd2c7ae0a8e2be563eecad03e5ba6daa765ca3b167da5a2bed35a0b9c96a6211e02110a3019d5054ffe32c8cb869a6c16ea96422983082d1d5e4c1652884b43c66acdae6855a66d0e3e4409fc715c38c8fe6568c3477c0df33928d4d771d05c80211f500c09197f8f6647daf37c2a5cdd2f5f0ce1adc9d8d58638f1125a41a01b0854ac3250ce2aad039d93d836870b17167657bb95f1454915ad4821606075286028f79da0fe844680c41986906ba969b2c9023fec497332fced8f59aa9701c46a4b99b88f8cb46ba46f92bb128bed1158e5a78650cb3129b14c4f067fe2367179a9bee4b29a9faad9cd5271def937099c6fd86a67f8fb689032c6e73a275c64b05b46c435ae11ede71e6f32e34bafe66137b98f98a125439c344f0b2ad89c432939383730b21789f1e43b43619334e5f552a1bfae946275184c2f2ce7f7a9ba9f2ef5104d4eb4f2ac622550d695fdebf2edfe389926781ee49abb316c58c3c79ce024c4c670dee02afb2d05484c0d742476a03a023c6e4b6f568bcb34e11264cb80bdcc3c9e1f9a9217ca77971cd50ee9ffbc93fc3919a2d63b59e5329b0540dfe3b74acb8679b0c626b962f4fd5e7d772958a5068b4f573eeb72e6cec617c8c9631dceac27d934185dc2b9fb74f278120064c995f703f22bc1d0c251f1cd795bd4da55f0ff7557d860961a2b7d30148a3256130936497c8a38f6fa48894d2594efb70b6d81633f8c5d789bbf9181b5b801617032739fbafa8debdd0d1aef1fa19bf6596c64fcc9a3bc85f6719fed64d4f24c45975a4aeaaae691f7584dff339811fc76674e4c64f56dc4ccca296931377a2904e1a89a6d12da8901149401d0b390f88c547e8a56d9c4d906d837002981d806927a692fa23a2697b3bb796a0f953eb6ca1f077c5c7e28221265a1080d0b1dba40d459bb6dd6b86a42c2dae34fcc8858124a694757e6d027cb316b5403a638b6feb6c989b2d99afe3b43517d7f9cd73551be861aa5af09deff112ba34717c644cb88850d5f7d19602d0b9b9ffadcce42b597b094179fcf9a17596d08e3ffb390604736388af52092068a9095a03d81dff7018d7cda30a3bf8755e1f2ffeea71fa354e0c4602d0ba71332c165fbf141c9e0fce6ef442a8d390e68fa3c47f5492257249d9ebe05e2c305d8a801571e93e70ee026f514a80d5870f09f478b93608c547f52a6dc97cc550ee4268e299c7e4e5eb2f386818b821d7c4cb48a63086d20813d79c2269b28dff3ef648a2962ba1f474481f311967579f956e06f5f6236ee555e717c94a8ad550a1a0f5ba72bf03df78f895c57c00c1940d8c0c6e62dcab0e138c2883bf2a20184240522f0f3cb0d7d6f85b9a4be06a0467740c5a1f63d11379e1cd17a0c2ad513e033906ec7c5927159a82f9f6737810739e0aa79ea89523efeb1637a42e9b4ccb25eade8d7a6fe5bf6c0f6feb1be9396f3e90e1cc98626d68240e4abc5b39a8e5d7daabc630c65cbdb2e14ecbdefc5a288254987fc561b5fd7f0e91b15fb5f8af02673981ccf9f134699e5772eac0cee7308bc9b9964a6e03539a38f4d9ef7910a3db4ec7b5a7be9e5d292232a006814a075dc362afdfe70d252be810f675f2a973bc42c0efec68cf62a3365d3111f4193dcd96f2baeffa6919f7c9e08386cd247561407615ebd5593aad671f26d7a2f237340931155051fa029f67f32591d2dd4ea917a772647156fb3196200cbb8d9cb243ea4d8fa6d77e68f37e3db45ca5bcfd1506ad0ad07204f0"}) fallocate(r3, 0x0, 0x8000, 0x2) pivot_root(&(0x7f0000001ac0)='./file0\x00', &(0x7f0000001b00)='./file1\x00') ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000001b40)={0x2, 0x1, 0x17}) stat(&(0x7f0000001b80)='./file0/file0\x00', &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$nfs4(&(0x7f0000001c40), &(0x7f0000001c80)='./file0/file0\x00', 0x7, 0xa, &(0x7f00000022c0)=[{&(0x7f0000001cc0)="78f18a8ea1d696bb87da213e4230d265d72fd3da3939afdc0caba32cf3ed1139ad60661dd77e4dee", 0x28, 0x7}, {&(0x7f0000001d00)="5b824d373c9652145eb2a84e84958a616f7e99523e7f302adefdd86a4249b50b96d619ed1b777edb32ca83a876e3e576c5e55a19cdd015fb3c81336ab71f14fd569d25f5d99d7a7a7849f21d9b48ad0cfa84e455d916ee831b1f9d9a0ce59554f114c2f20b2a1cef25591cbaf21fd0728574a108f6cabca7995f0376cc6025112531499035e4", 0x86, 0x7}, {&(0x7f0000001dc0)="bfc5beee8fb6b07561f2efc053adf2521d749f66127be235ed8054676023e1", 0x1f, 0x10001}, {&(0x7f0000001e00)="c88152921966067e4b9871556b1e8921aafa88e1a5473e65b629f7cc50795f1f22a3a0926a7408dd6a92b57a6709d357270444ffdf9525dd997cd8b73cb2da990a00966c8feef96e0af0473abc01f8e6e338344b6ec40dcbcc45dc365ee986b909904348c851ffc06e5559499f0a620bd5ca9e2d3197105f1c392f1b3ab168b5d01e3d7a90f4a6db17e966c0cd421e7c7cb0fd0962ac1b7bae9507a6ca5a68b5c889e249daed297bcc5aa22537527a479305e9ec3417667a8f6c6379667602692115f149600783da18f67264bda8aa3a0c1a0da29cff6a69f2f1f8ee73da6138a7498d89397888272c7a535aa1d2a1fe0507c96e29472c30", 0xf8, 0x7fffffff}, {&(0x7f0000001f00)="bdf2585808b8db9210bc57d7b2fe5fbfe9e8c0436ac66bfc633daf773d26f945d4b4526506dce30b61795b4db69ea1370cfff3e971b21279693024027d938298", 0x40, 0x2}, {&(0x7f0000001f40)="38e3a7935748fd02c4877f7b7a17c719d0ecbc5b1c3e025d4ad4f365532f4c9b75cd6f6bb7f090ba74dc8ea9e1ba9fa93c797ed13a2a9904e26c86250852d55390ee9e074a0d8ca1ef80fb492533209ac8292313213360f6fbca9eb3857c19ac5f", 0x61, 0x9}, {&(0x7f0000001fc0)="07dde895f22871be052dca21bf8991fa77bee4e6c59f59b0309a02399254917ae7fc48bccd087e67bf8fbc57bfd7757b5007578fd506b6897eef48951468b4feb222c1d67b5713d1d53874d73ff6abb7ec8822e90bc45311c55a6b2e1e5733acac30e34c7413fad7ab049530f8e0a8c81b678248c3ba3627910d886ef908730a147711fb456c269ca8ca4f0811fe2c009427cd52a1dbc4cf8619cf429fe5b38102ec7ee3bda91f2a4ae36cd688fd40c683161a99e2819613b142412879a55fac57d2b599ad929402c56d9abfe5160fb35e156ef81ee9980a3cf2f4e5db0e82c008266b65bb2d2f6fcf69a6dab924a797a185ed8b381fa22b8a1064e0151a", 0xfe, 0xb25}, {&(0x7f00000020c0)="f13b6c4f737abb9f8f4b25b0e6f1e9e0145f776a2b219566c516ec157ed6fe75ea60b63cebfb0a62992476d9b074e496512550899add53f22b4d11b93bf082651e859612f07d1d7d88956c9bc3a4d2df2c775eac2ab93e3fbdd5755700723fe37d28d3d1a421c054c19e794453f8ed13ce1e6953d9a21bb4e329091e472d23291989fcfb495a411a53a2014b73cd935217fb25f0dbb2fc31085e95f79acd0bca49a075336a2175f33ef445d6eb7585b13a073b4488865c00af6cd75d03a8ec9376eef2b965a09ea5810c251a9f8a759f633ec8e77684b846bf5d09586ad0fc11736c16f7636e", 0xe6, 0x8}, {&(0x7f00000021c0)="ba8f675277fcfd23b7276b1e210067a3ff38731747", 0x15, 0xfff}, {&(0x7f0000002200)="693cc32fbcb461a7233f0435307b1df4076b859b255a9230b195c42577d34b3cf56753298e648867004a779df9e2946e9c0cd10eacbf743971bdfad34fbdc9019735559de19a0f0f8a14867b245a702a5ec43563d80df6981d36bbb4b6fea1bc3bf65923707e80626626359ba7500a5a474cd25fada38a75282a4f1d6bbc3bb8de25feb7a219611f1164fe59f43d14787ca2879f69", 0x95}], 0x800000, &(0x7f00000023c0)={[{'fowner'}, {'fowner'}, {'-,{:'}], [{@pcr={'pcr', 0x3d, 0x1a}}, {@fowner_eq={'fowner', 0x3d, r5}}]}) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000002440)={0x2}, 0x4) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000002480)={0xfffffa4d}, 0x4) recvfrom$unix(r0, &(0x7f00000024c0)=""/230, 0xe6, 0x20012022, 0x0, 0x0) pidfd_getfd(r0, r6, 0x0) r7 = dup3(r3, r6, 0x80000) mount_setattr(r7, &(0x7f00000025c0)='./file0/file0\x00', 0x9000, &(0x7f0000002640)={0xc, 0x1, 0x40000}, 0x20) 07:22:52 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) r6 = signalfd(r3, &(0x7f00000004c0)={[0xffffffff]}, 0x8) ioctl$KDGKBTYPE(r6, 0x4b33, &(0x7f0000000500)) signalfd4(0xffffffffffffffff, &(0x7f0000000540)={[0x80000000]}, 0x8, 0x180000) [ 76.164634] audit: type=1400 audit(1664608972.370:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 07:22:52 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x389603, 0x0) epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'sit0\x00', 0x0, 0x2f, 0xc3, 0x81, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x23}, 0x8, 0x0, 0xffffffff, 0x2}}) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000100)) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000140)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) sendmsg$sock(r2, &(0x7f0000000400)={&(0x7f00000001c0)=@l2={0x1f, 0x0, @any, 0x1, 0x1}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000240)="fb14bf0d148d86054fa5d95b995b498c74132e88a19bd3fdfae1c81c2d6b0c693db03ff54c62125c47314c2a1fb457f55e8bd321d2e89482c1185b93711e608282d1b4663dddccda329273886c4fc49527857aa9de000c2f2b7a2d9b50e7f3b44d22321f5c4d607481ef0cdc393efe9877f35359491d1b4bc84c907258270a285fc5d83d39ad8f9c9a90add5a4fef598d4b437607ab0a0d1bdc8e78923e8b55ea850678d730074b2d84f87db669528a4a5b5b57fd984e554e85e3453b8177e95591d16e748e51aa86b35202835c3e9361b5a3070c208ffca6a669af08b896329f318c2a9e1348b9cf70c9b79bfee", 0xee}, {&(0x7f0000000340)="258f408c2d37b9310d9be2e930a97e302b19f95b90b2b051d5e0ab0a389259f1806fbc3f605e49f1330d7871c4b049c444885349e935", 0x36}], 0x2, &(0x7f00000003c0)=[@timestamping={{0x14, 0x1, 0x25, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x7f}}], 0x30}, 0x4000000) r3 = pidfd_getfd(r2, r0, 0x0) r4 = syz_io_uring_setup(0x50e0, &(0x7f0000000440)={0x0, 0x2d06, 0x2, 0x3, 0x25f, 0x0, r3}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000004c0), &(0x7f0000000500)=0x0) syz_io_uring_submit(0x0, r5, &(0x7f0000000600)=@IORING_OP_WRITE={0x17, 0x1, 0x4007, @fd_index=0xa, 0x100000000, &(0x7f0000000540)="243b588a21a7e1327e3f01c45290a007454c5c0642e6d30d352d2bf6e0455c6d3a61e1c7118ea9f827df696507eb2c7d5301071d631240c818b10f876f2cd1d0d12f16cde109f4a083699e9fdf86eae788481df7825698807471f33e45f3cdee61fe6038bbb3cadd65a4ecd2847aabd689d1e5b52d53480908e981c10d1bc8cd649bc0126d730ad6798f0de407cc23b367486b160990278fa9b109b72f32", 0x9e}, 0xdbb) write$binfmt_aout(r2, &(0x7f0000000640)={{0xcc, 0xa4, 0x9, 0x33f, 0x167, 0x53a8, 0x189, 0x59}, "e592cc4b83761b08ea587237f9fa6e234cc83aeb034aed6d755703c2098733599f306b84054e43321972f44fe685b0fd54a5c1def54ec20d4c33c6a3ea349ea68b55aca913a10102203107c82be02865", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa70) r6 = open_tree(r3, &(0x7f00000010c0)='./file0\x00', 0x8000) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r6, 0x8982, &(0x7f0000001100)) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f00000011c0)={'syztnl1\x00', &(0x7f0000001140)={'syztnl0\x00', r1, 0x2f, 0xc, 0xb4, 0x0, 0x64, @dev={0xfe, 0x80, '\x00', 0x1b}, @remote, 0x7840, 0x40, 0x800, 0x10000}}) ioctl$VFAT_IOCTL_READDIR_SHORT(r4, 0x82307202, &(0x7f0000001200)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r7 = syz_open_dev$hidraw(&(0x7f0000001440), 0x0, 0x400) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r7, 0xc038943b, &(0x7f00000014c0)={0x1, 0x20, '\x00', 0x0, &(0x7f0000001480)=[0x0, 0x0, 0x0, 0x0]}) setxattr$trusted_overlay_origin(&(0x7f0000001500)='./file0\x00', &(0x7f0000001540), &(0x7f0000001580), 0x2, 0x1) execve(&(0x7f00000015c0)='./file0\x00', &(0x7f0000001680)=[&(0x7f0000001600)='sit0\x00', &(0x7f0000001640)='$@+]\x00'], &(0x7f00000017c0)=[&(0x7f00000016c0)='$]){\x00', &(0x7f0000001700)='/dev/ttyS3\x00', &(0x7f0000001740)='syztnl0\x00', &(0x7f0000001780)='[,\x00']) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000001800)={0x0, 0x0, "78fa12568afc1ad8904d58aa45023cdc1a17662c4093f6dd5169ad08540e64d740e82d615d4941311c18b6f6c2c1de632b16942edb798fc9ed0e5ebaec3247356ca8e7fefe7b9887e7b1fd4d05ea67b9bb247f5871c02033abadd4d363d6b8aca2582fd2837be30e77c8f6816a7eec83fefa0f3fdc14e56724102982c992ea18f86cd2f1adabb1009cdaf2e1f1de8bc47e8110f0598336cec38bacf9ee4cc8cd54fe1f117112d4352892273995f7a585bfa306e3cea5e9c27936b14f867232226f1f1d63c06a8243d9a112e96f3609546521d8c572a0b81d54106bd7de55eddf14c706693b34322957b8162fbc60433c4cb25751640c52463e349becfecf57be", "d255239bdea00fe4e1f15e0270beaa14854adae29f888da2fe6b24f88b9f27649af2e47d2b7cf7f402b4fe2206d843095f692674225981439993656eee4a0fdda179bfb43656388fd0bcc0c80fc984311fc6466bde9b449afa47fb3071ebba3a1c6e09b51ca752201b27ab6da9b2254d130cca6b7e716c839bfcba6a3aff7cc7015f793023f4afe68de9f50bf27c8ecbaeaaaea87b76a1c2e5c755022fce65ff92cb9960f540978f49f6e72544968295c87004dec7a2d717f1f8c4ac978c15fe59bb1a012b87613f31cc2b61c77bd1bfe40df5e3a9ce7227da6ca38dfbbaa471a3cc0e1b6e620a36edc0c46484ff44d57865fc08cf3a826f2dc4e6d3c381b02621671fdedfd55a05529740509cc4f96de1b562ad9f5dc575d28dedc4ff4e3c47d24233b13866c24dd42e1688475b89d075880050e55b19e709c27b2fcc73d135deb8b5f785717e4627ed076d1d25c5623f33cf2d6b7c07bf69cdde3b400adbdbbc1ce01efb2cf4efdffd84d84a8851e77ab065e60785545a75298c82ad92e087ab5d4efb87962762465cda1d955094aaa27aee421e31526ad2bf302a789a648cca2a42358f2c74eec8cf2e0fbd544ebe7053eccd0ba3156bf220af93c89dc55519445313558f9959816fe448ab929b54da6da182253bb0e309c4b64459334dc26c90bef67f83c15419b9f8670c7dcb94ca2602dddefa0e04253a8991b8831e56468b3931306261bb0424696c92668894f4c750e2581586a98cc5ca63bfbce15d2e4b38a586416fafe40996412a212702ba73fb500648d29a2b291cf59c0f62f30ba9ba2aa89e7148a46a05b77c7fcb2299ea0afc36b90c6b45f745c5623ad198b763ceadce7a61e8b1c7cf4ffaea1e602696ff7fa688cff25b03f5107771ececda5f2e9062ff7a570f734b925bf09b3ff0d1d2715509dac0f5abcbc968a52e3524622f259857c12326938740f3fccb8452109521d1d4c66e36c4009ffa788e6a2c7a0908745dc430929e8d5846edead962e3afd284c11334553cda1f4827599db3549ec476d5223ecdfecfa8c1e7fffc6d1a38396c2146a61b6ebb2836727c5d5f6487f81e768958fa0c5fce283b19e7c64b6900d4087952b4c9d101f9a764e14f0fc87c69b955b876b82691de917cc66a232ee174f868491c889692fcce92cacfc98e69b3117fbf5bf08da0f4e1e4db5808b18a642a0d9f0d8b3dc9392da5ec8ab9c8ead290bf5f028547e2895ca7b24e19106e0b93f033769e8cce9e3732f1a35a4837e669d5a321718c3d6c01426174dbaf14ec7ce683198aa318062c2579f7a6c858e2d34f01adfd19e9ee2e076d69f38f9aa19f162af005cfc84acfd787a0332e904dc5c3a66bbb9c4a284c5f091b9161108dc8b839591e213bea26749536b1df3769ab2359912f596f70dcd2fc17a297bdf6c93ff4fdfe2947432674ca26af50c866e10f0e764a7e797c8430edb14b31929b33e17c79aa9f276bed90322b1a5ebe906e61fbc299117c9395fc3f4ff092eeb81a9d5e7c2cfc80c52c54e8562919ae64354d810314efa30fc7635df1d1a66d64c216a4fae582452413372b66913ae2ecc6e611c476f7d02fc1c19ab3db9b20ff583a4c25cde8079e6bb9d6fe86bf96af7a43d53c0de0b7efc539ed649eab4e7fb80401cd3d66284ccef44e0b2e0558b25ec58bed1f421f97d14fbf6302a2fe12ef3f94f9f3c37c23bfc6bfd138a15d150288c8f2c054c9b36930fe1da0b3d5191db71ea961cb14bc143839684a22c30f0720c7ada5b17c2b8665646708223440436c19055df8c2149e12f65f47c72f14b7ec6588853e1c440eaac7dbbbd0219c2c4f45d376e978f10bef5d68ba54a6f05f63741a0602e51556c6f316daede280a3a3b6379cb859a4ed32af93edb508c3da586a5d4cd5be68c529c1028f6286cfabdc69f0be3c26158c25c3c178cac5e3ee1b10b059b4aa803dfafe76cf920fea66199bda9678f17893a210a97c5804d95510b0044c5ec7991a3124f92d67348f18c45f5dd39fdc85829009b6f3085f60fe785ff25ade5a0931aa4d56bdb96983bffdd2162be87c4c3cbdda782bec758fd14f411a41d54dd8cb7214d9e1a6acf10536fe667f8ff300e55ad35866d7993eefc0d98f359e3715fe76ad14185e0e40f68b3a5250beb7a951ff5d0b3061050890451a171f46e6f01b0c7be9eee169cf2ae2dd6a574d89ec1b964bfa094c1ee660d3bb006fc111c550140aeec9cae26fa899bd923b41ed0c89ebfda5f611568ea4fd34e5910c283676e94a522aababd203cf5568869318e4dd8f4f715357c867deba52b36f37b9aa467ad60ff30b65f8c46a94bb50811f9811702518d48e227d4b61dc34ec130b8674d3f2013b6b111f76b38ddc00cc24f4ed03874d13dbcc69dd9ac7744d76afa3e8df81da5c606c2276a2724574a0026d415c10df919fa6306ad1c2480efc183d0ed671b5134ceccdc91d740f034974b892a1719a9877562635da720c46367fb83ad2be7203b5575243f18d16f65eeb060a4d81dc1a70116c0582795a94705588f911625fae2f73f447253e0dda9b69a6b7daddb38b4cf66b58f2d59dbf2100f21c1ab4ebaedf653c9e7e7d1ccc837e26fd8a7d55108ddaea8f70466343b86d7372ee5306c72a5299fabe0391dd5320c7486c48911a5abf63be6858dba7a3d7278ea46a0b4274f4f5b7248dc99de728c49aa3e290639afbc55c38859bbe3596765f05860005b70ec621029878ed45b7f8b82466e0b6442eec77e011d9b2bf35ea1dae0617b099aa7746468b85b1738c3bc8aca1faa522435b3d8753ccf91f2140683fd3e071a0890c4905ab58c0ff75abe01f80ee0e182641de7922c06dcae28fe9b69a9e02cd076feb953746ab22bb01484389b27a621556caa3e3e8f551681cb157a43e9583f4d16ad798a54311bd9246d38a8e4b23be4543893f80e227743419cbb4be5a373efca15659542cb221e64cf0721ac3471e54fd770eb2ba04997d9caa9f95b31fcdd175c9c39721fa61bf73cff98367cd33e2de14d522d8c4443cd4c3563772832aea469cd3af293090f3bdda9f7457605b54c87224fc8baeac79d9a591ab5b4509a45f1acbc0ddab4120625caa7c125b45b3c456e72a85167c2de10377918b621732bbcd49976dcaa3127a6c1f596e7901893198f9fabd6a1ed2b59fbb94050a1b08c6d242a34d19b833b08d58a76e941ed56d253a976bcc85e97ed220bc591f379cf46c56228d92bfcf927004ae79ce36e409b30984bd5bc6a4e0c91ee612e7848cf83ce85889f7bfa979c13635dd3bb45ea22c20a7a15b4ecb69b7899ddb38f08763b89842c956df06d58a664c36b15e73d61462a08aab6b5cb90b6276cf1a9961468a8d0411a60aa3ca1d87b906c58cd253ef23580776835ad0d62fa7b3dac17b081d21b0bd416afc17b177e18469ee82dc1b3993d12a23ac0e72c64d54bc9df9d3458ff08009d5aa0456faa238362f9914a67d0f784a1fb30eb56372a764f53f71c7e7c57ea6ddc4992a9491eb4ac6d59a14a8f03b45f132b7e47761cd636fb9adbe6296e1e62eb87598301e2e00d077414b6e00d9e48f1738368d5e5e7c5b3fd7069e27dd23c43e0ee5b3d701880baf7d064508e2c27cdc7e9887b44824467c2a9439baf849968f5182c3c3085542c2144c08e278ab3827e84ca1a8d56747fe634e85e0a616062feae9a698b60179cf018578060dace5c9bd702868193e204a080e5a0ec246adb39f42bddcd9e57164042a73825579c2bcfb6e5c1c3dfa96f6a9ec946669c509c92e5a647bcb711f0505479e03d8317684c8cb70d118c26590d9366f6645f210709d808d899572119a70e1f84af51a867155a3ecaec20507a562d83d9e0ada0992830839ca3fdb47d35447e9c08ac3e2b188f061071416340c726ec4d221cb39af0d5759cfc228b7372bd2bbee458e60075e07448c6438a430910c0c4bac1b04f174e3b39fbaa42f1f95bf31243e5950a64186763e3918bac77cc69db3d285d5f6499df1f62e49ae7815248ff624161b4c2e0c16c9ce235e099556ef56fc30dee8b440f3103cf33db5239de6f0ad2c0085020ba6ffb7ee9d6e3b57a80599cc7b773ac21ea23750222afd1293176989eb8e7dbd28d0c45d7269a0ed82fd7a14223b7d32a33a58f1593823c99335c1b7907281b7f840b3bbf982bd9e8a685ab8384c0e2e18a78277363ca53cd6fa12b04eca7bfff75da42fd45825fee50af000be518fdc5df2734ed85b94863045158d34da68b2b0eca501564ff175f7a701f5bffa63ffd1e57103981128ab0195fc44784722d3a4ad8c5f228a7dbac33cf71a39645e58a97cc294d1b9d60f1c8495cbcf13a7d7555b04afe4a1e67d84afca1b1eead1d6176288ffee55dc25b7d9f8c4b88cdbc1ffbf5a9d025c3778bb71dd53cf91e55e2a45c99e9b9f540357c93a8c48171f429e528d983314bcc2c5c314726a0f6bb5e2a788c39d1b74815f8ac816a9f90fc27766c67dcd4dbf36cd8b6100183c1041813025062086b6a9cffba8b23b0b881fda79a1a0efbc87a8aa3a4bc8e77b5c274faf412c8bfb0736a498143f81f6bd369732e5a3c13f4a004a9941bf64ee0c39dcd0421593d88298813b83b2bcb9bfebf99aed0944814728ed990b1e576235cd2d7b5ec4065c978f79cfd9787987c6d4d1eaa8d7947148981247870cb415c8af5c3a209ef9926b7604b8567e8c8f084a066c82ca39349214ad275e9f5e521be1a294364b8338e8d03d0e72adcda6da33dd2c79bd0c60c4a0f7d8a43274c5e33590c1e811d52e2ef36600ff3d5b2d9829ea8f7d6ecf2dac604e04e43f7dbdfbd2e158f7bdb7c8d3ede6031d6419ac95e2f31cbf428b1ae2123532109d0df29701b9a5b075f6e3724e2cf2a27c4d4648270a4f548310b5dda6ffcc2c879bf04c7b2f176ddf55135a6d9957664c4ee9860226079ddf9ac752af3b3e6590b7bbb8dcd9cf8308cdbe51de17b4222c4ee1ab3509a02eb47f34c50496fc4fa6ee39eb6226518c4642684bdb5eaf519b90d81a2e0de1375847c4fa22f7d38811c487b6df7c5361de1339ad1e9224f8d6d63015bf0c0169f4f61e905180f4b815cf1b6b653d79ba5a26cebac25ac2b4937ac605cbcd47958d9b74ade0773f0431a831a6ab194f3011cf340cc535f31c1d79969888e31c210a9c53e8f22f5e1b39a2b98642a6ad234f28a53cc8e5e3d0b3522594502ee608db5e9d45589db01f3b4fea82ac457c1bae98673f99eb2df6c82ae8b396c01343b3d12d5b2dbf0945720e32a5736cd3eeef2364b8346f3a58749fba32ebcebdafa0f312d62030adcad15bb99e69aaaecb3bfa0f49b23a03540e8ac77d2f439f4d50568cf41e6a79b53b695e232c652fa74e3a35de95003faf8bb17659c6dc"}) 07:22:52 executing program 5: membarrier(0x4, 0x0) membarrier(0x2, 0x0) membarrier(0x40, 0x0) membarrier(0x8, 0x0) membarrier(0x1, 0x0) membarrier(0x0, 0x0) membarrier(0x4, 0x0) membarrier(0x40, 0x0) membarrier(0x0, 0x0) membarrier(0x0, 0x0) membarrier(0x8, 0x0) membarrier(0x1, 0x0) membarrier(0x1, 0x0) membarrier(0x20, 0x0) membarrier(0x1, 0x0) membarrier(0x40, 0x0) membarrier(0x0, 0x0) membarrier(0x10, 0x0) membarrier(0x2, 0x0) membarrier(0x1, 0x0) 07:22:52 executing program 6: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x602000, 0x0) sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0xc, 0x70bd27, 0x25dfdbfe, {0x1, 0x0, 0x1, 0x1}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4000010) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xac, 0x0, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2d}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3}, @NBD_ATTR_SOCKETS={0x34, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r0}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0xdc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x129}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0xac}, 0x1, 0x0, 0x0, 0x4004}, 0x240008d0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r2) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x3c, r3, 0x100, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x20044006) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r0) sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, r5, 0x100, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x0) r6 = signalfd4(r0, &(0x7f0000000580)={[0xff]}, 0x8, 0x100800) sendmsg$NL80211_CMD_START_NAN(r6, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x34, r5, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x8090}, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f00000006c0), 0x200040, 0x0) sendmsg$IPSET_CMD_CREATE(r6, 0x0, 0x40804) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000740), r2) sendmsg$NLBL_CALIPSO_C_LISTALL(r7, &(0x7f0000000800)={&(0x7f0000000700), 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x34, r8, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x5}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x2c, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x2}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x20000040) sendmsg$NLBL_CALIPSO_C_REMOVE(r7, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x3c, r8, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004800}, 0x800) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000a80)={'wg1\x00', {0x2, 0x0, @multicast1}}) 07:22:52 executing program 7: ioctl$EVIOCGKEYCODE_V2(0xffffffffffffffff, 0x80284504, &(0x7f0000000000)=""/150) ioctl$F2FS_IOC_WRITE_CHECKPOINT(0xffffffffffffffff, 0xf507, 0x0) setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f00000000c0)=0x800, 0x4) r0 = syz_open_dev$ptys(0xc, 0x3, 0x0) write$binfmt_elf32(r0, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x0, 0x2, 0x77, 0x14, 0x3, 0x3, 0x80, 0x7, 0x38, 0x3ba, 0x3, 0x2, 0x20, 0x2, 0x49e4, 0x3f, 0x3}, [{0x5, 0x4, 0x5, 0x7, 0x9, 0x7fffffff, 0xd6, 0x6}], "c9004fc4695c359e344de5128cf1eb009353fb6e836a6d475a52e428781adec6e9e10a0cb8b9e574f4d79bd497c8fc04fa54f427f7f11b1ee75caadb9c5e60be056fc114e49721b65cd5347612cdbf480032ca8c8eb8ceeac3d101effb5c516140568cd1ace7502f8f57a4c3f833cd80e525a9044b0a9b857d6a9b52c7e6a4be8480cbc119cabce51e1232cc90040e119be82f5340ad5ec5bb26d2432fd67f43693a887edcefcc72ceef90ef3820b224233bca5df9ac170ebcb26ad3c48576b97d2ebe", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x71b) r1 = syz_open_dev$vcsu(&(0x7f0000000840), 0x0, 0x400001) ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000000880)=""/217) r2 = syz_mount_image$tmpfs(&(0x7f0000000980), &(0x7f00000009c0)='./file0\x00', 0x100000001, 0x2, &(0x7f0000000b80)=[{&(0x7f0000000a00)="8689f605a36c2950eef8bc2cda19a64becdfc007f6146541dd5f02ce0794d843da63e91e8972a3ba91cb4011ec879ba518da78b73024c50ce8bcee939fc5029e8983f21f9399a341fdda63b1a6f0713af4da9548ef51e4", 0x57}, {&(0x7f0000000a80)="8d1b7314cfcabbe740643a8d36fe60ce3fac9888f3cc1f4b898f03f2a853afa774d066c7eb85ee5b535f3b6286d51fb603427dffad7a34780dce6b3f58634c014a496894afca59d5e3582339025663c6ba747dfd4ce671cc25324d85a00e58344e0b86850a139781e5dffe14b0a5253c88da089a54da8562d04236eed6f291c359f9efff24130b424642dce342088d56e4b7a6df850fc4c2b515b710709747bbc9fe6f73818d1664b8f8e398bf6417be1c48ffc3727da0aee507cf11f07869fff9199efbdc3e9c3be7028bc5118e46ff6c3261503f6f696f95041eaa30c42b6879e00b758fabb9e859788805da5eb0c839c62caa5167459c", 0xf8, 0x2}], 0x1009800, &(0x7f0000000bc0)={[{@gid={'gid', 0x3d, 0xffffffffffffffff}}, {@size={'size', 0x3d, [0x30, 0x34, 0x32]}}, {@uid={'uid', 0x3d, 0xffffffffffffffff}}, {@nr_blocks={'nr_blocks', 0x3d, [0x35]}}, {@gid={'gid', 0x3d, 0xee01}}, {@mpol={'mpol', 0x3d, {'interleave', '', @void}}}, {@nr_blocks={'nr_blocks', 0x3d, [0x32]}}, {@nr_inodes={'nr_inodes', 0x3d, [0x2d, 0x38]}}], [{@fowner_lt={'fowner<', 0xffffffffffffffff}}, {@fsmagic={'fsmagic', 0x3d, 0x1}}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@fowner_lt={'fowner<', 0xffffffffffffffff}}]}) tee(r2, r0, 0x7fd, 0xe) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000d00), r1) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000ec0)={&(0x7f0000000cc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000d40)={0x11c, r3, 0x800, 0x70bd27, 0x25dfdbfd, {}, [{{0x8}, {0x100, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6db}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}]}, 0x11c}, 0x1, 0x0, 0x0, 0x80}, 0x80) execveat(r2, &(0x7f0000000f00)='./file0\x00', &(0x7f0000000f80)=[&(0x7f0000000f40)='mcast_rejoin_interval\x00'], &(0x7f0000001080)=[&(0x7f0000000fc0)=',\x00', &(0x7f0000001000)='\x00', &(0x7f0000001040)='tmpfs\x00'], 0x1000) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f00000010c0)="16e8121ed1344da86265ca0610a359ae288963fa2215693918f3c062106d6672e130d3582a6e9bcf6d993477a26c10d87f7044ed38f322d597b28c13528f665c54a2f9c04a00db86eafd04740068748687b521c78f09d5d08028b43a78753e444693b3c5103e99724323241b860973e6b7a80400836a07ad0d5ac49c62029bc3be6007f97319754f4560f5ed711a9a40c0ccc527c0f505", 0x97) ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000001180)=""/139) ioctl$EVIOCGUNIQ(0xffffffffffffffff, 0x80404508, &(0x7f0000001240)=""/141) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001300), 0x329000, 0x0) ioctl$AUTOFS_IOC_CATATONIC(r4, 0x9362, 0x0) r5 = open(&(0x7f0000001340)='./file0\x00', 0x200000, 0x2) ioctl$CDROMMULTISESSION(r5, 0x5310, &(0x7f0000001380)={@lba, 0x1, 0x1}) [ 77.541507] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.543032] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.544776] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.546218] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.547594] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.548747] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.550721] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.553119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.554199] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.554781] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.557982] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.564590] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.565963] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.574185] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.589395] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.591017] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.592778] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 77.594638] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 77.595673] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 77.596328] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 77.598604] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.600405] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.601722] Bluetooth: hci1: HCI_REQ-0x0c1a [ 77.605606] Bluetooth: hci0: HCI_REQ-0x0c1a [ 77.606700] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.611691] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.613356] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.617153] Bluetooth: hci2: HCI_REQ-0x0c1a [ 77.625056] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.628927] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.632169] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.640348] Bluetooth: hci3: HCI_REQ-0x0c1a [ 77.653769] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 77.653869] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 77.656211] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 77.657781] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 77.658981] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 77.659128] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 77.666162] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 77.668440] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 77.670889] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 77.672192] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 77.672550] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 77.673712] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 77.675504] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 77.677026] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 77.678021] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 77.678182] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 77.680012] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 77.680711] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 77.682575] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 77.683297] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 77.687933] Bluetooth: hci7: HCI_REQ-0x0c1a [ 77.708589] Bluetooth: hci5: HCI_REQ-0x0c1a [ 77.709811] Bluetooth: hci6: HCI_REQ-0x0c1a [ 77.730818] Bluetooth: hci4: HCI_REQ-0x0c1a [ 79.670998] Bluetooth: hci3: command 0x0409 tx timeout [ 79.671033] Bluetooth: hci1: command 0x0409 tx timeout [ 79.672373] Bluetooth: hci0: command 0x0409 tx timeout [ 79.673681] Bluetooth: hci2: command 0x0409 tx timeout [ 79.734679] Bluetooth: hci5: command 0x0409 tx timeout [ 79.734700] Bluetooth: hci7: command 0x0409 tx timeout [ 79.799948] Bluetooth: hci4: command 0x0409 tx timeout [ 79.799978] Bluetooth: hci6: command 0x0409 tx timeout [ 81.718564] Bluetooth: hci0: command 0x041b tx timeout [ 81.718999] Bluetooth: hci2: command 0x041b tx timeout [ 81.719358] Bluetooth: hci1: command 0x041b tx timeout [ 81.720077] Bluetooth: hci3: command 0x041b tx timeout [ 81.782651] Bluetooth: hci5: command 0x041b tx timeout [ 81.783223] Bluetooth: hci7: command 0x041b tx timeout [ 81.846576] Bluetooth: hci6: command 0x041b tx timeout [ 81.847147] Bluetooth: hci4: command 0x041b tx timeout [ 83.766929] Bluetooth: hci3: command 0x040f tx timeout [ 83.767405] Bluetooth: hci1: command 0x040f tx timeout [ 83.768178] Bluetooth: hci2: command 0x040f tx timeout [ 83.768595] Bluetooth: hci0: command 0x040f tx timeout [ 83.830591] Bluetooth: hci7: command 0x040f tx timeout [ 83.831046] Bluetooth: hci5: command 0x040f tx timeout [ 83.895011] Bluetooth: hci4: command 0x040f tx timeout [ 83.895438] Bluetooth: hci6: command 0x040f tx timeout [ 85.814606] Bluetooth: hci0: command 0x0419 tx timeout [ 85.815092] Bluetooth: hci2: command 0x0419 tx timeout [ 85.815544] Bluetooth: hci1: command 0x0419 tx timeout [ 85.815953] Bluetooth: hci3: command 0x0419 tx timeout [ 85.878529] Bluetooth: hci5: command 0x0419 tx timeout [ 85.879013] Bluetooth: hci7: command 0x0419 tx timeout [ 85.942537] Bluetooth: hci6: command 0x0419 tx timeout [ 85.943008] Bluetooth: hci4: command 0x0419 tx timeout 07:23:50 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) r6 = signalfd(r3, &(0x7f00000004c0)={[0xffffffff]}, 0x8) ioctl$KDGKBTYPE(r6, 0x4b33, &(0x7f0000000500)) signalfd4(0xffffffffffffffff, &(0x7f0000000540)={[0x80000000]}, 0x8, 0x180000) 07:23:50 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) r6 = signalfd(r3, &(0x7f00000004c0)={[0xffffffff]}, 0x8) ioctl$KDGKBTYPE(r6, 0x4b33, &(0x7f0000000500)) signalfd4(0xffffffffffffffff, &(0x7f0000000540)={[0x80000000]}, 0x8, 0x180000) 07:23:50 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) r6 = signalfd(r3, &(0x7f00000004c0)={[0xffffffff]}, 0x8) ioctl$KDGKBTYPE(r6, 0x4b33, &(0x7f0000000500)) signalfd4(0xffffffffffffffff, &(0x7f0000000540)={[0x80000000]}, 0x8, 0x180000) 07:23:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) r6 = signalfd(r3, &(0x7f00000004c0)={[0xffffffff]}, 0x8) ioctl$KDGKBTYPE(r6, 0x4b33, &(0x7f0000000500)) 07:23:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) signalfd(r3, &(0x7f00000004c0)={[0xffffffff]}, 0x8) 07:23:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) 07:23:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) syz_open_pts(r3, 0x1) 07:23:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) [ 135.833120] loop2: detected capacity change from 0 to 264192 [ 135.872553] loop2: detected capacity change from 0 to 264192 [ 135.901808] loop2: detected capacity change from 0 to 264192 [ 135.931291] loop2: detected capacity change from 0 to 264192 [ 136.605523] syz-executor.1 (299) used greatest stack depth: 23904 bytes left [ 139.069683] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 139.085715] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 139.088321] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 139.090198] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 139.093928] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 139.095751] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 139.097156] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 139.100796] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.102575] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 139.105540] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 139.110354] Bluetooth: hci4: HCI_REQ-0x0c1a [ 139.110746] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 139.112726] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 139.120770] Bluetooth: hci3: HCI_REQ-0x0c1a [ 139.149408] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 139.156963] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 139.166188] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 139.168130] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 139.171222] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 139.190718] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 139.191956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 139.204922] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 139.207738] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 139.208916] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 139.213361] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 139.216125] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 139.217882] Bluetooth: hci6: HCI_REQ-0x0c1a [ 139.219535] Bluetooth: hci1: HCI_REQ-0x0c1a [ 141.174638] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 141.175906] Bluetooth: hci3: command 0x0409 tx timeout [ 141.176560] Bluetooth: hci4: command 0x0409 tx timeout [ 141.238546] Bluetooth: hci1: command 0x0409 tx timeout [ 141.239315] Bluetooth: hci6: command 0x0409 tx timeout [ 143.222580] Bluetooth: hci4: command 0x041b tx timeout [ 143.223011] Bluetooth: hci3: command 0x041b tx timeout [ 143.286595] Bluetooth: hci6: command 0x041b tx timeout [ 143.287000] Bluetooth: hci1: command 0x041b tx timeout [ 145.270637] Bluetooth: hci3: command 0x040f tx timeout [ 145.271402] Bluetooth: hci4: command 0x040f tx timeout [ 145.334685] Bluetooth: hci1: command 0x040f tx timeout [ 145.335356] Bluetooth: hci6: command 0x040f tx timeout [ 145.782604] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 147.318569] Bluetooth: hci4: command 0x0419 tx timeout [ 147.319411] Bluetooth: hci3: command 0x0419 tx timeout [ 147.382589] Bluetooth: hci6: command 0x0419 tx timeout [ 147.383397] Bluetooth: hci1: command 0x0419 tx timeout [ 150.326563] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 153.035744] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 153.049390] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 153.063717] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 153.066322] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 153.085191] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 153.091745] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 153.103021] Bluetooth: hci5: HCI_REQ-0x0c1a [ 155.126596] Bluetooth: hci5: command 0x0409 tx timeout [ 157.174572] Bluetooth: hci5: command 0x041b tx timeout [ 159.222569] Bluetooth: hci5: command 0x040f tx timeout [ 161.270532] Bluetooth: hci5: command 0x0419 tx timeout [ 185.419664] loop7: detected capacity change from 0 to 264192 [ 185.485625] loop7: detected capacity change from 0 to 264192 [ 188.854675] INFO: task rcu_gp:3 blocked for more than 143 seconds. [ 188.856047] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.857118] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.858848] task:rcu_gp state:I stack:30328 pid:3 ppid:2 flags:0x00004000 [ 188.861356] Call Trace: [ 188.861892] [ 188.862345] __schedule+0x893/0x2470 [ 188.863177] ? io_schedule_timeout+0x150/0x150 [ 188.864100] ? do_raw_spin_lock+0x121/0x260 [ 188.864992] ? rwlock_bug.part.0+0x90/0x90 [ 188.865907] schedule+0xda/0x1b0 [ 188.866640] rescuer_thread+0x851/0xdb0 [ 188.867435] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.868449] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.869503] ? lockdep_hardirqs_on+0x79/0x100 [ 188.870376] ? worker_thread+0x1260/0x1260 [ 188.871260] kthread+0x2ed/0x3a0 [ 188.871938] ? kthread_complete_and_exit+0x40/0x40 [ 188.872925] ret_from_fork+0x22/0x30 [ 188.873774] [ 188.874232] INFO: task rcu_par_gp:4 blocked for more than 143 seconds. [ 188.875503] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.876550] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.878002] task:rcu_par_gp state:I stack:30944 pid:4 ppid:2 flags:0x00004000 [ 188.879615] Call Trace: [ 188.880107] [ 188.880605] __schedule+0x893/0x2470 [ 188.881376] ? io_schedule_timeout+0x150/0x150 [ 188.882156] ? do_raw_spin_lock+0x121/0x260 [ 188.882871] ? rwlock_bug.part.0+0x90/0x90 [ 188.883553] schedule+0xda/0x1b0 [ 188.884129] rescuer_thread+0x851/0xdb0 [ 188.884803] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.885592] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.886632] ? lockdep_hardirqs_on+0x79/0x100 [ 188.887591] ? worker_thread+0x1260/0x1260 [ 188.888445] kthread+0x2ed/0x3a0 [ 188.889208] ? kthread_complete_and_exit+0x40/0x40 [ 188.890277] ret_from_fork+0x22/0x30 [ 188.891130] [ 188.891661] INFO: task slub_flushwq:5 blocked for more than 143 seconds. [ 188.892849] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.893965] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.895601] task:slub_flushwq state:I stack:30944 pid:5 ppid:2 flags:0x00004000 [ 188.897305] Call Trace: [ 188.897896] [ 188.898372] __schedule+0x893/0x2470 [ 188.899215] ? io_schedule_timeout+0x150/0x150 [ 188.900193] ? do_raw_spin_lock+0x121/0x260 [ 188.901134] ? rwlock_bug.part.0+0x90/0x90 [ 188.902086] schedule+0xda/0x1b0 [ 188.902835] rescuer_thread+0x851/0xdb0 [ 188.903720] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.904745] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.905792] ? lockdep_hardirqs_on+0x79/0x100 [ 188.906724] ? worker_thread+0x1260/0x1260 [ 188.907616] kthread+0x2ed/0x3a0 [ 188.908299] ? kthread_complete_and_exit+0x40/0x40 [ 188.909312] ret_from_fork+0x22/0x30 [ 188.910160] [ 188.910664] INFO: task netns:6 blocked for more than 143 seconds. [ 188.911871] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.912931] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.914417] task:netns state:I stack:30944 pid:6 ppid:2 flags:0x00004000 [ 188.916048] Call Trace: [ 188.916608] [ 188.917070] __schedule+0x893/0x2470 [ 188.917901] ? io_schedule_timeout+0x150/0x150 [ 188.918920] ? do_raw_spin_lock+0x121/0x260 [ 188.919827] ? rwlock_bug.part.0+0x90/0x90 [ 188.920736] schedule+0xda/0x1b0 [ 188.921425] rescuer_thread+0x851/0xdb0 [ 188.922269] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.923299] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.924321] ? lockdep_hardirqs_on+0x79/0x100 [ 188.925250] ? worker_thread+0x1260/0x1260 [ 188.926156] kthread+0x2ed/0x3a0 [ 188.926902] ? kthread_complete_and_exit+0x40/0x40 [ 188.927930] ret_from_fork+0x22/0x30 [ 188.928786] [ 188.929262] INFO: task kworker/0:0:7 blocked for more than 143 seconds. [ 188.930555] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.931601] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.933098] task:kworker/0:0 state:I stack:29592 pid:7 ppid:2 flags:0x00004000 [ 188.934725] Workqueue: 0x0 (ata_sff) [ 188.935415] Call Trace: [ 188.935925] [ 188.936340] __schedule+0x893/0x2470 [ 188.937092] ? io_schedule_timeout+0x150/0x150 [ 188.937986] schedule+0xda/0x1b0 [ 188.938647] worker_thread+0x15f/0x1260 [ 188.939407] ? process_one_work+0x16a0/0x16a0 [ 188.940263] kthread+0x2ed/0x3a0 [ 188.940964] ? kthread_complete_and_exit+0x40/0x40 [ 188.941977] ret_from_fork+0x22/0x30 [ 188.942795] [ 188.943265] INFO: task kworker/0:0H:8 blocked for more than 143 seconds. [ 188.944583] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.945654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.947137] task:kworker/0:0H state:I stack:28952 pid:8 ppid:2 flags:0x00004000 [ 188.948783] Workqueue: 0x0 (kblockd) [ 188.949617] Call Trace: [ 188.950123] [ 188.950606] __schedule+0x893/0x2470 [ 188.951272] ? io_schedule_timeout+0x150/0x150 [ 188.952141] schedule+0xda/0x1b0 [ 188.952798] worker_thread+0x15f/0x1260 [ 188.953588] ? process_one_work+0x16a0/0x16a0 [ 188.954407] kthread+0x2ed/0x3a0 [ 188.955047] ? kthread_complete_and_exit+0x40/0x40 [ 188.955972] ret_from_fork+0x22/0x30 [ 188.956692] [ 188.962286] INFO: task mm_percpu_wq:10 blocked for more than 143 seconds. [ 188.963507] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.964447] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.965836] task:mm_percpu_wq state:I stack:30944 pid:10 ppid:2 flags:0x00004000 [ 188.967217] Call Trace: [ 188.967855] [ 188.968262] __schedule+0x893/0x2470 [ 188.968956] ? io_schedule_timeout+0x150/0x150 [ 188.969776] ? do_raw_spin_lock+0x121/0x260 [ 188.970549] ? rwlock_bug.part.0+0x90/0x90 [ 188.971279] schedule+0xda/0x1b0 [ 188.971912] rescuer_thread+0x851/0xdb0 [ 188.972632] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.973534] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.974398] ? lockdep_hardirqs_on+0x79/0x100 [ 188.975201] ? worker_thread+0x1260/0x1260 [ 188.975966] kthread+0x2ed/0x3a0 [ 188.976596] ? kthread_complete_and_exit+0x40/0x40 [ 188.977421] ret_from_fork+0x22/0x30 [ 188.978149] [ 188.978595] INFO: task rcu_tasks_kthre:11 blocked for more than 143 seconds. [ 188.979768] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.980710] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.981998] task:rcu_tasks_kthre state:I stack:29080 pid:11 ppid:2 flags:0x00004000 [ 188.983397] Call Trace: [ 188.983871] [ 188.984277] __schedule+0x893/0x2470 [ 188.984965] ? io_schedule_timeout+0x150/0x150 [ 188.985810] ? mark_held_locks+0x9e/0xe0 [ 188.986535] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.987381] schedule+0xda/0x1b0 [ 188.988005] rcu_tasks_one_gp+0x3db/0xc10 [ 188.988771] rcu_tasks_kthread+0x80/0xa0 [ 188.989516] ? rcu_tasks_postscan+0x10/0x10 [ 188.990251] kthread+0x2ed/0x3a0 [ 188.990873] ? kthread_complete_and_exit+0x40/0x40 [ 188.991735] ret_from_fork+0x22/0x30 [ 188.992400] [ 188.992845] INFO: task kworker/1:0H:21 blocked for more than 143 seconds. [ 188.993988] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.994887] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.996160] task:kworker/1:0H state:I stack:29760 pid:21 ppid:2 flags:0x00004000 [ 188.997551] Workqueue: 0x0 (events_highpri) [ 188.998293] Call Trace: [ 188.998768] [ 188.999172] __schedule+0x893/0x2470 [ 188.999857] ? io_schedule_timeout+0x150/0x150 [ 189.000682] schedule+0xda/0x1b0 [ 189.001274] worker_thread+0x15f/0x1260 [ 189.002025] ? process_one_work+0x16a0/0x16a0 [ 189.002818] kthread+0x2ed/0x3a0 [ 189.003416] ? kthread_complete_and_exit+0x40/0x40 [ 189.004284] ret_from_fork+0x22/0x30 [ 189.004986] [ 189.005388] INFO: task inet_frag_wq:23 blocked for more than 143 seconds. [ 189.006532] Not tainted 6.0.0-rc7-next-20220930 #1 [ 189.007392] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 189.008672] task:inet_frag_wq state:I stack:30704 pid:23 ppid:2 flags:0x00004000 [ 189.010094] Call Trace: [ 189.010564] [ 189.010961] __schedule+0x893/0x2470 [ 189.011649] ? io_schedule_timeout+0x150/0x150 [ 189.012412] ? do_raw_spin_lock+0x121/0x260 [ 189.013181] ? rwlock_bug.part.0+0x90/0x90 [ 189.013968] schedule+0xda/0x1b0 [ 189.014593] rescuer_thread+0x851/0xdb0 [ 189.015272] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 189.016141] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 189.017012] ? lockdep_hardirqs_on+0x79/0x100 [ 189.017822] ? worker_thread+0x1260/0x1260 [ 189.018578] kthread+0x2ed/0x3a0 [ 189.019157] ? kthread_complete_and_exit+0x40/0x40 [ 189.020010] ret_from_fork+0x22/0x30 [ 189.020703] [ 189.021170] [ 189.021170] Showing all locks held in the system: [ 189.022229] 1 lock held by rcu_tasks_kthre/11: [ 189.023000] #0: ffffffff85406850 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10 [ 189.024601] 1 lock held by khungtaskd/26: [ 189.025263] #0: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 189.026780] 1 lock held by in:imklog/188: [ 189.027442] #0: ffff8880099f80e8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe7/0x100 [ 189.028906] 4 locks held by syz-executor/6224: [ 189.029703] [ 189.029996] ============================================= [ 189.029996] [ 198.077188] audit: type=1400 audit(1664609094.282:7): avc: denied { open } for pid=6225 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 07:24:54 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf, [0x2, 0x156280000000000, 0x0, 0x1, 0x7a]}) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x9, 0x2, 0x3f, 0x8, 0x0, 0xffffffffffff8bd7, 0x382, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={&(0x7f0000000000), 0x2}, 0x18240, 0xfffffffffffffffa, 0x81, 0x4, 0x2, 0x200, 0x200, 0x0, 0x9, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r1, 0x4004662b, &(0x7f0000000340)) 07:24:54 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) 07:24:54 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @broadcast}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x1) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r3 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200041, 0x9) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x20000051) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x404002, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0xf505, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000340)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f00000003c0)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @a}) r5 = syz_open_pts(r3, 0x1) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000480)={0x6, 0x919, 0x151, 0xccae}) signalfd(r3, &(0x7f00000004c0)={[0xffffffff]}, 0x8) 07:24:54 executing program 1: syz_usb_connect(0x0, 0x24, &(0x7f0000000ec0)={{0x12, 0x1, 0x0, 0x73, 0x3, 0x3f, 0x0, 0x5ac, 0x1204, 0x6b89, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3b, 0x12, 0x3}}]}}]}}, 0x0) syz_usb_connect$cdc_ncm(0x4, 0x87, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x75, 0x2, 0x1, 0x80, 0x10, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "17909c9372ec"}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x1, 0x7ff, 0x5}, {0x6, 0x24, 0x1a, 0x5, 0x10}, [@mbim_extended={0x8, 0x24, 0x1c, 0xce7c, 0x3, 0xffff}, @acm={0x4, 0x24, 0x2, 0x1}, @dmm={0x7, 0x24, 0x14, 0x45, 0x56d1}]}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0x6, 0x1f, 0x77}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x2, 0x9, 0xf8}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x3, 0x7f}}}}}}}]}}, &(0x7f00000003c0)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x200, 0x6, 0x5, 0x9, 0x20, 0x3}, 0x2f, &(0x7f0000000100)={0x5, 0xf, 0x2f, 0x4, [@ssp_cap={0xc, 0x10, 0xa, 0x73, 0x0, 0xffff, 0x0, 0x7}, @ext_cap={0x7, 0x10, 0x2, 0x1e, 0x7, 0xf, 0x9}, @ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "4648cc3946e08a26f394dbefef814bdd"}]}, 0x9, [{0x1f, &(0x7f0000000140)=@string={0x1f, 0x3, "7dd1468077d12d025c19a5836bd7e097909f4d9002ddd6bd324baf9562"}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0xc0c}}, {0x39, &(0x7f00000001c0)=@string={0x39, 0x3, "7ed894e0a26423ce780f5f5fd2b567628a01b3206363e1f5de3cd1c6b4d96b72bcc5639da5ef509a327bc78dd91c134ea3913189d32713"}}, {0x33, &(0x7f0000000200)=@string={0x33, 0x3, "e8d12325020248d02c436f20c1a82ececafda7427205d498d06b20e062c56bdff054f12c68ee8c41eb099fba451fd6580d"}}, {0x46, &(0x7f0000000240)=@string={0x46, 0x3, "d70204a2bef0194c8d1342c03d3a48afa219d6db7ad129956e77b575b15c4375baa1120f280e22ea263c96d0dd01181f6971ae4293497a8625aee0cddedce304792f8222"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x3001}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x81d}}, {0x18, &(0x7f0000000340)=@string={0x18, 0x3, "94f4762a3ac04909e53a6c93ed6064fe77c5336e7d8f"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x40b}}]}) 07:24:54 executing program 6: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x14d882, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) bind$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r3, 0x400, 0x0) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 07:24:54 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$nl_netfilter(r2, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000005c0)={&(0x7f00000000c0)={0x4f0, 0x1, 0x6, 0x3, 0x70bd29, 0x25dfdbfc, {0x7, 0x0, 0x5}, [@typed={0x8, 0x2a, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x31}}, @nested={0x1a, 0x59, 0x0, 0x1, [@generic="d04cb8dd5d858cfe4be7fc77711f6595d8fb0f98043a"]}, @generic="eddf3708338975403f44cdd3f32ec0a81627e69c4b718d3e99844c41407e5f8cafa6890d8009481bd4e5c7ace3684154d4317dfcd190d87c52c0c1742c5bd95527e7a4d32303be64203d3b9afae402f39980e6d0c350b113e987611c78743e579efb2141866a3e5785c81a55d25856ab07b2e6d1d661c4c38d0057e009e21c9273dd59bb7604df5988185126e98c0e7baa6125267bbe3bbe43bfcfe87ac744fe01ae9de532f70d1c7745f38e3eb5f7a430a3ad49f4c4bdf9bd21bcf8e74611775e7e4eeef9a29d6a0395f7a71ef8d07b9c8af7990f1bcf6233", @typed={0x8, 0x43, 0x0, 0x0, @pid}, @nested={0x1a4, 0x11, 0x0, 0x1, [@generic="6aba3eab5373fde7951b954735f467177eab26d65b73298f8df26218adb48df20579333c225e703f6b614f480b16d45cc909d4bfe7e3addb518ae4904a3c43c40934df1ba233ead709f1a9043691b6c4ef12392d65a547bfd261c8034df4fdb202018020974c8bad3bc8c41ecd14d1046572754ab6e7460dc15a14f3b04a2e370df5d701c313f3eed1dcbae19ccc9a8dd7cbe9b2832abec4adccaa1078160a7a5e5784c01f0b29b8c82d57f332e58456b529d2b9", @generic, @generic="40be8d1fca2ca7a24dce2355df4a44780c008eeccd4784528514801ef119d5cb2e7df1d79d2c34b339845501a38a21d135d10de0b85482fe9ade8d50cbe92da93d685ff35c34d8a8221d13efae806c03772099cf2efbfd15f6537e67e59cc21322db869a4091092b84428e5c7213a1de62a5eb4e8ae4295bbf310f41bf3b59fbde09a05a8fba20551bba6af8c3e6fcbbdcfb6197f521228ec0de668a2f624828563edd31a04ec829db8017ae6120acb198d136d76a3ef147", @typed={0x8, 0x23, 0x0, 0x0, @fd=r0}, @typed={0x8, 0x95, 0x0, 0x0, @u32=0x7f}, @typed={0x8, 0x3e, 0x0, 0x0, @fd=r1}, @typed={0x4, 0x5e}, @typed={0x8, 0x10, 0x0, 0x0, @fd}, @typed={0x8, 0x10, 0x0, 0x0, @ipv4=@multicast1}, @typed={0x8, 0x88, 0x0, 0x0, @ipv4=@multicast2}]}, @nested={0x22d, 0x2c, 0x0, 0x1, [@generic="f6b6f7b44c055f6ee10f1e3582f75c4ccb1b779742ce83585594c9eadb47229b560078ac1d9bb15cc9e653b110b0c0145e8c27b91ed2ee3bc5795dfb416111d42838aa949e232c61872ceeaf2bd6fcb4071eec184d4c832e28d2ee5c56f5828c9a2ff7bfbb12410a607bdee45f195aaa924b5fdb603913526371c47ddd6f8b3245491efaef0036f4403eee130fca4685c3c96fb82583f1b28405789613acba773e9b6b1972aaa59a3810975da1f82e5fb87e9b7eeb0d5eb8cf025d396b07904969f1952a19c5f203259ed675b498be72322ed7711bbc2a6a47b049e61668e13c8886fd0ab68742d678b48fa32f4189cc742e6a", @generic="80b5946a7d670cd9fbaa717e895dbe382d90dc27e85138c39d00fe70154f380d246a9799d84c8c752941d122d1a16afb00124ad2e8812a9ad4416583a81bf9ecbe063b132bccbe103fade2a6117a3e33520d2cdf4e282abe52e872546c5ecd23782e04114ec0e5fce3dd6d5ca0ebb32bda", @generic="ff9899bf5575e8ce089fe1d92631b8e1e7e1", @generic="2ad88e4974d1b3b77b370034d7a0b9f62573d6534a7f318f936754e0cd76b4b5940fa8f3ca7757923271c05e73751d4d1407f8bcc1342d159e5e1e0c533a9d59c554d9a0293ec973e9e7324a8690a9e4c2e9b8babe059adca164464b880e85cf96dc71201e406ecff0777c74ac9577d220de9825e8c96d12771c4c71f78752b5425ebe3a5dd20e56ac0add2c80c0c48c284f885d21eb1b160d94ef127dc2b6f819d66e0bb1e257c92777b5eb2260b42cacd968"]}]}, 0x4f0}, 0x1, 0x0, 0x0, 0x11}, 0x8000) syz_open_procfs(0xffffffffffffffff, &(0x7f00000008c0)='smaps_rollup\x00') 07:24:54 executing program 2: socket$inet_udp(0x2, 0x2, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) getxattr(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140)=@random={'trusted.', '$u\x00'}, &(0x7f0000000180)=""/56, 0x38) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@nodevmap}]}}) 07:24:54 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_audit(0x10, 0x3, 0x9) r2 = dup2(r0, r1) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) setsockopt$inet6_udp_int(r4, 0x11, 0x67, &(0x7f0000000040)=0x20, 0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) fcntl$setlease(r5, 0x400, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r5, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0xffff, 0xfe}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000280)={'syztnl2\x00', r6, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @empty}}) [ 198.082974] audit: type=1400 audit(1664609094.283:8): avc: denied { kernel } for pid=6225 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 198.109555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 198.114099] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 198.118366] ------------[ cut here ]------------ [ 198.118393] [ 198.118397] ====================================================== [ 198.118402] WARNING: possible circular locking dependency detected [ 198.118407] 6.0.0-rc7-next-20220930 #1 Not tainted [ 198.118418] ------------------------------------------------------ [ 198.118422] syz-executor.6/6239 is trying to acquire lock: [ 198.118432] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 198.118493] [ 198.118493] but task is already holding lock: [ 198.118497] ffff88800ef2ec20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 198.118538] [ 198.118538] which lock already depends on the new lock. [ 198.118538] [ 198.118542] [ 198.118542] the existing dependency chain (in reverse order) is: [ 198.118547] [ 198.118547] -> #3 (&ctx->lock){....}-{2:2}: [ 198.118569] _raw_spin_lock+0x2a/0x40 [ 198.118586] __perf_event_task_sched_out+0x53b/0x18d0 [ 198.118604] __schedule+0xedd/0x2470 [ 198.118626] schedule+0xda/0x1b0 [ 198.118647] exit_to_user_mode_prepare+0x114/0x1a0 [ 198.118666] syscall_exit_to_user_mode+0x19/0x40 [ 198.118686] do_syscall_64+0x48/0x90 [ 198.118712] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 198.118732] [ 198.118732] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 198.118754] _raw_spin_lock_nested+0x30/0x40 [ 198.118770] raw_spin_rq_lock_nested+0x1e/0x30 [ 198.118790] task_fork_fair+0x63/0x4d0 [ 198.118816] sched_cgroup_fork+0x3d0/0x540 [ 198.118838] copy_process+0x4183/0x6e20 [ 198.118854] kernel_clone+0xe7/0x890 [ 198.118869] user_mode_thread+0xad/0xf0 [ 198.118886] rest_init+0x24/0x250 [ 198.118904] arch_call_rest_init+0xf/0x14 [ 198.118930] start_kernel+0x4c6/0x4eb [ 198.118955] secondary_startup_64_no_verify+0xe0/0xeb [ 198.118976] [ 198.118976] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 198.118998] _raw_spin_lock_irqsave+0x39/0x60 [ 198.119015] try_to_wake_up+0xab/0x1930 [ 198.119036] up+0x75/0xb0 [ 198.119058] __up_console_sem+0x6e/0x80 [ 198.119082] console_unlock+0x46a/0x590 [ 198.119107] do_con_write+0xc05/0x1d50 [ 198.119123] con_write+0x21/0x40 [ 198.119137] n_tty_write+0x4d4/0xfe0 [ 198.119156] file_tty_write.constprop.0+0x455/0x8a0 [ 198.119174] vfs_write+0x9c3/0xd90 [ 198.119199] ksys_write+0x127/0x250 [ 198.119223] do_syscall_64+0x3b/0x90 [ 198.119250] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 198.119270] [ 198.119270] -> #0 ((console_sem).lock){....}-{2:2}: [ 198.119291] __lock_acquire+0x2a02/0x5e70 [ 198.119317] lock_acquire+0x1a2/0x530 [ 198.119342] _raw_spin_lock_irqsave+0x39/0x60 [ 198.119359] down_trylock+0xe/0x70 [ 198.119383] __down_trylock_console_sem+0x3b/0xd0 [ 198.119408] vprintk_emit+0x16b/0x560 [ 198.119434] vprintk+0x84/0xa0 [ 198.119459] _printk+0xba/0xf1 [ 198.119477] report_bug.cold+0x72/0xab [ 198.119502] handle_bug+0x3c/0x70 [ 198.119528] exc_invalid_op+0x14/0x50 [ 198.119555] asm_exc_invalid_op+0x16/0x20 [ 198.119574] group_sched_out.part.0+0x2c7/0x460 [ 198.119602] ctx_sched_out+0x8f1/0xc10 [ 198.119628] __perf_event_task_sched_out+0x6d0/0x18d0 [ 198.119645] __schedule+0xedd/0x2470 [ 198.119667] schedule+0xda/0x1b0 [ 198.119688] exit_to_user_mode_prepare+0x114/0x1a0 [ 198.119705] syscall_exit_to_user_mode+0x19/0x40 [ 198.119725] do_syscall_64+0x48/0x90 [ 198.119752] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 198.119772] [ 198.119772] other info that might help us debug this: [ 198.119772] [ 198.119776] Chain exists of: [ 198.119776] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 198.119776] [ 198.119799] Possible unsafe locking scenario: [ 198.119799] [ 198.119803] CPU0 CPU1 [ 198.119806] ---- ---- [ 198.119810] lock(&ctx->lock); [ 198.119818] lock(&rq->__lock); [ 198.119828] lock(&ctx->lock); [ 198.119838] lock((console_sem).lock); [ 198.119847] [ 198.119847] *** DEADLOCK *** [ 198.119847] [ 198.119850] 2 locks held by syz-executor.6/6239: [ 198.119860] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 198.119907] #1: ffff88800ef2ec20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 198.119949] [ 198.119949] stack backtrace: [ 198.119953] CPU: 1 PID: 6239 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 198.119972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 198.119985] Call Trace: [ 198.119989] [ 198.119995] dump_stack_lvl+0x8b/0xb3 [ 198.120024] check_noncircular+0x263/0x2e0 [ 198.120050] ? format_decode+0x26c/0xb50 [ 198.120075] ? print_circular_bug+0x450/0x450 [ 198.120102] ? simple_strtoul+0x30/0x30 [ 198.120128] ? format_decode+0x26c/0xb50 [ 198.120155] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 198.120183] __lock_acquire+0x2a02/0x5e70 [ 198.120217] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 198.120253] lock_acquire+0x1a2/0x530 [ 198.120280] ? down_trylock+0xe/0x70 [ 198.120307] ? lock_release+0x750/0x750 [ 198.120339] ? vprintk+0x84/0xa0 [ 198.120368] _raw_spin_lock_irqsave+0x39/0x60 [ 198.120386] ? down_trylock+0xe/0x70 [ 198.120411] down_trylock+0xe/0x70 [ 198.120437] ? vprintk+0x84/0xa0 [ 198.120463] __down_trylock_console_sem+0x3b/0xd0 [ 198.120491] vprintk_emit+0x16b/0x560 [ 198.120521] vprintk+0x84/0xa0 [ 198.120549] _printk+0xba/0xf1 [ 198.120567] ? record_print_text.cold+0x16/0x16 [ 198.120592] ? report_bug.cold+0x66/0xab [ 198.120621] ? group_sched_out.part.0+0x2c7/0x460 [ 198.120650] report_bug.cold+0x72/0xab [ 198.120680] handle_bug+0x3c/0x70 [ 198.120708] exc_invalid_op+0x14/0x50 [ 198.120736] asm_exc_invalid_op+0x16/0x20 [ 198.120757] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 198.120789] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 198.120807] RSP: 0018:ffff888037f5fc48 EFLAGS: 00010006 [ 198.120821] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.120833] RDX: ffff888015fb9ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 198.120845] RBP: ffff888037f80000 R08: 0000000000000005 R09: 0000000000000001 [ 198.120857] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800ef2ec00 [ 198.120869] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 198.120886] ? group_sched_out.part.0+0x2c7/0x460 [ 198.120918] ? group_sched_out.part.0+0x2c7/0x460 [ 198.120950] ctx_sched_out+0x8f1/0xc10 [ 198.120981] __perf_event_task_sched_out+0x6d0/0x18d0 [ 198.121003] ? lock_is_held_type+0xd7/0x130 [ 198.121025] ? __perf_cgroup_move+0x160/0x160 [ 198.121042] ? set_next_entity+0x304/0x550 [ 198.121070] ? update_curr+0x267/0x740 [ 198.121099] ? lock_is_held_type+0xd7/0x130 [ 198.121122] __schedule+0xedd/0x2470 [ 198.121149] ? io_schedule_timeout+0x150/0x150 [ 198.121175] ? rcu_read_lock_sched_held+0x3e/0x80 [ 198.121208] schedule+0xda/0x1b0 [ 198.121231] exit_to_user_mode_prepare+0x114/0x1a0 [ 198.121251] syscall_exit_to_user_mode+0x19/0x40 [ 198.121273] do_syscall_64+0x48/0x90 [ 198.121301] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 198.121322] RIP: 0033:0x7f5821cf3b19 [ 198.121335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 198.121352] RSP: 002b:00007f581f269218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 198.121369] RAX: 0000000000000001 RBX: 00007f5821e06f68 RCX: 00007f5821cf3b19 [ 198.121381] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5821e06f6c [ 198.121392] RBP: 00007f5821e06f60 R08: 000000000000000e R09: 0000000000000000 [ 198.121404] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f5821e06f6c [ 198.121415] R13: 00007ffd75d6b2bf R14: 00007f581f269300 R15: 0000000000022000 [ 198.121436] [ 198.124471] hrtimer: interrupt took 15208 ns [ 198.124650] WARNING: CPU: 1 PID: 6239 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 198.162409] audit: type=1400 audit(1664609094.339:9): avc: denied { write } for pid=6225 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 198.162858] Modules linked in: [ 198.162867] CPU: 1 PID: 6239 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1 [ 198.162887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 198.210425] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 198.211031] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 198.212992] RSP: 0018:ffff888037f5fc48 EFLAGS: 00010006 [ 198.213571] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.214354] RDX: ffff888015fb9ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 198.215135] RBP: ffff888037f80000 R08: 0000000000000005 R09: 0000000000000001 [ 198.215917] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800ef2ec00 [ 198.216695] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 198.217492] FS: 00007f581f269700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 198.218381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.219009] CR2: 0000001b31022000 CR3: 000000000ded8000 CR4: 0000000000350ee0 [ 198.219777] Call Trace: [ 198.220063] [ 198.220320] ctx_sched_out+0x8f1/0xc10 [ 198.220769] __perf_event_task_sched_out+0x6d0/0x18d0 [ 198.221345] ? lock_is_held_type+0xd7/0x130 [ 198.221831] ? __perf_cgroup_move+0x160/0x160 [ 198.222333] ? set_next_entity+0x304/0x550 [ 198.222809] ? update_curr+0x267/0x740 [ 198.223255] ? lock_is_held_type+0xd7/0x130 [ 198.223731] __schedule+0xedd/0x2470 [ 198.224151] ? io_schedule_timeout+0x150/0x150 [ 198.224672] ? rcu_read_lock_sched_held+0x3e/0x80 [ 198.225221] schedule+0xda/0x1b0 [ 198.225620] exit_to_user_mode_prepare+0x114/0x1a0 [ 198.226172] syscall_exit_to_user_mode+0x19/0x40 [ 198.226706] do_syscall_64+0x48/0x90 [ 198.227123] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 198.227690] RIP: 0033:0x7f5821cf3b19 [ 198.228111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 198.230094] RSP: 002b:00007f581f269218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 198.230921] RAX: 0000000000000001 RBX: 00007f5821e06f68 RCX: 00007f5821cf3b19 [ 198.231697] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5821e06f6c [ 198.232461] RBP: 00007f5821e06f60 R08: 000000000000000e R09: 0000000000000000 [ 198.233230] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f5821e06f6c [ 198.234018] R13: 00007ffd75d6b2bf R14: 00007f581f269300 R15: 0000000000022000 [ 198.234799] [ 198.235064] irq event stamp: 224 [ 198.235430] hardirqs last enabled at (223): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 198.236436] hardirqs last disabled at (224): [] __schedule+0x1225/0x2470 [ 198.237336] softirqs last enabled at (88): [] __irq_exit_rcu+0x11b/0x180 [ 198.238248] softirqs last disabled at (83): [] __irq_exit_rcu+0x11b/0x180 [ 198.239173] ---[ end trace 0000000000000000 ]--- 07:24:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x1d, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000000000004000000000002000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b0000000001000018000000c28500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e37313332313635343500"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000f2a953140c764271ad9be301789147cf010040000c00000000000000d1f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000500400000000000000000000000000000003100000000000000", 0x40, 0x540}, {&(0x7f0000010300)="03000000040000000500000019000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010400)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d1f4655fd1f4655fd1f4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010d00)="ed41000000040000d1f4655fd1f4655fd1f4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x1500}, {&(0x7f0000010e00)="20000000e85575eae85575ea00000000d1f4655f00"/32, 0x20, 0x1580}, {&(0x7f0000010f00)="8081000000300404d1f4655fd1f4655fd1f4655f00000000000001002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d1f4655f00"/160, 0xa0, 0x1a00}, {&(0x7f0000011000)="c0410000002c0000d1f4655fd1f4655fd1f4655f00000000000002002000000000000800000000000af301000400000000000000000000000b00000020000000", 0x40, 0x1e00}, {&(0x7f0000011100)="20000000000000000000000000000000d1f4655f000000000000000000000000000002ea00"/64, 0x40, 0x1e80}, {&(0x7f0000011200)="ed4100003c000000d1f4655fd1f4655fd1f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c6531000000000000000000000000000000000000000000000000000000d908479700000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x1f00}, {&(0x7f0000011300)="ed8100001a040000d1f4655fd1f4655fd1f4655f00000000000001002000000000000800010000000af30100040000000000000000000000020000005000000000000000000000000000000000000000000000000000000000000000000000000000000090dc20e700000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000", 0xa0, 0x2000}, {&(0x7f0000011400)="ffa1000026000000d1f4655fd1f4655fd1f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3731333231363534352f66696c65302f66696c65300000000000000000000000000000000000000000000009d0860300000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000", 0xa0, 0x2100}, {&(0x7f0000011500)="ed8100000a000000d1f4655fd1f4655fd1f4655f000000000000010000000000000000100100000073797a6b616c6c6572730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000224d02d700000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000d1f4655fd1f4655fd1f4655f00000000000002002000000000000800010000000af3010004000000000000000000000009000000600000000000000000000000000000000000000000000000000000000000000000000000000000004076a5e500000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000", 0x1a0, 0x2200}, {&(0x7f0000011700)="ed81000064000000d1f4655fd1f4655fd1f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cf3954fe900000000000000000000000000000000000000000000000020000000e85575eae85575eae85575ead1f4655fe85575ea0000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x2400}, {&(0x7f0000011800)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000011900)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8030000", 0x20, 0x8000}, {&(0x7f0000011a00)="00000000000400"/32, 0x20, 0x8400}, {&(0x7f0000011b00)="00000000000400"/32, 0x20, 0x8800}, {&(0x7f0000011c00)="00000000000400"/32, 0x20, 0x8c00}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x9000}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x9400}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x9800}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x9c00}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0xa000}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0xa400}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0xa800}, {&(0x7f0000012400)="504d4d00504d4dffd1f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033310075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x10000}, {&(0x7f0000012500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x14000}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00b547b16c014d14b2499f6a09b9632c915a1cd75aac3d2247d0b84249aef9e4f3e2b9faffffffc3fcdbdfbb5aac76617b263a923546c0ee7cf495fb7539b28e1f5e1e6af16eac9216bf55030ba37269bdb2fcc14017fb85bb056014b569f7a9"]) [ 198.307622] loop5: detected capacity change from 0 to 1024 [ 198.331804] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 198.396436] EXT4-fs (loop5): unmounting filesystem. [ 198.769769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 198.771400] misc raw-gadget: fail, usb_gadget_register_driver returned -16 VM DIAGNOSIS: 07:24:45 Registers: info registers vcpu 0 RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff8880087af988 R8 =0000000000000001 R9 =000000000000000a R10=000000000000003a R11=0000000000000001 R12=000000000000003a R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffda0f24080 CR3=000000001a660000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 652e29646e616d6d 6f632a282e637069 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 732f6c61636f6c2f 7273752f3d485441 YMM05=0000000000000000 0000000000000000 622f6c61636f6c2f 7273752f3a6e6962 YMM06=0000000000000000 0000000000000000 73752f3a6e696273 2f7273752f3a6e69 YMM07=0000000000000000 0000000000000000 6e69622f3a6e6962 732f3a6e69622f72 YMM08=0000000000000000 0000000000000000 000000000000000a 000000c000014016 YMM09=0000000000000000 0000000000000000 000000000000002a 000000c000016000 YMM10=0000000000000000 0000000000000000 0000000000000009 000000c000014040 YMM11=0000000000000000 0000000000000000 0000000000000007 000000c000014049 YMM12=0000000000000000 0000000000000000 000000000000001c 000000c000018000 YMM13=0000000000000000 0000000000000000 0000000000000041 000000c00001a000 YMM14=0000000000000000 0000000000000000 000000000000000c 000000c000014050 YMM15=0000000000000000 0000000000000000 000000000000000d 000000c000014060 info registers vcpu 1 RAX=dffffc0000000000 RBX=ffffffff870606c0 RCX=1ffffffff0b61001 RDX=0000000000000004 RSI=0000000000000004 RDI=ffff8880094c15f0 RBP=ffff8880094c15f0 RSP=ffff888030137ab0 R8 =0000000000000000 R9 =0000000000000001 R10=ffffed10012982be R11=0000000000000001 R12=ffffffff84273de8 R13=ffffed10012982c6 R14=ffff88800c3b8670 R15=0000000000000246 RIP=ffffffff8129ae7c RFL=00000016 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555555fd4400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f95482fef30 CR3=000000003b8cc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 d9212b4522887188 3547ad7f2d07634e YMM02=0000000000000000 0000000000000000 6b1e99b806172e3b 00000000000aea28 YMM03=0000000000000000 0000000000000000 375afdebbf381c81 00000000001226f0 YMM04=0000000000000000 0000000000000000 0a1a9419b96bed9c 000000000013b558 YMM05=0000000000000000 0000000000000000 d3fdd5f48436fbd7 00000000000aead0 YMM06=0000000000000000 0000000000000000 2e8b8f604979fe43 00000000000ae988 YMM07=0000000000000000 0000000000000000 a1fcdcf819d7e1e5 00000000000ae728 YMM08=0000000000000000 0000000000000000 44495f474f4c5359 530069253d595449 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000200000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000