00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 530.296991] CPU: 1 PID: 15104 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 530.306033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.315431] Call Trace: [ 530.318937] dump_stack+0x1b2/0x281 [ 530.322568] should_fail.cold+0x10a/0x149 [ 530.326726] should_failslab+0xd6/0x130 [ 530.330712] kmem_cache_alloc+0x28e/0x3c0 [ 530.334980] anon_vma_fork+0xe3/0x580 [ 530.338797] ? dup_userfaultfd+0x14a/0x5d0 [ 530.343058] ? kmem_cache_alloc+0x35f/0x3c0 [ 530.347406] copy_process.part.0+0x4c64/0x71c0 [ 530.347763] FAULT_INJECTION: forcing a failure. [ 530.347763] name failslab, interval 1, probability 0, space 0, times 0 [ 530.352011] ? __cleanup_sighand+0x40/0x40 [ 530.352023] ? lock_downgrade+0x740/0x740 [ 530.352044] _do_fork+0x184/0xc80 [ 530.352058] ? fork_idle+0x270/0x270 [ 530.379096] ? fput+0xb/0x140 [ 530.382204] ? SyS_write+0x14d/0x210 [ 530.386007] ? SyS_read+0x210/0x210 [ 530.389635] ? __do_page_fault+0x159/0xad0 [ 530.393877] ? do_syscall_64+0x4c/0x640 04:17:17 executing program 0 (fault-call:2 fault-nth:79): fork() fork() fork() [ 530.397855] ? kernel_thread+0x40/0x40 [ 530.401835] do_syscall_64+0x1d5/0x640 [ 530.406113] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 530.411308] RIP: 0033:0x465f69 [ 530.414496] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 530.422293] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 530.429564] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 530.437291] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 530.444560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 530.451835] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 530.459540] CPU: 0 PID: 15120 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 530.467895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.477364] Call Trace: [ 530.480003] dump_stack+0x1b2/0x281 [ 530.483637] should_fail.cold+0x10a/0x149 [ 530.487793] should_failslab+0xd6/0x130 [ 530.491779] kmem_cache_alloc+0x28e/0x3c0 [ 530.496037] anon_vma_fork+0xe3/0x580 [ 530.499847] ? dup_userfaultfd+0x14a/0x5d0 [ 530.504258] ? kmem_cache_alloc+0x35f/0x3c0 [ 530.508619] copy_process.part.0+0x4c64/0x71c0 [ 530.514196] ? __cleanup_sighand+0x40/0x40 [ 530.518432] ? lock_downgrade+0x740/0x740 [ 530.522592] _do_fork+0x184/0xc80 [ 530.526057] ? fork_idle+0x270/0x270 [ 530.529785] ? fput+0xb/0x140 [ 530.532916] ? SyS_write+0x14d/0x210 [ 530.536668] ? SyS_read+0x210/0x210 [ 530.540317] ? __do_page_fault+0x159/0xad0 [ 530.544828] ? do_syscall_64+0x4c/0x640 04:17:17 executing program 5 (fault-call:0 fault-nth:79): fork() [ 530.548803] ? kernel_thread+0x40/0x40 [ 530.552703] do_syscall_64+0x1d5/0x640 [ 530.556601] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 530.561792] RIP: 0033:0x465f69 [ 530.564980] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 530.572696] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 530.579974] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 530.587248] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 04:17:17 executing program 1: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:17 executing program 4: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)={0xffffffffffffffff}) accept4$x25(r1, &(0x7f00000000c0), &(0x7f0000000400)=0x2a, 0x2008cfdb25306b2b) 04:17:17 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:17 executing program 2: socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) [ 530.594530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 530.601821] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:17 executing program 3: socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:17 executing program 1: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:17 executing program 4: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:17 executing program 2: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) [ 530.687300] FAULT_INJECTION: forcing a failure. [ 530.687300] name failslab, interval 1, probability 0, space 0, times 0 04:17:18 executing program 3: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) [ 530.785422] CPU: 1 PID: 15136 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 530.793347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.802714] Call Trace: [ 530.805320] dump_stack+0x1b2/0x281 [ 530.808956] should_fail.cold+0x10a/0x149 [ 530.813114] ? lock_acquire+0x170/0x3f0 [ 530.817191] should_failslab+0xd6/0x130 [ 530.821218] kmem_cache_alloc+0x40/0x3c0 [ 530.825382] anon_vma_clone+0xe0/0x5b0 [ 530.829282] anon_vma_fork+0x82/0x580 [ 530.833233] ? dup_userfaultfd+0x14a/0x5d0 [ 530.837594] ? kmem_cache_alloc+0x35f/0x3c0 [ 530.841924] copy_process.part.0+0x4c64/0x71c0 [ 530.846539] ? __cleanup_sighand+0x40/0x40 [ 530.850829] ? lock_downgrade+0x740/0x740 [ 530.855259] _do_fork+0x184/0xc80 [ 530.858740] ? fork_idle+0x270/0x270 [ 530.862467] ? fput+0xb/0x140 [ 530.865846] ? SyS_write+0x14d/0x210 [ 530.869565] ? SyS_read+0x210/0x210 [ 530.873197] ? __do_page_fault+0x159/0xad0 [ 530.877435] ? do_syscall_64+0x4c/0x640 [ 530.881536] ? kernel_thread+0x40/0x40 04:17:18 executing program 0 (fault-call:2 fault-nth:80): fork() fork() fork() 04:17:18 executing program 3: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) [ 530.885711] do_syscall_64+0x1d5/0x640 [ 530.889821] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 530.895009] RIP: 0033:0x465f69 [ 530.898199] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 530.905945] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 530.913322] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 530.920601] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 530.928493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 530.935778] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 530.999363] FAULT_INJECTION: forcing a failure. [ 530.999363] name failslab, interval 1, probability 0, space 0, times 0 [ 531.011461] CPU: 1 PID: 15166 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 531.019350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.028744] Call Trace: [ 531.031340] dump_stack+0x1b2/0x281 [ 531.034971] should_fail.cold+0x10a/0x149 [ 531.039139] should_failslab+0xd6/0x130 [ 531.043118] kmem_cache_alloc+0x28e/0x3c0 [ 531.047397] ptlock_alloc+0x1d/0x70 [ 531.051029] pte_alloc_one+0x57/0x100 [ 531.054836] __pte_alloc+0x25/0x2c0 [ 531.058490] copy_page_range+0x1788/0x2630 [ 531.062747] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 531.068208] ? apply_to_page_range+0xa60/0xa60 [ 531.072798] ? validate_mm_rb+0x3a/0xa0 [ 531.079827] copy_process.part.0+0x4df8/0x71c0 [ 531.084519] ? __cleanup_sighand+0x40/0x40 [ 531.088766] ? lock_downgrade+0x740/0x740 [ 531.092925] _do_fork+0x184/0xc80 [ 531.096389] ? fork_idle+0x270/0x270 [ 531.100103] ? fput+0xb/0x140 [ 531.103202] ? SyS_write+0x14d/0x210 [ 531.106909] ? SyS_read+0x210/0x210 [ 531.110648] ? __do_page_fault+0x159/0xad0 [ 531.114865] ? do_syscall_64+0x4c/0x640 [ 531.118826] ? kernel_thread+0x40/0x40 [ 531.122719] do_syscall_64+0x1d5/0x640 [ 531.126594] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 531.131768] RIP: 0033:0x465f69 [ 531.134936] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 531.142621] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 04:17:18 executing program 5 (fault-call:0 fault-nth:80): fork() 04:17:18 executing program 4: syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 2: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 3: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 1: socketpair(0x11, 0x2, 0xcda, 0x0) 04:17:18 executing program 0 (fault-call:2 fault-nth:81): fork() fork() fork() [ 531.149880] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 531.157136] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.164408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.171680] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:18 executing program 2: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 4: syz_init_net_socket$x25(0x9, 0x5, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 3: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) [ 531.270276] FAULT_INJECTION: forcing a failure. [ 531.270276] name failslab, interval 1, probability 0, space 0, times 0 04:17:18 executing program 4: socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) [ 531.318263] FAULT_INJECTION: forcing a failure. [ 531.318263] name failslab, interval 1, probability 0, space 0, times 0 [ 531.356905] CPU: 0 PID: 15192 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 531.364931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.374285] Call Trace: [ 531.377312] dump_stack+0x1b2/0x281 [ 531.380961] should_fail.cold+0x10a/0x149 [ 531.385146] should_failslab+0xd6/0x130 [ 531.389125] kmem_cache_alloc+0x28e/0x3c0 [ 531.393279] ptlock_alloc+0x1d/0x70 [ 531.396906] pte_alloc_one+0x57/0x100 [ 531.400699] __pte_alloc+0x25/0x2c0 [ 531.404321] copy_page_range+0x1788/0x2630 [ 531.408583] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 531.414038] ? apply_to_page_range+0xa60/0xa60 [ 531.418615] ? validate_mm_rb+0x3a/0xa0 [ 531.422650] copy_process.part.0+0x4df8/0x71c0 [ 531.427246] ? __cleanup_sighand+0x40/0x40 [ 531.431474] ? lock_downgrade+0x740/0x740 [ 531.435978] _do_fork+0x184/0xc80 [ 531.439434] ? fork_idle+0x270/0x270 [ 531.443143] ? fput+0xb/0x140 [ 531.446244] ? SyS_write+0x14d/0x210 [ 531.449955] ? SyS_read+0x210/0x210 [ 531.453588] ? __do_page_fault+0x159/0xad0 [ 531.457996] ? do_syscall_64+0x4c/0x640 [ 531.461979] ? kernel_thread+0x40/0x40 [ 531.465872] do_syscall_64+0x1d5/0x640 [ 531.469766] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 531.475062] RIP: 0033:0x465f69 [ 531.478352] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 531.488789] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 531.496084] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 531.503353] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.510617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.517879] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 531.525162] CPU: 1 PID: 15194 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 531.533054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.542410] Call Trace: [ 531.545008] dump_stack+0x1b2/0x281 [ 531.548645] should_fail.cold+0x10a/0x149 [ 531.552806] should_failslab+0xd6/0x130 [ 531.556799] kmem_cache_alloc+0x28e/0x3c0 [ 531.560950] ptlock_alloc+0x1d/0x70 [ 531.564577] pte_alloc_one+0x57/0x100 [ 531.568379] __pte_alloc+0x25/0x2c0 [ 531.572120] copy_page_range+0x1788/0x2630 [ 531.576377] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 531.581832] ? apply_to_page_range+0xa60/0xa60 [ 531.586415] ? validate_mm_rb+0x3a/0xa0 [ 531.590407] copy_process.part.0+0x4df8/0x71c0 [ 531.595018] ? __cleanup_sighand+0x40/0x40 [ 531.599270] ? lock_downgrade+0x740/0x740 [ 531.603453] _do_fork+0x184/0xc80 [ 531.606920] ? fork_idle+0x270/0x270 [ 531.610643] ? fput+0xb/0x140 [ 531.613759] ? SyS_write+0x14d/0x210 [ 531.617491] ? SyS_read+0x210/0x210 [ 531.617993] FAULT_INJECTION: forcing a failure. [ 531.617993] name failslab, interval 1, probability 0, space 0, times 0 [ 531.621211] ? __do_page_fault+0x159/0xad0 [ 531.621223] ? do_syscall_64+0x4c/0x640 [ 531.621233] ? kernel_thread+0x40/0x40 [ 531.621244] do_syscall_64+0x1d5/0x640 [ 531.621261] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 531.621276] RIP: 0033:0x465f69 [ 531.658665] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 04:17:18 executing program 2: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 5 (fault-call:0 fault-nth:81): fork() 04:17:18 executing program 3: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 2: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) 04:17:18 executing program 3: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) [ 531.666378] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 531.673737] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 531.681177] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.688463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.695882] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 531.703257] CPU: 0 PID: 15217 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 531.711142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.720490] Call Trace: [ 531.723083] dump_stack+0x1b2/0x281 [ 531.726725] should_fail.cold+0x10a/0x149 [ 531.730883] should_failslab+0xd6/0x130 [ 531.734873] kmem_cache_alloc+0x28e/0x3c0 [ 531.739028] anon_vma_fork+0xe3/0x580 [ 531.742835] ? dup_userfaultfd+0x14a/0x5d0 [ 531.747070] ? kmem_cache_alloc+0x35f/0x3c0 [ 531.751519] copy_process.part.0+0x4c64/0x71c0 [ 531.756212] ? __cleanup_sighand+0x40/0x40 [ 531.760453] ? lock_downgrade+0x740/0x740 [ 531.764612] _do_fork+0x184/0xc80 [ 531.768074] ? fork_idle+0x270/0x270 [ 531.771914] ? fput+0xb/0x140 [ 531.775030] ? SyS_write+0x14d/0x210 [ 531.778747] ? SyS_read+0x210/0x210 [ 531.782384] ? __do_page_fault+0x159/0xad0 [ 531.786634] ? do_syscall_64+0x4c/0x640 [ 531.790605] ? kernel_thread+0x40/0x40 [ 531.794627] do_syscall_64+0x1d5/0x640 [ 531.798545] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 531.803738] RIP: 0033:0x465f69 [ 531.806934] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 04:17:19 executing program 0 (fault-call:2 fault-nth:82): fork() fork() fork() 04:17:19 executing program 3: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:19 executing program 2: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) 04:17:19 executing program 4: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) 04:17:19 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:19 executing program 5 (fault-call:0 fault-nth:82): fork() [ 531.814691] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 531.821962] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 531.829233] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.836610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.843913] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 04:17:19 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:19 executing program 3: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:19 executing program 2: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) [ 531.944841] FAULT_INJECTION: forcing a failure. [ 531.944841] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 532.005707] FAULT_INJECTION: forcing a failure. [ 532.005707] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 532.011770] CPU: 0 PID: 15242 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 532.026209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.035658] Call Trace: [ 532.038335] dump_stack+0x1b2/0x281 [ 532.041968] should_fail.cold+0x10a/0x149 [ 532.046117] __alloc_pages_nodemask+0x22c/0x2720 [ 532.050896] ? is_bpf_text_address+0xb8/0x150 [ 532.055393] ? kernel_text_address+0xbd/0xf0 [ 532.059804] ? __kernel_text_address+0x9/0x30 [ 532.064310] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 532.069153] ? trace_hardirqs_on+0x10/0x10 [ 532.073383] ? trace_hardirqs_on+0x10/0x10 [ 532.077676] ? kasan_kmalloc+0x139/0x160 [ 532.081742] ? copy_page_range+0xfcb/0x2630 [ 532.086073] alloc_pages_current+0x155/0x260 [ 532.090504] pte_alloc_one+0x15/0x100 [ 532.094312] __pte_alloc+0x25/0x2c0 [ 532.097962] copy_page_range+0x1788/0x2630 [ 532.102239] ? apply_to_page_range+0xa60/0xa60 [ 532.106837] ? validate_mm_rb+0x3a/0xa0 [ 532.110830] copy_process.part.0+0x4df8/0x71c0 [ 532.115471] ? __cleanup_sighand+0x40/0x40 [ 532.119729] ? lock_downgrade+0x740/0x740 [ 532.123887] _do_fork+0x184/0xc80 [ 532.127343] ? fork_idle+0x270/0x270 [ 532.131071] ? fput+0xb/0x140 [ 532.134173] ? SyS_write+0x14d/0x210 [ 532.137883] ? SyS_read+0x210/0x210 [ 532.141501] ? __do_page_fault+0x159/0xad0 [ 532.145731] ? do_syscall_64+0x4c/0x640 [ 532.149700] ? kernel_thread+0x40/0x40 [ 532.153601] do_syscall_64+0x1d5/0x640 [ 532.157511] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 532.162690] RIP: 0033:0x465f69 [ 532.165868] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 532.173594] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 532.180861] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 532.188126] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.195391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.202670] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 532.210046] CPU: 1 PID: 15243 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 532.218076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.227440] Call Trace: [ 532.230040] dump_stack+0x1b2/0x281 [ 532.233683] should_fail.cold+0x10a/0x149 [ 532.237873] __alloc_pages_nodemask+0x22c/0x2720 [ 532.242657] ? is_bpf_text_address+0xb8/0x150 [ 532.247510] ? kernel_text_address+0xbd/0xf0 [ 532.251959] ? __kernel_text_address+0x9/0x30 [ 532.256474] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 532.261342] ? trace_hardirqs_on+0x10/0x10 [ 532.263930] FAULT_INJECTION: forcing a failure. [ 532.263930] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 532.265582] ? trace_hardirqs_on+0x10/0x10 [ 532.265600] ? kasan_kmalloc+0x139/0x160 [ 532.265614] ? copy_page_range+0xfcb/0x2630 [ 532.265627] alloc_pages_current+0x155/0x260 [ 532.265646] pte_alloc_one+0x15/0x100 [ 532.298387] __pte_alloc+0x25/0x2c0 [ 532.302021] copy_page_range+0x1788/0x2630 [ 532.306280] ? apply_to_page_range+0xa60/0xa60 [ 532.310873] ? validate_mm_rb+0x3a/0xa0 [ 532.314852] copy_process.part.0+0x4df8/0x71c0 [ 532.319451] ? __cleanup_sighand+0x40/0x40 [ 532.323681] ? lock_downgrade+0x740/0x740 [ 532.327850] _do_fork+0x184/0xc80 [ 532.331321] ? fork_idle+0x270/0x270 [ 532.335028] ? fput+0xb/0x140 [ 532.338128] ? SyS_write+0x14d/0x210 [ 532.341941] ? SyS_read+0x210/0x210 [ 532.345586] ? __do_page_fault+0x159/0xad0 [ 532.349819] ? do_syscall_64+0x4c/0x640 04:17:19 executing program 5 (fault-call:0 fault-nth:83): fork() 04:17:19 executing program 4: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) [ 532.353813] ? kernel_thread+0x40/0x40 [ 532.357705] do_syscall_64+0x1d5/0x640 [ 532.361603] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 532.366799] RIP: 0033:0x465f69 [ 532.370018] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 532.377722] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 532.384987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 532.392256] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.399525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.406882] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 532.414186] CPU: 0 PID: 15259 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 532.422598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.432047] Call Trace: [ 532.434659] dump_stack+0x1b2/0x281 [ 532.438303] should_fail.cold+0x10a/0x149 [ 532.442462] __alloc_pages_nodemask+0x22c/0x2720 [ 532.447230] ? is_bpf_text_address+0xb8/0x150 [ 532.451996] ? kernel_text_address+0xbd/0xf0 [ 532.456571] ? __kernel_text_address+0x9/0x30 [ 532.461082] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 532.465936] ? trace_hardirqs_on+0x10/0x10 [ 532.470177] ? trace_hardirqs_on+0x10/0x10 [ 532.474421] ? kasan_kmalloc+0x139/0x160 [ 532.478490] ? copy_page_range+0xfcb/0x2630 [ 532.482814] alloc_pages_current+0x155/0x260 [ 532.487228] pte_alloc_one+0x15/0x100 [ 532.491052] __pte_alloc+0x25/0x2c0 [ 532.494684] copy_page_range+0x1788/0x2630 [ 532.498938] ? apply_to_page_range+0xa60/0xa60 [ 532.503520] ? validate_mm_rb+0x3a/0xa0 [ 532.507502] copy_process.part.0+0x4df8/0x71c0 [ 532.512109] ? __cleanup_sighand+0x40/0x40 [ 532.516399] ? lock_downgrade+0x740/0x740 [ 532.520585] _do_fork+0x184/0xc80 [ 532.524039] ? fork_idle+0x270/0x270 [ 532.527866] ? fput+0xb/0x140 [ 532.530982] ? SyS_write+0x14d/0x210 [ 532.534686] ? SyS_read+0x210/0x210 [ 532.538329] ? __do_page_fault+0x159/0xad0 [ 532.542561] ? do_syscall_64+0x4c/0x640 [ 532.546518] ? kernel_thread+0x40/0x40 [ 532.550418] do_syscall_64+0x1d5/0x640 04:17:19 executing program 0 (fault-call:2 fault-nth:83): fork() fork() fork() 04:17:19 executing program 4: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) 04:17:19 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:19 executing program 3: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:19 executing program 2: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) [ 532.554325] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 532.559512] RIP: 0033:0x465f69 [ 532.562711] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 532.570417] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 532.577781] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 532.585758] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.593049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.600326] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 04:17:19 executing program 5 (fault-call:0 fault-nth:84): fork() 04:17:19 executing program 2: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:19 executing program 4: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) [ 532.710314] FAULT_INJECTION: forcing a failure. [ 532.710314] name failslab, interval 1, probability 0, space 0, times 0 [ 532.725423] FAULT_INJECTION: forcing a failure. [ 532.725423] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 532.765323] CPU: 1 PID: 15281 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 532.773233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.782932] Call Trace: [ 532.785526] dump_stack+0x1b2/0x281 [ 532.789170] should_fail.cold+0x10a/0x149 [ 532.793356] should_failslab+0xd6/0x130 [ 532.797331] kmem_cache_alloc+0x28e/0x3c0 [ 532.802178] ptlock_alloc+0x1d/0x70 [ 532.805806] pte_alloc_one+0x57/0x100 [ 532.809600] __pte_alloc+0x25/0x2c0 [ 532.813239] copy_page_range+0x1788/0x2630 [ 532.817481] ? apply_to_page_range+0xa60/0xa60 [ 532.822079] ? validate_mm_rb+0x3a/0xa0 [ 532.826052] copy_process.part.0+0x4df8/0x71c0 [ 532.830666] ? __cleanup_sighand+0x40/0x40 [ 532.834897] ? lock_downgrade+0x740/0x740 [ 532.839047] _do_fork+0x184/0xc80 [ 532.842509] ? fork_idle+0x270/0x270 [ 532.846276] ? fput+0xb/0x140 [ 532.849379] ? SyS_write+0x14d/0x210 [ 532.853086] ? SyS_read+0x210/0x210 [ 532.856728] ? __do_page_fault+0x159/0xad0 [ 532.860958] ? do_syscall_64+0x4c/0x640 04:17:19 executing program 3: socketpair(0x11, 0x2, 0xcda, 0x0) [ 532.864923] ? kernel_thread+0x40/0x40 [ 532.868807] do_syscall_64+0x1d5/0x640 [ 532.872697] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 532.877875] RIP: 0033:0x465f69 [ 532.881053] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 532.888758] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 532.896023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 532.903377] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.910642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.917910] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 532.925287] CPU: 0 PID: 15272 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 532.933204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.942556] Call Trace: [ 532.945160] dump_stack+0x1b2/0x281 [ 532.948819] should_fail.cold+0x10a/0x149 [ 532.952977] __alloc_pages_nodemask+0x22c/0x2720 [ 532.957748] ? is_bpf_text_address+0xb8/0x150 [ 532.962269] ? kernel_text_address+0xbd/0xf0 [ 532.966684] ? __kernel_text_address+0x9/0x30 [ 532.971530] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 532.976382] ? trace_hardirqs_on+0x10/0x10 [ 532.980627] ? trace_hardirqs_on+0x10/0x10 [ 532.985216] ? kasan_kmalloc+0x139/0x160 [ 532.989284] ? copy_page_range+0xfcb/0x2630 [ 532.993610] alloc_pages_current+0x155/0x260 [ 532.998025] pte_alloc_one+0x15/0x100 [ 533.001825] __pte_alloc+0x25/0x2c0 [ 533.005455] copy_page_range+0x1788/0x2630 [ 533.009708] ? apply_to_page_range+0xa60/0xa60 [ 533.014292] ? validate_mm_rb+0x3a/0xa0 [ 533.018274] copy_process.part.0+0x4df8/0x71c0 [ 533.023245] ? __cleanup_sighand+0x40/0x40 [ 533.028370] ? lock_downgrade+0x740/0x740 [ 533.032526] _do_fork+0x184/0xc80 [ 533.035993] ? fork_idle+0x270/0x270 [ 533.039713] ? fput+0xb/0x140 [ 533.042843] ? SyS_write+0x14d/0x210 [ 533.046556] ? SyS_read+0x210/0x210 [ 533.050201] ? __do_page_fault+0x159/0xad0 [ 533.054438] ? do_syscall_64+0x4c/0x640 [ 533.058422] ? kernel_thread+0x40/0x40 [ 533.062321] do_syscall_64+0x1d5/0x640 04:17:20 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:20 executing program 5 (fault-call:0 fault-nth:85): fork() 04:17:20 executing program 4: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) [ 533.066220] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 533.071414] RIP: 0033:0x465f69 [ 533.074599] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 533.082419] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 533.089779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 533.097048] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 533.104312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 04:17:20 executing program 0 (fault-call:2 fault-nth:84): fork() fork() fork() 04:17:20 executing program 3: socketpair(0x11, 0x2, 0xcda, 0x0) 04:17:20 executing program 2: socketpair(0x11, 0x2, 0xcda, 0x0) [ 533.111583] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:20 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:20 executing program 4: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) [ 533.200546] FAULT_INJECTION: forcing a failure. [ 533.200546] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 533.238411] CPU: 1 PID: 15307 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 533.246333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.255691] Call Trace: [ 533.258308] dump_stack+0x1b2/0x281 [ 533.261941] should_fail.cold+0x10a/0x149 [ 533.266092] __alloc_pages_nodemask+0x22c/0x2720 [ 533.270863] ? is_bpf_text_address+0xb8/0x150 [ 533.275363] ? kernel_text_address+0xbd/0xf0 [ 533.279807] ? __kernel_text_address+0x9/0x30 [ 533.284311] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 533.289158] ? trace_hardirqs_on+0x10/0x10 [ 533.293393] ? trace_hardirqs_on+0x10/0x10 [ 533.297682] ? kasan_kmalloc+0x139/0x160 [ 533.301756] ? copy_page_range+0xfcb/0x2630 [ 533.306084] alloc_pages_current+0x155/0x260 [ 533.310500] pte_alloc_one+0x15/0x100 [ 533.314302] __pte_alloc+0x25/0x2c0 [ 533.317929] copy_page_range+0x1788/0x2630 [ 533.322182] ? apply_to_page_range+0xa60/0xa60 [ 533.326760] ? validate_mm_rb+0x3a/0xa0 [ 533.330740] copy_process.part.0+0x4df8/0x71c0 [ 533.335348] ? __cleanup_sighand+0x40/0x40 [ 533.339584] ? lock_downgrade+0x740/0x740 [ 533.343748] _do_fork+0x184/0xc80 [ 533.347245] ? fork_idle+0x270/0x270 04:17:20 executing program 3: socketpair(0x11, 0x2, 0xcda, 0x0) 04:17:20 executing program 2: syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) [ 533.350961] ? fput+0xb/0x140 [ 533.354076] ? SyS_write+0x14d/0x210 [ 533.357796] ? SyS_read+0x210/0x210 [ 533.361517] ? __do_page_fault+0x159/0xad0 [ 533.365757] ? do_syscall_64+0x4c/0x640 [ 533.369731] ? kernel_thread+0x40/0x40 [ 533.373624] do_syscall_64+0x1d5/0x640 [ 533.377513] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 533.382696] RIP: 0033:0x465f69 [ 533.385878] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 533.393587] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 04:17:20 executing program 4: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:20 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:20 executing program 5 (fault-call:0 fault-nth:86): fork() 04:17:20 executing program 3: socketpair(0x11, 0x2, 0xcda, 0x0) 04:17:20 executing program 2: syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) [ 533.400863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 533.406391] FAULT_INJECTION: forcing a failure. [ 533.406391] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 533.408153] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 533.408159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 533.408164] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 533.517659] FAULT_INJECTION: forcing a failure. [ 533.517659] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 533.549528] CPU: 0 PID: 15315 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 533.557445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.566831] Call Trace: [ 533.569429] dump_stack+0x1b2/0x281 [ 533.573085] should_fail.cold+0x10a/0x149 [ 533.577243] __alloc_pages_nodemask+0x22c/0x2720 [ 533.582008] ? unwind_get_return_address+0x51/0x90 [ 533.586939] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 533.592307] ? __save_stack_trace+0xa0/0x160 [ 533.596724] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 533.601580] ? trace_hardirqs_on+0x10/0x10 [ 533.605900] ? trace_hardirqs_on+0x10/0x10 [ 533.610157] ? __lock_acquire+0x5fc/0x3f20 [ 533.614407] ? copy_page_range+0xfcb/0x2630 [ 533.618740] alloc_pages_current+0x155/0x260 [ 533.623153] pte_alloc_one+0x15/0x100 [ 533.626956] __pte_alloc+0x25/0x2c0 [ 533.630605] copy_page_range+0x1788/0x2630 [ 533.634850] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 533.640300] ? apply_to_page_range+0xa60/0xa60 [ 533.644883] ? validate_mm_rb+0x3a/0xa0 [ 533.648859] copy_process.part.0+0x4df8/0x71c0 [ 533.653472] ? __cleanup_sighand+0x40/0x40 [ 533.657702] ? lock_downgrade+0x740/0x740 [ 533.661848] _do_fork+0x184/0xc80 [ 533.665561] ? fork_idle+0x270/0x270 [ 533.669283] ? fput+0xb/0x140 [ 533.672400] ? SyS_write+0x14d/0x210 [ 533.676109] ? SyS_read+0x210/0x210 [ 533.679746] ? __do_page_fault+0x159/0xad0 [ 533.683979] ? do_syscall_64+0x4c/0x640 [ 533.687959] ? kernel_thread+0x40/0x40 [ 533.691851] do_syscall_64+0x1d5/0x640 [ 533.695756] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 533.700940] RIP: 0033:0x465f69 [ 533.704120] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 04:17:21 executing program 0 (fault-call:2 fault-nth:85): fork() fork() fork() 04:17:21 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:21 executing program 2: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:21 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:21 executing program 4: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) [ 533.711836] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 533.719097] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 533.726361] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 533.733623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 533.740885] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 533.748354] CPU: 1 PID: 15339 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 533.756245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.766988] Call Trace: [ 533.769592] dump_stack+0x1b2/0x281 [ 533.773226] should_fail.cold+0x10a/0x149 [ 533.777387] __alloc_pages_nodemask+0x22c/0x2720 [ 533.782173] ? _raw_spin_unlock_irq+0x24/0x80 [ 533.786941] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 533.791972] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 533.796823] ? trace_hardirqs_on+0x10/0x10 [ 533.801064] ? trace_hardirqs_on+0x10/0x10 [ 533.805315] ? io_schedule_timeout+0x140/0x140 [ 533.809903] ? retint_kernel+0x2d/0x2d [ 533.813801] ? copy_page_range+0xfcb/0x2630 [ 533.818409] alloc_pages_current+0x155/0x260 [ 533.822824] pte_alloc_one+0x15/0x100 [ 533.826629] __pte_alloc+0x25/0x2c0 [ 533.830261] copy_page_range+0x1788/0x2630 [ 533.834513] ? apply_to_page_range+0xa60/0xa60 [ 533.839102] ? validate_mm_rb+0x3a/0xa0 [ 533.843192] copy_process.part.0+0x4df8/0x71c0 [ 533.847819] ? __cleanup_sighand+0x40/0x40 [ 533.852058] ? lock_downgrade+0x740/0x740 [ 533.856214] _do_fork+0x184/0xc80 [ 533.859671] ? fork_idle+0x270/0x270 [ 533.863388] ? fput+0xb/0x140 [ 533.866492] ? SyS_write+0x14d/0x210 [ 533.867547] FAULT_INJECTION: forcing a failure. [ 533.867547] name failslab, interval 1, probability 0, space 0, times 0 [ 533.870203] ? SyS_read+0x210/0x210 [ 533.870215] ? __do_page_fault+0x159/0xad0 [ 533.870225] ? do_syscall_64+0x4c/0x640 [ 533.870235] ? kernel_thread+0x40/0x40 [ 533.870245] do_syscall_64+0x1d5/0x640 [ 533.870264] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 533.906162] RIP: 0033:0x465f69 [ 533.909361] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 533.917062] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 533.924323] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 533.932192] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 533.939477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 533.947000] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 533.962153] CPU: 0 PID: 15357 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 533.970077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.979530] Call Trace: [ 533.982141] dump_stack+0x1b2/0x281 [ 533.985777] should_fail.cold+0x10a/0x149 [ 533.989929] should_failslab+0xd6/0x130 [ 533.993928] kmem_cache_alloc+0x28e/0x3c0 [ 533.998081] copy_process.part.0+0x4ad1/0x71c0 [ 534.002707] ? __cleanup_sighand+0x40/0x40 [ 534.006960] ? lock_downgrade+0x740/0x740 [ 534.011138] _do_fork+0x184/0xc80 [ 534.014595] ? fork_idle+0x270/0x270 04:17:21 executing program 5 (fault-call:0 fault-nth:87): fork() 04:17:21 executing program 1: socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) [ 534.018314] ? fput+0xb/0x140 [ 534.021419] ? SyS_write+0x14d/0x210 [ 534.025134] ? SyS_read+0x210/0x210 [ 534.028760] ? __do_page_fault+0x159/0xad0 [ 534.033000] ? do_syscall_64+0x4c/0x640 [ 534.037001] ? kernel_thread+0x40/0x40 [ 534.040903] do_syscall_64+0x1d5/0x640 [ 534.044802] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 534.049990] RIP: 0033:0x465f69 [ 534.053175] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 534.057117] FAULT_INJECTION: forcing a failure. 04:17:21 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:21 executing program 2: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:21 executing program 4: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) [ 534.057117] name failslab, interval 1, probability 0, space 0, times 0 [ 534.060881] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 534.060887] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 534.060892] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 534.060897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 534.060903] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:21 executing program 1: socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:21 executing program 4: socketpair(0x11, 0x2, 0xcda, 0x0) 04:17:21 executing program 0 (fault-call:2 fault-nth:86): fork() fork() fork() 04:17:21 executing program 2: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:21 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:21 executing program 1: socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) [ 534.256615] CPU: 1 PID: 15367 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 534.264616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.273978] Call Trace: [ 534.276573] dump_stack+0x1b2/0x281 [ 534.280207] should_fail.cold+0x10a/0x149 [ 534.284392] should_failslab+0xd6/0x130 [ 534.288371] kmem_cache_alloc+0x28e/0x3c0 [ 534.292562] copy_process.part.0+0x4ad1/0x71c0 [ 534.297170] ? __cleanup_sighand+0x40/0x40 [ 534.299443] FAULT_INJECTION: forcing a failure. [ 534.299443] name failslab, interval 1, probability 0, space 0, times 0 [ 534.301406] ? lock_downgrade+0x740/0x740 [ 534.301423] _do_fork+0x184/0xc80 [ 534.301444] ? fork_idle+0x270/0x270 [ 534.323920] ? fput+0xb/0x140 [ 534.327021] ? SyS_write+0x14d/0x210 [ 534.330742] ? SyS_read+0x210/0x210 [ 534.334367] ? __do_page_fault+0x159/0xad0 [ 534.338598] ? do_syscall_64+0x4c/0x640 [ 534.342997] ? kernel_thread+0x40/0x40 [ 534.346880] do_syscall_64+0x1d5/0x640 [ 534.350783] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 534.355987] RIP: 0033:0x465f69 [ 534.359172] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 534.366873] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 534.374134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 534.381399] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 534.388659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 534.395920] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 534.403456] CPU: 0 PID: 15385 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 534.411359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.420709] Call Trace: [ 534.423308] dump_stack+0x1b2/0x281 [ 534.426942] should_fail.cold+0x10a/0x149 [ 534.431209] should_failslab+0xd6/0x130 [ 534.435215] kmem_cache_alloc+0x28e/0x3c0 [ 534.439369] ptlock_alloc+0x1d/0x70 [ 534.442999] pte_alloc_one+0x57/0x100 [ 534.446804] __pte_alloc+0x25/0x2c0 [ 534.450436] copy_page_range+0x1788/0x2630 [ 534.454715] ? apply_to_page_range+0xa60/0xa60 [ 534.459992] ? validate_mm_rb+0x3a/0xa0 [ 534.463995] copy_process.part.0+0x4df8/0x71c0 [ 534.468705] ? __cleanup_sighand+0x40/0x40 [ 534.472950] ? lock_downgrade+0x740/0x740 [ 534.477118] _do_fork+0x184/0xc80 [ 534.480578] ? fork_idle+0x270/0x270 [ 534.484291] ? fput+0xb/0x140 [ 534.487397] ? SyS_write+0x14d/0x210 [ 534.491130] ? SyS_read+0x210/0x210 [ 534.494777] ? __do_page_fault+0x159/0xad0 [ 534.499012] ? do_syscall_64+0x4c/0x640 [ 534.502988] ? kernel_thread+0x40/0x40 04:17:21 executing program 5 (fault-call:0 fault-nth:88): fork() [ 534.506878] do_syscall_64+0x1d5/0x640 [ 534.510771] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 534.515957] RIP: 0033:0x465f69 [ 534.519143] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 534.526866] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 534.534311] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 534.541590] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 534.548859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 534.556142] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 534.558895] FAULT_INJECTION: forcing a failure. [ 534.558895] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 534.581193] CPU: 1 PID: 15405 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 534.589102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.598475] Call Trace: [ 534.601108] dump_stack+0x1b2/0x281 [ 534.604740] should_fail.cold+0x10a/0x149 [ 534.608893] __alloc_pages_nodemask+0x22c/0x2720 [ 534.613777] ? is_bpf_text_address+0xb8/0x150 [ 534.618278] ? kernel_text_address+0xbd/0xf0 [ 534.622722] ? __kernel_text_address+0x9/0x30 [ 534.627227] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 534.632089] ? trace_hardirqs_on+0x10/0x10 [ 534.636327] ? trace_hardirqs_on+0x10/0x10 [ 534.640575] ? kasan_kmalloc+0x139/0x160 [ 534.644644] ? copy_page_range+0xfcb/0x2630 [ 534.648974] alloc_pages_current+0x155/0x260 [ 534.653388] pte_alloc_one+0x15/0x100 [ 534.657189] __pte_alloc+0x25/0x2c0 [ 534.660824] copy_page_range+0x1788/0x2630 [ 534.665090] ? apply_to_page_range+0xa60/0xa60 [ 534.669675] ? validate_mm_rb+0x3a/0xa0 [ 534.673657] copy_process.part.0+0x4df8/0x71c0 [ 534.678259] ? __cleanup_sighand+0x40/0x40 [ 534.682527] ? lock_downgrade+0x740/0x740 [ 534.686681] _do_fork+0x184/0xc80 [ 534.690162] ? fork_idle+0x270/0x270 [ 534.693876] ? fput+0xb/0x140 [ 534.696982] ? SyS_write+0x14d/0x210 [ 534.700695] ? SyS_read+0x210/0x210 [ 534.704321] ? __do_page_fault+0x159/0xad0 04:17:21 executing program 0 (fault-call:2 fault-nth:87): fork() fork() fork() 04:17:21 executing program 2: socketpair(0x0, 0x2, 0x0, &(0x7f0000000080)) 04:17:21 executing program 1: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) 04:17:21 executing program 2: socketpair(0x0, 0x2, 0x0, &(0x7f0000000080)) 04:17:21 executing program 2: socketpair(0x0, 0x2, 0x0, &(0x7f0000000080)) [ 534.708559] ? do_syscall_64+0x4c/0x640 [ 534.712529] ? kernel_thread+0x40/0x40 [ 534.716419] do_syscall_64+0x1d5/0x640 [ 534.720318] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 534.725506] RIP: 0033:0x465f69 [ 534.728694] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 534.736407] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 534.743708] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 534.750989] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 04:17:22 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)={0xffffffffffffffff}) accept4$x25(r1, &(0x7f00000000c0), &(0x7f0000000400)=0x2a, 0x2008cfdb25306b2b) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 04:17:22 executing program 4: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)) 04:17:22 executing program 5 (fault-call:0 fault-nth:89): fork() [ 534.758260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 534.765533] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 04:17:22 executing program 2: socketpair(0x11, 0x0, 0x0, &(0x7f0000000080)) 04:17:22 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)={0xffffffffffffffff}) accept4$x25(r1, &(0x7f00000000c0), &(0x7f0000000400)=0x2a, 0x2008cfdb25306b2b) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x0, 0x0) 04:17:22 executing program 1: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) [ 534.850337] FAULT_INJECTION: forcing a failure. [ 534.850337] name failslab, interval 1, probability 0, space 0, times 0 [ 534.900792] CPU: 1 PID: 15431 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 534.908701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.918053] Call Trace: [ 534.920690] dump_stack+0x1b2/0x281 [ 534.924343] should_fail.cold+0x10a/0x149 [ 534.929106] should_failslab+0xd6/0x130 [ 534.933090] kmem_cache_alloc+0x28e/0x3c0 [ 534.937247] ptlock_alloc+0x1d/0x70 [ 534.940876] pte_alloc_one+0x57/0x100 [ 534.944688] __pte_alloc+0x25/0x2c0 [ 534.948319] copy_page_range+0x1788/0x2630 [ 534.952748] ? apply_to_page_range+0xa60/0xa60 [ 534.957353] ? validate_mm_rb+0x3a/0xa0 [ 534.961340] copy_process.part.0+0x4df8/0x71c0 [ 534.963596] FAULT_INJECTION: forcing a failure. [ 534.963596] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 534.965941] ? __cleanup_sighand+0x40/0x40 [ 534.965953] ? lock_downgrade+0x740/0x740 [ 534.965969] _do_fork+0x184/0xc80 [ 534.989572] ? fork_idle+0x270/0x270 [ 534.993292] ? fput+0xb/0x140 [ 534.996403] ? SyS_write+0x14d/0x210 04:17:22 executing program 2: socketpair(0x11, 0x0, 0x0, &(0x7f0000000080)) [ 535.000115] ? SyS_read+0x210/0x210 [ 535.003752] ? __do_page_fault+0x159/0xad0 [ 535.008002] ? do_syscall_64+0x4c/0x640 [ 535.011977] ? kernel_thread+0x40/0x40 [ 535.015872] do_syscall_64+0x1d5/0x640 [ 535.019768] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 535.024947] RIP: 0033:0x465f69 [ 535.028130] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 535.035839] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 535.043117] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 535.050398] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 535.057673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 535.064946] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 535.101154] CPU: 0 PID: 15444 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 535.109064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.118446] Call Trace: [ 535.121039] dump_stack+0x1b2/0x281 [ 535.125195] should_fail.cold+0x10a/0x149 [ 535.129348] __alloc_pages_nodemask+0x22c/0x2720 [ 535.134114] ? is_bpf_text_address+0xb8/0x150 [ 535.138611] ? kernel_text_address+0xbd/0xf0 [ 535.143017] ? __kernel_text_address+0x9/0x30 [ 535.147511] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 535.152372] ? trace_hardirqs_on+0x10/0x10 [ 535.156606] ? trace_hardirqs_on+0x10/0x10 [ 535.160850] ? kasan_kmalloc+0x139/0x160 [ 535.164920] ? copy_page_range+0xfcb/0x2630 [ 535.169250] alloc_pages_current+0x155/0x260 [ 535.173662] pte_alloc_one+0x15/0x100 [ 535.177465] __pte_alloc+0x25/0x2c0 [ 535.181099] copy_page_range+0x1788/0x2630 [ 535.185352] ? apply_to_page_range+0xa60/0xa60 [ 535.190056] ? validate_mm_rb+0x3a/0xa0 [ 535.194030] copy_process.part.0+0x4df8/0x71c0 [ 535.198619] ? __cleanup_sighand+0x40/0x40 [ 535.202836] ? lock_downgrade+0x740/0x740 [ 535.206984] _do_fork+0x184/0xc80 [ 535.210420] ? fork_idle+0x270/0x270 [ 535.214152] ? fput+0xb/0x140 [ 535.217236] ? SyS_write+0x14d/0x210 [ 535.220925] ? SyS_read+0x210/0x210 [ 535.224543] ? __do_page_fault+0x159/0xad0 [ 535.228769] ? do_syscall_64+0x4c/0x640 [ 535.232722] ? kernel_thread+0x40/0x40 [ 535.236592] do_syscall_64+0x1d5/0x640 [ 535.240465] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 535.245644] RIP: 0033:0x465f69 04:17:22 executing program 0 (fault-call:2 fault-nth:88): fork() fork() fork() 04:17:22 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@remote={[], 0x1}, 0x809, 'veth0_to_team\x00'}) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_DEL_INTERFACE(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r3, 0x10, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x108f876f32dc8e4) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r4, 0x89e8) 04:17:22 executing program 5 (fault-call:0 fault-nth:90): fork() 04:17:22 executing program 1: socketpair(0x0, 0x2, 0xcda, &(0x7f0000000080)) 04:17:22 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@remote={[], 0x1}, 0x809, 'veth0_to_team\x00'}) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_DEL_INTERFACE(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r3, 0x10, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x108f876f32dc8e4) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r4, 0x89e8) 04:17:22 executing program 2: socketpair(0x11, 0x0, 0x0, &(0x7f0000000080)) [ 535.248820] RSP: 002b:00007fc2ed14d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 535.256511] RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 0000000000465f69 [ 535.263778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 535.271061] RBP: 00007fc2ed14d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 535.278574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 535.285917] R13: 00007ffec574b8af R14: 00007fc2ed14d300 R15: 0000000000022000 04:17:22 executing program 1: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) 04:17:22 executing program 2: socketpair(0x11, 0x2, 0x0, 0x0) [ 535.377072] FAULT_INJECTION: forcing a failure. [ 535.377072] name failslab, interval 1, probability 0, space 0, times 0 [ 535.430209] CPU: 0 PID: 15471 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 535.438123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.447499] Call Trace: [ 535.447868] FAULT_INJECTION: forcing a failure. [ 535.447868] name failslab, interval 1, probability 0, space 0, times 0 [ 535.450088] dump_stack+0x1b2/0x281 [ 535.450102] should_fail.cold+0x10a/0x149 [ 535.450115] should_failslab+0xd6/0x130 [ 535.450134] kmem_cache_alloc+0x28e/0x3c0 [ 535.477214] copy_process.part.0+0x4ad1/0x71c0 [ 535.482432] ? __cleanup_sighand+0x40/0x40 [ 535.486669] ? lock_downgrade+0x740/0x740 [ 535.490817] _do_fork+0x184/0xc80 [ 535.494271] ? fork_idle+0x270/0x270 [ 535.497980] ? fput+0xb/0x140 [ 535.501274] ? SyS_write+0x14d/0x210 [ 535.504988] ? SyS_read+0x210/0x210 [ 535.508611] ? __do_page_fault+0x159/0xad0 [ 535.512846] ? do_syscall_64+0x4c/0x640 [ 535.517253] ? kernel_thread+0x40/0x40 [ 535.521135] do_syscall_64+0x1d5/0x640 [ 535.525026] entry_SYSCALL_64_after_hwframe+0x46/0xbb 04:17:22 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)={0xffffffffffffffff}) accept4$x25(r1, &(0x7f00000000c0), &(0x7f0000000400)=0x2a, 0x2008cfdb25306b2b) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x0, 0x0) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) setsockopt$X25_QBITINCL(r3, 0x106, 0x1, &(0x7f0000000100)=0x1, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r4) r5 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r5) [ 535.530227] RIP: 0033:0x465f69 [ 535.533410] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 535.541107] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 535.548388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 535.556180] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 535.563532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 535.570893] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 535.582035] CPU: 1 PID: 15468 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 535.589944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.599300] Call Trace: [ 535.601897] dump_stack+0x1b2/0x281 [ 535.605560] should_fail.cold+0x10a/0x149 [ 535.609713] should_failslab+0xd6/0x130 [ 535.613719] kmem_cache_alloc+0x28e/0x3c0 [ 535.617899] copy_process.part.0+0x4ad1/0x71c0 [ 535.622506] ? __cleanup_sighand+0x40/0x40 [ 535.626774] ? lock_downgrade+0x740/0x740 [ 535.630930] _do_fork+0x184/0xc80 [ 535.634385] ? fork_idle+0x270/0x270 [ 535.638109] ? fput+0xb/0x140 [ 535.641217] ? SyS_write+0x14d/0x210 [ 535.644953] ? SyS_read+0x210/0x210 [ 535.648582] ? __do_page_fault+0x159/0xad0 [ 535.652820] ? do_syscall_64+0x4c/0x640 [ 535.656802] ? kernel_thread+0x40/0x40 [ 535.660701] do_syscall_64+0x1d5/0x640 [ 535.664596] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 535.669813] RIP: 0033:0x465f69 [ 535.673001] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 04:17:22 executing program 5 (fault-call:0 fault-nth:91): fork() 04:17:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, 0x0) 04:17:22 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)={0xffffffffffffffff}) accept4$x25(r2, &(0x7f00000000c0), &(0x7f0000000400)=0x2a, 0x2008cfdb25306b2b) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x0, 0x0) r5 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) setsockopt$X25_QBITINCL(r4, 0x106, 0x1, &(0x7f0000000100)=0x1, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r5) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) ioctl$sock_x25_SIOCDELRT(r6, 0x890c, &(0x7f00000001c0)={@null=' \x00', 0x1, 'syzkaller1\x00'}) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000180)) [ 535.680792] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 535.688092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 535.695364] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 535.702632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 535.709903] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:23 executing program 0 (fault-call:2 fault-nth:89): fork() fork() fork() 04:17:23 executing program 1: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) 04:17:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, 0x0) 04:17:23 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) socketpair(0x11, 0x2, 0xcda, &(0x7f0000000080)={0xffffffffffffffff}) accept4$x25(r2, &(0x7f00000000c0), &(0x7f0000000400)=0x2a, 0x2008cfdb25306b2b) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x0, 0x0) r5 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) setsockopt$X25_QBITINCL(r4, 0x106, 0x1, &(0x7f0000000100)=0x1, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r5) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) ioctl$sock_x25_SIOCDELRT(r6, 0x890c, &(0x7f00000001c0)={@null=' \x00', 0x1, 'syzkaller1\x00'}) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000180)) ioctl$SIOCX25GFACILITIES(r1, 0x89e2, &(0x7f0000000000)) 04:17:23 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000400)={@null=' \x00', 0xf, 'macvlan1\x00'}) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0x0, 0x0) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x60, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={@remote={[], 0x1}, 0xd, 'syz_tun\x00'}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00', r2) ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000180)={0x1, 0xeba, 0xa81e, 0x800, r2}) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r4) ioctl$vim2m_VIDIOC_PREPARE_BUF(r4, 0xc058565d, &(0x7f00000001c0)={0x401, 0x2, 0x4, 0x2000, 0x43, {}, {0x5, 0xc, 0x1, 0x5, 0x3, 0x9, "baf77c20"}, 0x20, 0x1, @userptr=0x1, 0x7ff, 0x0, r3}) [ 535.767719] FAULT_INJECTION: forcing a failure. [ 535.767719] name fail_page_alloc, interval 1, probability 0, space 0, times 0 04:17:23 executing program 1: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) [ 535.818123] CPU: 0 PID: 15494 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 535.826037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.835583] Call Trace: [ 535.838189] dump_stack+0x1b2/0x281 [ 535.841820] should_fail.cold+0x10a/0x149 [ 535.845978] __alloc_pages_nodemask+0x22c/0x2720 [ 535.850785] ? is_bpf_text_address+0xb8/0x150 [ 535.855300] ? kernel_text_address+0xbd/0xf0 [ 535.859727] ? __kernel_text_address+0x9/0x30 [ 535.864231] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 535.869709] ? trace_hardirqs_on+0x10/0x10 [ 535.873948] ? trace_hardirqs_on+0x10/0x10 [ 535.878195] ? kasan_kmalloc+0x139/0x160 [ 535.882260] ? copy_page_range+0xfcb/0x2630 [ 535.886584] alloc_pages_current+0x155/0x260 [ 535.891008] pte_alloc_one+0x15/0x100 [ 535.894906] __pte_alloc+0x25/0x2c0 [ 535.898539] copy_page_range+0x1788/0x2630 [ 535.902816] ? apply_to_page_range+0xa60/0xa60 [ 535.902920] FAULT_INJECTION: forcing a failure. 04:17:23 executing program 1: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) [ 535.902920] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 535.907399] ? validate_mm_rb+0x3a/0xa0 [ 535.907414] copy_process.part.0+0x4df8/0x71c0 [ 535.907441] ? __cleanup_sighand+0x40/0x40 [ 535.907452] ? lock_downgrade+0x740/0x740 [ 535.907467] _do_fork+0x184/0xc80 [ 535.907480] ? fork_idle+0x270/0x270 [ 535.907491] ? fput+0xb/0x140 [ 535.907505] ? SyS_write+0x14d/0x210 [ 535.951157] ? SyS_read+0x210/0x210 [ 535.954791] ? __do_page_fault+0x159/0xad0 [ 535.959025] ? do_syscall_64+0x4c/0x640 [ 535.962992] ? kernel_thread+0x40/0x40 04:17:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, 0x0) 04:17:23 executing program 3: socketpair(0x11, 0x0, 0xcda, &(0x7f0000000080)) [ 535.966882] do_syscall_64+0x1d5/0x640 [ 535.970776] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 535.975964] RIP: 0033:0x465f69 [ 535.979148] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 535.986958] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 535.994255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 536.001527] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.009321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.016593] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 536.067914] CPU: 1 PID: 15507 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 536.075849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.085296] Call Trace: [ 536.087891] dump_stack+0x1b2/0x281 [ 536.091527] should_fail.cold+0x10a/0x149 [ 536.095699] __alloc_pages_nodemask+0x22c/0x2720 [ 536.100466] ? is_bpf_text_address+0xb8/0x150 [ 536.104973] ? kernel_text_address+0xbd/0xf0 [ 536.109383] ? __kernel_text_address+0x9/0x30 [ 536.113881] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 536.118727] ? trace_hardirqs_on+0x10/0x10 [ 536.122962] ? trace_hardirqs_on+0x10/0x10 [ 536.127204] ? kasan_kmalloc+0x139/0x160 [ 536.131268] ? copy_page_range+0xfcb/0x2630 [ 536.135594] alloc_pages_current+0x155/0x260 [ 536.140010] pte_alloc_one+0x15/0x100 [ 536.143813] __pte_alloc+0x25/0x2c0 [ 536.147442] copy_page_range+0x1788/0x2630 [ 536.151696] ? apply_to_page_range+0xa60/0xa60 [ 536.156273] ? validate_mm_rb+0x3a/0xa0 [ 536.160259] copy_process.part.0+0x4df8/0x71c0 [ 536.164861] ? __cleanup_sighand+0x40/0x40 [ 536.169103] ? lock_downgrade+0x740/0x740 [ 536.173280] _do_fork+0x184/0xc80 [ 536.176766] ? fork_idle+0x270/0x270 [ 536.180483] ? fput+0xb/0x140 [ 536.183594] ? SyS_write+0x14d/0x210 [ 536.187323] ? SyS_read+0x210/0x210 [ 536.187731] FAULT_INJECTION: forcing a failure. [ 536.187731] name failslab, interval 1, probability 0, space 0, times 0 [ 536.190951] ? __do_page_fault+0x159/0xad0 [ 536.190963] ? do_syscall_64+0x4c/0x640 [ 536.190978] ? kernel_thread+0x40/0x40 04:17:23 executing program 5 (fault-call:0 fault-nth:92): fork() 04:17:23 executing program 1: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) [ 536.215308] do_syscall_64+0x1d5/0x640 [ 536.219207] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 536.224410] RIP: 0033:0x465f69 [ 536.227693] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 536.235403] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 536.242670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 536.249961] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.257224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 04:17:23 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x781f00, 0x0) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={@null=' \x00', 0x0, 'ip6gretap0\x00'}) 04:17:23 executing program 0 (fault-call:2 fault-nth:90): fork() fork() fork() 04:17:23 executing program 4: ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, 0x0) [ 536.264505] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 536.272389] CPU: 0 PID: 15530 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 536.280274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.289660] Call Trace: [ 536.292254] dump_stack+0x1b2/0x281 [ 536.295885] should_fail.cold+0x10a/0x149 [ 536.300056] should_failslab+0xd6/0x130 [ 536.304036] kmem_cache_alloc+0x28e/0x3c0 [ 536.308191] ptlock_alloc+0x1d/0x70 [ 536.311827] pte_alloc_one+0x57/0x100 [ 536.315631] __pte_alloc+0x25/0x2c0 [ 536.319264] copy_page_range+0x1788/0x2630 [ 536.323518] ? apply_to_page_range+0xa60/0xa60 [ 536.328104] ? validate_mm_rb+0x3a/0xa0 [ 536.332178] copy_process.part.0+0x4df8/0x71c0 [ 536.336776] ? __cleanup_sighand+0x40/0x40 [ 536.341012] ? lock_downgrade+0x740/0x740 [ 536.345164] _do_fork+0x184/0xc80 [ 536.348629] ? fork_idle+0x270/0x270 [ 536.352348] ? fput+0xb/0x140 [ 536.355455] ? SyS_write+0x14d/0x210 [ 536.359281] ? SyS_read+0x210/0x210 [ 536.362912] ? __do_page_fault+0x159/0xad0 [ 536.367195] ? do_syscall_64+0x4c/0x640 [ 536.371178] ? kernel_thread+0x40/0x40 [ 536.375090] do_syscall_64+0x1d5/0x640 [ 536.379000] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 536.384188] RIP: 0033:0x465f69 [ 536.387378] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 536.395179] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 536.402451] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 536.409744] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 04:17:23 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x781f00, 0x0) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={@null=' \x00', 0x0, 'ip6gretap0\x00'}) 04:17:23 executing program 4: ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, 0x0) 04:17:23 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x781f00, 0x0) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={@null=' \x00', 0x0, 'ip6gretap0\x00'}) 04:17:23 executing program 1: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) [ 536.412534] FAULT_INJECTION: forcing a failure. [ 536.412534] name failslab, interval 1, probability 0, space 0, times 0 [ 536.417016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.417023] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 04:17:23 executing program 5 (fault-call:0 fault-nth:93): fork() 04:17:23 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x781f00, 0x0) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={@null=' \x00', 0x0, 'ip6gretap0\x00'}) 04:17:23 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) socket$nl_generic(0x10, 0x3, 0x10) 04:17:23 executing program 4: ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, 0x0) 04:17:23 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) socket$nl_generic(0x10, 0x3, 0x10) 04:17:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, 0x0) [ 536.572505] CPU: 1 PID: 15538 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 536.579765] FAULT_INJECTION: forcing a failure. [ 536.579765] name failslab, interval 1, probability 0, space 0, times 0 [ 536.580422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.580427] Call Trace: [ 536.580445] dump_stack+0x1b2/0x281 [ 536.580459] should_fail.cold+0x10a/0x149 [ 536.580482] should_failslab+0xd6/0x130 [ 536.615493] kmem_cache_alloc+0x28e/0x3c0 [ 536.620365] copy_process.part.0+0x4ad1/0x71c0 [ 536.624973] ? __cleanup_sighand+0x40/0x40 [ 536.629212] ? lock_downgrade+0x740/0x740 [ 536.633377] _do_fork+0x184/0xc80 [ 536.636831] ? fork_idle+0x270/0x270 [ 536.640551] ? fput+0xb/0x140 [ 536.643657] ? SyS_write+0x14d/0x210 [ 536.647369] ? SyS_read+0x210/0x210 [ 536.650987] ? __do_page_fault+0x159/0xad0 [ 536.655225] ? do_syscall_64+0x4c/0x640 [ 536.659199] ? kernel_thread+0x40/0x40 [ 536.663086] do_syscall_64+0x1d5/0x640 [ 536.666981] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 536.672166] RIP: 0033:0x465f69 [ 536.675361] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 536.683067] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 536.690352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 536.697622] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.704902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.712260] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 536.719596] CPU: 0 PID: 15558 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 536.727495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.736845] Call Trace: [ 536.739442] dump_stack+0x1b2/0x281 [ 536.743096] should_fail.cold+0x10a/0x149 [ 536.747248] should_failslab+0xd6/0x130 [ 536.751226] kmem_cache_alloc+0x28e/0x3c0 [ 536.755380] ptlock_alloc+0x1d/0x70 [ 536.759011] pte_alloc_one+0x57/0x100 [ 536.762811] __pte_alloc+0x25/0x2c0 [ 536.767411] copy_page_range+0x1788/0x2630 [ 536.771670] ? apply_to_page_range+0xa60/0xa60 [ 536.776252] ? validate_mm_rb+0x3a/0xa0 [ 536.780262] copy_process.part.0+0x4df8/0x71c0 [ 536.784894] ? __cleanup_sighand+0x40/0x40 [ 536.789140] ? lock_downgrade+0x740/0x740 [ 536.793300] _do_fork+0x184/0xc80 [ 536.796765] ? fork_idle+0x270/0x270 [ 536.800489] ? fput+0xb/0x140 [ 536.803598] ? SyS_write+0x14d/0x210 [ 536.807313] ? SyS_read+0x210/0x210 [ 536.810949] ? __do_page_fault+0x159/0xad0 [ 536.815190] ? do_syscall_64+0x4c/0x640 [ 536.819167] ? kernel_thread+0x40/0x40 04:17:24 executing program 0 (fault-call:2 fault-nth:91): fork() fork() fork() 04:17:24 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) socket$nl_generic(0x10, 0x3, 0x10) 04:17:24 executing program 1: socketpair(0x11, 0x2, 0xcda, 0x0) 04:17:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, 0x0) 04:17:24 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x781f00, 0x0) [ 536.823072] do_syscall_64+0x1d5/0x640 [ 536.826970] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 536.832159] RIP: 0033:0x465f69 [ 536.835375] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 536.843085] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 536.850353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 536.857727] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.864995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 04:17:24 executing program 5 (fault-call:0 fault-nth:94): fork() [ 536.872480] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 04:17:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, 0x0) 04:17:24 executing program 1: socketpair(0x11, 0x2, 0xcda, 0x0) 04:17:24 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) 04:17:24 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:24 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, 0x0) [ 536.986806] FAULT_INJECTION: forcing a failure. [ 536.986806] name failslab, interval 1, probability 0, space 0, times 0 [ 537.001582] FAULT_INJECTION: forcing a failure. [ 537.001582] name fail_page_alloc, interval 1, probability 0, space 0, times 0 04:17:24 executing program 1: socketpair(0x11, 0x2, 0xcda, 0x0) [ 537.042856] CPU: 1 PID: 15594 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 537.050773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.060127] Call Trace: [ 537.062726] dump_stack+0x1b2/0x281 [ 537.066378] should_fail.cold+0x10a/0x149 [ 537.070530] should_failslab+0xd6/0x130 [ 537.074501] kmem_cache_alloc+0x28e/0x3c0 [ 537.078656] copy_process.part.0+0x4ad1/0x71c0 [ 537.083368] ? __cleanup_sighand+0x40/0x40 [ 537.087610] ? lock_downgrade+0x740/0x740 [ 537.091789] _do_fork+0x184/0xc80 [ 537.095246] ? fork_idle+0x270/0x270 [ 537.098965] ? fput+0xb/0x140 [ 537.102098] ? SyS_write+0x14d/0x210 [ 537.105815] ? SyS_read+0x210/0x210 [ 537.109438] ? __do_page_fault+0x159/0xad0 [ 537.113666] ? do_syscall_64+0x4c/0x640 [ 537.117635] ? kernel_thread+0x40/0x40 [ 537.121513] do_syscall_64+0x1d5/0x640 [ 537.125401] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 537.130584] RIP: 0033:0x465f69 [ 537.133775] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 537.141474] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 537.148733] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 537.155995] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 537.163261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.170545] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 537.177823] CPU: 0 PID: 15586 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 537.185711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.195064] Call Trace: [ 537.197666] dump_stack+0x1b2/0x281 [ 537.201331] should_fail.cold+0x10a/0x149 [ 537.205485] __alloc_pages_nodemask+0x22c/0x2720 [ 537.210279] ? is_bpf_text_address+0xb8/0x150 [ 537.214780] ? kernel_text_address+0xbd/0xf0 [ 537.219389] ? __kernel_text_address+0x9/0x30 [ 537.223892] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 537.228743] ? trace_hardirqs_on+0x10/0x10 [ 537.232979] ? trace_hardirqs_on+0x10/0x10 [ 537.237246] ? kasan_kmalloc+0x139/0x160 [ 537.241317] ? copy_page_range+0xfcb/0x2630 [ 537.245651] alloc_pages_current+0x155/0x260 [ 537.250093] pte_alloc_one+0x15/0x100 [ 537.253895] __pte_alloc+0x25/0x2c0 [ 537.257528] copy_page_range+0x1788/0x2630 [ 537.261805] ? apply_to_page_range+0xa60/0xa60 [ 537.266531] ? validate_mm_rb+0x3a/0xa0 [ 537.270517] copy_process.part.0+0x4df8/0x71c0 [ 537.275124] ? __cleanup_sighand+0x40/0x40 [ 537.279363] ? lock_downgrade+0x740/0x740 [ 537.283520] _do_fork+0x184/0xc80 [ 537.286981] ? fork_idle+0x270/0x270 [ 537.290800] ? fput+0xb/0x140 [ 537.293936] ? SyS_write+0x14d/0x210 [ 537.297754] ? SyS_read+0x210/0x210 [ 537.301385] ? __do_page_fault+0x159/0xad0 [ 537.305625] ? do_syscall_64+0x4c/0x640 [ 537.309599] ? kernel_thread+0x40/0x40 [ 537.313483] do_syscall_64+0x1d5/0x640 [ 537.317379] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 537.322567] RIP: 0033:0x465f69 [ 537.325779] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 537.333489] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 04:17:24 executing program 0 (fault-call:2 fault-nth:92): fork() fork() fork() 04:17:24 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:24 executing program 5 (fault-call:0 fault-nth:95): fork() 04:17:24 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, 0x0) 04:17:24 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) 04:17:24 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) [ 537.340780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 537.348048] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 537.355324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.362597] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:24 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, 0x0) 04:17:24 executing program 1: socketpair(0x11, 0x2, 0x0, &(0x7f0000000080)) 04:17:24 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:24 executing program 2: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) [ 537.466645] FAULT_INJECTION: forcing a failure. [ 537.466645] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 537.529393] FAULT_INJECTION: forcing a failure. [ 537.529393] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 537.546692] CPU: 0 PID: 15630 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 537.554594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.564041] Call Trace: [ 537.566662] dump_stack+0x1b2/0x281 [ 537.570312] should_fail.cold+0x10a/0x149 [ 537.574477] __alloc_pages_nodemask+0x22c/0x2720 04:17:24 executing program 2: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) [ 537.579342] ? is_bpf_text_address+0xb8/0x150 [ 537.584457] ? kernel_text_address+0xbd/0xf0 [ 537.588875] ? __kernel_text_address+0x9/0x30 [ 537.593402] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 537.598280] ? trace_hardirqs_on+0x10/0x10 [ 537.602525] ? trace_hardirqs_on+0x10/0x10 [ 537.606775] ? kasan_kmalloc+0x139/0x160 [ 537.610851] ? copy_page_range+0xfcb/0x2630 [ 537.615197] alloc_pages_current+0x155/0x260 [ 537.619632] pte_alloc_one+0x15/0x100 [ 537.623458] __pte_alloc+0x25/0x2c0 04:17:24 executing program 2: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) [ 537.627092] copy_page_range+0x1788/0x2630 [ 537.631366] ? apply_to_page_range+0xa60/0xa60 [ 537.635988] ? validate_mm_rb+0x3a/0xa0 [ 537.640003] copy_process.part.0+0x4df8/0x71c0 [ 537.644615] ? __cleanup_sighand+0x40/0x40 [ 537.648855] ? lock_downgrade+0x740/0x740 [ 537.653015] _do_fork+0x184/0xc80 [ 537.656474] ? fork_idle+0x270/0x270 [ 537.660202] ? fput+0xb/0x140 [ 537.663515] ? SyS_write+0x14d/0x210 [ 537.667230] ? SyS_read+0x210/0x210 [ 537.670865] ? __do_page_fault+0x159/0xad0 [ 537.675102] ? do_syscall_64+0x4c/0x640 [ 537.679121] ? kernel_thread+0x40/0x40 [ 537.683100] do_syscall_64+0x1d5/0x640 [ 537.687021] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 537.692298] RIP: 0033:0x465f69 [ 537.695487] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 537.703731] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 537.711016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 537.718291] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 537.725672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.732950] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 537.758201] CPU: 0 PID: 15633 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 537.766132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.775493] Call Trace: [ 537.778093] dump_stack+0x1b2/0x281 [ 537.781741] should_fail.cold+0x10a/0x149 [ 537.785902] __alloc_pages_nodemask+0x22c/0x2720 [ 537.790682] ? is_bpf_text_address+0xb8/0x150 [ 537.795177] ? kernel_text_address+0xbd/0xf0 [ 537.799588] ? __kernel_text_address+0x9/0x30 [ 537.804175] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 537.809106] ? trace_hardirqs_on+0x10/0x10 [ 537.813344] ? trace_hardirqs_on+0x10/0x10 [ 537.817596] ? kasan_kmalloc+0x139/0x160 [ 537.821662] ? copy_page_range+0xfcb/0x2630 [ 537.825992] alloc_pages_current+0x155/0x260 [ 537.830410] pte_alloc_one+0x15/0x100 [ 537.834392] __pte_alloc+0x25/0x2c0 [ 537.838027] copy_page_range+0x1788/0x2630 [ 537.842326] ? apply_to_page_range+0xa60/0xa60 [ 537.846911] ? validate_mm_rb+0x3a/0xa0 [ 537.850897] copy_process.part.0+0x4df8/0x71c0 [ 537.855527] ? __cleanup_sighand+0x40/0x40 [ 537.859768] ? lock_downgrade+0x740/0x740 [ 537.863939] _do_fork+0x184/0xc80 [ 537.867446] ? fork_idle+0x270/0x270 [ 537.871226] ? fput+0xb/0x140 [ 537.874337] ? SyS_write+0x14d/0x210 [ 537.878052] ? SyS_read+0x210/0x210 [ 537.881681] ? __do_page_fault+0x159/0xad0 [ 537.885930] ? do_syscall_64+0x4c/0x640 [ 537.890165] ? kernel_thread+0x40/0x40 [ 537.894056] do_syscall_64+0x1d5/0x640 [ 537.899265] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 537.904464] RIP: 0033:0x465f69 [ 537.907648] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 537.915389] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 537.922919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 04:17:25 executing program 0 (fault-call:2 fault-nth:93): fork() fork() fork() 04:17:25 executing program 4: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) recvfrom$phonet(r0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x23, 0x17, 0x1f, 0x3f}, 0x10) 04:17:25 executing program 2: syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) 04:17:25 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:25 executing program 5 (fault-call:0 fault-nth:96): fork() 04:17:25 executing program 1: socket(0x25, 0x1, 0x6) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r0) [ 537.930185] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 537.937449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.944728] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:25 executing program 4: r0 = getpid() fork() ptrace$peekuser(0x3, r0, 0x7fffffff) r1 = fork() r2 = getpid() tgkill(0x0, r2, 0x0) tgkill(r1, r2, 0x30) r3 = gettid() getpgrp(r3) ptrace$peekuser(0x3, r0, 0x0) 04:17:25 executing program 1: r0 = getpid() fork() ptrace$peekuser(0x3, r0, 0x7fffffff) r1 = fork() r2 = getpid() tgkill(0x0, r2, 0x0) tgkill(r1, r2, 0x30) r3 = gettid() getpgrp(r3) ptrace$peekuser(0x3, r0, 0x0) 04:17:25 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:25 executing program 2: syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) [ 538.031071] FAULT_INJECTION: forcing a failure. [ 538.031071] name failslab, interval 1, probability 0, space 0, times 0 04:17:25 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) [ 538.099656] CPU: 0 PID: 15669 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 538.107578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.118678] Call Trace: [ 538.121283] dump_stack+0x1b2/0x281 [ 538.124922] should_fail.cold+0x10a/0x149 [ 538.129088] should_failslab+0xd6/0x130 [ 538.133083] kmem_cache_alloc+0x28e/0x3c0 [ 538.137329] copy_process.part.0+0x4ad1/0x71c0 [ 538.141946] ? __cleanup_sighand+0x40/0x40 04:17:25 executing program 4: r0 = getpid() fork() ptrace$peekuser(0x3, r0, 0x7fffffff) r1 = fork() r2 = getpid() tgkill(0x0, r2, 0x0) tgkill(r1, r2, 0x30) r3 = gettid() getpgrp(r3) ptrace$peekuser(0x3, r0, 0x0) [ 538.146217] ? lock_downgrade+0x740/0x740 [ 538.150390] _do_fork+0x184/0xc80 [ 538.153858] ? fork_idle+0x270/0x270 [ 538.157581] ? fput+0xb/0x140 [ 538.160721] ? SyS_write+0x14d/0x210 [ 538.164444] ? SyS_read+0x210/0x210 [ 538.168159] ? __do_page_fault+0x159/0xad0 [ 538.172392] ? do_syscall_64+0x4c/0x640 [ 538.176368] ? kernel_thread+0x40/0x40 [ 538.180278] do_syscall_64+0x1d5/0x640 [ 538.184179] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 538.189399] RIP: 0033:0x465f69 [ 538.192590] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 538.200295] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 538.207564] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 538.214832] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 538.222125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 538.229417] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 538.238473] FAULT_INJECTION: forcing a failure. [ 538.238473] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 538.267069] CPU: 0 PID: 15673 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 538.275248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.285408] Call Trace: [ 538.288012] dump_stack+0x1b2/0x281 [ 538.291646] should_fail.cold+0x10a/0x149 [ 538.295803] __alloc_pages_nodemask+0x22c/0x2720 [ 538.300569] ? is_bpf_text_address+0xb8/0x150 [ 538.305101] ? kernel_text_address+0xbd/0xf0 [ 538.309511] ? __kernel_text_address+0x9/0x30 [ 538.314028] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 538.319040] ? trace_hardirqs_on+0x10/0x10 [ 538.323276] ? trace_hardirqs_on+0x10/0x10 [ 538.327515] ? kasan_kmalloc+0x139/0x160 [ 538.331671] ? copy_page_range+0xfcb/0x2630 [ 538.335994] alloc_pages_current+0x155/0x260 [ 538.340417] pte_alloc_one+0x15/0x100 [ 538.344226] __pte_alloc+0x25/0x2c0 [ 538.347855] copy_page_range+0x1788/0x2630 [ 538.352120] ? apply_to_page_range+0xa60/0xa60 [ 538.356713] ? validate_mm_rb+0x3a/0xa0 [ 538.360696] copy_process.part.0+0x4df8/0x71c0 [ 538.365306] ? __cleanup_sighand+0x40/0x40 [ 538.369588] ? lock_downgrade+0x740/0x740 [ 538.373755] _do_fork+0x184/0xc80 [ 538.377216] ? fork_idle+0x270/0x270 [ 538.380934] ? fput+0xb/0x140 [ 538.384041] ? SyS_write+0x14d/0x210 [ 538.387755] ? SyS_read+0x210/0x210 [ 538.391383] ? __do_page_fault+0x159/0xad0 [ 538.395647] ? do_syscall_64+0x4c/0x640 [ 538.399630] ? kernel_thread+0x40/0x40 [ 538.403522] do_syscall_64+0x1d5/0x640 [ 538.407417] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 538.412636] RIP: 0033:0x465f69 04:17:25 executing program 0 (fault-call:2 fault-nth:94): fork() fork() fork() 04:17:25 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:25 executing program 4: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:25 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f0000000080)={0x9, @remote}, &(0x7f00000000c0)=0x12, 0x80400) ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000000100)={0x6, 0x100, 0x99, 0x0, 0x3, 0x28, 0x10, "f855fc379dbc129020077b7ecb747e47eb8caa4c", "b8ed99657844d045ad4685942c1d67cb6152f1b8"}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$SIOCX25SDTEFACILITIES(r2, 0x89eb, &(0x7f0000000000)={0x4, 0x0, 0x20, 0x2, 0x20, 0x1b, 0xf, "2a70c01aa5d057efd8665a9e4a7cebed6a033358", "ace447e53cb6c3610842df84410313103133d1b1"}) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) 04:17:25 executing program 2: syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x8000000, 'ip_vti0\x00'}) 04:17:25 executing program 5 (fault-call:0 fault-nth:97): fork() [ 538.415870] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 538.423588] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 538.430866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 538.438145] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 538.445505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 538.452784] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:25 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f0000000080)={0x9, @remote}, &(0x7f00000000c0)=0x12, 0x80400) ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000000100)={0x6, 0x100, 0x99, 0x0, 0x3, 0x28, 0x10, "f855fc379dbc129020077b7ecb747e47eb8caa4c", "b8ed99657844d045ad4685942c1d67cb6152f1b8"}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$SIOCX25SDTEFACILITIES(r2, 0x89eb, &(0x7f0000000000)={0x4, 0x0, 0x20, 0x2, 0x20, 0x1b, 0xf, "2a70c01aa5d057efd8665a9e4a7cebed6a033358", "ace447e53cb6c3610842df84410313103133d1b1"}) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) 04:17:25 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:25 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, 0x0) 04:17:25 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000000)={@remote={[], 0x2}, 0xc, 'wg0\x00'}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000100)=""/131, 0x83, 0x2162, &(0x7f00000001c0)={0x23, 0x17, 0x1f, 0x3f}, 0x10) [ 538.547479] FAULT_INJECTION: forcing a failure. [ 538.547479] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 538.585593] FAULT_INJECTION: forcing a failure. [ 538.585593] name failslab, interval 1, probability 0, space 0, times 0 [ 538.622515] CPU: 1 PID: 15715 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 538.630432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.639784] Call Trace: [ 538.642394] dump_stack+0x1b2/0x281 [ 538.646021] should_fail.cold+0x10a/0x149 [ 538.650167] __alloc_pages_nodemask+0x22c/0x2720 [ 538.654930] ? is_bpf_text_address+0xb8/0x150 [ 538.659421] ? kernel_text_address+0xbd/0xf0 [ 538.663826] ? __kernel_text_address+0x9/0x30 [ 538.668320] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 538.673155] ? trace_hardirqs_on+0x10/0x10 [ 538.677500] ? trace_hardirqs_on+0x10/0x10 [ 538.681746] ? kasan_kmalloc+0x139/0x160 [ 538.685807] ? copy_page_range+0xfcb/0x2630 [ 538.690128] alloc_pages_current+0x155/0x260 [ 538.694532] pte_alloc_one+0x15/0x100 [ 538.698326] __pte_alloc+0x25/0x2c0 [ 538.701949] copy_page_range+0x1788/0x2630 [ 538.706208] ? apply_to_page_range+0xa60/0xa60 [ 538.710785] ? validate_mm_rb+0x3a/0xa0 [ 538.715017] copy_process.part.0+0x4df8/0x71c0 [ 538.719622] ? __cleanup_sighand+0x40/0x40 [ 538.723905] ? lock_downgrade+0x740/0x740 [ 538.728138] _do_fork+0x184/0xc80 [ 538.732644] ? fork_idle+0x270/0x270 [ 538.736461] ? fput+0xb/0x140 [ 538.739567] ? SyS_write+0x14d/0x210 [ 538.743275] ? SyS_read+0x210/0x210 [ 538.746908] ? __do_page_fault+0x159/0xad0 [ 538.751133] ? do_syscall_64+0x4c/0x640 [ 538.755100] ? kernel_thread+0x40/0x40 [ 538.758990] do_syscall_64+0x1d5/0x640 [ 538.762901] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 538.769126] RIP: 0033:0x465f69 04:17:26 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, 0x0) 04:17:26 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), 0x0) [ 538.772396] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 538.780102] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 538.787367] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 538.794637] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 538.801912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 538.811269] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 538.818553] CPU: 0 PID: 15713 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 538.826447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.835832] Call Trace: [ 538.838622] dump_stack+0x1b2/0x281 [ 538.842435] should_fail.cold+0x10a/0x149 [ 538.846641] should_failslab+0xd6/0x130 [ 538.850806] kmem_cache_alloc+0x28e/0x3c0 [ 538.854961] ptlock_alloc+0x1d/0x70 [ 538.858602] pte_alloc_one+0x57/0x100 [ 538.862401] __pte_alloc+0x25/0x2c0 [ 538.866033] copy_page_range+0x1788/0x2630 [ 538.870293] ? apply_to_page_range+0xa60/0xa60 [ 538.874883] ? validate_mm_rb+0x3a/0xa0 [ 538.878902] copy_process.part.0+0x4df8/0x71c0 [ 538.883679] ? __cleanup_sighand+0x40/0x40 [ 538.887968] ? lock_downgrade+0x740/0x740 [ 538.892154] _do_fork+0x184/0xc80 [ 538.895616] ? fork_idle+0x270/0x270 [ 538.899335] ? fput+0xb/0x140 [ 538.902472] ? SyS_write+0x14d/0x210 [ 538.906277] ? SyS_read+0x210/0x210 [ 538.909946] ? __do_page_fault+0x159/0xad0 [ 538.914191] ? do_syscall_64+0x4c/0x640 [ 538.918167] ? kernel_thread+0x40/0x40 [ 538.922061] do_syscall_64+0x1d5/0x640 [ 538.925960] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 538.931152] RIP: 0033:0x465f69 [ 538.934338] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 538.942084] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 538.949358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 538.956639] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 538.963908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 04:17:26 executing program 0 (fault-call:2 fault-nth:95): fork() fork() fork() 04:17:26 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x82}) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f00000002c0)=@usbdevfs_connect={0x6}) 04:17:26 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000040)) [ 538.971180] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 539.081248] FAULT_INJECTION: forcing a failure. [ 539.081248] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 539.101367] CPU: 0 PID: 15747 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 539.109285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.118663] Call Trace: [ 539.121260] dump_stack+0x1b2/0x281 [ 539.124983] should_fail.cold+0x10a/0x149 [ 539.129138] __alloc_pages_nodemask+0x22c/0x2720 [ 539.134439] ? is_bpf_text_address+0xb8/0x150 [ 539.138940] ? kernel_text_address+0xbd/0xf0 [ 539.143531] ? __kernel_text_address+0x9/0x30 [ 539.148588] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 539.153436] ? trace_hardirqs_on+0x10/0x10 [ 539.157667] ? trace_hardirqs_on+0x10/0x10 [ 539.161907] ? kasan_kmalloc+0x139/0x160 [ 539.165980] ? copy_page_range+0xfcb/0x2630 [ 539.170312] alloc_pages_current+0x155/0x260 [ 539.174758] pte_alloc_one+0x15/0x100 [ 539.178557] __pte_alloc+0x25/0x2c0 [ 539.182186] copy_page_range+0x1788/0x2630 [ 539.186474] ? apply_to_page_range+0xa60/0xa60 [ 539.191048] ? validate_mm_rb+0x3a/0xa0 [ 539.195024] copy_process.part.0+0x4df8/0x71c0 [ 539.199662] ? __cleanup_sighand+0x40/0x40 [ 539.203888] ? lock_downgrade+0x740/0x740 [ 539.208075] _do_fork+0x184/0xc80 [ 539.211530] ? fork_idle+0x270/0x270 [ 539.215238] ? fput+0xb/0x140 [ 539.218355] ? SyS_write+0x14d/0x210 [ 539.222061] ? SyS_read+0x210/0x210 [ 539.225692] ? __do_page_fault+0x159/0xad0 04:17:26 executing program 5 (fault-call:0 fault-nth:98): fork() 04:17:26 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) 04:17:26 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, 0x0) 04:17:26 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000040)) [ 539.229912] ? do_syscall_64+0x4c/0x640 [ 539.233963] ? kernel_thread+0x40/0x40 [ 539.237845] do_syscall_64+0x1d5/0x640 [ 539.241739] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 539.247026] RIP: 0033:0x465f69 [ 539.250212] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 539.257992] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 539.266294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 539.273564] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 04:17:26 executing program 0 (fault-call:2 fault-nth:96): fork() fork() fork() [ 539.280851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 539.288102] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:26 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) 04:17:26 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) [ 539.364493] FAULT_INJECTION: forcing a failure. [ 539.364493] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 539.385164] CPU: 0 PID: 15771 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 539.393153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.402515] Call Trace: [ 539.406252] dump_stack+0x1b2/0x281 [ 539.409911] should_fail.cold+0x10a/0x149 [ 539.414075] __alloc_pages_nodemask+0x22c/0x2720 [ 539.418847] ? is_bpf_text_address+0xb8/0x150 [ 539.423344] ? kernel_text_address+0xbd/0xf0 [ 539.427746] ? __kernel_text_address+0x9/0x30 [ 539.430334] FAULT_INJECTION: forcing a failure. [ 539.430334] name failslab, interval 1, probability 0, space 0, times 0 [ 539.432249] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 539.432261] ? trace_hardirqs_on+0x10/0x10 [ 539.432270] ? trace_hardirqs_on+0x10/0x10 [ 539.432288] ? kasan_kmalloc+0x139/0x160 [ 539.460916] ? copy_page_range+0xfcb/0x2630 [ 539.465653] alloc_pages_current+0x155/0x260 [ 539.470164] pte_alloc_one+0x15/0x100 [ 539.473971] __pte_alloc+0x25/0x2c0 [ 539.477609] copy_page_range+0x1788/0x2630 [ 539.481873] ? apply_to_page_range+0xa60/0xa60 [ 539.486543] ? validate_mm_rb+0x3a/0xa0 [ 539.490532] copy_process.part.0+0x4df8/0x71c0 [ 539.495149] ? __cleanup_sighand+0x40/0x40 [ 539.499387] ? lock_downgrade+0x740/0x740 [ 539.503653] _do_fork+0x184/0xc80 [ 539.507139] ? fork_idle+0x270/0x270 [ 539.510858] ? fput+0xb/0x140 [ 539.513966] ? SyS_write+0x14d/0x210 [ 539.517680] ? SyS_read+0x210/0x210 [ 539.521321] ? __do_page_fault+0x159/0xad0 [ 539.525564] ? do_syscall_64+0x4c/0x640 [ 539.529545] ? kernel_thread+0x40/0x40 [ 539.533438] do_syscall_64+0x1d5/0x640 [ 539.537338] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 539.542665] RIP: 0033:0x465f69 [ 539.545850] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 539.554176] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 539.561451] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 539.568723] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 539.576023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 539.583297] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 [ 539.590587] CPU: 1 PID: 15772 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 539.598481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.607840] Call Trace: [ 539.610438] dump_stack+0x1b2/0x281 [ 539.614072] should_fail.cold+0x10a/0x149 [ 539.618259] should_failslab+0xd6/0x130 [ 539.622245] kmem_cache_alloc+0x28e/0x3c0 [ 539.626398] copy_process.part.0+0x4ad1/0x71c0 [ 539.631006] ? __cleanup_sighand+0x40/0x40 [ 539.635277] ? lock_downgrade+0x740/0x740 [ 539.639432] _do_fork+0x184/0xc80 [ 539.642976] ? fork_idle+0x270/0x270 [ 539.646693] ? fput+0xb/0x140 [ 539.649797] ? SyS_write+0x14d/0x210 [ 539.653513] ? SyS_read+0x210/0x210 [ 539.657146] ? __do_page_fault+0x159/0xad0 [ 539.661387] ? do_syscall_64+0x4c/0x640 04:17:26 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000040)) 04:17:26 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000040)) 04:17:26 executing program 5 (fault-call:0 fault-nth:99): fork() [ 539.665358] ? kernel_thread+0x40/0x40 [ 539.669268] do_syscall_64+0x1d5/0x640 [ 539.673164] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 539.678382] RIP: 0033:0x465f69 [ 539.681566] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 539.684451] FAULT_INJECTION: forcing a failure. [ 539.684451] name failslab, interval 1, probability 0, space 0, times 0 [ 539.689298] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 539.689304] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 539.689310] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 539.689315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 539.689321] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 539.757824] CPU: 0 PID: 15789 Comm: syz-executor.5 Not tainted 4.14.225-syzkaller #0 [ 539.765758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.775116] Call Trace: [ 539.777712] dump_stack+0x1b2/0x281 [ 539.781368] should_fail.cold+0x10a/0x149 [ 539.785526] should_failslab+0xd6/0x130 [ 539.789505] kmem_cache_alloc+0x28e/0x3c0 [ 539.793662] copy_process.part.0+0x4ad1/0x71c0 [ 539.798266] ? __cleanup_sighand+0x40/0x40 [ 539.802510] ? lock_downgrade+0x740/0x740 [ 539.806673] _do_fork+0x184/0xc80 [ 539.810131] ? fork_idle+0x270/0x270 [ 539.813850] ? fput+0xb/0x140 [ 539.816960] ? SyS_write+0x14d/0x210 [ 539.820673] ? SyS_read+0x210/0x210 [ 539.824336] ? __do_page_fault+0x159/0xad0 [ 539.828579] ? do_syscall_64+0x4c/0x640 [ 539.832560] ? kernel_thread+0x40/0x40 [ 539.836457] do_syscall_64+0x1d5/0x640 [ 539.840356] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 539.845544] RIP: 0033:0x465f69 [ 539.848731] RSP: 002b:00007fe2ed2b2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 04:17:27 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x82}) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f00000002c0)=@usbdevfs_connect={0x6}) 04:17:27 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000040)) 04:17:27 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:27 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) 04:17:27 executing program 0 (fault-call:2 fault-nth:97): fork() fork() fork() 04:17:27 executing program 5: syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x18400, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r1, &(0x7f00000000c0)="d9865dc0bad86f4fba09598589757bbd8ad5bf7d5ed1b4b6bdeacdf4eccc982b46e927d4ea27aee8a1aa9cdb51", &(0x7f0000000100)=""/4}, 0x20) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000000)=0x4) fork() gettid() [ 539.856452] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 539.863935] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 539.871273] RBP: 00007fe2ed2b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 539.878578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 539.885968] R13: 00007ffec11fd8cf R14: 00007fe2ed2b2300 R15: 0000000000022000 04:17:27 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000040)) 04:17:27 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) 04:17:27 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:27 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000040)) 04:17:27 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:27 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000), 0x4) [ 540.037661] FAULT_INJECTION: forcing a failure. [ 540.037661] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 540.110850] CPU: 1 PID: 15810 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 540.118872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.128236] Call Trace: [ 540.130843] dump_stack+0x1b2/0x281 [ 540.134493] should_fail.cold+0x10a/0x149 [ 540.138741] __alloc_pages_nodemask+0x22c/0x2720 [ 540.143511] ? is_bpf_text_address+0xb8/0x150 [ 540.148360] ? kernel_text_address+0xbd/0xf0 [ 540.152774] ? __kernel_text_address+0x9/0x30 [ 540.157293] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 540.162165] ? trace_hardirqs_on+0x10/0x10 [ 540.166517] ? trace_hardirqs_on+0x10/0x10 [ 540.170766] ? kasan_kmalloc+0x139/0x160 [ 540.174838] ? copy_page_range+0xfcb/0x2630 [ 540.179634] alloc_pages_current+0x155/0x260 [ 540.184061] pte_alloc_one+0x15/0x100 [ 540.187866] __pte_alloc+0x25/0x2c0 [ 540.192211] copy_page_range+0x1788/0x2630 [ 540.196465] ? apply_to_page_range+0xa60/0xa60 [ 540.201073] ? validate_mm_rb+0x3a/0xa0 [ 540.205081] copy_process.part.0+0x4df8/0x71c0 [ 540.209696] ? __cleanup_sighand+0x40/0x40 [ 540.214030] ? lock_downgrade+0x740/0x740 [ 540.218190] _do_fork+0x184/0xc80 [ 540.221651] ? fork_idle+0x270/0x270 [ 540.225370] ? fput+0xb/0x140 [ 540.228480] ? SyS_write+0x14d/0x210 [ 540.232295] ? SyS_read+0x210/0x210 [ 540.235929] ? __do_page_fault+0x159/0xad0 [ 540.240169] ? do_syscall_64+0x4c/0x640 [ 540.244168] ? kernel_thread+0x40/0x40 [ 540.248063] do_syscall_64+0x1d5/0x640 [ 540.252000] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 540.257305] RIP: 0033:0x465f69 [ 540.260615] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 540.270859] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 540.278134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 540.285414] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 540.292697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 540.299952] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:28 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x82}) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f00000002c0)=@usbdevfs_connect={0x6}) 04:17:28 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:28 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000040)) 04:17:28 executing program 5: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{}, {}, {0x0}]}) ioctl$DRM_IOCTL_RM_CTX(0xffffffffffffffff, 0xc0086421, &(0x7f0000000080)={r0, 0x1}) fork() 04:17:28 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:28 executing program 0 (fault-call:2 fault-nth:98): fork() fork() fork() 04:17:28 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:28 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000040)) 04:17:28 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:28 executing program 5: fork() r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) [ 540.846614] FAULT_INJECTION: forcing a failure. [ 540.846614] name failslab, interval 1, probability 0, space 0, times 0 [ 540.920176] CPU: 0 PID: 15856 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 540.928091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.937445] Call Trace: [ 540.940041] dump_stack+0x1b2/0x281 [ 540.943679] should_fail.cold+0x10a/0x149 [ 540.947836] should_failslab+0xd6/0x130 [ 540.951817] kmem_cache_alloc+0x28e/0x3c0 [ 540.955971] ptlock_alloc+0x1d/0x70 [ 540.959603] pte_alloc_one+0x57/0x100 [ 540.963435] __pte_alloc+0x25/0x2c0 [ 540.967076] copy_page_range+0x1788/0x2630 [ 540.971334] ? apply_to_page_range+0xa60/0xa60 [ 540.975924] ? validate_mm_rb+0x3a/0xa0 [ 540.979938] copy_process.part.0+0x4df8/0x71c0 [ 540.984544] ? __cleanup_sighand+0x40/0x40 [ 540.988786] ? lock_downgrade+0x740/0x740 [ 540.993041] _do_fork+0x184/0xc80 [ 540.996506] ? fork_idle+0x270/0x270 [ 541.000244] ? fput+0xb/0x140 [ 541.003353] ? SyS_write+0x14d/0x210 [ 541.007076] ? SyS_read+0x210/0x210 [ 541.010714] ? __do_page_fault+0x159/0xad0 [ 541.014951] ? do_syscall_64+0x4c/0x640 [ 541.018928] ? kernel_thread+0x40/0x40 [ 541.022848] do_syscall_64+0x1d5/0x640 [ 541.026740] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 541.032127] RIP: 0033:0x465f69 [ 541.035319] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 541.043036] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 541.050315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 541.060106] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 04:17:28 executing program 2: setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) 04:17:28 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0) [ 541.067375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 541.074674] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 541.133171] Bluetooth: hci3 command 0x0401 tx timeout 04:17:28 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x82}) 04:17:28 executing program 0 (fault-call:2 fault-nth:99): fork() fork() fork() 04:17:28 executing program 2: setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) 04:17:28 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:28 executing program 5: ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100000001, 0x80) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000040)=0x200, 0x4) fork() 04:17:28 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0) 04:17:28 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:28 executing program 2: setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) 04:17:29 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0) 04:17:29 executing program 5: fork() r0 = userfaultfd(0x800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) [ 541.753599] FAULT_INJECTION: forcing a failure. [ 541.753599] name failslab, interval 1, probability 0, space 0, times 0 [ 541.809263] CPU: 1 PID: 15908 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 541.817177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.826534] Call Trace: [ 541.829134] dump_stack+0x1b2/0x281 [ 541.832856] should_fail.cold+0x10a/0x149 [ 541.837099] should_failslab+0xd6/0x130 [ 541.842417] kmem_cache_alloc+0x28e/0x3c0 [ 541.846581] copy_process.part.0+0x4ad1/0x71c0 [ 541.851187] ? __cleanup_sighand+0x40/0x40 [ 541.855462] ? lock_downgrade+0x740/0x740 [ 541.859629] _do_fork+0x184/0xc80 [ 541.863133] ? fork_idle+0x270/0x270 [ 541.866854] ? fput+0xb/0x140 [ 541.869970] ? SyS_write+0x14d/0x210 [ 541.873713] ? SyS_read+0x210/0x210 [ 541.877433] ? __do_page_fault+0x159/0xad0 [ 541.881674] ? do_syscall_64+0x4c/0x640 [ 541.885656] ? kernel_thread+0x40/0x40 [ 541.889553] do_syscall_64+0x1d5/0x640 [ 541.893454] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 541.898651] RIP: 0033:0x465f69 [ 541.901871] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 04:17:29 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:29 executing program 3: setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) [ 541.910045] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 541.917317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 541.924609] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 541.931880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 541.939157] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:17:29 executing program 1: fork() r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:29 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) 04:17:29 executing program 3: setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:29 executing program 5: sched_setaffinity(0xffffffffffffffff, 0x8, &(0x7f0000000000)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x4) fork() 04:17:29 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:29 executing program 0: fork() fork() fork() ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000000)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 04:17:29 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) 04:17:29 executing program 3: setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:29 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="63c5", @ANYRES16=r1, @ANYBLOB="00042cbd7000ffdbdf255400000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990007000000120000000a000600ffffffffffff00000a00060008021100000000000a00060008021100000100000a000600ffffffffffff00000a00060008021100000000000a000600ffffffffffff0000"], 0x70}, 0x1, 0x0, 0x0, 0x4001}, 0x40011) fork() 04:17:29 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) 04:17:29 executing program 0: r0 = fork() fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x3f) fork() getpid() r1 = fork() gettid() ptrace$peekuser(0x3, r1, 0x90) 04:17:30 executing program 1: fork() r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:30 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:30 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x82}) 04:17:30 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000040)={0x3, 0x5, 0x4, 0x70000, 0x4, {}, {0x4, 0xc, 0x0, 0x7f, 0x2, 0x4, "fa7fcac6"}, 0x1000, 0x3, @planes=&(0x7f00000000c0)={0xabb7, 0x4, @fd=r0, 0x5}, 0xffffffff, 0x0, r0}) 04:17:30 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) [ 543.213207] Bluetooth: hci3 command 0x0401 tx timeout 04:17:30 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:30 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x33, 0x500) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0]}) r1 = fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000180)={0x0}, &(0x7f0000000140)=0xfffffffffffffcb6) r5 = getpgid(r1) tgkill(r4, r5, 0x2f) 04:17:30 executing program 1: fork() r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:30 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:17:30 executing program 0: fork() getpid() fork() getpid() fork() 04:17:30 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:30 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:30 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00082dbd7000fcdbdf2553000000080003000f630a933fb25b2e4900896959df5c1271be9f8752764ee39534c3a26899552610cdb5ea8160345123e3c10a619248f83900ec4c10de18d81eaa7df8a25d937a6418a79d00b5a5bf48395f30931845cd016dec349ab884d9bc", @ANYRES32=r1, @ANYBLOB="0c0099000800000049000000"], 0x28}, 0x1, 0x0, 0x0, 0x4048080}, 0x0) fork() 04:17:30 executing program 1: fork() syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) 04:17:30 executing program 2: fork() getpid() fork() getpid() fork() 04:17:30 executing program 0: recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/187, 0xbb, 0x0, 0x0, 0x0) fork() fork() fork() 04:17:30 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:30 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:30 executing program 1: syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) 04:17:30 executing program 5: getresgid(&(0x7f00000000c0), &(0x7f0000000040)=0x0, &(0x7f0000000080)) setgid(r0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000100)=0xc) fork() ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f00000001c0)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x4000}) getresgid(&(0x7f0000000180), &(0x7f0000000140), &(0x7f0000000200)) 04:17:31 executing program 1: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) 04:17:31 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:31 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 04:17:31 executing program 0: fork() getrlimit(0x6, &(0x7f0000000280)) getpgid(0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r0, &(0x7f0000000000)="832688703ff62e0ac36583e02cc637b43b2e2d253d929be863618eb983663ecc6324eb4740031873c6f671c02018b62a74f9adb1469fa8468531a22336fb7674494b19e2c74dc5f3a92b4dafa440416522ed659375215aa13eeb5aa4624cddbbe5cfc559b20104b88fd7e30b7489dbc871e86bfff7af7fa6112ce9cdd12d90c20438b97f47f1d443b184b68e0135cd53202e005f59020a657bcd407d03c30c0a63a13ddc4d671defbad9539d", &(0x7f00000000c0)=""/226}, 0x20) r1 = fork() fork() gettid() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) bpf$MAP_CREATE(0x0, &(0x7f0000000240)={0x1c, 0xfffffffb, 0x3, 0x9, 0x40, r2, 0x23b, [], 0x0, r3, 0x1, 0x2, 0x3}, 0x40) getpgrp(r1) 04:17:31 executing program 5: syz_init_net_socket$x25(0x9, 0x5, 0x0) clock_getres(0x6, &(0x7f0000000100)) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x4) r0 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x5, &(0x7f0000000080)=[{}, {}, {}, {}, {}]}) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}) 04:17:31 executing program 3: recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/187, 0xbb, 0x0, 0x0, 0x0) fork() fork() fork() 04:17:31 executing program 2: fork() getpid() fork() getpid() fork() 04:17:31 executing program 1: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) 04:17:31 executing program 5: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) fork() 04:17:31 executing program 1: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) 04:17:31 executing program 0: fork() r0 = fork() fork() tgkill(r0, r0, 0x41) 04:17:31 executing program 2: fork() getrlimit(0x6, &(0x7f0000000280)) getpgid(0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r0, &(0x7f0000000000)="832688703ff62e0ac36583e02cc637b43b2e2d253d929be863618eb983663ecc6324eb4740031873c6f671c02018b62a74f9adb1469fa8468531a22336fb7674494b19e2c74dc5f3a92b4dafa440416522ed659375215aa13eeb5aa4624cddbbe5cfc559b20104b88fd7e30b7489dbc871e86bfff7af7fa6112ce9cdd12d90c20438b97f47f1d443b184b68e0135cd53202e005f59020a657bcd407d03c30c0a63a13ddc4d671defbad9539d", &(0x7f00000000c0)=""/226}, 0x20) r1 = fork() fork() gettid() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) bpf$MAP_CREATE(0x0, &(0x7f0000000240)={0x1c, 0xfffffffb, 0x3, 0x9, 0x40, r2, 0x23b, [], 0x0, r3, 0x1, 0x2, 0x3}, 0x40) getpgrp(r1) 04:17:31 executing program 3: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) 04:17:32 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:32 executing program 5: fork() r0 = getpid() tgkill(0x0, r0, 0x0) ptrace$peekuser(0x3, r0, 0x9341) 04:17:32 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) fork() 04:17:32 executing program 0: fork() r0 = getpid() tgkill(0x0, r0, 0x0) tgkill(0xffffffffffffffff, r0, 0x7) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = fork() getpid() getpgid(r0) r3 = gettid() sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x7) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0xa9) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x1ff) fork() r4 = getpid() tgkill(0x0, r4, 0x0) tgkill(r4, r2, 0x13) gettid() fork() 04:17:32 executing program 3: recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/187, 0xbb, 0x0, 0x0, 0x0) fork() fork() fork() 04:17:32 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:32 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x1ff000000, 0x800) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000040)={0x0, @vbi={0x0, 0x1, 0x81, 0x34343452, [0x5, 0xe6d], [0xffff, 0x7], 0x1}}) fork() bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000140), 0x4) 04:17:32 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) fork() 04:17:32 executing program 2: fork() r0 = getpid() tgkill(0x0, r0, 0x0) ptrace$peekuser(0x3, r0, 0x9341) 04:17:32 executing program 0: fork() fork() r0 = fork() getpgid(r0) socket$inet6_dccp(0xa, 0x6, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) getsockopt$PNPIPE_INITSTATE(r1, 0x113, 0x4, &(0x7f0000000180), &(0x7f00000001c0)=0x4) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f0000000100)) getpgrp(r3) r4 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x4, 0x10200) ioctl$KVM_ASSIGN_PCI_DEVICE(r4, 0x8040ae69, &(0x7f0000000140)={0x401, 0x8000, 0x7, 0x5, 0x8d}) 04:17:32 executing program 3: fork() r0 = getpid() tgkill(0x0, r0, 0x0) tgkill(0xffffffffffffffff, r0, 0x7) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = fork() getpid() getpgid(r0) r3 = gettid() sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x7) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0xa9) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x1ff) fork() r4 = getpid() tgkill(0x0, r4, 0x0) tgkill(r4, r2, 0x13) gettid() fork() 04:17:32 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) fork() [ 545.295937] Bluetooth: hci3 command 0x0401 tx timeout 04:17:32 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:32 executing program 5: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = geteuid() mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>', r1}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:17:32 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x1ff000000, 0x800) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000040)={0x0, @vbi={0x0, 0x1, 0x81, 0x34343452, [0x5, 0xe6d], [0xffff, 0x7], 0x1}}) fork() bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000140), 0x4) 04:17:32 executing program 0: fork() fork() fork() gettid() 04:17:32 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) 04:17:32 executing program 3: fork() r0 = getpid() tgkill(0x0, r0, 0x0) tgkill(0xffffffffffffffff, r0, 0x7) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = fork() getpid() getpgid(r0) r3 = gettid() sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x7) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0xa9) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x1ff) fork() r4 = getpid() tgkill(0x0, r4, 0x0) tgkill(r4, r2, 0x13) gettid() fork() 04:17:33 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) 04:17:33 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) 04:17:33 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) 04:17:33 executing program 5: openat$vmci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vmci\x00', 0x2, 0x0) fork() getpgrp(0xffffffffffffffff) r0 = getpid() tgkill(0x0, r0, 0x0) getpgid(r0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x1, 0x14000) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xa0000) 04:17:33 executing program 0: fork() fork() r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000140)=0xc) fork() r1 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x7fffffff, 0x40080) ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000000180)={0x3, 0x6, 0x2, 0x40, 0x20, 0xd, 0x14, "df55596359d7c45399d9e343f7d22171d75b338d", "fd6bede1ce00b1304ec878b0eb138fa406d8f065"}) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ubi_ctrl\x00', 0x141200, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r5 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r4, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r3, 0x8, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4002000}, 0x0) 04:17:33 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) 04:17:33 executing program 5: fork() gettid() syz_usbip_server_init(0x3) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:33 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) 04:17:33 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) userfaultfd(0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:33 executing program 3: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) 04:17:33 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={&(0x7f0000000a00)='./file0\x00', 0x0, 0x10}, 0x10) 04:17:33 executing program 0: fork() fork() r0 = gettid() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x8) fork() 04:17:33 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:33 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) 04:17:33 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) [ 546.729823] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 546.735684] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) 04:17:34 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) 04:17:34 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) 04:17:34 executing program 0: fork() r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_PROTOCOLS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r0, 0x4, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0xc004}, 0x40044) fork() fork() [ 546.782951] vhci_hcd: connection closed [ 546.783282] vhci_hcd: stop threads [ 546.791230] vhci_hcd: release socket [ 546.810403] vhci_hcd: disconnect device 04:17:34 executing program 5: r0 = fork() getpgid(r0) fork() 04:17:34 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) [ 547.295602] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(3) [ 547.301789] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 547.312796] vhci_hcd: connection closed [ 547.313470] vhci_hcd: stop threads [ 547.322620] vhci_hcd: release socket [ 547.328187] vhci_hcd: disconnect device [ 547.378563] Bluetooth: hci3 command 0x0401 tx timeout 04:17:34 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:34 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) 04:17:34 executing program 0: fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) fork() fork() 04:17:34 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) 04:17:34 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:34 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x4, 0x180) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0]}) fork() syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00', 0xffffffffffffffff) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_DMA(r0, 0xc0406429, &(0x7f0000000340)={r1, 0x7, &(0x7f0000000240)=[0x2, 0x10fec0, 0x3ff, 0x90, 0xfffffbff, 0x3, 0x1], &(0x7f0000000280)=[0x400, 0x9, 0x1f, 0x3], 0x10, 0x6, 0x3, &(0x7f00000002c0)=[0xffff, 0x400, 0x0, 0x8000, 0x5, 0x8b], &(0x7f0000000300)=[0xffff7d22, 0x8, 0x0, 0x5, 0x4, 0x1, 0x5]}) 04:17:34 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) 04:17:34 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) 04:17:34 executing program 0: r0 = fork() fork() r1 = fork() tgkill(r1, r0, 0x7) 04:17:34 executing program 5: r0 = fork() r1 = getpgrp(r0) getpgid(r1) 04:17:35 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 04:17:35 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) 04:17:35 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) socket$can_raw(0x1d, 0x3, 0x1) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:35 executing program 0: r0 = fork() tgkill(r0, r0, 0x1b) fork() fork() 04:17:35 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) 04:17:35 executing program 5: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x402) 04:17:35 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:35 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) 04:17:35 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) 04:17:35 executing program 0: r0 = fork() fork() r1 = fork() r2 = getpid() tgkill(0x0, r2, 0x0) getpgrp(r1) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x414d82) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) getpgrp(r0) 04:17:35 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) 04:17:35 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) 04:17:35 executing program 5: fork() geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) 04:17:35 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:36 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:36 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000140)) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x84000, &(0x7f0000000080)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@access_user='access=user'}]}}) 04:17:36 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) 04:17:36 executing program 0: ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000000)) fork() fork() r0 = fork() fork() r1 = fork() tgkill(r0, r1, 0x34) fork() 04:17:36 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:36 executing program 1: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r0 = socket(0x18, 0x80000, 0x9) write$bt_hci(r0, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) 04:17:36 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) 04:17:36 executing program 5: ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_GET_CTX(0xffffffffffffffff, 0xc0086423, &(0x7f0000000100)={0x0, 0x6}) fork() ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 549.453233] Bluetooth: hci3 command 0x0401 tx timeout 04:17:36 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) 04:17:36 executing program 1: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r0 = socket(0x18, 0x80000, 0x9) write$bt_hci(r0, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) 04:17:36 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 04:17:36 executing program 0: fork() r0 = fork() r1 = getpid() tgkill(0x0, r1, 0x0) r2 = getpid() getpgrp(r0) tgkill(0x0, r2, 0x0) tgkill(r1, r2, 0x15) fork() fork() 04:17:37 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:37 executing program 5: r0 = fork() fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x6) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x16600, 0x0) ioctl$SIOCPNADDRESOURCE(r1, 0x89e0, &(0x7f0000000080)=0x979d) getpid() 04:17:37 executing program 1: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) socket(0x18, 0x80000, 0x9) 04:17:37 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:37 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) 04:17:37 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) 04:17:37 executing program 1: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) socket(0x18, 0x80000, 0x9) 04:17:37 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) 04:17:37 executing program 5: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x7ff) 04:17:37 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:37 executing program 1: socket(0x18, 0x80000, 0x9) [ 551.533213] Bluetooth: hci3 command 0x0401 tx timeout 04:17:39 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) 04:17:39 executing program 5: fork() socket(0x11, 0x3, 0x6) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$SIOCPNGETOBJECT(r0, 0x89e0, &(0x7f0000000000)=0x5) 04:17:39 executing program 1: socket(0x0, 0x80000, 0x9) 04:17:39 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) userfaultfd(0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:39 executing program 0: write$usbip_server(0xffffffffffffffff, &(0x7f0000000000)=@ret_submit={{0x3, 0x101, 0x0, 0x1, 0xffffff76}, 0x2, 0x9a, 0x8, 0xd3, 0x2, 0x0, "86a07c25cbefe88a95a44ac10e8eaed84e7d1f71433680fb372a06b6c68d74692e77b24c280bd0e2d3360bd21bba3aba07c88c32bcdaeaaa46f9c7506e73638afd0621fa175c588be211526dceac0c81dbe3bd2ee1fea781685ac26bbc50cebd58cc16e0dbd94ad4db9bf4e3c2203e2aa2fa0512219f54d842397e7bdf756b7314c9bbcf455cb71fe28070a44ef03881c7b8fd4549ceaa8a742d", [{0x40, 0x9, 0x936, 0x9}, {0x4, 0x5, 0x3, 0xee72}, {0x7, 0x5, 0x401, 0x7}, {0xffff, 0x23d, 0xffffce65, 0x1}, {0x3, 0xfd8a, 0x9, 0x92fb}, {0x80000000, 0xffffffff, 0xfffffffc, 0x800}, {0x5, 0x0, 0x6, 0x8}, {0x400, 0xfff, 0x0, 0x9}, {0x800, 0x0, 0x5, 0x3}, {0x6, 0x9, 0x43c, 0x5}, {0x4, 0x6db5, 0x5, 0xd4cd}, {0x4, 0x1f, 0xfff, 0x5}, {0x8, 0x5, 0x1ff}, {0x2, 0x3f, 0x5, 0x9}, {0x1a, 0x80000001, 0x8001, 0x8001}, {0x8001, 0xd645, 0x57046c77, 0xffffffff}, {0x5, 0x8001, 0xea6, 0xfffff160}, {0x7ff, 0x2, 0x4, 0xa7de}, {0x8000, 0x5b8, 0x8, 0x5}, {0x3f, 0x0, 0xa31, 0x7}, {0x8001, 0xa2, 0x1, 0x7fffffff}, {0x8, 0x8000, 0x8}, {0x1, 0x2, 0x40, 0x5}, {0x3, 0x7f, 0x0, 0xfff}, {0x2, 0xe9076c00, 0xb3, 0xfffffc73}, {0x2, 0x549, 0x1, 0x7}, {0x10000, 0x5, 0x2, 0x5}, {0x8001, 0x5, 0x48e, 0x9}, {0x2c0, 0x1, 0x20, 0x4}, {0x5, 0x71, 0x8}, {0x7fffffff, 0x80000001, 0x98, 0x101}, {0x1, 0xff, 0x8, 0x7318e737}, {0x7, 0x8, 0x0, 0x80}, {0x3, 0x8001, 0x7, 0x40c380d4}, {0xfffffff9, 0x3019fc08, 0x3, 0x99}, {0x0, 0x1ff, 0x3, 0xf}, {0x9, 0x0, 0x100, 0x776b}, {0x5, 0xffffffff, 0x1a667ef5}, {0x4, 0x4000000, 0xff, 0x59}, {0xac, 0x4c15, 0x6, 0x891}, {0x6, 0x1, 0x8, 0x5}, {0xffff0001, 0x7, 0xfffffffe, 0x6}, {0xff, 0x5, 0x3, 0x6}, {0x8, 0xffffff01, 0x6, 0xd6}, {0x8, 0x10000000, 0x6, 0x9}, {0x6, 0xffff, 0x7c, 0x80000000}, {0x1, 0x0, 0xdf, 0xe57}, {0x10000, 0x107, 0x7, 0x92c7}, {0x3, 0xfffffffb, 0x6, 0x3}, {0x0, 0x1, 0x2, 0x2}, {0x1ff, 0x6, 0x0, 0x5}, {0x80, 0x1c000, 0x3e, 0x9}, {0x3, 0xf9be, 0x6, 0xfffffffc}, {0x8, 0x4c, 0x3f, 0x7}, {0x8, 0x5, 0x1, 0x4e4}, {0x6, 0x1, 0x2, 0x1ff}, {0x3ff, 0x8000, 0x3, 0x3}, {0x10000, 0x7fffffff, 0xccc1, 0x10000}, {0x80, 0x3, 0x800, 0x54}, {0x216f, 0x1, 0x6, 0x2}, {0x1, 0x7ff, 0x3ff, 0x2}, {0x8, 0x80, 0x7, 0xa1b8}, {0x9, 0x0, 0xa5, 0x7fffffff}, {0x4, 0x9, 0x5, 0x8}, {0x1f7, 0x401, 0x401, 0xffffffff}, {0x20, 0x80, 0x8, 0x7fff}, {0x7, 0x81, 0xffffffff}, {0xfffff25f, 0x200, 0xff, 0x7fff}, {0x7fffffff, 0x6, 0x7, 0x1}, {0x9, 0x3, 0xff, 0x3}, {0x9189, 0x1f, 0x5, 0xfffff000}, {0x4, 0x7, 0x5, 0x3}, {0x8, 0x4, 0xfffffffb, 0x7fffffff}, {0x5, 0x7fff, 0x3, 0x3}, {0x9, 0x67, 0xfffffff9, 0x8}, {0x101, 0x8, 0x8000000, 0x5}, {0x3ff, 0x81, 0x101}, {0x3f, 0x52b9, 0x40000, 0x402}, {0x80, 0x7f, 0xfffffffc, 0x2}, {0x7, 0x3, 0x4, 0x3}, {0x8, 0x6, 0x5, 0xfffffff9}, {0xa72, 0xddd, 0x80000000, 0x5}, {0x6, 0x6}, {0x7, 0x1, 0x8, 0x80000}, {0xfffffff8, 0x1a5b, 0x6}, {0x69, 0x4, 0x1, 0x5}, {0x9, 0x40, 0x10000}, {0x20, 0x3, 0x0, 0x5}, {0x3e3a, 0x9, 0x9, 0xe2bb}, {0x0, 0x10001, 0x20, 0x1}, {0x98, 0x4, 0x7f, 0x7}, {0x80000000, 0x7, 0x7fffffff, 0x3}, {0x2, 0xaeb, 0xfffffffc, 0x7}, {0x59, 0x2, 0xfffffffc, 0x7}, {0xe0000000, 0x8, 0xff, 0x8}, {0x80000001, 0x1, 0x2, 0x4}, {0xffffffff, 0x2, 0x2, 0x4}, {0x5, 0x1, 0xc1e}, {0x6, 0x4, 0x8, 0x40}, {0x7, 0x4, 0x9, 0x4}, {0x1ff, 0x0, 0x0, 0xfffffffa}, {0x96, 0x0, 0xea, 0x3}, {0xfffffffa, 0x8, 0x0, 0x2}, {0x9, 0x40, 0x3, 0xfffffff6}, {0x4, 0x7, 0xffff8001, 0x3}, {0x7, 0x1, 0x7fff, 0x2}, {0x101, 0x0, 0x8, 0x9}, {0x0, 0x400, 0xa8, 0x401}, {0x7, 0x4, 0xb7b0, 0x101}, {0x9, 0xfa, 0x1000000, 0x7}, {0x4, 0x3, 0x5, 0x5}, {0x80, 0xc8000000, 0xe6, 0xfff}, {0x4, 0x7ff, 0x6, 0x1}, {0x8, 0x8001, 0x5, 0x401}, {0x1ff, 0x2, 0x9, 0x384}, {0x100, 0x155, 0x4, 0x8}, {0xfffffff7, 0x80000000, 0x3, 0x1}, {0x401, 0x5, 0x59, 0x70}, {0x1ff, 0x7, 0x2, 0xfffffffa}, {0x8, 0x0, 0x101, 0x401}, {0x7, 0x9, 0x2, 0x8}, {0x3c, 0xe0000000, 0x9, 0x9}, {0x30, 0x7, 0xbc, 0x4}, {0x2, 0x7fff, 0x3f, 0x1}, {0xffffffff, 0x80, 0x2, 0x3}, {0x6, 0x4, 0x3, 0x1}, {0x10000, 0x6, 0x80, 0x9}, {0xffffffff, 0x1, 0x7ff}, {0x4, 0x1000, 0x6, 0x100}, {0xbc, 0x9, 0x9, 0xceb}, {0x1cd0, 0x6, 0x14b, 0x8}, {0x25d9d555, 0x10000, 0x3ff, 0xda}, {0x9, 0x8, 0x3, 0x1}, {0x1a, 0x40, 0x30b5, 0x9}, {0x7fff, 0x1, 0x4}, {0xe4, 0x9c, 0x1529, 0x40}, {0x3, 0x730b, 0x2fc576e2, 0xff}, {0x1ee, 0xffff, 0x6, 0x2}, {0x1, 0x8, 0x7, 0x10000}, {0xac8, 0x7fff, 0xffffffff, 0x3f}, {0x0, 0x6, 0xfffffffe, 0x3}, {0x1e, 0x8000, 0x81, 0x1}, {0x3, 0x4, 0x6, 0x5}, {0x3, 0x5, 0x3, 0x81}, {0x4, 0x8000000, 0xc3, 0x3}, {0x3, 0x7, 0xfff, 0xfff}, {0x0, 0x5, 0x9, 0x4}, {0x1, 0xfffffffe, 0x6}, {0x80, 0x8, 0x7e, 0x3}, {0x5, 0x64, 0xd1, 0x3}, {0x6, 0x4, 0x0, 0xaa92}, {0x8000, 0x0, 0x2}, {0x1ff, 0x80000000, 0x9, 0x4c44}, {0x6, 0x2858, 0x7, 0x8000}, {0x0, 0x9, 0x80000000, 0xf4b}, {0x1, 0x81, 0x7, 0x6}, {0x6f04, 0x6, 0x2, 0x9}, {0x7, 0x1, 0x3f, 0xe4}, {0x2, 0x9, 0xfffffc00, 0x5}, {0x5, 0x200, 0x101, 0xe0000000}, {0x3, 0x7, 0x5, 0x9}, {0x5, 0x3, 0x1ff, 0x6}, {0x7, 0x7ff, 0x401, 0x7}, {0x80000000, 0x4, 0x80}, {0x9, 0xeeb, 0x3f, 0x6}, {0x5, 0x5, 0x7, 0x101}, {0x20, 0x2f93, 0x7, 0x2}, {0x2, 0x7f, 0x3ff, 0xfffff800}, {0x1, 0xfff, 0x7, 0x4}, {0x40000000, 0x3, 0x800, 0x53}, {0x2eb, 0x1, 0x6, 0x80}, {0x0, 0x9, 0x2, 0x9}, {0x80000001, 0x1, 0xdc, 0x1}, {0x8, 0x1f, 0x3, 0x400}, {0x9, 0x350, 0x1000, 0x4}, {0xf6d, 0x0, 0x7f}, {0x1, 0x1, 0x10001, 0xd2f5}, {0x1000, 0xffff, 0x35f5, 0x40}, {0x8, 0x10001, 0x8000}, {0x8306, 0x1a2020f7, 0x8, 0x6}, {0xffffffff, 0x81, 0x7f}, {0x2, 0x2, 0x2}, {0x4e2, 0xffffffff, 0x9, 0xfffffbff}, {0x8, 0x5, 0xde9, 0x3f}, {0x1ff, 0xfff, 0x3, 0x9}, {0xfffffffc, 0x4, 0xc28, 0x6}, {0x101, 0x2, 0xff, 0x2}, {0x20, 0x6, 0xa9, 0x6}, {0x8, 0x1, 0x4, 0x6}, {0x2, 0xc4c, 0x3, 0x100}, {0x2, 0x7, 0x10000, 0x8}, {0xff, 0x9, 0x5, 0x8001}, {0x2, 0xfff, 0xffff}, {0x0, 0x3, 0xff, 0x5}, {0xe37, 0xffff, 0xbbe0}, {0x9c9, 0x16b, 0xcec, 0xffff}, {0x1, 0x6, 0x89, 0x67}, {0x4, 0x40d, 0x5, 0x1}, {0xfffffff8, 0x90, 0x8, 0x4}, {0x7fffffff, 0x1f61, 0x5, 0x401}, {0x8, 0xffff, 0x7, 0x5}, {0x8000, 0x3f, 0xd3d, 0x5}, {0x7, 0x5, 0x4, 0x2}, {0x7fffffff, 0xec, 0x7, 0xbfd}, {0x28a, 0x3, 0x6, 0xffffffff}, {0x1a, 0x800, 0x20, 0x7}, {0x46, 0x4, 0x100, 0x8000}, {0x6, 0x1000, 0x3a55, 0xe82}, {0x5, 0x52, 0x7, 0x10001}, {0x8, 0x3ff, 0x7, 0x1}, {0x89, 0x6, 0x173, 0xffffffff}]}, 0xdfa) fork() fork() fork() 04:17:39 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:39 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) 04:17:39 executing program 1: socket(0x0, 0x80000, 0x9) 04:17:39 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r0, 0x28}, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', r1) sendmsg$NLBL_MGMT_C_LISTALL(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_DOMAIN={0xc, 0x1, 'nl80211\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2b}]}, 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x40000) fork() 04:17:39 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:40 executing program 1: socket(0x0, 0x80000, 0x9) 04:17:40 executing program 5: fork() openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) 04:17:40 executing program 0: fork() r0 = fork() r1 = getpgid(r0) fork() fork() getpgrp(r1) 04:17:40 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:40 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) socket(0x18, 0x80000, 0x9) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:40 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:40 executing program 1: socket(0x18, 0x0, 0x9) 04:17:40 executing program 5: fork() r0 = getpid() tgkill(0x0, r0, 0x0) getpgrp(r0) 04:17:40 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:40 executing program 0: fork() gettid() r0 = fork() fork() getpid() ptrace$peekuser(0x3, r0, 0xfffffffffffffc01) fork() 04:17:40 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:40 executing program 1: socket(0x18, 0x0, 0x0) 04:17:40 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:40 executing program 5: r0 = fork() ptrace$peekuser(0x3, r0, 0x2) 04:17:40 executing program 1: socket(0x18, 0x0, 0x0) 04:17:40 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:40 executing program 1: socket(0x18, 0x0, 0x0) [ 553.613246] Bluetooth: hci3 command 0x0401 tx timeout 04:17:41 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) socket$can_raw(0x1d, 0x3, 0x1) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:41 executing program 5: bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x4}, 0x8) r0 = fork() getpgid(r0) r1 = getpid() r2 = getpid() tgkill(0x0, r2, 0x0) getpgid(r0) tgkill(r2, r1, 0x0) getpgid(r1) 04:17:41 executing program 1: socket(0x18, 0x0, 0x0) 04:17:41 executing program 2: mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:41 executing program 0: r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r0, @ANYBLOB="010025bd7000fbdbdf250500000014000600fc02000000000000000100000000000008000800e00000010800040002000000081002000700000008000222dc00000014000500fe8000000000000000000000000000bb0800020003000000140006000000000000000000000000000000000014000500ff010000000000000000000000010000639433d624c5dc8cd24598b7dd1eb9fb66c15b33703a249e88ed79a7695b84ab130a50ab706a7828266b1d6249d302ea989e72a92b406d4e83c0ecc37789597c919f91dbd9486272ddec810086e6869226da3a14cdd22aa0e91767424e2cd156b018570fa04e8ffbdb3b34108a1f02c52d6d65908a0672de04ceb14198a6bf37691e62b4f366850d9afdb61719d801c107ba651b8640a3ff57334042"], 0x8c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000000)) r1 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) getpgrp(r2) r3 = getpid() tgkill(0x0, r3, 0x0) tgkill(r1, r3, 0xc) fork() r4 = gettid() getpgrp(0xffffffffffffffff) getpgrp(r4) 04:17:41 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:41 executing program 1: socket(0x18, 0x0, 0x0) 04:17:41 executing program 2: mount$9p_fd(0x0, 0x0, &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:41 executing program 1: socket(0x18, 0x0, 0x0) 04:17:41 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:41 executing program 1: socket(0x0, 0x0, 0x0) 04:17:41 executing program 5: fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000040)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc) 04:17:42 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:42 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) 04:17:42 executing program 1: socket(0x0, 0x0, 0x0) 04:17:42 executing program 0: fork() r0 = fork() syz_read_part_table(0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000000)="46c9ca87a9fb9c4a9846246b7f8c7f1a1f5d7fef522ace34fde66accf5f3f95ec586cefb497c1a16ae6b7b76ff09f1af9e9a3b438767aafdc4affbeb71992100e8be89bb100bc49e9fe44d620ef1203e21a8f6e3961bcc8a49e53afb6c66ef975d070d28a034d848659b9bee398fd53b52d9fad896c9266c8e5164372e6c138a40a3a511c9944a5a25630685d8c034e290e0ddaf8e39cd0819fcaa7ebffbb2d8c93bb6737d650d6a81ec4e778b6cf302691be20ad9b1ca955aa4355ddf2c7cf15f04ba4690cfd322db80b6837e1d5f7753f3c2", 0xd3, 0x4}, {&(0x7f0000000100)="4a4bd5381c28d96c2d0d014f461faadb7c512af248675628b75e5dc3d808f42ef797dbe08ea745ee6aae6e675dbe21a6bea7ba39792554ff1cc1ed3ad6cd8388be506ed1a4191ce13feee52b272ffe", 0x4f, 0x3}]) fork() sched_setaffinity(r0, 0x8, &(0x7f00000001c0)=0x80000000) getrlimit(0x1, &(0x7f0000000000)) 04:17:42 executing program 5: fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ptrace$peekuser(0x3, r0, 0x8) 04:17:42 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:42 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) 04:17:42 executing program 1: socket(0x0, 0x0, 0x0) 04:17:42 executing program 5: fork() socketpair(0x23, 0x1, 0x1f, &(0x7f0000000000)) 04:17:42 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) 04:17:42 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) socket$can_raw(0x1d, 0x3, 0x1) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:42 executing program 5: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x10) fork() [ 555.693195] Bluetooth: hci3 command 0x0401 tx timeout 04:17:43 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:43 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:43 executing program 0: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:43 executing program 5: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(0xffffffffffffffff, 0x40086425, &(0x7f0000000100)={r0, 0x1}) socketpair(0x2, 0x3, 0x10001, &(0x7f0000000000)) fork() 04:17:43 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:43 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:17:43 executing program 5: fork() r0 = socket$can_bcm(0x1d, 0x2, 0x2) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:43 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}]}}) 04:17:43 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xa76, 0x2e0041) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, 0x0, 0xc, 0x70bd25, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @mcast2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x95a3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xfd}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) fork() r1 = fork() sched_setaffinity(r1, 0x8, &(0x7f0000000140)=0x4) fork() 04:17:43 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@func={'func', 0x3d, 'MMAP_CHECK'}}]}}) 04:17:43 executing program 1: fork() r0 = socket$can_bcm(0x1d, 0x2, 0x2) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:43 executing program 5: setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=0xffff, 0x4) fork() 04:17:44 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:44 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) 04:17:44 executing program 5: ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0x1, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) fork() 04:17:44 executing program 1: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:44 executing program 0: r0 = getpid() tgkill(0x0, r0, 0x0) getpgrp(r0) r1 = fork() fork() r2 = getpgid(r1) ptrace$peekuser(0x3, r2, 0x7) fork() 04:17:44 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:44 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xa76, 0x2e0041) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, 0x0, 0xc, 0x70bd25, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @mcast2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x95a3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xfd}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) fork() r1 = fork() sched_setaffinity(r1, 0x8, &(0x7f0000000140)=0x4) fork() 04:17:44 executing program 5: fork() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r1, r0, 0x1) r2 = getpgrp(r0) r3 = getpgid(r2) getpgrp(r3) 04:17:44 executing program 0: fork() fork() fork() r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x6) 04:17:44 executing program 5: fork() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r0, r1, 0x33) 04:17:44 executing program 0: fork() fork() fork() openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) 04:17:44 executing program 5: r0 = fork() r1 = getpid() tgkill(0x0, r1, 0x0) r2 = fork() getpgid(r2) getpgrp(r0) r3 = getpid() tgkill(r3, r3, 0x2b) [ 557.773220] Bluetooth: hci3 command 0x0401 tx timeout 04:17:45 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:45 executing program 1: r0 = getpid() tgkill(0x0, r0, 0x0) getpgrp(r0) r1 = fork() fork() r2 = getpgid(r1) ptrace$peekuser(0x3, r2, 0x7) fork() 04:17:45 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x80000, 0x10000) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', r0) socket$inet6_dccp(0xa, 0x6, 0x0) r1 = socket(0x21, 0x803, 0x1000) getsockopt$inet6_dccp_buf(r1, 0x21, 0xf, &(0x7f0000000300)=""/208, &(0x7f0000000100)=0x1b) socket$phonet_pipe(0x23, 0x5, 0x2) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xfffffffffffffffd, 0xa00) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) getsockopt$inet6_dccp_int(r0, 0x21, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0x4) bind$can_raw(r2, &(0x7f0000000180), 0x10) 04:17:45 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xa76, 0x2e0041) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, 0x0, 0xc, 0x70bd25, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @mcast2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x95a3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xfd}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) fork() r1 = fork() sched_setaffinity(r1, 0x8, &(0x7f0000000140)=0x4) fork() 04:17:45 executing program 0: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x7fff}, 0xc) r3 = syz_usbip_server_init(0x4) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:45 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:45 executing program 5: fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000000)) [ 558.067904] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 558.073745] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) 04:17:45 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001, 0x0, 0xffffffffffffffff}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r7) ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc0585611, &(0x7f00000001c0)={0x7ff, 0x3, 0x4, 0x0, 0x7, {r4, r5/1000+60000}, {0x3, 0x8, 0xf7, 0x7, 0x6, 0x40, ' ]g%'}, 0x400, 0x4, @fd=r6, 0x80000001, 0x0, r7}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)={0x30d952bc, 0x0, 0x4, 0x10, 0x0, {}, {0xca8670def508209, 0x0, 0x1, 0x0, 0x8, 0x1, 'vuoG'}, 0xfffffefd, 0x1, @offset=0x6, 0xed, 0x0, r2}) fork() 04:17:45 executing program 2: fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000000)) 04:17:45 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(0xffffffffffffffff, 0x40086425, &(0x7f0000000100)={r0, 0x1}) socketpair(0x2, 0x3, 0x10001, &(0x7f0000000000)) fork() [ 558.130759] vhci_hcd: connection closed [ 558.131326] vhci_hcd: stop threads [ 558.163818] vhci_hcd: release socket [ 558.178414] vhci_hcd: disconnect device 04:17:45 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x5, 0x80000) ioctl$sock_bt_hci(r0, 0x27, &(0x7f0000000040)="6abeb8ce0e10258967632ce409114921c635f65464233ae55c1486469bf4c0e10a4bd9d28e1bd0989e78a3048ad53dc7a79190e59c044f655e96a6920c1a04295eb853eba5642da2741d622e8c8a805ce11e0e5af85eccb8f7f793b9ea5ed7c11b8010eab32256f347abf4d6286454b0acc2055fa4eb154fb43ca7868fd83d9138cd76b773785a6b7bcfff13a34e50dd9f20039268d93eb8355a5e31fed83696acef5ef90e7829c048e50349c551bdc5dd50b863edc4cc02f9cdc286") 04:17:45 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(0xffffffffffffffff, 0x40086425, &(0x7f0000000100)={r0, 0x1}) socketpair(0x2, 0x3, 0x10001, &(0x7f0000000000)) fork() [ 558.638042] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(3) [ 558.644037] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 558.655819] vhci_hcd: connection closed [ 558.660431] vhci_hcd: stop threads [ 558.668284] vhci_hcd: release socket [ 558.679862] vhci_hcd: disconnect device 04:17:46 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:46 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001, 0x0, 0xffffffffffffffff}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r7) ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc0585611, &(0x7f00000001c0)={0x7ff, 0x3, 0x4, 0x0, 0x7, {r4, r5/1000+60000}, {0x3, 0x8, 0xf7, 0x7, 0x6, 0x40, ' ]g%'}, 0x400, 0x4, @fd=r6, 0x80000001, 0x0, r7}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)={0x30d952bc, 0x0, 0x4, 0x10, 0x0, {}, {0xca8670def508209, 0x0, 0x1, 0x0, 0x8, 0x1, 'vuoG'}, 0xfffffefd, 0x1, @offset=0x6, 0xed, 0x0, r2}) fork() 04:17:46 executing program 5: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x2a) 04:17:46 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(0xffffffffffffffff, 0x40086425, &(0x7f0000000100)={r0, 0x1}) socketpair(0x2, 0x3, 0x10001, &(0x7f0000000000)) fork() 04:17:46 executing program 0: fork() getpid() fork() socketpair(0x2c, 0xa, 0xd339, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x148, r2, 0x10, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "1a2df3119e27c11a0b194f72b1c6312d7ac15ba63c45f7ac"}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MNTR_FLAGS={0x24, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}], @NL80211_ATTR_IFNAME={0x14, 0x4, 'team0\x00'}, @NL80211_ATTR_4ADDR={0x5}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x20, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "c0437e1dbbdf554c40ece22753b054018db43a07736bb833"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "ee4cd021023d12a48db73881dcb41000f0143464793ca64a"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "967feedb5cd17a6108c64ba8146885df3ee7550b0241c306"}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_4ADDR={0x5}]}, 0x148}, 0x1, 0x0, 0x0, 0x41}, 0x8000) fork() 04:17:46 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:46 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x7fff}, 0xc) r3 = syz_usbip_server_init(0x4) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:46 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(0xffffffffffffffff, 0x40086425, &(0x7f0000000100)={r0, 0x1}) socketpair(0x2, 0x3, 0x10001, &(0x7f0000000000)) 04:17:46 executing program 0: ptrace$peekuser(0x3, 0xffffffffffffffff, 0x0) fork() fork() syz_usbip_server_init(0x1) fork() 04:17:46 executing program 5: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x20000, 0x0) fork() 04:17:46 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]}) socketpair(0x2, 0x3, 0x10001, &(0x7f0000000000)) 04:17:46 executing program 5: fork() r0 = getgid() setgid(r0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff}, 0x0) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) r3 = geteuid() mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x40, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_any='access=any'}, {@dfltuid={'dfltuid', 0x3d, 0xee01}}, {@cache_mmap='cache=mmap'}, {@access_any='access=any'}], [{@fowner_gt={'fowner>', r3}}, {@smackfsfloor={'smackfsfloor', 0x3d, '.'}}, {@measure='measure'}, {@dont_hash='dont_hash'}, {@fowner_gt={'fowner>', 0xee00}}, {@audit='audit'}, {@obj_user={'obj_user', 0x3d, '*(\x9b}'}}, {@subj_user={'subj_user', 0x3d, '@'}}]}}) [ 559.099504] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 559.105346] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 559.132493] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 559.138332] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 559.170604] vhci_hcd: connection closed [ 559.170781] vhci_hcd: stop threads [ 559.183033] vhci_hcd: release socket [ 559.191027] vhci_hcd: disconnect device [ 559.433174] usb 9-1: new high-speed USB device number 2 using vhci_hcd 04:17:47 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:47 executing program 5: r0 = fork() r1 = getpid() sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x4) tgkill(r0, r1, 0x17) r2 = fork() tgkill(r1, r2, 0x3b) 04:17:47 executing program 1: socketpair(0x2, 0x3, 0x10001, &(0x7f0000000000)) 04:17:47 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x7fff}, 0xc) r3 = syz_usbip_server_init(0x4) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:47 executing program 0: r0 = fork() fork() r1 = getpid() sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0xf22) getpgid(r0) fork() 04:17:47 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:47 executing program 1: socketpair(0x0, 0x3, 0x10001, &(0x7f0000000000)) 04:17:47 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) [ 559.853185] Bluetooth: hci3 command 0x0401 tx timeout 04:17:47 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$sock_bt_hci(r0, 0x400448ca, &(0x7f0000000000)="ca02665bcce36bd4ff8f4d62ebb184823e06036d4c3895383cdf0525838cad0062a4c14fd274e9345dff873ae18527377031ee973a1d697c764e873a30e92da4b37c74f6bc076e671b020268fadd149a1d54e3138c84eb0e71ca8bc7fb0405973b72690d616c3fac0e065e2b8e4f8792067d8ae31a16381196b73ea033260896ee9aca24231fe98d8c8621b43aee979d860a76b7fb02930a99bd612f0f39b91ad9fd197d74bf40af8b28af6c71bb6b183f2bccf7480e0118cacd6c478d4c933cf4fdb80a348c4f148ef6273e52c287bedcc607229d70efb55c37ee49724d987c984eb87aed08f6") fork() 04:17:47 executing program 0: r0 = fork() fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x81) fork() 04:17:47 executing program 1: socketpair(0x0, 0x3, 0x10001, &(0x7f0000000000)) 04:17:47 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) [ 559.959386] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 559.965243] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 560.015219] vhci_hcd: connection closed [ 560.015989] vhci_hcd: stop threads [ 560.034641] vhci_hcd: release socket [ 560.066884] vhci_hcd: disconnect device 04:17:47 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:47 executing program 5: ioctl$SIOCX25CALLACCPTAPPRV(0xffffffffffffffff, 0x89e8) fork() 04:17:47 executing program 1: socketpair(0x0, 0x3, 0x10001, &(0x7f0000000000)) 04:17:47 executing program 0: fork() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) getpgid(r1) tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x1) fork() fork() 04:17:47 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:47 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x7fff}, 0xc) r3 = syz_usbip_server_init(0x4) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:47 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:47 executing program 1: socketpair(0x2, 0x0, 0x10001, &(0x7f0000000000)) 04:17:48 executing program 5: ioctl$DRM_IOCTL_GET_CTX(0xffffffffffffffff, 0xc0086423, &(0x7f0000000000)={0x0, 0x2}) fork() 04:17:48 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:48 executing program 1: socketpair(0x2, 0x0, 0x0, &(0x7f0000000000)) 04:17:48 executing program 0: fork() r0 = fork() getpid() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x1) fork() [ 560.925306] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 560.931151] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 560.972788] vhci_hcd: connection closed [ 560.972945] vhci_hcd: stop threads [ 560.981245] vhci_hcd: release socket [ 560.992074] vhci_hcd: disconnect device 04:17:48 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:48 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6, 0x9}) 04:17:48 executing program 5: r0 = syz_open_dev$mouse(0xffffffffffffffff, 0x0, 0xc8000) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)) fork() 04:17:48 executing program 1: socketpair(0x2, 0x0, 0x0, &(0x7f0000000000)) 04:17:48 executing program 0: fork() fork() gettid() fork() 04:17:48 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x7fff}, 0xc) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:48 executing program 5: r0 = fork() r1 = fork() r2 = getpgid(r1) r3 = getpid() tgkill(0x0, r0, 0x0) getpgrp(r3) r4 = getpgid(r2) r5 = getpid() tgkill(r3, r5, 0xf) r6 = getpid() tgkill(0x0, r6, 0x0) tgkill(r4, r6, 0x41) 04:17:48 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:48 executing program 0: fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0xa7a1061172c69977, &(0x7f0000000040)=0x200000003c3) fork() ptrace$peekuser(0x3, r0, 0x3f) 04:17:48 executing program 1: socketpair(0x2, 0x0, 0x0, &(0x7f0000000000)) 04:17:49 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:49 executing program 5: r0 = fork() r1 = getpgrp(r0) getpgrp(r1) 04:17:49 executing program 1: socketpair(0x2, 0x0, 0x10001, 0x0) [ 561.937648] Bluetooth: hci3 command 0x0401 tx timeout 04:17:49 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6, 0x9}) 04:17:49 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) getpid() mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:49 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:17:49 executing program 5: r0 = fork() r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r0, r1, 0x36) 04:17:49 executing program 1: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:49 executing program 0: r0 = fork() r1 = getpgrp(r0) r2 = fork() r3 = getpid() tgkill(0x0, r3, 0x0) tgkill(r1, r3, 0x3e) r4 = getpgrp(r2) fork() r5 = getpgrp(r4) getpgid(r5) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:49 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:49 executing program 5: fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x7) 04:17:49 executing program 0: r0 = fork() r1 = fork() r2 = getpid() tgkill(0x0, r2, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000000)=0x5cfb) getpgid(r1) r3 = getpid() tgkill(0x0, r3, 0x0) getpgrp(r3) fork() r4 = getpid() r5 = getpid() tgkill(0x0, r5, 0x0) r6 = getpid() tgkill(r6, r0, 0x36) getpgid(r5) tgkill(0x0, r4, 0x0) getpgrp(r4) 04:17:49 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:49 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:49 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:50 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6, 0x9}) 04:17:50 executing program 1: r0 = fork() r1 = getpgrp(r0) r2 = fork() r3 = getpid() tgkill(0x0, r3, 0x0) tgkill(r1, r3, 0x3e) r4 = getpgrp(r2) fork() r5 = getpgrp(r4) getpgid(r5) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:50 executing program 5: fork() fork() 04:17:50 executing program 2: r0 = fork() fork() getpgrp(r0) fork() mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:50 executing program 0: fork() r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x9) fork() getpid() 04:17:50 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6, 0x9}) 04:17:50 executing program 5: fork() fork() 04:17:50 executing program 2: r0 = fork() fork() getpgrp(r0) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:50 executing program 0: bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x2, 0x1}, 0x6) fork() setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, &(0x7f00000000c0)={0x7fffffff, [0x1, 0x2], 0xff}, 0x10) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) fork() 04:17:50 executing program 1: r0 = fork() r1 = fork() r2 = getpid() tgkill(0x0, r2, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000000)=0x5cfb) getpgid(r1) r3 = getpid() tgkill(0x0, r3, 0x0) getpgrp(r3) fork() r4 = getpid() r5 = getpid() tgkill(0x0, r5, 0x0) r6 = getpid() tgkill(r6, r0, 0x36) getpgid(r5) tgkill(0x0, r4, 0x0) getpgrp(r4) 04:17:50 executing program 5: fork() r0 = syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x0, 0x208100) ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, &(0x7f0000000040)) 04:17:50 executing program 2: fork() fork() mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) [ 563.696902] Bluetooth: hci0 command 0x0401 tx timeout [ 564.013271] Bluetooth: hci3 command 0x0401 tx timeout 04:17:51 executing program 2: fork() mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:51 executing program 5: ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x70}) fork() 04:17:51 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6, 0x9}) 04:17:51 executing program 0: fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) fork() 04:17:51 executing program 1: bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x2, 0x1}, 0x6) fork() setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, &(0x7f00000000c0)={0x7fffffff, [0x1, 0x2], 0xff}, 0x10) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) fork() 04:17:51 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6, 0x9}) 04:17:51 executing program 2: mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:51 executing program 5: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x0}]}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_GET_SAREA_CTX(r2, 0xc010641d, &(0x7f0000000000)={r1, &(0x7f0000000100)=""/150}) fork() 04:17:51 executing program 5: r0 = fork() gettid() getpgrp(r0) 04:17:51 executing program 0: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x800, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) fork() fork() fork() fork() 04:17:51 executing program 2: mount$9p_fd(0x0, 0x0, &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:51 executing program 1: fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) fork() 04:17:51 executing program 5: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getsockopt$inet6_dccp_int(r0, 0x21, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4) fork() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) getpgrp(r1) 04:17:51 executing program 2: mount$9p_fd(0x0, 0x0, &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:52 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6, 0x9}) 04:17:52 executing program 0: fork() fork() fork() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x59d2c0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000040)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x6, 0x400000) syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x3a5, 0x24400) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 04:17:52 executing program 2: mount$9p_fd(0x0, 0x0, &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:52 executing program 5: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000000c0)={@null=' \x00', 0x1, 'batadv_slave_1\x00'}) r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000)={0x9, @remote}, &(0x7f0000000040)=0x12, 0x80000) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000080)={0x8001, 0x9, 0x101, 0x7f, 0x9, 0x16, 0x25, "710399522c4ba28d03f001755c912438b386bf1a", "62f664c53eaa69c3e7a1038d11a782e42440434c"}) r1 = accept4$x25(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000200)=0x12, 0x80000) setsockopt$X25_QBITINCL(r1, 0x106, 0x1, &(0x7f0000000240)=0x1, 0x4) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480)='nl80211\x00', r2) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="200025b57000fcdb2817c1453d1d00", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x4880}, 0x804) ioctl$sock_x25_SIOCDELRT(r2, 0x890c, &(0x7f0000000340)={@remote={[], 0x0}, 0xc, 'veth0_vlan\x00'}) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ubi_ctrl\x00', 0x400300, 0x0) ioctl$DRM_IOCTL_GET_SAREA_CTX(r5, 0xc010641d, &(0x7f0000000300)={0x0, &(0x7f00000002c0)=""/22}) 04:17:52 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x0}]}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_GET_SAREA_CTX(r2, 0xc010641d, &(0x7f0000000000)={r1, &(0x7f0000000100)=""/150}) fork() 04:17:52 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6, 0x9}) 04:17:52 executing program 1: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6, 0x9}) 04:17:52 executing program 2: mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:52 executing program 5: r0 = fork() r1 = getpid() r2 = gettid() tgkill(r2, r0, 0x34) tgkill(0x0, r1, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={0xffffffffffffffff, r3, 0xc}, 0x10) r4 = getpid() tgkill(r1, r4, 0xd) 04:17:52 executing program 0: fork() fork() fork() r0 = getpid() gettid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xefbf) 04:17:52 executing program 2: mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:52 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x8001, 0x80000) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f0000000040)) fork() [ 565.773228] Bluetooth: hci0 command 0x0401 tx timeout 04:17:53 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 2: mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:53 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x2, 0x10000) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f00000000c0)) fork() fork() fork() 04:17:53 executing program 5: r0 = fork() getpgrp(r0) 04:17:53 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) [ 566.093216] Bluetooth: hci3 command 0x0401 tx timeout 04:17:53 executing program 5: setreuid(0xee00, 0x0) setreuid(0x0, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x81, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000040)=0x4) fork() r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x10000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000000c0)) 04:17:53 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 2: mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:17:53 executing program 0: fork() fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x400) 04:17:53 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 5: fork() r0 = getpid() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) setsockopt$X25_QBITINCL(r1, 0x106, 0x1, &(0x7f0000000000)=0x1, 0x4) tgkill(0x0, r0, 0x0) r2 = getpid() tgkill(0x0, r2, 0x0) gettid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc) getpgrp(r2) 04:17:53 executing program 2: mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x2110064, 0x0) 04:17:53 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 2: setreuid(0xee00, 0x0) setreuid(0x0, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x81, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000040)=0x4) fork() r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x10000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000000c0)) 04:17:53 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6}) 04:17:53 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:17:53 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:53 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f0000000080)) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) getpgrp(r1) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00', r0) sendmsg$SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x6c, r3, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x1f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x20}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5e25ab2b}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x8, 0x41, 0x8001, 0x2]}, @SEG6_ATTR_DST={0x14, 0x1, @private2={0xfc, 0x2, [], 0x1}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x40800) fork() 04:17:53 executing program 5: fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x10000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) socket(0x1d, 0x0, 0x8000) r2 = getpid() tgkill(0x0, r2, 0x0) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x102, 0x0) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0x1, 0x1}, 0x6) sched_setaffinity(r2, 0xfe08, &(0x7f0000000040)=0x4) 04:17:53 executing program 2: fork() fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x400) 04:17:53 executing program 5: ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448c9, &(0x7f0000000000)="aad33c341e1555f577ca16d814c9dd831fade4e9721cb8b60b1734743c9b06a5ab7e6439a2390d9b90e90028a918a22730ccdc25a573b702cf833d25d2808372b0049cee1113b4a8f389ee39aef3ec092b00d5139fc4aa05ab68f16983f00378b2a8d9a80135d08a26d149e61596f51140b4c1474fb73eab132d300e8e211564732390db75e7a5a680e1") fork() 04:17:54 executing program 2: fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x10000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) socket(0x1d, 0x0, 0x8000) r2 = getpid() tgkill(0x0, r2, 0x0) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x102, 0x0) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0x1, 0x1}, 0x6) sched_setaffinity(r2, 0xfe08, &(0x7f0000000040)=0x4) 04:17:54 executing program 0: fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xfffffffffffffffb) fork() ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(0xffffffffffffffff, 0x7aa, &(0x7f0000000040)={{@my=0x1, 0x40}, 0x7f, 0x8}) fork() 04:17:54 executing program 5: fork() gettid() r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:54 executing program 2: fork() r0 = getpid() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) setsockopt$X25_QBITINCL(r1, 0x106, 0x1, &(0x7f0000000000)=0x1, 0x4) tgkill(0x0, r0, 0x0) r2 = getpid() tgkill(0x0, r2, 0x0) gettid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc) getpgrp(r2) 04:17:54 executing program 5: bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)={0x9, 0x0}, 0x8) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={r0, 0xffff, 0x10}, 0xc) fork() 04:17:54 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6}) 04:17:54 executing program 2: fork() gettid() r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:54 executing program 1: ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:54 executing program 5: fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) recvfrom$x25(r0, &(0x7f0000000000)=""/57, 0x39, 0x40010023, &(0x7f0000000040)={0x9, @remote={[], 0x2}}, 0x12) 04:17:54 executing program 0: fork() r0 = getpgid(0xffffffffffffffff) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x400081) fork() fork() 04:17:54 executing program 4: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:17:54 executing program 1: ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:54 executing program 2: fork() gettid() r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:54 executing program 5: fork() r0 = getpid() tgkill(0x0, r0, 0x0) getpgid(r0) 04:17:54 executing program 1: ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:54 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x44004) 04:17:54 executing program 1: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) [ 567.853316] Bluetooth: hci0 command 0x0401 tx timeout [ 568.173191] Bluetooth: hci3 command 0x0401 tx timeout 04:17:55 executing program 5: fork() fork() fork() fork() 04:17:55 executing program 2: fork() gettid() r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:17:55 executing program 1: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:55 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x6}) 04:17:55 executing program 0: fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) fork() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socketpair(0x5, 0x800, 0x2, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_bt_hci(r2, 0x400448df, &(0x7f00000002c0)="71af9487a7f34c8ceb2e9578855d9753f46e0a6308957bfb65b3054af3b52610c7a2cbfd5063c31a9602b82d81aba0b26854a0aa151063a22aa0256d7174522c4856e3efc88ab2dacb1303916798b2e6fb834296785e21b03d4e581bccb25ded037ddb7629c4dcccc8355946880b07a6498a96551b8a88e099ca3f63485686981969eefa697bc53417533ed7244fd70111f6c48fdd5964aab80a8bc1c8a579ce20060c108d95a392e57b81c6933221656bea7a91aaaf9458059b144eb9bed65afe2cc7b06fb5bbf6f6ce9cb280e8dd138273c30c8229a860e597") syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0)='SEG6\x00', 0xffffffffffffffff) r4 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet6_dccp_int(r4, 0x21, 0x1, &(0x7f0000000140), &(0x7f00000003c0)=0x4) pause() sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="40000000c7c4382758fdfbd0b872b96b51f2d0c96a9654f7227bd174f92912f2fd34357ae4d8d38b54ca3c0ad0bb3b48c98dce6f1379b4c07b8bea36aa4c0655f101b42910030f6a9bea7e", @ANYRES16=r3, @ANYBLOB="020928bd7000fedbdf250400000008000200000000000500050001000000080002000008000008000300ff070000040004000500060003000000"], 0x40}, 0x1, 0x0, 0x0, 0x40810}, 0x20040000) fork() 04:17:55 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x44004) 04:17:55 executing program 1: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:17:55 executing program 2: fork() gettid() syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) 04:17:55 executing program 5: fork() r0 = getpid() tgkill(0x0, r0, 0x0) ptrace$peekuser(0x3, r0, 0x4) r1 = fork() tgkill(r0, r1, 0x6) 04:17:55 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:55 executing program 2: fork() syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) 04:17:55 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x44004) 04:17:55 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) r1 = fork() getpgid(r1) 04:17:56 executing program 2: syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) 04:17:56 executing program 0: fork() fork() fork() r0 = getpid() r1 = socket$phonet_pipe(0x23, 0x5, 0x2) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) tgkill(0x0, r0, 0x0) r2 = getpid() tgkill(0x0, r2, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000000)=0x7fe) 04:17:56 executing program 2: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) 04:17:56 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:56 executing program 5: r0 = fork() r1 = getpgid(r0) tgkill(r1, r0, 0x29) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xf27d) 04:17:56 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x44004) 04:17:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) r1 = fork() getpgid(r1) 04:17:56 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd"}) 04:17:56 executing program 2: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) 04:17:56 executing program 0: fork() r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x800) fork() 04:17:56 executing program 5: ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) fork() syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 04:17:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) r1 = fork() getpgid(r1) 04:17:56 executing program 1: fork() fork() fork() r0 = getpid() r1 = socket$phonet_pipe(0x23, 0x5, 0x2) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) tgkill(0x0, r0, 0x0) r2 = getpid() tgkill(0x0, r2, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000000)=0x7fe) 04:17:56 executing program 2: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) 04:17:56 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) 04:17:57 executing program 5: fork() setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)={0x400, [0x0, 0x3]}, 0x10) 04:17:57 executing program 2: fork() r0 = getpid() tgkill(0x0, r0, 0x0) ptrace$peekuser(0x3, r0, 0x4) r1 = fork() tgkill(r0, r1, 0x6) 04:17:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) r1 = fork() getpgid(r1) 04:17:57 executing program 5: r0 = fork() r1 = getpid() r2 = getpgrp(r0) ptrace$peekuser(0x3, r2, 0x16) tgkill(0x0, r1, 0x0) r3 = getpgid(r1) tgkill(r1, r3, 0x7) 04:17:57 executing program 0: r0 = fork() syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x7fffffff, 0x0) getpgrp(r0) fork() fork() 04:17:57 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) 04:17:57 executing program 1: fork() r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x800) fork() [ 569.933322] Bluetooth: hci0 command 0x0401 tx timeout 04:17:57 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:57 executing program 5: fork() r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x210000, 0x0) ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x8004550f, &(0x7f0000000080)=0x7) 04:17:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) fork() 04:17:57 executing program 0: fork() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) fork() fork() 04:17:57 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:17:57 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) 04:17:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:57 executing program 5: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x8) 04:17:57 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) [ 570.253472] Bluetooth: hci3 command 0x0401 tx timeout 04:17:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) fork() 04:17:57 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:57 executing program 5: fork() syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x10040000, 0x46fc0) 04:17:57 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 04:17:57 executing program 2: ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0) 04:17:57 executing program 0: r0 = getpid() r1 = getpid() tgkill(r0, r1, 0x80002) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x200400, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x12, 0x2, &(0x7f0000000000)=@raw=[@exit, @call={0x85, 0x0, 0x0, 0x33}], &(0x7f0000000040)='GPL\x00', 0x0, 0x44, &(0x7f0000000080)=""/68, 0x41100, 0x4, [], 0x0, 0x8, r2, 0x8, &(0x7f0000000140)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x4, 0x6, 0x9}, 0x10, 0x0, r3}, 0x78) fork() fork() fork() 04:17:57 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:57 executing program 5: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x2000, 0x0) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000000)=0xffff) fork() 04:17:57 executing program 1: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x8) 04:17:57 executing program 2: ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0) 04:17:57 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:57 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() 04:17:57 executing program 2: ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0) 04:17:57 executing program 1: r0 = fork() syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x7fffffff, 0x0) getpgrp(r0) fork() fork() 04:17:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:58 executing program 5: fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x40) 04:17:58 executing program 0: r0 = fork() ptrace$peekuser(0x3, r0, 0x9) r1 = fork() fork() getpgid(r1) 04:17:58 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:17:58 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0) 04:17:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:58 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0) 04:17:58 executing program 5: ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYRES64=0x0]) r0 = fork() getpgrp(r0) r1 = getpgid(r0) getpid() getpgrp(r0) sched_setaffinity(r1, 0x3, &(0x7f0000000040)=0x2000000000802) 04:17:58 executing program 0: r0 = fork() socketpair(0x1f, 0x4, 0x5, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00', r2) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r3, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0x34}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r3, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xf7}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x4) fork() r4 = fork() r5 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r5) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00', r2) r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r7, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2247d6acce2408ab6f93d993f61a183ce52b570f33b66e861cd1e365ccdd990c36f9d08eb63b8609e5e20094c4c0f3b6a54e776943999a7b11668e1dbba0a8fae4271d3b7a0fcf8a434fb97597353dffa641436ae157489944dced11da9882d2ca7f1d7d2b6436bbd1f3430d9ce1e751165ec58bd96df935949e7ca47327efb48e65dc8fcfd361831975fc6b60fd1612884bb8cc541c852d6bafcc0423b8fd58925bcb5b51df04181e26c3b16276d0ab3a659b844ecc28e58dea9fb9653fb5e4b809e3035ef616feddff21c9ba30f7ba2dd8b73210b22fe96413eb1e1e44899a399d0439a4963bc175a151f0ec6c39969141dd952ee3edbb11b22b2ebc6073f581762682d2ba935a2bb37ba0020111b36c47b948260c63127720abbc30e26709fea3029da9863444ecb3c0f596fbad4389b8900d7a2f9a004dfeeedae09408b65583b78b6f56db8650eb35b9294481b30000000000", @ANYRES16=0x0, @ANYBLOB="0a0329bd7000fddbdf2508000000"], 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r7, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r5, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r6, 0x10, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x2, 0xc}}}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) r10 = getpgid(r4) tgkill(r0, r10, 0x1a) 04:17:58 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() 04:17:58 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0) 04:17:58 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:17:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:58 executing program 5: fork() ptrace$peekuser(0x3, 0xffffffffffffffff, 0x0) 04:17:58 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() 04:17:58 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0) 04:17:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:58 executing program 0: fork() gettid() fork() fork() 04:17:58 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:17:58 executing program 5: r0 = fork() ptrace$peekuser(0x3, r0, 0x6) 04:17:58 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) 04:17:58 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:58 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x2000, 0x0) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000000)=0xffff) fork() 04:17:58 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) 04:17:58 executing program 5: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40000, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000040)={0x0, 0x3, 0x100}) 04:17:58 executing program 0: fork() fork() fork() r0 = getpid() tgkill(0x0, r0, 0x43) getpgid(r0) r1 = getpid() tgkill(0x0, r1, 0x0) getpgid(r1) 04:17:58 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:58 executing program 5: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00', r2) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r5, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x14}}}}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x80) 04:17:58 executing program 1: r0 = fork() ptrace$peekuser(0x3, r0, 0x6) 04:17:58 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)) 04:17:58 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:17:58 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000040)=""/173) 04:17:58 executing program 4: socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)) 04:17:59 executing program 5: r0 = fork() ptrace$peekuser(0x3, r0, 0x3a1449a7) pipe2$9p(&(0x7f0000000000), 0x1800) 04:17:59 executing program 0: fork() fork() fork() fork() 04:17:59 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00', r2) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r5, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x14}}}}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x80) 04:17:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 04:17:59 executing program 4: socketpair(0x0, 0x3, 0x8, &(0x7f00000000c0)) 04:17:59 executing program 5: fork() fork() 04:17:59 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:17:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 04:17:59 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00', r2) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r5, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x14}}}}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x80) 04:17:59 executing program 4: socketpair(0x0, 0x3, 0x8, &(0x7f00000000c0)) [ 572.016413] Bluetooth: hci0 command 0x0401 tx timeout 04:17:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 04:17:59 executing program 0: fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f00000000c0)=0xc) fork() r0 = socket$phonet_pipe(0x23, 0x5, 0x2) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) fork() fork() 04:17:59 executing program 5: r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ptrace$peekuser(0x3, r1, 0x0) getpgrp(r0) 04:17:59 executing program 4: socketpair(0x0, 0x3, 0x8, &(0x7f00000000c0)) 04:17:59 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00', r2) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r5, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x14}}}}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x80) 04:17:59 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() 04:17:59 executing program 3: fork() fork() 04:17:59 executing program 4: socketpair(0x10, 0x0, 0x8, &(0x7f00000000c0)) 04:17:59 executing program 5: r0 = fork() getpgid(r0) getpid() [ 572.333202] Bluetooth: hci3 command 0x0401 tx timeout 04:17:59 executing program 0: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f0000000000)={0x3, 0x1, 0x0, 0x1, 0x4, 0x77947b2f}) 04:17:59 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() 04:17:59 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() 04:17:59 executing program 4: socketpair(0x10, 0x0, 0x8, &(0x7f00000000c0)) 04:17:59 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00', r2) 04:17:59 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() 04:17:59 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) 04:17:59 executing program 4: socketpair(0x10, 0x0, 0x8, &(0x7f00000000c0)) 04:17:59 executing program 0: fork() fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ptrace$peekuser(0x3, r0, 0x81) 04:17:59 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) 04:18:00 executing program 3: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00', r2) 04:18:00 executing program 2: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) 04:18:00 executing program 4: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:00 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() 04:18:00 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)) 04:18:00 executing program 4: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:00 executing program 2: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)) 04:18:00 executing program 0: r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_REMOVEDEF(r2, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0xb4, r0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={[], [], @empty}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0xb4}, 0x1, 0x0, 0x0, 0x8010}, 0x4004000) sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, r0, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_CV4DOI={0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000001) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_REMOVE(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x80, r0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_DOMAIN={0x6, 0x1, '@\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xa}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1={0xfc, 0x1, [], 0x1}}, @NLBL_MGMT_A_DOMAIN={0x9, 0x1, '-.^!\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @broadcast}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @local}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x80}, 0x1, 0x0, 0x0, 0x40}, 0xcc0) sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0xb}}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, '^%\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x40000) fork() fork() 04:18:00 executing program 3: fork() fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ptrace$peekuser(0x3, r0, 0x81) 04:18:00 executing program 4: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:00 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) 04:18:00 executing program 2: socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)) 04:18:00 executing program 5: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:00 executing program 4: socketpair(0x10, 0x3, 0x8, 0x0) 04:18:00 executing program 0: fork() fork() fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) r1 = getpid() openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) tgkill(0x0, r1, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) tgkill(r0, r1, 0xc) 04:18:00 executing program 2: socketpair(0x0, 0x3, 0x8, &(0x7f00000000c0)) 04:18:00 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:00 executing program 5: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:00 executing program 4: r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_REMOVEDEF(r2, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0xb4, r0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={[], [], @empty}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}]}, 0xb4}, 0x1, 0x0, 0x0, 0x8010}, 0x4004000) sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, r0, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_CV4DOI={0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000001) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_REMOVE(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x80, r0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_DOMAIN={0x6, 0x1, '@\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xa}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1={0xfc, 0x1, [], 0x1}}, @NLBL_MGMT_A_DOMAIN={0x9, 0x1, '-.^!\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @broadcast}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @local}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x80}, 0x1, 0x0, 0x0, 0x40}, 0xcc0) sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0xb}}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, '^%\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x40000) fork() fork() 04:18:00 executing program 3: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r4, 0x1}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00', r2) 04:18:00 executing program 2: socketpair(0x0, 0x3, 0x8, &(0x7f00000000c0)) 04:18:00 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:00 executing program 0: fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getpgid(0x0) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = getpid() tgkill(0x0, r2, 0x0) tgkill(r1, r2, 0x1e) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000080)={0x3ff}) fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000040)=0xc) 04:18:00 executing program 5: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:00 executing program 3: fork() fork() fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) r1 = getpid() openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) tgkill(0x0, r1, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) tgkill(r0, r1, 0xc) 04:18:00 executing program 2: socketpair(0x0, 0x3, 0x8, &(0x7f00000000c0)) 04:18:00 executing program 5: socketpair(0x0, 0x3, 0x0, &(0x7f00000000c0)) 04:18:00 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:00 executing program 4: fork() fork() fork() fork() 04:18:00 executing program 0: fork() r0 = fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$peekuser(0x3, r0, 0x42) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = gettid() tgkill(r1, r2, 0x9) ptrace$peekuser(0x3, 0xffffffffffffffff, 0x0) 04:18:01 executing program 2: socketpair(0x10, 0x0, 0x8, &(0x7f00000000c0)) 04:18:01 executing program 5: socketpair(0x0, 0x3, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:01 executing program 2: socketpair(0x10, 0x0, 0x8, &(0x7f00000000c0)) 04:18:01 executing program 0: r0 = fork() r1 = fork() fork() r2 = getpgid(r0) tgkill(r0, r2, 0x39) getpgid(r1) r3 = getpid() r4 = getpid() tgkill(0x0, r4, 0x0) tgkill(r4, r2, 0x2b) tgkill(r2, r0, 0x22) ptrace$peekuser(0x3, r3, 0x9c) gettid() r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x20000, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) 04:18:01 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:01 executing program 2: socketpair(0x10, 0x0, 0x8, &(0x7f00000000c0)) 04:18:01 executing program 3: fork() fork() fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) r1 = getpid() openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) tgkill(0x0, r1, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) tgkill(r0, r1, 0xc) 04:18:01 executing program 0: fork() bind$can_raw(0xffffffffffffffff, &(0x7f0000000000), 0x10) fork() fork() 04:18:01 executing program 5: socketpair(0x0, 0x3, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 4: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:01 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) fork() r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:01 executing program 2: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) [ 574.093446] Bluetooth: hci0 command 0x0401 tx timeout 04:18:01 executing program 5: socketpair(0x10, 0x0, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x8}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:01 executing program 2: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 4: socketpair(0x0, 0x3, 0x8, &(0x7f00000000c0)) 04:18:01 executing program 0: fork() r0 = getpid() r1 = fork() ptrace$peekuser(0x3, r1, 0x27) ptrace$peekuser(0x3, r0, 0x8001) 04:18:01 executing program 5: socketpair(0x10, 0x0, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 3: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 5: socketpair(0x10, 0x0, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:01 executing program 0: fork() fork() fork() fork() fork() 04:18:01 executing program 4: fork() bind$can_raw(0xffffffffffffffff, &(0x7f0000000000), 0x10) fork() fork() 04:18:01 executing program 2: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) [ 574.413303] Bluetooth: hci3 command 0x0401 tx timeout 04:18:01 executing program 3: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 5: socketpair(0x10, 0x3, 0x0, 0x0) 04:18:01 executing program 2: socketpair(0x10, 0x3, 0x8, 0x0) 04:18:01 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) userfaultfd(0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:01 executing program 2: r0 = fork() r1 = getpid() r2 = getpgrp(r0) ptrace$peekuser(0x3, r2, 0x16) tgkill(0x0, r1, 0x0) r3 = getpgid(r1) tgkill(r1, r3, 0x7) 04:18:01 executing program 3: socketpair(0x10, 0x3, 0x0, &(0x7f00000000c0)) 04:18:01 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:02 executing program 5: fork() fork() fork() fork() 04:18:02 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x44004) 04:18:02 executing program 0: fork() ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x128, 0x0, 0x1, 0x74bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x8000, 0x41}}}}, [@NL80211_ATTR_TESTDATA={0xfd, 0x45, "aa6b5b359e4b4bf1a1d8e4e382b87722548c7bda38c462b00a9a5ed0860e9a84a4b7fdb3c8ec4c0e6334b7cffd0406016341739e88709d4bf490991221aac535b2e30c8f6798413ddccd9c9671970d6487b06ae414fe1593baa0fea3e5cd057c96e68462f81e7dbe7635a0351eeff59d9cfbab0a16392f6ff1995ed0c312c30a21cecca06333201383658823e9ee4afd189774c69f93d15f8a250c1cbeffae9139f647071b1dcbbc3236358e5063858297b637f689ecb5b82cfbe80064f4fb4c21a7f16ec71b13aac3954833c2b53e40d10a3f6cf709e23750351d946aa740ef1a0ea48eec904c7bb414210efd1ab95ec8061a843070cb4e2c"}]}, 0x128}}, 0x4040010) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, r1, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x5f}}}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x24000814) fork() r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r2, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r2) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, r3, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8804}, 0xc0) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x1000, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="660f7644030f00da3e0f01b70080ba210066ed66b94603000066b85a00000066ba000000000f30ba4200ed0f20d86635200000000f22d8b800008ee8f27eb766b8b40000000f23c00f21f86635030002000f23f8", 0x54}], 0x1, 0x20, &(0x7f0000000100), 0x0) fork() 04:18:02 executing program 1: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {}, {}, {}]}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:02 executing program 3: socketpair(0x0, 0x3, 0x0, &(0x7f00000000c0)) 04:18:02 executing program 2: r0 = fork() r1 = getpid() r2 = getpgrp(r0) ptrace$peekuser(0x3, r2, 0x16) tgkill(0x0, r1, 0x0) r3 = getpgid(r1) tgkill(r1, r3, 0x7) 04:18:02 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:02 executing program 3: socketpair(0x0, 0x3, 0x0, &(0x7f00000000c0)) 04:18:02 executing program 2: fork() fork() fork() fork() fork() 04:18:02 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:02 executing program 5: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={r0, &(0x7f0000000080)=""/42}) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:02 executing program 0: fork() r0 = gettid() getpgrp(r0) fork() fork() getpgid(r0) 04:18:02 executing program 3: socketpair(0x0, 0x3, 0x0, &(0x7f00000000c0)) 04:18:02 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x44004) 04:18:02 executing program 5: fork() ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x128, 0x0, 0x1, 0x74bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x8000, 0x41}}}}, [@NL80211_ATTR_TESTDATA={0xfd, 0x45, "aa6b5b359e4b4bf1a1d8e4e382b87722548c7bda38c462b00a9a5ed0860e9a84a4b7fdb3c8ec4c0e6334b7cffd0406016341739e88709d4bf490991221aac535b2e30c8f6798413ddccd9c9671970d6487b06ae414fe1593baa0fea3e5cd057c96e68462f81e7dbe7635a0351eeff59d9cfbab0a16392f6ff1995ed0c312c30a21cecca06333201383658823e9ee4afd189774c69f93d15f8a250c1cbeffae9139f647071b1dcbbc3236358e5063858297b637f689ecb5b82cfbe80064f4fb4c21a7f16ec71b13aac3954833c2b53e40d10a3f6cf709e23750351d946aa740ef1a0ea48eec904c7bb414210efd1ab95ec8061a843070cb4e2c"}]}, 0x128}}, 0x4040010) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, r1, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x5f}}}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x24000814) fork() r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r2, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r2) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, r3, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8804}, 0xc0) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x1000, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="660f7644030f00da3e0f01b70080ba210066ed66b94603000066b85a00000066ba000000000f30ba4200ed0f20d86635200000000f22d8b800008ee8f27eb766b8b40000000f23c00f21f86635030002000f23f8", 0x54}], 0x1, 0x20, &(0x7f0000000100), 0x0) fork() 04:18:02 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:02 executing program 0: fork() getpid() fork() fork() 04:18:02 executing program 3: socketpair(0x10, 0x0, 0x0, &(0x7f00000000c0)) 04:18:02 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:02 executing program 3: socketpair(0x10, 0x0, 0x0, &(0x7f00000000c0)) 04:18:02 executing program 2: fork() r0 = gettid() getpgrp(r0) fork() fork() getpgid(r0) 04:18:02 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x44004) 04:18:02 executing program 5: fork() r0 = gettid() getpgrp(r0) fork() fork() getpgid(r0) 04:18:02 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, 0x0, 0x4040840) 04:18:02 executing program 0: fork() fork() fork() gettid() r0 = socket$can_bcm(0x1d, 0x2, 0x2) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:02 executing program 3: socketpair(0x10, 0x0, 0x0, &(0x7f00000000c0)) 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, 0x0, 0x4040840) 04:18:03 executing program 3: socketpair(0x10, 0x3, 0x0, 0x0) 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, 0x0, 0x4040840) 04:18:03 executing program 3: fork() ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x128, 0x0, 0x1, 0x74bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x8000, 0x41}}}}, [@NL80211_ATTR_TESTDATA={0xfd, 0x45, "aa6b5b359e4b4bf1a1d8e4e382b87722548c7bda38c462b00a9a5ed0860e9a84a4b7fdb3c8ec4c0e6334b7cffd0406016341739e88709d4bf490991221aac535b2e30c8f6798413ddccd9c9671970d6487b06ae414fe1593baa0fea3e5cd057c96e68462f81e7dbe7635a0351eeff59d9cfbab0a16392f6ff1995ed0c312c30a21cecca06333201383658823e9ee4afd189774c69f93d15f8a250c1cbeffae9139f647071b1dcbbc3236358e5063858297b637f689ecb5b82cfbe80064f4fb4c21a7f16ec71b13aac3954833c2b53e40d10a3f6cf709e23750351d946aa740ef1a0ea48eec904c7bb414210efd1ab95ec8061a843070cb4e2c"}]}, 0x128}}, 0x4040010) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, r1, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x5f}}}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x24000814) fork() r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r2, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r2) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, r3, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8804}, 0xc0) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x1000, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="660f7644030f00da3e0f01b70080ba210066ed66b94603000066b85a00000066ba000000000f30ba4200ed0f20d86635200000000f22d8b800008ee8f27eb766b8b40000000f23c00f21f86635030002000f23f8", 0x54}], 0x1, 0x20, &(0x7f0000000100), 0x0) fork() 04:18:03 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) 04:18:03 executing program 0: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:03 executing program 2: fork() fork() fork() gettid() r0 = socket$can_bcm(0x1d, 0x2, 0x2) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:03 executing program 5: fork() r0 = getpid() tgkill(0x0, r0, 0x0) getpgid(r0) 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:03 executing program 0: fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x3) fork() r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x3590c0, 0x0) sendto$x25(r1, &(0x7f0000000100)="b5183b01472652133f36b33ef978406e82d6f7cd42c647981e2af105838e6c513aaf6dcb62bad74154198666fe44037324bfa9d71e4db91c383792b7d7ffb9271a62dc97e58024f1451b2b3a25a08fd9b543038e6e8b80223510e5a06720de501364becd346393b5c6c3cc49106de925354242", 0x73, 0x4004801, &(0x7f0000000180)={0x9, @remote={[], 0x1}}, 0x12) 04:18:03 executing program 2: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) [ 576.173293] Bluetooth: hci0 command 0x0401 tx timeout 04:18:03 executing program 5: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:03 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:03 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:03 executing program 0: fork() fork() gettid() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) r2 = fork() tgkill(0x0, r2, 0x10002) ptrace$peekuser(0x3, r0, 0x7cb9) fork() 04:18:03 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) [ 576.493337] Bluetooth: hci3 command 0x0401 tx timeout 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, 0x0, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:03 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) 04:18:03 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) 04:18:03 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, 0x0, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:03 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) 04:18:04 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 04:18:04 executing program 0: pselect6(0x40, &(0x7f0000000000)={0x4, 0x6, 0x400, 0xfff, 0x40, 0x18a4, 0x9, 0x6}, &(0x7f0000000040)={0x70000000000, 0x6, 0x7f, 0x3fc, 0x2, 0x9d, 0x8001, 0x3}, &(0x7f0000000080)={0x800, 0xffffffff, 0x0, 0x8, 0x8, 0x6, 0x8, 0x20}, &(0x7f00000000c0), &(0x7f0000000140)={&(0x7f0000000100)={[0x800]}, 0x8}) fork() fork() fork() fork() 04:18:04 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, 0x0, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:04 executing program 2: fork() fork() gettid() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) r2 = fork() tgkill(0x0, r2, 0x10002) ptrace$peekuser(0x3, r0, 0x7cb9) fork() 04:18:04 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:04 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() 04:18:04 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 04:18:04 executing program 0: r0 = fork() fork() r1 = fork() r2 = getpgid(r1) tgkill(r2, r0, 0x28) 04:18:04 executing program 5: fork() fork() gettid() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) r2 = fork() tgkill(0x0, r2, 0x10002) ptrace$peekuser(0x3, r0, 0x7cb9) fork() 04:18:04 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:04 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:18:04 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4040840) 04:18:04 executing program 0: r0 = fork() getpid() fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x9) fork() 04:18:04 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() 04:18:04 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}}, 0x4040840) 04:18:04 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:18:04 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) 04:18:04 executing program 5: fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x3) fork() r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x3590c0, 0x0) sendto$x25(r1, &(0x7f0000000100)="b5183b01472652133f36b33ef978406e82d6f7cd42c647981e2af105838e6c513aaf6dcb62bad74154198666fe44037324bfa9d71e4db91c383792b7d7ffb9271a62dc97e58024f1451b2b3a25a08fd9b543038e6e8b80223510e5a06720de501364becd346393b5c6c3cc49106de925354242", 0x73, 0x4004801, &(0x7f0000000180)={0x9, @remote={[], 0x1}}, 0x12) 04:18:04 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() 04:18:04 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xffffffffffffffe2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x5c}}, 0x0) 04:18:04 executing program 0: fork() fork() fork() gettid() 04:18:04 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) fork() fork() geteuid() 04:18:05 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) 04:18:05 executing program 1: fork() r0 = getpgid(0xffffffffffffffff) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x400081) fork() fork() 04:18:05 executing program 2: fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xfffffffffffffffb) fork() ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(0xffffffffffffffff, 0x7aa, &(0x7f0000000040)={{@my=0x1, 0x40}, 0x7f, 0x8}) fork() 04:18:05 executing program 0: fork() fork() fork() fork() 04:18:05 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) 04:18:05 executing program 1: fork() r0 = getpgid(0xffffffffffffffff) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x400081) fork() fork() 04:18:05 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:05 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x8001, 0x80000) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f0000000040)) fork() 04:18:05 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) socketpair(0x10, 0x3, 0x8, &(0x7f00000000c0)) 04:18:05 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:05 executing program 0: r0 = fork() fork() fork() r1 = gettid() r2 = getpid() tgkill(0x0, r2, 0x0) tgkill(r1, r2, 0x3) ptrace$peekuser(0x3, r0, 0x20) ioctl$SIOCX25SCUDMATCHLEN(0xffffffffffffffff, 0x89e7, &(0x7f0000000000)={0x78}) ptrace$peekuser(0x3, r0, 0x1c00000000) getpid() 04:18:05 executing program 2: fork() fork() fork() r0 = getpid() gettid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xefbf) 04:18:05 executing program 1: fork() r0 = getpgid(0xffffffffffffffff) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x400081) fork() fork() 04:18:05 executing program 5: fork() fork() fork() r0 = getpid() gettid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xefbf) 04:18:05 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x402) [ 578.253260] Bluetooth: hci0 command 0x0401 tx timeout 04:18:05 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:05 executing program 4: syz_open_dev$mouse(0x0, 0x7f, 0x402) 04:18:05 executing program 2: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000000c0)={@null=' \x00', 0x1, 'batadv_slave_1\x00'}) r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000)={0x9, @remote}, &(0x7f0000000040)=0x12, 0x80000) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000080)={0x8001, 0x9, 0x101, 0x7f, 0x9, 0x16, 0x25, "710399522c4ba28d03f001755c912438b386bf1a", "62f664c53eaa69c3e7a1038d11a782e42440434c"}) r1 = accept4$x25(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000200)=0x12, 0x80000) setsockopt$X25_QBITINCL(r1, 0x106, 0x1, &(0x7f0000000240)=0x1, 0x4) fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480)='nl80211\x00', r2) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="200025b57000fcdb2817c1453d1d00", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x4880}, 0x804) ioctl$sock_x25_SIOCDELRT(r2, 0x890c, &(0x7f0000000340)={@remote={[], 0x0}, 0xc, 'veth0_vlan\x00'}) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ubi_ctrl\x00', 0x400300, 0x0) ioctl$DRM_IOCTL_GET_SAREA_CTX(r5, 0xc010641d, &(0x7f0000000300)={0x0, &(0x7f00000002c0)=""/22}) 04:18:05 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x3, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], 0x4}) fork() fork() fork() 04:18:05 executing program 4: syz_open_dev$mouse(0x0, 0x7f, 0x402) 04:18:05 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:05 executing program 1: fork() r0 = getpgid(0xffffffffffffffff) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x400081) fork() [ 578.573211] Bluetooth: hci3 command 0x0401 tx timeout 04:18:05 executing program 2: fork() mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:18:05 executing program 4: syz_open_dev$mouse(0x0, 0x7f, 0x402) 04:18:05 executing program 0: r0 = fork() clock_gettime(0x5, &(0x7f0000000000)) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = getpgrp(r0) getpgrp(r2) getpgrp(r1) fork() fork() 04:18:05 executing program 5: bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x2, 0x1}, 0x6) fork() setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, &(0x7f00000000c0)={0x7fffffff, [0x1, 0x2], 0xff}, 0x10) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) fork() 04:18:05 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:06 executing program 1: fork() getpgid(0xffffffffffffffff) fork() 04:18:06 executing program 2: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:18:06 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x402) 04:18:06 executing program 1: fork() getpgid(0xffffffffffffffff) fork() 04:18:06 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:06 executing program 0: fork() fork() fork() fork() 04:18:06 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x402) 04:18:06 executing program 1: fork() getpgid(0xffffffffffffffff) fork() 04:18:06 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:06 executing program 5: fork() getpgid(0xffffffffffffffff) fork() 04:18:06 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x402) 04:18:06 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:06 executing program 1: fork() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:06 executing program 2: r0 = fork() clock_gettime(0x5, &(0x7f0000000000)) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = getpgrp(r0) getpgrp(r2) getpgrp(r1) fork() fork() 04:18:06 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x0) 04:18:06 executing program 0: fork() fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) getpgid(r0) 04:18:06 executing program 5: r0 = fork() clock_gettime(0x5, &(0x7f0000000000)) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = getpgrp(r0) getpgrp(r2) getpgrp(r1) fork() fork() 04:18:06 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:06 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x0) 04:18:06 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:06 executing program 4: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x0) 04:18:06 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x0, 0x9}) 04:18:06 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:06 executing program 0: fork() r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x7) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, &(0x7f0000000000)) sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0xfffffffffffffff8) fork() fork() 04:18:06 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:06 executing program 2: fork() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:06 executing program 5: r0 = fork() r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r0, r1, 0x36) 04:18:06 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:18:07 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:07 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:07 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:18:07 executing program 2: fork() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:07 executing program 0: fork() fork() fork() r0 = fork() getpgrp(r0) 04:18:07 executing program 5: fork() r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x7) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, &(0x7f0000000000)) sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0xfffffffffffffff8) fork() fork() 04:18:07 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:07 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:07 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:18:07 executing program 2: fork() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:07 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:18:07 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:07 executing program 4: fork() 04:18:07 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:18:07 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x1, 0x487, 0xdd0}) fork() fork() fork() 04:18:07 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() [ 580.337934] Bluetooth: hci0 command 0x0401 tx timeout 04:18:07 executing program 4: fork() 04:18:07 executing program 5: fork() fork() fork() r0 = fork() getpgrp(r0) 04:18:07 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd"}) 04:18:07 executing program 2: fork() fork() 04:18:07 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:07 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x0, "1f63cd", 0x0, 0x9}) 04:18:07 executing program 4: fork() 04:18:07 executing program 2: fork() fork() 04:18:07 executing program 0: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x80000000) fork() r1 = fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) tgkill(r3, r1, 0x3f) r4 = getpid() ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, &(0x7f0000000100)=0x6) sched_setaffinity(r3, 0x5, &(0x7f00000000c0)=0xf) tgkill(0x0, r4, 0x0) r5 = getpid() gettid() tgkill(0x0, r5, 0x0) ptrace$peekuser(0x3, r5, 0x5) getpgid(r4) r6 = getpid() tgkill(0x0, r6, 0x0) ptrace$peekuser(0x3, r6, 0x1) 04:18:07 executing program 3: fork() fork() [ 580.654030] Bluetooth: hci3 command 0x0401 tx timeout 04:18:07 executing program 4: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 1: fork() 04:18:08 executing program 2: fork() fork() 04:18:08 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 4: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 0: syz_init_net_socket$x25(0x9, 0x5, 0x0) fork() fork() fork() 04:18:08 executing program 3: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x80000000) fork() r1 = fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) tgkill(r3, r1, 0x3f) r4 = getpid() ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, &(0x7f0000000100)=0x6) sched_setaffinity(r3, 0x5, &(0x7f00000000c0)=0xf) tgkill(0x0, r4, 0x0) r5 = getpid() gettid() tgkill(0x0, r5, 0x0) ptrace$peekuser(0x3, r5, 0x5) getpgid(r4) r6 = getpid() tgkill(0x0, r6, 0x0) ptrace$peekuser(0x3, r6, 0x1) 04:18:08 executing program 1: fork() 04:18:08 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400081) fork() 04:18:08 executing program 4: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 5: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x80000000) fork() r1 = fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) tgkill(r3, r1, 0x3f) r4 = getpid() ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, &(0x7f0000000100)=0x6) sched_setaffinity(r3, 0x5, &(0x7f00000000c0)=0xf) tgkill(0x0, r4, 0x0) r5 = getpid() gettid() tgkill(0x0, r5, 0x0) ptrace$peekuser(0x3, r5, 0x5) getpgid(r4) r6 = getpid() tgkill(0x0, r6, 0x0) ptrace$peekuser(0x3, r6, 0x1) 04:18:08 executing program 2: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 0: fork() bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x3, 0x1}, 0x6) fork() fork() gettid() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f00000011c0)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x100100}, 0xc, &(0x7f0000001180)={&(0x7f00000010c0)={0x90, r2, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x1000, 0x6d}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2fe}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x23a}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x539e}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x80000001}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x1}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14b4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x23}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3a6}]]}, 0x90}, 0x1, 0x0, 0x0, 0x8040}, 0x40801) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001200)='/dev/dlm_plock\x00', 0x4000, 0x0) ioctl$DRM_IOCTL_GET_CTX(r4, 0xc0086423, &(0x7f0000001240)={0x0, 0x3}) ioctl$sock_bt_hci(r0, 0x400448df, &(0x7f0000000040)="f53cf9cde21ddc501d0392c41c1874d7c3e04b1c74d902af0460bad92b60b808baec56d70814126d7c1c411111d6792072416827d0bbacaf9760ca4c44f26c1062cdbb8f9b408311d88bcd5d16eb6d2ea5b2bf65a20605a9cb154ea5250970ee31b1f09263ff895a01c53e0cbf75caa2d7085b84fa3a6ecfb97a30ba4a5c5d9430608a8d20d644647a7dc8c660f45e2a31e66745d695b14245e2e4395bee72d028a376e2aa09c07c318afd9b12277b84f808187d49a23f961552a3a483777d81253064774c6362ee248c4c3dcc7cc082d48ec2dba010da3bee8dd8cf98d4a4fb54f77ebf4cbb2cc38cd08685e96d3444e0469718a1063f97008095a1c59e17a6d65c3886ac7318a03f419056ca4b540c7a0d0da79e825ea22ab67a8ccb5c02d530fd1c153e8789049ceec69c2220402cad04d0e7a1850714e3247717ea9ed8ae710a686fc2d45deeb4050c795932072983ebb4e7fba8abfb4b5eae3528e3af03c97b1078d945bb8e70fc489fc14202b468ab2679cb52b405e7832e6c71d7804ba49953fd8ad606af8f46fe6a7bde0ec8d5ed67a0298e9a85d47a7d906816571b7d64ce8a46d5a6961c3f320d4d9ff7484a45b13db4f5875490f5fc00f2bbe25721a17fcfe49635c14bc4a4425b22f9199ce5628ca009d6d301b565cf7fd5394805a18731d7f764a3f1d1ea2d911d1ddd4c2b8fd67ae04a92629050914de2953962d70602b4ce0a5d16bf795d929910df62dcfc29ed10d712162629eaa488b6efe8f947625d623872be306fc924ab20e8857ad00a6957a15344f46813ebbf4fdffea7cbe2a03f0b6ddbe37108dc5fc421158dcce167ac476f83cd891b107750fd667cb89704d8f9c8fedd22cb4d9cba72e415978551dcf4bfee2bd674007a4bbca0bf822e8edec0302228944042eaf8f28d0dc023b936869e0f5993435de8ee7195907d02e1ada07210a1d7947bd645fdce3dca71914b7f72ac6ae45817bd8d28f93ad8153d3e508919ce02bc75bd5eba5f7d26790a5366ee3b7c7fee9eb8b7297a26728363e56d5150ca7cc5c4de006a2f6de75ec6883aaa86d50a461b04ee4581c20e3adf3b5c7c1c5f2b63b8c9678d427a544fa4f4651fafba63fcd5101a350fc754488c50fefc9f6363f667640b8a7eabd5e773379d26009600079dc8a674df04391cc6951a2d23ca7a51801f04302696c06de9dfd70cee708436a7f3059b7d4d137954804d87b0142453676483cb0b74245619637a247f7969ee285071ea70012ad60cdbe091adb4c7f89440a7f8c170a724b495f3a455993f7fdf1b9969fdf67d82f716253aa31cd3ec756512715c497778ab8ca8ebd1bfd7ff772bd90f78deb5a4b64cd9ef6ff40aa69b1971f6d31fb4a467f143370c483a7393f6090353b37ab14f1102f5353ae7fbccad808c17e1c79c12fd6a42cbcd5be4dc1bf97dcffef82d336d1f56e9b8e357e5124c388b3200c230678fec71195f1e1f9b20882fc14a39e6dab6b1e454fcbe1fce2ab61b7253f452632300b20433e3cba0ad112c05dcacdfd7db8ef7eac49125bba6f3a06fdab4fc11277dbd745bc834155966072c99743cf43cedcb67ce17cfb8d26877797701892c9363addafec8dc1d546bc452d781b952d63855ee428e9a4838f664400b932dae2e248616c7b2b8e41fa5a08c534763bf03ce87c6a21bdea43daff7cad7e42f3f85a9082d37e463c66278ed14e07c50a555a7c9f38a259b319ebd2410640780ab0bc71b45690a20e6d611b5564e42832721665fa1887d5e8ce9971014d634e8d5af114fc87e45e3ba1f161d94e4a849b2707be4a261d6ba2118c8ba996f8979b2dfcbc1cd11fa15733b457264483d0080f0a8bb74d5d5dc7d558005563b558c4cc9f22d63439b77d7f8a4dd8df5b7dac0b474cb2ec9f7c1cb0add7f1463a234198261640230df95140128b5aea9baef588d44dce9d814919ba39ce15b7b3d69a114eca72e63a427eaeee22fcbc20452882832c710d0662de8a8d216993a4ab95679d6cf55f6e05640bc18fb9e5dd22948db52ef006748d2bc14453b60f93c273acbf13f0bfc4a0ee33fbafd0b432c657cc636bd2c809f49e7916ded116bfae0cac9d42032e2b3750d1c0ebe4ee671e2613cb97ce33efd4ac7df97825c7a02d876cb77009e206899f8f5e68d8e97cd4b0d10532d22b5f4aaf62c7b5f950c8f34f19e413abca1d902943191a7703e25d552a24ec0cb73ad14876a0e652608af2e44b8fcf0f6e869cce581a93380078b668e42fe2c155f0f49f8630f85a42a07b4440380422613a513bb49dadb78429710546f6b1a475916f2e14c8c5bb570d9217f45ff5e3c08f7b0b224d35e2c9462181f53f841a4ed837252a1095483c014677689db37fbf49c06dbfad5d8f246192295e471c193e71c9bfd335d88d55259e351c599c64ac89b5e2c231b72d5d53531642896580e23cc02e14bb734740ccd58f8e07310bbf45dbc9d5356bfc493244db6031ec363c07cfbae04814fcae2141f1085c3cf4496f6e26a6d7f24d5a4dec2db45533da2bafe0dd6a7ecb16572c60cd1b61880650619ba0c6e198f40125d358a996735c5e13d0ba05155a10b78bed0e11abd9429d59493ea991f65b4698cd750aa179d797346f5b57c92bd09b5ef6116a091c7ab5a43ca680e81a3694c74ba25c0e822a4fdcec72c8304734b01bb49ef2030382c426f892e27bff0a3f3715a112700743412e47406322929998121aee111805c843f655a6bf67e974a3a9ad51cea540a01f3b56811b879ea3b957b33a4f74973f1737c309c25e90b319041b27195a2839e5f5a3702c90577ee123ed74550d0c5bcb24bb6f0c37b83f7785f55812ba884e121224565706af0f90e4c7bc68dd274b94317bdb8c7ff1fad9c0b5cfb6374c3378c68b3f6b0a9df1e12cb198ecc855e3aecc8e14c91a5f7f591d842d3077344010450004c795b2afb3af228fe5eb9991779574a27af10a4887c5a200d9b96a0d227205c72821b7cdfb74203a3c8abb6bde20d3feb9c0a2055d700fd716acdb37d9f0439f6e36e16b0f981665867faa4c47dff63f8bd2a75b271d70eec3ee0fcacd956f6f33c8de6f95322b6120e18f65c9ddfcaf6af66aa3125e7b0f0e03e96bb94885dbe7a7c23c152efdfd89c2d7b1ea70671b1eb94f12cd3a6cfa20f1190cc08665e7d29819f7c0bb1c0f870f4df8c95100c5bd527310b502b5d2a3d9274b33f259d58fa18fe430ce0d5de5c63a3787d28fd3f3b495d361330e160374e665bd5df15f1154fd57106805c219529bf8cd3ea95d711227eb553432f412525938206efaa2d03c51904c2ead12346182f395ec1ed54a33820bd2087a92b1d211c5a9374064ea8ffda879c9c6ba5d06ada36c9098bcaf2a6f121be791d48f6054d70bcefe3e6d74e6f931be4d2b489eb32ba965910a70f73ae280e2f0bffbf9cc0860289a0b44e5f35ed7142b928a9d20ad1416d408f13a24250852a73612aab926aa3939547886d705f2086fd5081a8e9f0fe5ef16b3f1ee66f350c159fc0bfd178ec6f33f4b65fe0f3e81c95efd3483ed23c9194863d1a2492ee65c3e8f8e428f1710a163e85ffc1b22cff0c6fab9a16b418999093d6916339dee1fcbf336764962ee639b5b92585f2b146d5d8a9aa40dad7067c3ada218165b3b9f1f2c419c81fe60bec5edd881191f32b898011eae146cdbde06da887bd9263176bfccbcbfa515ba4265ebe93322e0a9b4e36fe92db6072512dcd4ec8ac7792f997ce1a94a2679f7d003b73d1c404edd707eace55403a399e3c748ccf43016b5eb7da28ceec370a97a689033a6fe81a372d6ab859b439dd4cb04fc4f2e7b247914f54be4aa532f29de0c2ab9081f99288ce3b0ce0697577e27f3151a8c248601ef8671e352588f43855d4d955cfdff09b647c9a64834f784f67f01f2c1151caf608d4d0d0f518293285d113241377b5a478d101ef41c6d03c01c5a52f30e699dcf0ecad4156aa3d75570b0ffa53b529bdb999ecae850c9d9f98244aaa52589981e9e4ea397748403683a6bb7a9d8c1674b161e7a3a55e2ff266c2860e9461bc5156c613869d216b6a16da86a7cbc97338f6c8606e43777958e362a71bca455fecfc858565edb0408742421d2339b3f7ef1b2cf8da2075513555125ef28618481d182c0f62d7472ae3cb403aa5d305ec3c81fef257074bf8f8eb49c223f88f70c4634b8cd5b448aee39b594e9f79844eb3361fbf99816f3b7d67d2699db13f72b0d1c4415a5126645bc95780c13cde2d32d2815350efbce205df6548887ede0efc9b24195bea86d81804b54f54198293831eb2a7daa2368569c29873557498a22806a27d945ae45a65838932158f516d972d7294963254092ee1972af56988c13e5d7a58be27727bd0944e832a9e3a742e70bd2d290cb3d9d5bcc0c0e00d8bf2da5daa460f9517694531ecc147c1c161c8c00161293ab6bbfcfeed6ce9e1a9aa70f8292fc405725db30e9c872d0e7c8b34c5a530c53fc5b6bdc21c649e88ed6ce8e2df45c0f907803e93329b6f837a44d19d2a17f1a8a4050a5174c7f738371d58394dc9eda962ef1f56aaddf452022bbefa61dd67362699dbb1ea21fa160c7ee68151b3610021ed3bb9dba42da29e177a9a9f1a81948bc4a1d05526c3c3a73ce40cfa503f87f953898ee39fb77199153c66547dcd94c8d38968c9a837076113e2d8dcfd4d0c94d3652c6d29f54f062171631283e709d1c7d997d432f45eef6f65ff4ba7ba1f278c5e03bbedf9d55a2426bbf7dedc0e9fc1e3c1b37a947b68307d03408d224135e65fa6d0e4d358c2306aab5f9987d565536a0bd71bf22e5a9e51b56d43b7d3772c13070de7bf9f0a676409e5d8b5d1a311f5d75847da85a7fd7519afdfa80d80fb3a637e96012a9f611e4ac983eb1f29fae70119402fd140cb9a98b1b0b512140f1be5d81c92c1ab6f132099bb0d6423bbd381fec5a73ab1ee27447fc7cb1877aedb1ece0d5bad0dfc9912792bd4d75256424e17cd2b46eabb2fa6aa02f2c8bf6f8fe10bfbfac9afe4bee3ff52578b80f13fd250079747e15d7888f229321643ac6fe3b66821bb56144a0297767ebc48113b38950bdb35c1b7f236a46dd50d6e2d903018956ed28b2141e7529c9676012c6cc34b436bd7e457bf4ad452c962e6b8c699110894170fec4e30aa1b2f58c79fa8f81a26596cfbea360d29f3f36c30cbd6f43dedaa439bf2cbc34a04760cdda50daa310350476049c4de61a3ff274c73a6445b82e514fad66d3247d9eb5ce755b8fb235ea48d1c79bfc891d91802886e2cd3c36101f132098b9cf9daeb6bcd110d0851c1fd3b6c1c673d505ec17fc2d6c970092bd423c6e6b3cd74450790cf3470f8826c96491af6de79583a25dc5890ea74e98651a58abc595abd9bab96cdcac004a8033431e6071d0badecfbba7b9f48eab045599a73a058da66596058af1f5e5905b17f2e393c959bb6f976a0a984ca16dcc3ad794c3c519250260261d10ffde656dc58160f702d3b37922390ca8aba506303b404ed21bd13c8a2e7923570208f41480ff52af2c42b2df727c32c2ccc16210f75608d6c4e499010fdc5330963aa27324b9ab300f1166a04239d993ba9c9972bd9ab6c8705bcbd3eb19fe92f3559bff0fe4e4477d9aebf691a214246fc89dff6b766bd87251e6219af7e56f37a03efb58f5c8f83bef9e0b1ae6297e0191bef106008a3d1254d15052f6491b8ae21b8e3b17b213b0063ac1d52878c0997ef8f849735ab3841a8fc445a4ed6409104b51858") 04:18:08 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:08 executing program 1: syz_init_net_socket$x25(0x9, 0x5, 0x0) fork() fork() fork() 04:18:08 executing program 3: syz_init_net_socket$x25(0x9, 0x5, 0x0) fork() fork() fork() 04:18:08 executing program 2: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:08 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:08 executing program 5: fork() 04:18:08 executing program 0: fork() r0 = fork() r1 = getpgid(r0) r2 = getpgrp(r0) r3 = getpid() tgkill(0x0, r1, 0x11) tgkill(r2, r3, 0x30) fork() gettid() 04:18:08 executing program 2: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:08 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:09 executing program 4: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:09 executing program 1: r0 = fork() r1 = fork() r2 = getpgid(r1) r3 = getpid() tgkill(0x0, r0, 0x0) getpgrp(r3) r4 = getpgid(r2) r5 = getpid() tgkill(r3, r5, 0xf) r6 = getpid() tgkill(0x0, r6, 0x0) tgkill(r4, r6, 0x41) 04:18:09 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:09 executing program 3: sched_setaffinity(0x0, 0x0, 0x0) fork() 04:18:09 executing program 0: fork() r0 = getpid() tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000080)) fork() fork() ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}) 04:18:09 executing program 5: r0 = fork() fork() getpgrp(r0) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) r2 = getpid() getpgrp(r2) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x7fff}, 0xc) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x2110064, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}], [{@appraise_type='appraise_type=imasig'}, {@uid_gt={'uid>', r1}}, {@appraise='appraise'}, {@uid_gt={'uid>', r1}}, {@obj_type={'obj_type', 0x3d, '%,\x1c'}}]}}) 04:18:09 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:09 executing program 4: r0 = syz_open_dev$mouse(0xffffffffffffffff, 0x0, 0xc8000) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)) fork() 04:18:09 executing program 3: fork() r0 = fork() getpid() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x1) fork() 04:18:09 executing program 0: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, r2, 0x8, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x68}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3dc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xeb}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2a}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8011}, 0x10) 04:18:09 executing program 1: socketpair(0x2, 0x0, 0x0, &(0x7f0000000000)) 04:18:09 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() 04:18:09 executing program 5: fork() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) getpgid(r1) tgkill(0x0, r0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x1) fork() fork() 04:18:09 executing program 4: r0 = syz_open_dev$mouse(0xffffffffffffffff, 0x0, 0xc8000) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)) fork() 04:18:09 executing program 0: fork() gettid() fork() fork() getpid() 04:18:09 executing program 1: socketpair(0x2, 0x0, 0x0, &(0x7f0000000000)) 04:18:09 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000000)) fork() [ 582.413280] Bluetooth: hci0 command 0x0401 tx timeout 04:18:09 executing program 4: r0 = syz_open_dev$mouse(0xffffffffffffffff, 0x0, 0xc8000) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)) fork() 04:18:09 executing program 3: fork() fork() fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, r2, 0x8, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x68}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3dc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xeb}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2a}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8011}, 0x10) 04:18:09 executing program 1: socketpair(0x2, 0x0, 0x0, &(0x7f0000000000)) 04:18:09 executing program 4: r0 = syz_open_dev$mouse(0xffffffffffffffff, 0x0, 0xc8000) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)) 04:18:09 executing program 5: ioctl$SIOCX25CALLACCPTAPPRV(0xffffffffffffffff, 0x89e8) fork() 04:18:09 executing program 2: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) [ 582.733272] Bluetooth: hci3 command 0x0401 tx timeout 04:18:10 executing program 0: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:10 executing program 4: syz_open_dev$mouse(0xffffffffffffffff, 0x0, 0xc8000) 04:18:10 executing program 2: ptrace$peekuser(0x3, 0xffffffffffffffff, 0x0) fork() fork() syz_usbip_server_init(0x1) fork() 04:18:10 executing program 3: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x20000, 0x0) fork() 04:18:10 executing program 1: socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) 04:18:10 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:10 executing program 4: syz_open_dev$mouse(0xffffffffffffffff, 0x0, 0x0) 04:18:10 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001, 0x0, 0xffffffffffffffff}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r7) ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc0585611, &(0x7f00000001c0)={0x7ff, 0x3, 0x4, 0x0, 0x7, {r4, r5/1000+60000}, {0x3, 0x8, 0xf7, 0x7, 0x6, 0x40, ' ]g%'}, 0x400, 0x4, @fd=r6, 0x80000001, 0x0, r7}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)={0x30d952bc, 0x0, 0x4, 0x10, 0x0, {}, {0xca8670def508209, 0x0, 0x1, 0x0, 0x8, 0x1, 'vuoG'}, 0xfffffefd, 0x1, @offset=0x6, 0xed, 0x0, r2}) fork() 04:18:10 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x10) fork() 04:18:10 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:10 executing program 1: socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) 04:18:10 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001, 0x0, 0xffffffffffffffff}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r7) ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc0585611, &(0x7f00000001c0)={0x7ff, 0x3, 0x4, 0x0, 0x7, {r4, r5/1000+60000}, {0x3, 0x8, 0xf7, 0x7, 0x6, 0x40, ' ]g%'}, 0x400, 0x4, @fd=r6, 0x80000001, 0x0, r7}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)={0x30d952bc, 0x0, 0x4, 0x10, 0x0, {}, {0xca8670def508209, 0x0, 0x1, 0x0, 0x8, 0x1, 'vuoG'}, 0xfffffefd, 0x1, @offset=0x6, 0xed, 0x0, r2}) fork() 04:18:10 executing program 1: socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) 04:18:10 executing program 3: fork() r0 = fork() syz_read_part_table(0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000000)="46c9ca87a9fb9c4a9846246b7f8c7f1a1f5d7fef522ace34fde66accf5f3f95ec586cefb497c1a16ae6b7b76ff09f1af9e9a3b438767aafdc4affbeb71992100e8be89bb100bc49e9fe44d620ef1203e21a8f6e3961bcc8a49e53afb6c66ef975d070d28a034d848659b9bee398fd53b52d9fad896c9266c8e5164372e6c138a40a3a511c9944a5a25630685d8c034e290e0ddaf8e39cd0819fcaa7ebffbb2d8c93bb6737d650d6a81ec4e778b6cf302691be20ad9b1ca955aa4355ddf2c7cf15f04ba4690cfd322db80b6837e1d5f7753f3c2", 0xd3, 0x4}, {&(0x7f0000000100)="4a4bd5381c28d96c2d0d014f461faadb7c512af248675628b75e5dc3d808f42ef797dbe08ea745ee6aae6e675dbe21a6bea7ba39792554ff1cc1ed3ad6cd8388be506ed1a4191ce13feee52b272ffe", 0x4f, 0x3}]) fork() sched_setaffinity(r0, 0x8, &(0x7f00000001c0)=0x80000000) getrlimit(0x1, &(0x7f0000000000)) [ 583.111140] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 583.117019] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) 04:18:10 executing program 2: fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000040)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc) 04:18:10 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:10 executing program 1: socketpair(0x2, 0x0, 0x0, 0x0) 04:18:10 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001, 0x0, 0xffffffffffffffff}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r7) ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc0585611, &(0x7f00000001c0)={0x7ff, 0x3, 0x4, 0x0, 0x7, {r4, r5/1000+60000}, {0x3, 0x8, 0xf7, 0x7, 0x6, 0x40, ' ]g%'}, 0x400, 0x4, @fd=r6, 0x80000001, 0x0, r7}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)={0x30d952bc, 0x0, 0x4, 0x10, 0x0, {}, {0xca8670def508209, 0x0, 0x1, 0x0, 0x8, 0x1, 'vuoG'}, 0xfffffefd, 0x1, @offset=0x6, 0xed, 0x0, r2}) fork() 04:18:10 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x10) fork() 04:18:10 executing program 3: fork() r0 = fork() syz_read_part_table(0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000000)="46c9ca87a9fb9c4a9846246b7f8c7f1a1f5d7fef522ace34fde66accf5f3f95ec586cefb497c1a16ae6b7b76ff09f1af9e9a3b438767aafdc4affbeb71992100e8be89bb100bc49e9fe44d620ef1203e21a8f6e3961bcc8a49e53afb6c66ef975d070d28a034d848659b9bee398fd53b52d9fad896c9266c8e5164372e6c138a40a3a511c9944a5a25630685d8c034e290e0ddaf8e39cd0819fcaa7ebffbb2d8c93bb6737d650d6a81ec4e778b6cf302691be20ad9b1ca955aa4355ddf2c7cf15f04ba4690cfd322db80b6837e1d5f7753f3c2", 0xd3, 0x4}, {&(0x7f0000000100)="4a4bd5381c28d96c2d0d014f461faadb7c512af248675628b75e5dc3d808f42ef797dbe08ea745ee6aae6e675dbe21a6bea7ba39792554ff1cc1ed3ad6cd8388be506ed1a4191ce13feee52b272ffe", 0x4f, 0x3}]) fork() sched_setaffinity(r0, 0x8, &(0x7f00000001c0)=0x80000000) getrlimit(0x1, &(0x7f0000000000)) 04:18:11 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001, 0x0, 0xffffffffffffffff}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r7) ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc0585611, &(0x7f00000001c0)={0x7ff, 0x3, 0x4, 0x0, 0x7, {r4, r5/1000+60000}, {0x3, 0x8, 0xf7, 0x7, 0x6, 0x40, ' ]g%'}, 0x400, 0x4, @fd=r6, 0x80000001, 0x0, r7}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)={0x30d952bc, 0x0, 0x4, 0x10, 0x0, {}, {0xca8670def508209, 0x0, 0x1, 0x0, 0x8, 0x1, 'vuoG'}, 0xfffffefd, 0x1, @offset=0x6, 0xed, 0x0, r2}) 04:18:11 executing program 1: bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x4}, 0x8) r0 = fork() getpgid(r0) r1 = getpid() r2 = getpid() tgkill(0x0, r2, 0x0) getpgid(r0) tgkill(r2, r1, 0x0) getpgid(r1) 04:18:11 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f00000001c0)={0x7ff, 0x3, 0x4, 0x0, 0x7, {r3, r4/1000+60000}, {0x3, 0x8, 0xf7, 0x7, 0x6, 0x40, ' ]g%'}, 0x400, 0x4, @fd=r5, 0x80000001, 0x0, r6}) 04:18:11 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) 04:18:11 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x10) fork() 04:18:11 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) tgkill(0x0, 0x0, 0x2a) 04:18:11 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) clock_gettime(0x0, &(0x7f00000000c0)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) 04:18:11 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) userfaultfd(0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:11 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:11 executing program 2: fork() r0 = fork() r1 = getpgid(r0) fork() fork() getpgrp(r1) 04:18:11 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) tgkill(0x0, 0x0, 0x2a) 04:18:11 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) fork() 04:18:11 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) clock_gettime(0x0, &(0x7f00000000c0)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 04:18:11 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) tgkill(0x0, 0x0, 0x2a) 04:18:11 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) fork() 04:18:11 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) clock_gettime(0x0, &(0x7f00000000c0)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) 04:18:11 executing program 0: r0 = fork() tgkill(r0, r0, 0x2a) 04:18:11 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) fork() 04:18:11 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) clock_gettime(0x0, &(0x7f00000000c0)) [ 584.493273] Bluetooth: hci0 command 0x0401 tx timeout [ 584.823252] Bluetooth: hci3 command 0x0401 tx timeout 04:18:12 executing program 3: fork() r0 = fork() r1 = getpgid(r0) fork() fork() getpgrp(r1) 04:18:12 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) clock_gettime(0x0, &(0x7f00000000c0)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) 04:18:12 executing program 1: fork() openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) 04:18:12 executing program 0: r0 = fork() tgkill(r0, r0, 0x2a) 04:18:12 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() 04:18:12 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) 04:18:12 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 04:18:12 executing program 2: write$usbip_server(0xffffffffffffffff, &(0x7f0000000000)=@ret_submit={{0x3, 0x101, 0x0, 0x1, 0xffffff76}, 0x2, 0x9a, 0x8, 0xd3, 0x2, 0x0, "86a07c25cbefe88a95a44ac10e8eaed84e7d1f71433680fb372a06b6c68d74692e77b24c280bd0e2d3360bd21bba3aba07c88c32bcdaeaaa46f9c7506e73638afd0621fa175c588be211526dceac0c81dbe3bd2ee1fea781685ac26bbc50cebd58cc16e0dbd94ad4db9bf4e3c2203e2aa2fa0512219f54d842397e7bdf756b7314c9bbcf455cb71fe28070a44ef03881c7b8fd4549ceaa8a742d", [{0x40, 0x9, 0x936, 0x9}, {0x4, 0x5, 0x3, 0xee72}, {0x7, 0x5, 0x401, 0x7}, {0xffff, 0x23d, 0xffffce65, 0x1}, {0x3, 0xfd8a, 0x9, 0x92fb}, {0x80000000, 0xffffffff, 0xfffffffc, 0x800}, {0x5, 0x0, 0x6, 0x8}, {0x400, 0xfff, 0x0, 0x9}, {0x800, 0x0, 0x5, 0x3}, {0x6, 0x9, 0x43c, 0x5}, {0x4, 0x6db5, 0x5, 0xd4cd}, {0x4, 0x1f, 0xfff, 0x5}, {0x8, 0x5, 0x1ff}, {0x2, 0x3f, 0x5, 0x9}, {0x1a, 0x80000001, 0x8001, 0x8001}, {0x8001, 0xd645, 0x57046c77, 0xffffffff}, {0x5, 0x8001, 0xea6, 0xfffff160}, {0x7ff, 0x2, 0x4, 0xa7de}, {0x8000, 0x5b8, 0x8, 0x5}, {0x3f, 0x0, 0xa31, 0x7}, {0x8001, 0xa2, 0x1, 0x7fffffff}, {0x8, 0x8000, 0x8}, {0x1, 0x2, 0x40, 0x5}, {0x3, 0x7f, 0x0, 0xfff}, {0x2, 0xe9076c00, 0xb3, 0xfffffc73}, {0x2, 0x549, 0x1, 0x7}, {0x10000, 0x5, 0x2, 0x5}, {0x8001, 0x5, 0x48e, 0x9}, {0x2c0, 0x1, 0x20, 0x4}, {0x5, 0x71, 0x8}, {0x7fffffff, 0x80000001, 0x98, 0x101}, {0x1, 0xff, 0x8, 0x7318e737}, {0x7, 0x8, 0x0, 0x80}, {0x3, 0x8001, 0x7, 0x40c380d4}, {0xfffffff9, 0x3019fc08, 0x3, 0x99}, {0x0, 0x1ff, 0x3, 0xf}, {0x9, 0x0, 0x100, 0x776b}, {0x5, 0xffffffff, 0x1a667ef5}, {0x4, 0x4000000, 0xff, 0x59}, {0xac, 0x4c15, 0x6, 0x891}, {0x6, 0x1, 0x8, 0x5}, {0xffff0001, 0x7, 0xfffffffe, 0x6}, {0xff, 0x5, 0x3, 0x6}, {0x8, 0xffffff01, 0x6, 0xd6}, {0x8, 0x10000000, 0x6, 0x9}, {0x6, 0xffff, 0x7c, 0x80000000}, {0x1, 0x0, 0xdf, 0xe57}, {0x10000, 0x107, 0x7, 0x92c7}, {0x3, 0xfffffffb, 0x6, 0x3}, {0x0, 0x1, 0x2, 0x2}, {0x1ff, 0x6, 0x0, 0x5}, {0x80, 0x1c000, 0x3e, 0x9}, {0x3, 0xf9be, 0x6, 0xfffffffc}, {0x8, 0x4c, 0x3f, 0x7}, {0x8, 0x5, 0x1, 0x4e4}, {0x6, 0x1, 0x2, 0x1ff}, {0x3ff, 0x8000, 0x3, 0x3}, {0x10000, 0x7fffffff, 0xccc1, 0x10000}, {0x80, 0x3, 0x800, 0x54}, {0x216f, 0x1, 0x6, 0x2}, {0x1, 0x7ff, 0x3ff, 0x2}, {0x8, 0x80, 0x7, 0xa1b8}, {0x9, 0x0, 0xa5, 0x7fffffff}, {0x4, 0x9, 0x5, 0x8}, {0x1f7, 0x401, 0x401, 0xffffffff}, {0x20, 0x80, 0x8, 0x7fff}, {0x7, 0x81, 0xffffffff}, {0xfffff25f, 0x200, 0xff, 0x7fff}, {0x7fffffff, 0x6, 0x7, 0x1}, {0x9, 0x3, 0xff, 0x3}, {0x9189, 0x1f, 0x5, 0xfffff000}, {0x4, 0x7, 0x5, 0x3}, {0x8, 0x4, 0xfffffffb, 0x7fffffff}, {0x5, 0x7fff, 0x3, 0x3}, {0x9, 0x67, 0xfffffff9, 0x8}, {0x101, 0x8, 0x8000000, 0x5}, {0x3ff, 0x81, 0x101}, {0x3f, 0x52b9, 0x40000, 0x402}, {0x80, 0x7f, 0xfffffffc, 0x2}, {0x7, 0x3, 0x4, 0x3}, {0x8, 0x6, 0x5, 0xfffffff9}, {0xa72, 0xddd, 0x80000000, 0x5}, {0x6, 0x6}, {0x7, 0x1, 0x8, 0x80000}, {0xfffffff8, 0x1a5b, 0x6}, {0x69, 0x4, 0x1, 0x5}, {0x9, 0x40, 0x10000}, {0x20, 0x3, 0x0, 0x5}, {0x3e3a, 0x9, 0x9, 0xe2bb}, {0x0, 0x10001, 0x20, 0x1}, {0x98, 0x4, 0x7f, 0x7}, {0x80000000, 0x7, 0x7fffffff, 0x3}, {0x2, 0xaeb, 0xfffffffc, 0x7}, {0x59, 0x2, 0xfffffffc, 0x7}, {0xe0000000, 0x8, 0xff, 0x8}, {0x80000001, 0x1, 0x2, 0x4}, {0xffffffff, 0x2, 0x2, 0x4}, {0x5, 0x1, 0xc1e}, {0x6, 0x4, 0x8, 0x40}, {0x7, 0x4, 0x9, 0x4}, {0x1ff, 0x0, 0x0, 0xfffffffa}, {0x96, 0x0, 0xea, 0x3}, {0xfffffffa, 0x8, 0x0, 0x2}, {0x9, 0x40, 0x3, 0xfffffff6}, {0x4, 0x7, 0xffff8001, 0x3}, {0x7, 0x1, 0x7fff, 0x2}, {0x101, 0x0, 0x8, 0x9}, {0x0, 0x400, 0xa8, 0x401}, {0x7, 0x4, 0xb7b0, 0x101}, {0x9, 0xfa, 0x1000000, 0x7}, {0x4, 0x3, 0x5, 0x5}, {0x80, 0xc8000000, 0xe6, 0xfff}, {0x4, 0x7ff, 0x6, 0x1}, {0x8, 0x8001, 0x5, 0x401}, {0x1ff, 0x2, 0x9, 0x384}, {0x100, 0x155, 0x4, 0x8}, {0xfffffff7, 0x80000000, 0x3, 0x1}, {0x401, 0x5, 0x59, 0x70}, {0x1ff, 0x7, 0x2, 0xfffffffa}, {0x8, 0x0, 0x101, 0x401}, {0x7, 0x9, 0x2, 0x8}, {0x3c, 0xe0000000, 0x9, 0x9}, {0x30, 0x7, 0xbc, 0x4}, {0x2, 0x7fff, 0x3f, 0x1}, {0xffffffff, 0x80, 0x2, 0x3}, {0x6, 0x4, 0x3, 0x1}, {0x10000, 0x6, 0x80, 0x9}, {0xffffffff, 0x1, 0x7ff}, {0x4, 0x1000, 0x6, 0x100}, {0xbc, 0x9, 0x9, 0xceb}, {0x1cd0, 0x6, 0x14b, 0x8}, {0x25d9d555, 0x10000, 0x3ff, 0xda}, {0x9, 0x8, 0x3, 0x1}, {0x1a, 0x40, 0x30b5, 0x9}, {0x7fff, 0x1, 0x4}, {0xe4, 0x9c, 0x1529, 0x40}, {0x3, 0x730b, 0x2fc576e2, 0xff}, {0x1ee, 0xffff, 0x6, 0x2}, {0x1, 0x8, 0x7, 0x10000}, {0xac8, 0x7fff, 0xffffffff, 0x3f}, {0x0, 0x6, 0xfffffffe, 0x3}, {0x1e, 0x8000, 0x81, 0x1}, {0x3, 0x4, 0x6, 0x5}, {0x3, 0x5, 0x3, 0x81}, {0x4, 0x8000000, 0xc3, 0x3}, {0x3, 0x7, 0xfff, 0xfff}, {0x0, 0x5, 0x9, 0x4}, {0x1, 0xfffffffe, 0x6}, {0x80, 0x8, 0x7e, 0x3}, {0x5, 0x64, 0xd1, 0x3}, {0x6, 0x4, 0x0, 0xaa92}, {0x8000, 0x0, 0x2}, {0x1ff, 0x80000000, 0x9, 0x4c44}, {0x6, 0x2858, 0x7, 0x8000}, {0x0, 0x9, 0x80000000, 0xf4b}, {0x1, 0x81, 0x7, 0x6}, {0x6f04, 0x6, 0x2, 0x9}, {0x7, 0x1, 0x3f, 0xe4}, {0x2, 0x9, 0xfffffc00, 0x5}, {0x5, 0x200, 0x101, 0xe0000000}, {0x3, 0x7, 0x5, 0x9}, {0x5, 0x3, 0x1ff, 0x6}, {0x7, 0x7ff, 0x401, 0x7}, {0x80000000, 0x4, 0x80}, {0x9, 0xeeb, 0x3f, 0x6}, {0x5, 0x5, 0x7, 0x101}, {0x20, 0x2f93, 0x7, 0x2}, {0x2, 0x7f, 0x3ff, 0xfffff800}, {0x1, 0xfff, 0x7, 0x4}, {0x40000000, 0x3, 0x800, 0x53}, {0x2eb, 0x1, 0x6, 0x80}, {0x0, 0x9, 0x2, 0x9}, {0x80000001, 0x1, 0xdc, 0x1}, {0x8, 0x1f, 0x3, 0x400}, {0x9, 0x350, 0x1000, 0x4}, {0xf6d, 0x0, 0x7f}, {0x1, 0x1, 0x10001, 0xd2f5}, {0x1000, 0xffff, 0x35f5, 0x40}, {0x8, 0x10001, 0x8000}, {0x8306, 0x1a2020f7, 0x8, 0x6}, {0xffffffff, 0x81, 0x7f}, {0x2, 0x2, 0x2}, {0x4e2, 0xffffffff, 0x9, 0xfffffbff}, {0x8, 0x5, 0xde9, 0x3f}, {0x1ff, 0xfff, 0x3, 0x9}, {0xfffffffc, 0x4, 0xc28, 0x6}, {0x101, 0x2, 0xff, 0x2}, {0x20, 0x6, 0xa9, 0x6}, {0x8, 0x1, 0x4, 0x6}, {0x2, 0xc4c, 0x3, 0x100}, {0x2, 0x7, 0x10000, 0x8}, {0xff, 0x9, 0x5, 0x8001}, {0x2, 0xfff, 0xffff}, {0x0, 0x3, 0xff, 0x5}, {0xe37, 0xffff, 0xbbe0}, {0x9c9, 0x16b, 0xcec, 0xffff}, {0x1, 0x6, 0x89, 0x67}, {0x4, 0x40d, 0x5, 0x1}, {0xfffffff8, 0x90, 0x8, 0x4}, {0x7fffffff, 0x1f61, 0x5, 0x401}, {0x8, 0xffff, 0x7, 0x5}, {0x8000, 0x3f, 0xd3d, 0x5}, {0x7, 0x5, 0x4, 0x2}, {0x7fffffff, 0xec, 0x7, 0xbfd}, {0x28a, 0x3, 0x6, 0xffffffff}, {0x1a, 0x800, 0x20, 0x7}, {0x46, 0x4, 0x100, 0x8000}, {0x6, 0x1000, 0x3a55, 0xe82}, {0x5, 0x52, 0x7, 0x10001}, {0x8, 0x3ff, 0x7, 0x1}, {0x89, 0x6, 0x173, 0xffffffff}]}, 0xdfa) fork() fork() fork() 04:18:12 executing program 0: r0 = fork() tgkill(r0, r0, 0x2a) 04:18:12 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) fork() 04:18:12 executing program 5: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000040)={0xc6, 0x1, 0x4, 0x10, 0x7, {r0, r1/1000+60000}, {0x3, 0xc, 0x40, 0x2, 0x0, 0xff, "d3a6c0b1"}, 0x4, 0x4, @userptr=0x7, 0xffff0001}) 04:18:12 executing program 1: write$usbip_server(0xffffffffffffffff, &(0x7f0000000000)=@ret_submit={{0x3, 0x101, 0x0, 0x1, 0xffffff76}, 0x2, 0x9a, 0x8, 0xd3, 0x2, 0x0, "86a07c25cbefe88a95a44ac10e8eaed84e7d1f71433680fb372a06b6c68d74692e77b24c280bd0e2d3360bd21bba3aba07c88c32bcdaeaaa46f9c7506e73638afd0621fa175c588be211526dceac0c81dbe3bd2ee1fea781685ac26bbc50cebd58cc16e0dbd94ad4db9bf4e3c2203e2aa2fa0512219f54d842397e7bdf756b7314c9bbcf455cb71fe28070a44ef03881c7b8fd4549ceaa8a742d", [{0x40, 0x9, 0x936, 0x9}, {0x4, 0x5, 0x3, 0xee72}, {0x7, 0x5, 0x401, 0x7}, {0xffff, 0x23d, 0xffffce65, 0x1}, {0x3, 0xfd8a, 0x9, 0x92fb}, {0x80000000, 0xffffffff, 0xfffffffc, 0x800}, {0x5, 0x0, 0x6, 0x8}, {0x400, 0xfff, 0x0, 0x9}, {0x800, 0x0, 0x5, 0x3}, {0x6, 0x9, 0x43c, 0x5}, {0x4, 0x6db5, 0x5, 0xd4cd}, {0x4, 0x1f, 0xfff, 0x5}, {0x8, 0x5, 0x1ff}, {0x2, 0x3f, 0x5, 0x9}, {0x1a, 0x80000001, 0x8001, 0x8001}, {0x8001, 0xd645, 0x57046c77, 0xffffffff}, {0x5, 0x8001, 0xea6, 0xfffff160}, {0x7ff, 0x2, 0x4, 0xa7de}, {0x8000, 0x5b8, 0x8, 0x5}, {0x3f, 0x0, 0xa31, 0x7}, {0x8001, 0xa2, 0x1, 0x7fffffff}, {0x8, 0x8000, 0x8}, {0x1, 0x2, 0x40, 0x5}, {0x3, 0x7f, 0x0, 0xfff}, {0x2, 0xe9076c00, 0xb3, 0xfffffc73}, {0x2, 0x549, 0x1, 0x7}, {0x10000, 0x5, 0x2, 0x5}, {0x8001, 0x5, 0x48e, 0x9}, {0x2c0, 0x1, 0x20, 0x4}, {0x5, 0x71, 0x8}, {0x7fffffff, 0x80000001, 0x98, 0x101}, {0x1, 0xff, 0x8, 0x7318e737}, {0x7, 0x8, 0x0, 0x80}, {0x3, 0x8001, 0x7, 0x40c380d4}, {0xfffffff9, 0x3019fc08, 0x3, 0x99}, {0x0, 0x1ff, 0x3, 0xf}, {0x9, 0x0, 0x100, 0x776b}, {0x5, 0xffffffff, 0x1a667ef5}, {0x4, 0x4000000, 0xff, 0x59}, {0xac, 0x4c15, 0x6, 0x891}, {0x6, 0x1, 0x8, 0x5}, {0xffff0001, 0x7, 0xfffffffe, 0x6}, {0xff, 0x5, 0x3, 0x6}, {0x8, 0xffffff01, 0x6, 0xd6}, {0x8, 0x10000000, 0x6, 0x9}, {0x6, 0xffff, 0x7c, 0x80000000}, {0x1, 0x0, 0xdf, 0xe57}, {0x10000, 0x107, 0x7, 0x92c7}, {0x3, 0xfffffffb, 0x6, 0x3}, {0x0, 0x1, 0x2, 0x2}, {0x1ff, 0x6, 0x0, 0x5}, {0x80, 0x1c000, 0x3e, 0x9}, {0x3, 0xf9be, 0x6, 0xfffffffc}, {0x8, 0x4c, 0x3f, 0x7}, {0x8, 0x5, 0x1, 0x4e4}, {0x6, 0x1, 0x2, 0x1ff}, {0x3ff, 0x8000, 0x3, 0x3}, {0x10000, 0x7fffffff, 0xccc1, 0x10000}, {0x80, 0x3, 0x800, 0x54}, {0x216f, 0x1, 0x6, 0x2}, {0x1, 0x7ff, 0x3ff, 0x2}, {0x8, 0x80, 0x7, 0xa1b8}, {0x9, 0x0, 0xa5, 0x7fffffff}, {0x4, 0x9, 0x5, 0x8}, {0x1f7, 0x401, 0x401, 0xffffffff}, {0x20, 0x80, 0x8, 0x7fff}, {0x7, 0x81, 0xffffffff}, {0xfffff25f, 0x200, 0xff, 0x7fff}, {0x7fffffff, 0x6, 0x7, 0x1}, {0x9, 0x3, 0xff, 0x3}, {0x9189, 0x1f, 0x5, 0xfffff000}, {0x4, 0x7, 0x5, 0x3}, {0x8, 0x4, 0xfffffffb, 0x7fffffff}, {0x5, 0x7fff, 0x3, 0x3}, {0x9, 0x67, 0xfffffff9, 0x8}, {0x101, 0x8, 0x8000000, 0x5}, {0x3ff, 0x81, 0x101}, {0x3f, 0x52b9, 0x40000, 0x402}, {0x80, 0x7f, 0xfffffffc, 0x2}, {0x7, 0x3, 0x4, 0x3}, {0x8, 0x6, 0x5, 0xfffffff9}, {0xa72, 0xddd, 0x80000000, 0x5}, {0x6, 0x6}, {0x7, 0x1, 0x8, 0x80000}, {0xfffffff8, 0x1a5b, 0x6}, {0x69, 0x4, 0x1, 0x5}, {0x9, 0x40, 0x10000}, {0x20, 0x3, 0x0, 0x5}, {0x3e3a, 0x9, 0x9, 0xe2bb}, {0x0, 0x10001, 0x20, 0x1}, {0x98, 0x4, 0x7f, 0x7}, {0x80000000, 0x7, 0x7fffffff, 0x3}, {0x2, 0xaeb, 0xfffffffc, 0x7}, {0x59, 0x2, 0xfffffffc, 0x7}, {0xe0000000, 0x8, 0xff, 0x8}, {0x80000001, 0x1, 0x2, 0x4}, {0xffffffff, 0x2, 0x2, 0x4}, {0x5, 0x1, 0xc1e}, {0x6, 0x4, 0x8, 0x40}, {0x7, 0x4, 0x9, 0x4}, {0x1ff, 0x0, 0x0, 0xfffffffa}, {0x96, 0x0, 0xea, 0x3}, {0xfffffffa, 0x8, 0x0, 0x2}, {0x9, 0x40, 0x3, 0xfffffff6}, {0x4, 0x7, 0xffff8001, 0x3}, {0x7, 0x1, 0x7fff, 0x2}, {0x101, 0x0, 0x8, 0x9}, {0x0, 0x400, 0xa8, 0x401}, {0x7, 0x4, 0xb7b0, 0x101}, {0x9, 0xfa, 0x1000000, 0x7}, {0x4, 0x3, 0x5, 0x5}, {0x80, 0xc8000000, 0xe6, 0xfff}, {0x4, 0x7ff, 0x6, 0x1}, {0x8, 0x8001, 0x5, 0x401}, {0x1ff, 0x2, 0x9, 0x384}, {0x100, 0x155, 0x4, 0x8}, {0xfffffff7, 0x80000000, 0x3, 0x1}, {0x401, 0x5, 0x59, 0x70}, {0x1ff, 0x7, 0x2, 0xfffffffa}, {0x8, 0x0, 0x101, 0x401}, {0x7, 0x9, 0x2, 0x8}, {0x3c, 0xe0000000, 0x9, 0x9}, {0x30, 0x7, 0xbc, 0x4}, {0x2, 0x7fff, 0x3f, 0x1}, {0xffffffff, 0x80, 0x2, 0x3}, {0x6, 0x4, 0x3, 0x1}, {0x10000, 0x6, 0x80, 0x9}, {0xffffffff, 0x1, 0x7ff}, {0x4, 0x1000, 0x6, 0x100}, {0xbc, 0x9, 0x9, 0xceb}, {0x1cd0, 0x6, 0x14b, 0x8}, {0x25d9d555, 0x10000, 0x3ff, 0xda}, {0x9, 0x8, 0x3, 0x1}, {0x1a, 0x40, 0x30b5, 0x9}, {0x7fff, 0x1, 0x4}, {0xe4, 0x9c, 0x1529, 0x40}, {0x3, 0x730b, 0x2fc576e2, 0xff}, {0x1ee, 0xffff, 0x6, 0x2}, {0x1, 0x8, 0x7, 0x10000}, {0xac8, 0x7fff, 0xffffffff, 0x3f}, {0x0, 0x6, 0xfffffffe, 0x3}, {0x1e, 0x8000, 0x81, 0x1}, {0x3, 0x4, 0x6, 0x5}, {0x3, 0x5, 0x3, 0x81}, {0x4, 0x8000000, 0xc3, 0x3}, {0x3, 0x7, 0xfff, 0xfff}, {0x0, 0x5, 0x9, 0x4}, {0x1, 0xfffffffe, 0x6}, {0x80, 0x8, 0x7e, 0x3}, {0x5, 0x64, 0xd1, 0x3}, {0x6, 0x4, 0x0, 0xaa92}, {0x8000, 0x0, 0x2}, {0x1ff, 0x80000000, 0x9, 0x4c44}, {0x6, 0x2858, 0x7, 0x8000}, {0x0, 0x9, 0x80000000, 0xf4b}, {0x1, 0x81, 0x7, 0x6}, {0x6f04, 0x6, 0x2, 0x9}, {0x7, 0x1, 0x3f, 0xe4}, {0x2, 0x9, 0xfffffc00, 0x5}, {0x5, 0x200, 0x101, 0xe0000000}, {0x3, 0x7, 0x5, 0x9}, {0x5, 0x3, 0x1ff, 0x6}, {0x7, 0x7ff, 0x401, 0x7}, {0x80000000, 0x4, 0x80}, {0x9, 0xeeb, 0x3f, 0x6}, {0x5, 0x5, 0x7, 0x101}, {0x20, 0x2f93, 0x7, 0x2}, {0x2, 0x7f, 0x3ff, 0xfffff800}, {0x1, 0xfff, 0x7, 0x4}, {0x40000000, 0x3, 0x800, 0x53}, {0x2eb, 0x1, 0x6, 0x80}, {0x0, 0x9, 0x2, 0x9}, {0x80000001, 0x1, 0xdc, 0x1}, {0x8, 0x1f, 0x3, 0x400}, {0x9, 0x350, 0x1000, 0x4}, {0xf6d, 0x0, 0x7f}, {0x1, 0x1, 0x10001, 0xd2f5}, {0x1000, 0xffff, 0x35f5, 0x40}, {0x8, 0x10001, 0x8000}, {0x8306, 0x1a2020f7, 0x8, 0x6}, {0xffffffff, 0x81, 0x7f}, {0x2, 0x2, 0x2}, {0x4e2, 0xffffffff, 0x9, 0xfffffbff}, {0x8, 0x5, 0xde9, 0x3f}, {0x1ff, 0xfff, 0x3, 0x9}, {0xfffffffc, 0x4, 0xc28, 0x6}, {0x101, 0x2, 0xff, 0x2}, {0x20, 0x6, 0xa9, 0x6}, {0x8, 0x1, 0x4, 0x6}, {0x2, 0xc4c, 0x3, 0x100}, {0x2, 0x7, 0x10000, 0x8}, {0xff, 0x9, 0x5, 0x8001}, {0x2, 0xfff, 0xffff}, {0x0, 0x3, 0xff, 0x5}, {0xe37, 0xffff, 0xbbe0}, {0x9c9, 0x16b, 0xcec, 0xffff}, {0x1, 0x6, 0x89, 0x67}, {0x4, 0x40d, 0x5, 0x1}, {0xfffffff8, 0x90, 0x8, 0x4}, {0x7fffffff, 0x1f61, 0x5, 0x401}, {0x8, 0xffff, 0x7, 0x5}, {0x8000, 0x3f, 0xd3d, 0x5}, {0x7, 0x5, 0x4, 0x2}, {0x7fffffff, 0xec, 0x7, 0xbfd}, {0x28a, 0x3, 0x6, 0xffffffff}, {0x1a, 0x800, 0x20, 0x7}, {0x46, 0x4, 0x100, 0x8000}, {0x6, 0x1000, 0x3a55, 0xe82}, {0x5, 0x52, 0x7, 0x10001}, {0x8, 0x3ff, 0x7, 0x1}, {0x89, 0x6, 0x173, 0xffffffff}]}, 0xdfa) fork() fork() fork() 04:18:12 executing program 3: fork() socket(0x11, 0x3, 0x6) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$SIOCPNGETOBJECT(r0, 0x89e0, &(0x7f0000000000)=0x5) 04:18:12 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) fork() 04:18:12 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:12 executing program 5: clock_gettime(0x0, &(0x7f0000000000)) 04:18:12 executing program 2: fork() socket(0x11, 0x3, 0x6) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$SIOCPNGETOBJECT(r0, 0x89e0, &(0x7f0000000000)=0x5) 04:18:12 executing program 5: clock_gettime(0x0, 0x0) 04:18:12 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:12 executing program 1: socket(0x0, 0x80000, 0x9) 04:18:12 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) fork() 04:18:12 executing program 5: clock_gettime(0x0, 0x0) 04:18:13 executing program 3: fork() socket(0x11, 0x3, 0x6) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$SIOCPNGETOBJECT(r0, 0x89e0, &(0x7f0000000000)=0x5) 04:18:13 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:13 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:13 executing program 5: clock_gettime(0x0, 0x0) 04:18:13 executing program 1: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x7ff) 04:18:13 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() 04:18:13 executing program 5: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) 04:18:13 executing program 3: fork() socket(0x11, 0x3, 0x6) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$SIOCPNGETOBJECT(r0, 0x89e0, &(0x7f0000000000)=0x5) 04:18:13 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}}) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:13 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10800, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() 04:18:13 executing program 1: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x7ff) 04:18:13 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:13 executing program 4: mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() 04:18:13 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}}) r0 = fork() tgkill(r0, r0, 0x2a) [ 586.573352] Bluetooth: hci0 command 0x0401 tx timeout 04:18:14 executing program 2: r0 = fork() tgkill(r0, r0, 0x1b) fork() fork() 04:18:14 executing program 3: fork() socket(0x11, 0x3, 0x6) socket$phonet_pipe(0x23, 0x5, 0x2) 04:18:14 executing program 1: ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000000)) fork() fork() r0 = fork() fork() r1 = fork() tgkill(r0, r1, 0x34) fork() 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() 04:18:14 executing program 5: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}}) r0 = fork() tgkill(r0, r0, 0x2a) 04:18:14 executing program 5: r0 = fork() tgkill(r0, r0, 0x1b) fork() fork() 04:18:14 executing program 3: fork() socket(0x11, 0x3, 0x6) 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(0x0, r0, 0x2a) 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() [ 586.893517] Bluetooth: hci3 command 0x0401 tx timeout 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(0x0, r0, 0x2a) 04:18:14 executing program 3: socket(0x11, 0x3, 0x6) 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) fork() 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(0x0, r0, 0x2a) 04:18:14 executing program 1: fork() socket(0x11, 0x3, 0x6) socket$phonet_pipe(0x23, 0x5, 0x2) 04:18:14 executing program 2: fork() socket(0x11, 0x3, 0x6) 04:18:14 executing program 3: socket(0x0, 0x3, 0x6) 04:18:14 executing program 5: r0 = fork() tgkill(r0, r0, 0x1b) fork() fork() 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, 0x0, 0x2a) 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) fork() 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) fork() 04:18:14 executing program 3: socket(0x0, 0x3, 0x6) 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, 0x0, 0x2a) 04:18:14 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:14 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@fscache='fscache'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() 04:18:14 executing program 3: socket(0x0, 0x3, 0x6) 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, 0x0, 0x2a) 04:18:14 executing program 5: r0 = fork() tgkill(r0, r0, 0x1b) fork() fork() 04:18:14 executing program 3: socket(0x11, 0x0, 0x6) 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) fork() 04:18:14 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x0) 04:18:14 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}]}}) fork() 04:18:15 executing program 3: socket(0x11, 0x0, 0x6) 04:18:15 executing program 5: r0 = fork() tgkill(r0, r0, 0x1b) fork() 04:18:15 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) fork() 04:18:15 executing program 2: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x0) 04:18:15 executing program 3: socket(0x11, 0x0, 0x6) 04:18:15 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x0) 04:18:15 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@func={'func', 0x3d, 'MMAP_CHECK'}}]}}) fork() 04:18:15 executing program 5: r0 = fork() tgkill(r0, r0, 0x1b) 04:18:15 executing program 1: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) fork() 04:18:15 executing program 3: socket(0x11, 0x3, 0x0) 04:18:15 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000680)={@null=' \x00', 0xe, 'bond0\x00'}) 04:18:15 executing program 0: ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) r0 = fork() tgkill(r0, r0, 0x0) 04:18:15 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) userfaultfd(0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:15 executing program 5: tgkill(0x0, 0x0, 0x1b) 04:18:15 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:15 executing program 3: socket(0x11, 0x3, 0x0) 04:18:15 executing program 5: tgkill(0x0, 0x0, 0x1b) [ 588.653297] Bluetooth: hci0 command 0x0401 tx timeout 04:18:15 executing program 1: socket(0x11, 0x3, 0x0) 04:18:15 executing program 3: socket(0x11, 0x3, 0x0) 04:18:16 executing program 5: tgkill(0x0, 0x0, 0x1b) 04:18:16 executing program 1: socket(0x11, 0x3, 0x0) 04:18:16 executing program 5: r0 = fork() tgkill(0x0, r0, 0x1b) 04:18:16 executing program 1: socket(0x11, 0x3, 0x0) 04:18:16 executing program 5: r0 = fork() tgkill(0x0, r0, 0x1b) [ 588.978811] Bluetooth: hci3 command 0x0401 tx timeout 04:18:16 executing program 1: socket(0x0, 0x3, 0x0) 04:18:16 executing program 2: r0 = fork() getpgid(r0) fork() 04:18:16 executing program 5: r0 = fork() tgkill(0x0, r0, 0x1b) 04:18:16 executing program 5: r0 = fork() tgkill(r0, 0x0, 0x1b) 04:18:16 executing program 1: socket(0x0, 0x3, 0x0) 04:18:16 executing program 5: r0 = fork() tgkill(r0, 0x0, 0x1b) 04:18:16 executing program 1: socket(0x0, 0x3, 0x0) 04:18:16 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x20, 0x404000) r1 = socket(0x18, 0x80000, 0x9) write$bt_hci(r1, &(0x7f0000000a80)={0x1, @read_tx_power={{0xc2d, 0x3}, {0xc8, 0x3f}}}, 0x7) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f00000004c0)) r4 = syz_open_dev$mouse(&(0x7f0000000540)='/dev/input/mouse#\x00', 0x1, 0x20440) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000580)=""/117) 04:18:16 executing program 5: r0 = fork() tgkill(r0, 0x0, 0x1b) 04:18:16 executing program 1: socket(0x11, 0x0, 0x0) 04:18:16 executing program 2: fork() gettid() syz_usbip_server_init(0x3) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:16 executing program 5: r0 = fork() tgkill(r0, r0, 0x0) 04:18:16 executing program 1: socket(0x11, 0x0, 0x0) 04:18:16 executing program 5: r0 = fork() tgkill(r0, r0, 0x0) 04:18:17 executing program 1: socket(0x11, 0x0, 0x0) 04:18:17 executing program 5: r0 = fork() tgkill(r0, r0, 0x0) [ 589.843915] vhci_hcd vhci_hcd.0: port 0 already used 04:18:17 executing program 2: r0 = fork() tgkill(r0, r0, 0x0) 04:18:17 executing program 2: fork() fork() r0 = gettid() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x8) fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = geteuid() mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>', r1}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = geteuid() mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>', r1}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = geteuid() mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>', r1}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) geteuid() fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) geteuid() fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) geteuid() fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:17 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000001c0)={0x3, 0x0, @ioapic={0xd000, 0x40, 0x1, 0x400, 0x0, [{0x1, 0x1f, 0x4, [], 0x81}, {0x6, 0x4, 0x7f}, {0x4, 0x8, 0xfa, [], 0xbe}, {0x0, 0x4, 0x8e, [], 0x7f}, {0x8, 0x0, 0x9, [], 0x2}, {0x8, 0x5, 0x30, [], 0x3f}, {0x2, 0x5, 0x7, [], 0x1}, {0x71, 0x20, 0x4, [], 0x5}, {0x3, 0xee, 0x7f, [], 0x64}, {0x0, 0x81, 0x0, [], 0x1}, {0x20, 0x1, 0x3, [], 0xd6}, {0x80, 0x11, 0x3, [], 0x81}, {0x4, 0xff, 0x17, [], 0x1}, {0x80, 0x8, 0x8c, [], 0x81}, {0xff, 0x8, 0x1, [], 0x8e}, {0x2, 0x7f, 0x9, [], 0x1}, {0xff, 0x3, 0x5, [], 0x4b}, {0x9, 0x4, 0x2, [], 0x9}, {0x3, 0x6, 0x1, [], 0x5}, {0x2, 0x0, 0x0, [], 0x9}, {0xa0, 0x20, 0x4, [], 0x9}, {0x3b, 0x1, 0x2, [], 0x9}, {0x10, 0x6, 0xfc, [], 0x1}, {0x8, 0x3, 0xdf, [], 0x34}]}}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() [ 590.733323] Bluetooth: hci0 command 0x0401 tx timeout 04:18:18 executing program 2: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() [ 591.053345] Bluetooth: hci3 command 0x0401 tx timeout 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@dont_measure='dont_measure'}]}}) fork() 04:18:18 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() [ 592.813257] Bluetooth: hci0 command 0x0401 tx timeout [ 593.133274] Bluetooth: hci3 command 0x0401 tx timeout [ 594.893275] Bluetooth: hci0 command 0x0401 tx timeout [ 595.213312] Bluetooth: hci3 command 0x0401 tx timeout [ 596.973343] Bluetooth: hci0 command 0x0401 tx timeout [ 597.293255] Bluetooth: hci3 command 0x0401 tx timeout [ 599.053314] Bluetooth: hci0 command 0x0401 tx timeout [ 599.373284] Bluetooth: hci3 command 0x0401 tx timeout [ 601.133304] Bluetooth: hci0 command 0x0401 tx timeout [ 601.453345] Bluetooth: hci3 command 0x0401 tx timeout 04:18:29 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:29 executing program 0: ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x820004, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@version_L='version=9p2000.L'}, {@access_uid={'access', 0x3d, 0xee00}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, ',%*\''}}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', 0xee01}}, {@fowner_gt={'fowner>'}}, {@obj_type={'obj_type', 0x3d, '%'}}, {@measure='measure'}]}}) fork() 04:18:29 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:29 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:29 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@null=' \x00', 0x0, 'ip_vti0\x00'}) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x2}, 0x7, 'netpci0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', 0xffffffffffffffff) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x2}) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x3, 0x1, "1f63cd", 0x6, 0x9}) 04:18:29 executing program 5: syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) 04:18:29 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x33, 0x500) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0]}) r1 = fork() r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000180)={0x0}, &(0x7f0000000140)=0xfffffffffffffcb6) r5 = getpgid(r1) tgkill(r4, r5, 0x2f) 04:18:29 executing program 5: r0 = fork() fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x3f) fork() getpid() r1 = fork() gettid() ptrace$peekuser(0x3, r1, 0x90) 04:18:29 executing program 0: r0 = fork() fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x3f) fork() getpid() r1 = fork() gettid() ptrace$peekuser(0x3, r1, 0x90) 04:18:29 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:18:29 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000), 0x4) 04:18:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="63c5", @ANYRES16=r1, @ANYBLOB="00042cbd7000ffdbdf255400000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990007000000120000000a000600ffffffffffff00000a00060008021100000000000a00060008021100000100000a000600ffffffffffff00000a00060008021100000000000a000600ffffffffffff0000"], 0x70}, 0x1, 0x0, 0x0, 0x4001}, 0x40011) fork() 04:18:29 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="63c5", @ANYRES16=r1, @ANYBLOB="00042cbd7000ffdbdf255400000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990007000000120000000a000600ffffffffffff00000a00060008021100000000000a00060008021100000100000a000600ffffffffffff00000a00060008021100000000000a000600ffffffffffff0000"], 0x70}, 0x1, 0x0, 0x0, 0x4001}, 0x40011) fork() 04:18:29 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="63c5", @ANYRES16=r1, @ANYBLOB="00042cbd7000ffdbdf255400000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990007000000120000000a000600ffffffffffff00000a00060008021100000000000a00060008021100000100000a000600ffffffffffff00000a00060008021100000000000a000600ffffffffffff0000"], 0x70}, 0x1, 0x0, 0x0, 0x4001}, 0x40011) fork() 04:18:30 executing program 3: r0 = getpid() ptrace$peekuser(0x3, r0, 0x0) r1 = fork() r2 = getpid() tgkill(0x0, r2, 0x0) getpgid(r2) fork() getpgid(r1) 04:18:30 executing program 1 (fault-call:1 fault-nth:0): r0 = fork() tgkill(r0, r0, 0x1b) 04:18:30 executing program 2: fork() r0 = userfaultfd(0x800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:30 executing program 4: syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00', 0xffffffffffffffff) 04:18:30 executing program 0: r0 = getpid() getpid() r1 = getpid() fork() tgkill(0x0, r1, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0xfffffffffffeffff) ptrace$peekuser(0x3, r0, 0x0) r2 = getpid() tgkill(0x0, r2, 0x0) ptrace$peekuser(0x3, r2, 0x96f) 04:18:30 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/143, 0x8f, 0x10063, 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000180)={0x5, &(0x7f0000000140)=[{}, {}, {}, {}, {}]}) 04:18:30 executing program 4 (fault-call:1 fault-nth:0): mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() [ 603.213366] Bluetooth: hci0 command 0x0401 tx timeout 04:18:30 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/143, 0x8f, 0x10063, 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000180)={0x5, &(0x7f0000000140)=[{}, {}, {}, {}, {}]}) 04:18:30 executing program 3 (fault-call:0 fault-nth:0): socket(0x11, 0x3, 0x0) [ 603.306876] FAULT_INJECTION: forcing a failure. [ 603.306876] name failslab, interval 1, probability 0, space 0, times 0 [ 603.318347] CPU: 1 PID: 20450 Comm: syz-executor.1 Not tainted 4.14.225-syzkaller #0 [ 603.326238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 603.335686] Call Trace: [ 603.338281] dump_stack+0x1b2/0x281 [ 603.341915] should_fail.cold+0x10a/0x149 [ 603.346086] should_failslab+0xd6/0x130 [ 603.350070] kmem_cache_alloc+0x40/0x3c0 [ 603.354162] __sigqueue_alloc+0x1b8/0x3e0 [ 603.358319] __send_signal+0x1a4/0x1260 [ 603.362303] do_send_specific+0x1a3/0x290 [ 603.366489] ? send_sig+0x120/0x120 [ 603.370121] ? from_kuid+0xa0/0xa0 [ 603.374015] do_tkill+0x171/0x1e0 [ 603.377473] ? __mutex_unlock_slowpath+0x75/0x770 [ 603.382316] ? do_send_specific+0x290/0x290 [ 603.386655] ? SyS_read+0x210/0x210 [ 603.390411] ? __do_page_fault+0x159/0xad0 [ 603.394657] SyS_tgkill+0x30/0x50 [ 603.398141] ? SyS_kill+0x560/0x560 [ 603.401799] do_syscall_64+0x1d5/0x640 [ 603.403546] FAULT_INJECTION: forcing a failure. [ 603.403546] name failslab, interval 1, probability 0, space 0, times 0 [ 603.405715] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 603.424909] RIP: 0033:0x465f69 [ 603.428108] RSP: 002b:00007f34a2ae0188 EFLAGS: 00000246 ORIG_RAX: 00000000000000ea [ 603.435823] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 603.443187] RDX: 000000000000001b RSI: 0000000000001349 RDI: 0000000000001349 [ 603.450590] RBP: 00007f34a2ae01d0 R08: 0000000000000000 R09: 0000000000000000 [ 603.457953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.465319] R13: 00007ffc972a51cf R14: 00007f34a2ae0300 R15: 0000000000022000 [ 603.480454] FAULT_INJECTION: forcing a failure. [ 603.480454] name failslab, interval 1, probability 0, space 0, times 0 [ 603.492987] CPU: 0 PID: 20459 Comm: syz-executor.4 Not tainted 4.14.225-syzkaller #0 [ 603.501256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 603.511934] Call Trace: [ 603.514648] dump_stack+0x1b2/0x281 [ 603.518318] should_fail.cold+0x10a/0x149 [ 603.522466] should_failslab+0xd6/0x130 [ 603.526439] kmem_cache_alloc_node+0x263/0x410 [ 603.531107] copy_process.part.0+0x17d3/0x71c0 [ 603.535687] ? get_pid_task+0xb8/0x130 [ 603.539609] ? proc_fail_nth_write+0x7b/0x180 [ 603.544105] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 603.550085] ? fsnotify+0x974/0x11b0 [ 603.553882] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 603.558818] ? __cleanup_sighand+0x40/0x40 [ 603.563051] ? lock_downgrade+0x740/0x740 [ 603.567198] ? vfs_write+0x35d/0x4d0 [ 603.571032] _do_fork+0x184/0xc80 [ 603.575392] ? fork_idle+0x270/0x270 [ 603.579204] ? fput+0xb/0x140 [ 603.582306] ? SyS_write+0x14d/0x210 [ 603.586019] ? SyS_read+0x210/0x210 [ 603.589655] ? __do_page_fault+0x159/0xad0 [ 603.593905] ? do_syscall_64+0x4c/0x640 [ 603.598070] ? kernel_thread+0x40/0x40 [ 603.601967] do_syscall_64+0x1d5/0x640 [ 603.606148] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 603.611338] RIP: 0033:0x465f69 [ 603.616005] RSP: 002b:00007f2fb0bd4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039 [ 603.623826] RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 0000000000465f69 [ 603.631186] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 603.638559] RBP: 00007f2fb0bd41d0 R08: 0000000000000000 R09: 0000000000000000 [ 603.646692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 04:18:30 executing program 0 (fault-call:0 fault-nth:0): socket(0x11, 0x3, 0x6) 04:18:30 executing program 2: fork() r0 = userfaultfd(0x800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:30 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/143, 0x8f, 0x10063, 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000180)={0x5, &(0x7f0000000140)=[{}, {}, {}, {}, {}]}) [ 603.655014] R13: 00007ffeca329a6f R14: 00007f2fb0bd4300 R15: 0000000000022000 [ 603.662301] CPU: 1 PID: 20460 Comm: syz-executor.3 Not tainted 4.14.225-syzkaller #0 [ 603.662841] Bluetooth: hci3 command 0x0401 tx timeout [ 603.670189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 603.670195] Call Trace: [ 603.670215] dump_stack+0x1b2/0x281 [ 603.670228] should_fail.cold+0x10a/0x149 [ 603.670241] should_failslab+0xd6/0x130 [ 603.699119] kmem_cache_alloc+0x28e/0x3c0 [ 603.703283] ? sock_destroy_inode+0x60/0x60 [ 603.707631] sock_alloc_inode+0x19/0x250 [ 603.711699] ? sock_destroy_inode+0x60/0x60 [ 603.716027] alloc_inode+0x5d/0x170 [ 603.719664] new_inode_pseudo+0x14/0xe0 [ 603.723666] sock_alloc+0x3c/0x270 [ 603.727224] __sock_create+0x8a/0x620 [ 603.731267] SyS_socket+0xd1/0x1b0 [ 603.736558] ? move_addr_to_kernel+0x60/0x60 [ 603.741065] ? __do_page_fault+0x159/0xad0 [ 603.745336] ? do_syscall_64+0x4c/0x640 [ 603.749318] ? move_addr_to_kernel+0x60/0x60 [ 603.753736] do_syscall_64+0x1d5/0x640 04:18:31 executing program 1 (fault-call:1 fault-nth:1): r0 = fork() tgkill(r0, r0, 0x1b) [ 603.757650] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 603.762866] RIP: 0033:0x465f69 [ 603.766060] RSP: 002b:00007f3d81354188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 603.773805] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 603.781089] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000011 [ 603.788375] RBP: 00007f3d813541d0 R08: 0000000000000000 R09: 0000000000000000 [ 603.795774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.803045] R13: 00007ffdd77726cf R14: 00007f3d81354300 R15: 0000000000022000 [ 603.812133] FAULT_INJECTION: forcing a failure. [ 603.812133] name failslab, interval 1, probability 0, space 0, times 0 04:18:31 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) getpgid(r0) ptrace$peekuser(0x3, r0, 0x20) 04:18:31 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/143, 0x8f, 0x10063, 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) 04:18:31 executing program 2: fork() r0 = userfaultfd(0x800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) [ 603.871253] CPU: 0 PID: 20467 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 603.879210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 603.888570] Call Trace: [ 603.891171] dump_stack+0x1b2/0x281 [ 603.894804] should_fail.cold+0x10a/0x149 [ 603.898955] should_failslab+0xd6/0x130 [ 603.902956] kmem_cache_alloc+0x28e/0x3c0 [ 603.907631] ? sock_destroy_inode+0x60/0x60 [ 603.911956] sock_alloc_inode+0x19/0x250 [ 603.916026] ? sock_destroy_inode+0x60/0x60 [ 603.922059] alloc_inode+0x5d/0x170 [ 603.926837] new_inode_pseudo+0x14/0xe0 [ 603.930814] sock_alloc+0x3c/0x270 [ 603.931400] socket: no more sockets [ 603.934444] __sock_create+0x8a/0x620 [ 603.934458] SyS_socket+0xd1/0x1b0 [ 603.934467] ? move_addr_to_kernel+0x60/0x60 [ 603.934478] ? __do_page_fault+0x159/0xad0 [ 603.934487] ? do_syscall_64+0x4c/0x640 [ 603.934496] ? move_addr_to_kernel+0x60/0x60 [ 603.934506] do_syscall_64+0x1d5/0x640 [ 603.934524] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 603.934531] RIP: 0033:0x465f69 [ 603.934536] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 603.934545] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 603.934550] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000011 [ 603.934555] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 603.934560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.934565] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:18:31 executing program 1: r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) syz_open_dev$vim2m(&(0x7f0000000080)='/dev/video#\x00', 0xffff, 0x2) clock_gettime(0x0, &(0x7f00000000c0)) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000100)={0x20, 0x2, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x4, 0x2, 0x40, 0x90, 0x1, 0xc7, "214dde28"}, 0x878c, 0x0, @fd, 0xfffff801}) tgkill(r0, r1, 0x1b) 04:18:31 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/143, 0x8f, 0x10063, 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) 04:18:31 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) ioctl$KVM_ASSIGN_SET_MSIX_NR(0xffffffffffffffff, 0x4008ae73, &(0x7f0000000000)={0x4, 0x7}) fork() 04:18:31 executing program 3 (fault-call:0 fault-nth:1): socket(0x11, 0x3, 0x0) 04:18:31 executing program 2: fork() ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:31 executing program 0 (fault-call:0 fault-nth:1): socket(0x11, 0x3, 0x6) 04:18:31 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/143, 0x8f, 0x10063, 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) [ 604.177608] socket: no more sockets 04:18:31 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = getpid() tgkill(r1, r0, 0x23) 04:18:31 executing program 2: fork() ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:31 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) recvfrom$phonet(0xffffffffffffffff, &(0x7f0000000000)=""/143, 0x8f, 0x10063, 0x0, 0x0) [ 604.247709] FAULT_INJECTION: forcing a failure. [ 604.247709] name failslab, interval 1, probability 0, space 0, times 0 [ 604.336464] CPU: 0 PID: 20507 Comm: syz-executor.3 Not tainted 4.14.225-syzkaller #0 [ 604.342222] FAULT_INJECTION: forcing a failure. [ 604.342222] name failslab, interval 1, probability 0, space 0, times 0 [ 604.344381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 604.344386] Call Trace: [ 604.344406] dump_stack+0x1b2/0x281 [ 604.344421] should_fail.cold+0x10a/0x149 [ 604.344436] should_failslab+0xd6/0x130 [ 604.344450] kmem_cache_alloc_trace+0x29a/0x3d0 [ 604.344460] ? kmem_cache_alloc+0x35f/0x3c0 [ 604.344480] sock_alloc_inode+0x5f/0x250 [ 604.392472] ? sock_destroy_inode+0x60/0x60 [ 604.396797] alloc_inode+0x5d/0x170 [ 604.401383] new_inode_pseudo+0x14/0xe0 [ 604.405371] sock_alloc+0x3c/0x270 [ 604.408915] __sock_create+0x8a/0x620 [ 604.412719] SyS_socket+0xd1/0x1b0 [ 604.416264] ? move_addr_to_kernel+0x60/0x60 [ 604.420678] ? __do_page_fault+0x159/0xad0 [ 604.425004] ? do_syscall_64+0x4c/0x640 [ 604.428983] ? move_addr_to_kernel+0x60/0x60 04:18:31 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c3d2ee3efa9bf9d27129f8a5600"]) fork() 04:18:31 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null=' \x00', 0x0, 'ip_vti0\x00'}) [ 604.433403] do_syscall_64+0x1d5/0x640 [ 604.437299] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 604.442492] RIP: 0033:0x465f69 [ 604.445679] RSP: 002b:00007f3d81354188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 604.453391] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 604.460663] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000011 [ 604.467938] RBP: 00007f3d813541d0 R08: 0000000000000000 R09: 0000000000000000 [ 604.475199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 04:18:31 executing program 3 (fault-call:0 fault-nth:2): socket(0x11, 0x3, 0x0) [ 604.482465] R13: 00007ffdd77726cf R14: 00007f3d81354300 R15: 0000000000022000 [ 604.501615] CPU: 1 PID: 20518 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 604.509522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 604.519490] Call Trace: [ 604.522083] dump_stack+0x1b2/0x281 [ 604.525718] should_fail.cold+0x10a/0x149 [ 604.528082] socket: no more sockets [ 604.530224] should_failslab+0xd6/0x130 [ 604.530239] kmem_cache_alloc_trace+0x29a/0x3d0 [ 604.530248] ? kmem_cache_alloc+0x35f/0x3c0 [ 604.530261] sock_alloc_inode+0x5f/0x250 [ 604.530273] ? sock_destroy_inode+0x60/0x60 [ 604.555294] alloc_inode+0x5d/0x170 [ 604.558915] new_inode_pseudo+0x14/0xe0 [ 604.563001] sock_alloc+0x3c/0x270 [ 604.566537] __sock_create+0x8a/0x620 [ 604.570348] SyS_socket+0xd1/0x1b0 [ 604.573903] ? move_addr_to_kernel+0x60/0x60 [ 604.578344] ? __do_page_fault+0x159/0xad0 [ 604.582594] ? do_syscall_64+0x4c/0x640 04:18:31 executing program 1: r0 = fork() tgkill(r0, r0, 0x1000018) r1 = getpid() tgkill(0x0, r1, 0x0) gettid() r2 = getpid() getpgid(r2) fork() [ 604.586691] ? move_addr_to_kernel+0x60/0x60 [ 604.591106] do_syscall_64+0x1d5/0x640 [ 604.595003] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 604.600190] RIP: 0033:0x465f69 [ 604.603423] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 604.611240] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 604.618518] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000011 [ 604.619361] FAULT_INJECTION: forcing a failure. [ 604.619361] name failslab, interval 1, probability 0, space 0, times 0 [ 604.625789] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 604.625795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 604.625800] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 [ 604.666690] CPU: 0 PID: 20534 Comm: syz-executor.3 Not tainted 4.14.225-syzkaller #0 [ 604.674589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 604.683946] Call Trace: [ 604.686543] dump_stack+0x1b2/0x281 [ 604.690175] should_fail.cold+0x10a/0x149 [ 604.694329] should_failslab+0xd6/0x130 [ 604.698308] __kmalloc+0x2c1/0x400 [ 604.701858] ? sk_prot_alloc+0x1ba/0x290 [ 604.705921] sk_prot_alloc+0x1ba/0x290 [ 604.709825] sk_alloc+0x36/0xcd0 [ 604.713213] packet_create+0xf5/0x7f0 [ 604.717021] __sock_create+0x303/0x620 [ 604.720916] SyS_socket+0xd1/0x1b0 [ 604.724493] ? move_addr_to_kernel+0x60/0x60 [ 604.728907] ? __do_page_fault+0x159/0xad0 [ 604.733143] ? do_syscall_64+0x4c/0x640 [ 604.737115] ? move_addr_to_kernel+0x60/0x60 [ 604.741523] do_syscall_64+0x1d5/0x640 [ 604.745429] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 604.750618] RIP: 0033:0x465f69 [ 604.753812] RSP: 002b:00007f3d81354188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 604.761992] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 604.769548] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000011 [ 604.776823] RBP: 00007f3d813541d0 R08: 0000000000000000 R09: 0000000000000000 04:18:32 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) 04:18:32 executing program 2: fork() ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:32 executing program 3 (fault-call:0 fault-nth:3): socket(0x11, 0x3, 0x0) [ 604.784101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 604.791490] R13: 00007ffdd77726cf R14: 00007f3d81354300 R15: 0000000000022000 [ 604.945521] FAULT_INJECTION: forcing a failure. [ 604.945521] name failslab, interval 1, probability 0, space 0, times 0 [ 604.957389] CPU: 0 PID: 20561 Comm: syz-executor.3 Not tainted 4.14.225-syzkaller #0 [ 604.965285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 604.974732] Call Trace: [ 604.977324] dump_stack+0x1b2/0x281 [ 604.980954] should_fail.cold+0x10a/0x149 [ 604.985109] should_failslab+0xd6/0x130 [ 604.989121] kmem_cache_alloc+0x28e/0x3c0 [ 604.993276] __d_alloc+0x2a/0xa20 [ 604.996830] sock_alloc_file+0xc8/0x2e0 [ 605.000808] ? sock_poll+0x220/0x220 [ 605.005487] SyS_socket+0x108/0x1b0 [ 605.009122] ? move_addr_to_kernel+0x60/0x60 [ 605.013537] ? __do_page_fault+0x159/0xad0 [ 605.017773] ? do_syscall_64+0x4c/0x640 [ 605.021836] ? move_addr_to_kernel+0x60/0x60 [ 605.026344] do_syscall_64+0x1d5/0x640 [ 605.030240] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 605.030758] socket: no more sockets [ 605.035432] RIP: 0033:0x465f69 04:18:32 executing program 0 (fault-call:0 fault-nth:2): socket(0x11, 0x3, 0x6) 04:18:32 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000140)=ANY=[@ANYBLOB="04000000000000000000a6fa00000000000000000000eb345b0ca0c3c34f91f301676f34511388337b119e2dcd66c2eefb4aeaaf43f0c217595aef43e67521bee3446abaf79ae6f67d6b2cfdda23a9ccf73375052cb5ebe3ed250688b96870dcd4996856d56e6382cf484bb17ad48d5e99dc4b0b4a4189302cc1835591022e974b310aea2e26200b33fdce675b7711126854e0953b99dcceec5194e407b873f1751080ed161fd7668dd7ea70168ea51e408ebf09f12d5eba73847dc9e2ead5acd545c08203a379"]) ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000000)={0x0, 0x6, 0x9, 0x3, 0x2, 0x3, 0x4, 0xfa5, 0x1000, 0x13, 0x6, 0x80000000}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)) 04:18:32 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) ptrace$peekuser(0x3, r0, 0x1ff) 04:18:32 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(r0, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) 04:18:32 executing program 2: r0 = userfaultfd(0x800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:32 executing program 3 (fault-call:0 fault-nth:4): socket(0x11, 0x3, 0x0) [ 605.035438] RSP: 002b:00007f3d81354188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 605.035448] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 605.035453] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000011 [ 605.035457] RBP: 00007f3d813541d0 R08: 0000000000000000 R09: 0000000000000000 [ 605.035462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 605.035467] R13: 00007ffdd77726cf R14: 00007f3d81354300 R15: 0000000000022000 04:18:32 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:32 executing program 5: accept4$x25(0xffffffffffffffff, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) 04:18:32 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = getpid() tgkill(0x0, r0, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r1, &(0x7f0000000040), 0x10) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x1) [ 605.164345] FAULT_INJECTION: forcing a failure. [ 605.164345] name failslab, interval 1, probability 0, space 0, times 0 [ 605.195888] FAULT_INJECTION: forcing a failure. [ 605.195888] name failslab, interval 1, probability 0, space 0, times 0 04:18:32 executing program 2: userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) [ 605.281104] CPU: 1 PID: 20577 Comm: syz-executor.3 Not tainted 4.14.225-syzkaller #0 [ 605.289447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.298802] Call Trace: [ 605.301421] dump_stack+0x1b2/0x281 [ 605.305055] should_fail.cold+0x10a/0x149 [ 605.309212] should_failslab+0xd6/0x130 [ 605.313188] kmem_cache_alloc+0x28e/0x3c0 [ 605.318325] get_empty_filp+0x86/0x3e0 [ 605.322216] alloc_file+0x23/0x440 [ 605.325761] sock_alloc_file+0x113/0x2e0 04:18:32 executing program 2: userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) [ 605.329824] ? sock_poll+0x220/0x220 [ 605.333554] SyS_socket+0x108/0x1b0 [ 605.337185] ? move_addr_to_kernel+0x60/0x60 [ 605.341595] ? __do_page_fault+0x159/0xad0 [ 605.345833] ? do_syscall_64+0x4c/0x640 [ 605.349812] ? move_addr_to_kernel+0x60/0x60 [ 605.354227] do_syscall_64+0x1d5/0x640 [ 605.358122] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 605.363317] RIP: 0033:0x465f69 [ 605.366501] RSP: 002b:00007f3d81354188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 605.374326] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 04:18:32 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) fork() [ 605.381796] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000011 [ 605.389503] RBP: 00007f3d813541d0 R08: 0000000000000000 R09: 0000000000000000 [ 605.396775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 605.405548] R13: 00007ffdd77726cf R14: 00007f3d81354300 R15: 0000000000022000 [ 605.416160] CPU: 1 PID: 20581 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 605.419587] Bluetooth: hci0 command 0x0401 tx timeout [ 605.424081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.424086] Call Trace: [ 605.424109] dump_stack+0x1b2/0x281 [ 605.424123] should_fail.cold+0x10a/0x149 [ 605.449709] should_failslab+0xd6/0x130 [ 605.453700] __kmalloc+0x2c1/0x400 [ 605.457254] ? sk_prot_alloc+0x1ba/0x290 [ 605.461326] sk_prot_alloc+0x1ba/0x290 [ 605.465220] sk_alloc+0x36/0xcd0 [ 605.468607] packet_create+0xf5/0x7f0 [ 605.472423] __sock_create+0x303/0x620 [ 605.476323] SyS_socket+0xd1/0x1b0 [ 605.479875] ? move_addr_to_kernel+0x60/0x60 [ 605.485339] ? __do_page_fault+0x159/0xad0 [ 605.490797] ? do_syscall_64+0x4c/0x640 [ 605.494777] ? move_addr_to_kernel+0x60/0x60 [ 605.499188] do_syscall_64+0x1d5/0x640 [ 605.503388] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 605.508586] RIP: 0033:0x465f69 [ 605.511964] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 605.521116] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 605.528495] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000011 [ 605.535770] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 605.543044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 605.550317] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:18:32 executing program 0 (fault-call:0 fault-nth:3): socket(0x11, 0x3, 0x6) 04:18:32 executing program 2: userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x5}) 04:18:32 executing program 4: getresuid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)) mount$9p_fd(0x0, 0x0, 0x0, 0x1000, &(0x7f0000000280)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@pcr={'pcr', 0x3d, 0xa}}, {@dont_hash='dont_hash'}, {@euid_eq={'euid'}}]}}) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) fork() 04:18:32 executing program 3 (fault-call:0 fault-nth:5): socket(0x11, 0x3, 0x0) 04:18:32 executing program 5: accept4$x25(0xffffffffffffffff, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) 04:18:32 executing program 1: tgkill(0x0, 0x0, 0x1b) connect$can_bcm(0xffffffffffffffff, &(0x7f0000001b40), 0x10) getpgid(0x0) getpid() write$usbip_server(0xffffffffffffffff, &(0x7f0000000000)=@ret_submit={{0x3, 0x9, 0x0, 0x1, 0x4}, 0x687, 0x2a, 0x4, 0x1ac, 0x2, 0x0, "be50f9512f2a9ae589d8ba55a60c6bac8c7d43eb2cb547ea14d696fcbd7af2af31c7f1e4d4ee14eb56df", [{0xfffeffff, 0x8000, 0x253b, 0x1f}, {0x3e2f7f3, 0x5, 0x80000001, 0x40}, {0x80000000, 0x5, 0x616, 0x7fff}, {0xb00a, 0x7, 0x400, 0x80000001}, {0x200, 0x9, 0x2, 0x3}, {0x8, 0x5, 0x1ff, 0xfffffff9}, {0x7fffffff, 0x400, 0x8}, {0x7f, 0x7, 0x4, 0x4}, {0x1b33, 0x5, 0x9a1, 0x3}, {0x0, 0xffffffff, 0x4, 0x8}, {0x8, 0x2, 0xdf68, 0x7255}, {0xde6, 0x1, 0xf8000000, 0x6}, {0x8, 0x3cfe, 0x5, 0xfffffffb}, {0x1, 0xffffffff, 0x20, 0x8}, {0x6, 0xae3b, 0x4, 0xbff}, {0x4, 0x6dd4, 0xf0ca}, {0x1, 0x7, 0xffffffff, 0x8}, {0x5, 0x100, 0xfffffffe, 0x6}, {0xab, 0x5, 0x0, 0x7}, {0xfffffff7, 0x5, 0xf1b, 0x3}, {0x7, 0x9, 0x7fff, 0x80000000}, {0x80, 0x20, 0x2, 0x9}, {0x100, 0x2, 0x0, 0x400}, {0x915b, 0x80000000, 0x20, 0x40}, {0x101, 0x1000, 0x81, 0x5}, {0x7fffffff, 0x51c, 0x8, 0x7}, {0xfa, 0x8000, 0x80000000, 0x7}, {0xf8000000, 0x101, 0x7, 0x5}, {0x1, 0x8, 0x7fffffff, 0x2}, {0xffff, 0x3f, 0xffffffff, 0x5}, {0x5, 0x3cb, 0x40, 0x1}, {0x2, 0x3ff, 0x3ff, 0xbc}, {0x1, 0xff, 0x1f00, 0x2}, {0x0, 0x1, 0x3eba, 0xe146}, {0xd14, 0x8, 0x80000000, 0x761}, {0x3ff, 0x1, 0x6, 0x7fff}, {0x6, 0x401, 0x7, 0x3}, {0x4, 0x4, 0x8, 0x1f}, {0x1000, 0x6, 0xf9, 0x9}, {0x0, 0x2, 0x3fa29947, 0x3fcf}, {0x8, 0x8, 0x1, 0x10000}, {0x2, 0x8, 0x8, 0x1000}, {0x40, 0x2, 0xffff, 0x7}, {0x80, 0xd735, 0x800, 0x3}, {0x80000001, 0x2, 0xda98, 0xffffffff}, {0x2, 0x7, 0x4, 0x4}, {0x7, 0x0, 0x2, 0x3}, {0x5e, 0x4c6, 0x6, 0xff}, {0x0, 0x7, 0x200, 0x8}, {0x0, 0x7f, 0x0, 0xfffffff9}, {0xffffffff, 0x77, 0x5, 0x1}, {0xd3, 0x6cb, 0x2, 0x81}, {0x3ff, 0x3, 0x1, 0x8}, {0x53, 0x8, 0x4, 0x1000}, {0x7fff, 0x9a55, 0x7f, 0x1}, {0x7, 0x40, 0x3, 0x6}, {0x7, 0xe1, 0x5570d2c3, 0xb0bd}, {0x9, 0x3ff, 0x3, 0x4}, {0x9, 0x3, 0x8, 0x3}, {0x5, 0x2, 0x3, 0x200}, {0x1f52e99a, 0x9, 0x80000001, 0x9}, {0x200, 0x2, 0x3, 0x6}, {0x1, 0xa0d, 0x9, 0xd1}, {0xffff, 0x4, 0x401, 0x401}, {0xef1, 0x6, 0xff, 0xbb}, {0x3, 0x8, 0x28000000, 0x9}, {0xfff, 0x2, 0x776, 0x81}, {0x1, 0x7, 0xc7, 0x4}, {0x92e, 0x3e7, 0x80, 0x4}, {0x19c, 0xab0, 0x0, 0x1}, {0x1000, 0x40, 0x5, 0x5}, {0x2, 0xae, 0x800, 0x80000000}, {0x2, 0xffffffff, 0x33dc, 0x10000}, {0x0, 0x70000, 0xfffffff8}, {0x4, 0x1, 0x1ab, 0x6}, {0x1f, 0x5, 0x6, 0x5}, {0x4, 0x5, 0x5626, 0x81}, {0x973, 0x80000000, 0x10000, 0x3ff}, {0x5, 0x384669b9, 0x2, 0x3}, {0x8000, 0x3178, 0x84}, {0x9, 0x1f, 0x46, 0xcf8478b}, {0x275, 0x7fff, 0x4, 0x40}, {0xff, 0x80000001, 0x4, 0x8}, {0x2d9e, 0x2, 0xff, 0x8}, {0x8, 0x6b2, 0x10000, 0x24}, {0x7, 0xdf38, 0x3, 0xaed0}, {0x8, 0x6, 0x5, 0x8}, {0x9, 0x4, 0x7fffffff}, {0x6, 0x5, 0x100, 0x7}, {0x2, 0x5, 0x40, 0x3}, {0x3, 0x0, 0x3, 0x404d1b08}, {0x800, 0x0, 0x2, 0x2}, {0xb27, 0x101, 0x6, 0x387}, {0x20, 0x7, 0x6, 0x9}, {0x3, 0x4, 0x5, 0x1}, {0x0, 0x1000, 0xff, 0x40}, {0x7fff, 0xc0, 0x5585, 0x400}, {0x200, 0x8, 0x7, 0x7}, {0x9, 0x7, 0x200, 0x6}, {0x2, 0x3f, 0x0, 0x750}, {0x8, 0x10001, 0xd795, 0x40}, {0x0, 0x31e, 0x400, 0x5}, {0x1, 0x100, 0x5, 0x3}, {0x0, 0x7fffffff, 0x8, 0x1}, {0x1, 0x3, 0x3, 0x4}, {0x80000000, 0x80, 0x400, 0x2}, {0x0, 0xffffff3c, 0x8d8, 0x9}, {0x93e5, 0x7, 0x1, 0x7ff}, {0x0, 0x1, 0xf61}, {0x2, 0x7, 0x3289, 0x6}, {0x1e, 0x2, 0x6, 0x22b}, {0x101, 0x7, 0x1, 0x5}, {0x680d, 0x7, 0x6, 0x5}, {0x5, 0x3}, {0x1, 0x7ff, 0x1ff, 0x9d5}, {0x7, 0x7ff, 0x2, 0x6}, {0x2, 0x12ef4129, 0x4800, 0x7ff}, {0x8, 0x80000001, 0xb3, 0x8}, {0x10001, 0x80000001, 0x81, 0xffffffff}, {0x46364812, 0xfffffff7, 0x68e5}, {0x2, 0xfffffff9, 0x4, 0x61eb}, {0x2, 0x400, 0x34, 0x100}, {0xeb1, 0x8, 0x1, 0x7}, {0x7, 0x513b, 0x3, 0xa1}, {0x0, 0x0, 0x92a6, 0xfff}, {0x3, 0x8, 0x4, 0x8001}, {0x8, 0x1, 0x3, 0x9}, {0x5, 0x1, 0x3, 0x3}, {0x4, 0x10001, 0x3, 0xa6}, {0x4, 0x8253, 0x2, 0x400}, {0x22b, 0x1, 0x7, 0x2}, {0x800, 0x1f, 0x5, 0xfffffffd}, {0x7, 0x7fff, 0x51f, 0x10001}, {0x59800, 0x40, 0x9, 0x3ff}, {0xe85b, 0x6, 0x1ff, 0xfffffff9}, {0x1, 0x401, 0x2, 0x3}, {0xcc, 0xfff, 0x2, 0xbd45}, {0x8, 0x0, 0x9, 0x6}, {0x1, 0xe1, 0x3, 0x4}, {0x5, 0x7fffffff, 0x7fff, 0x6}, {0x5, 0x2, 0x64f6b658}, {0x10001, 0x2, 0x1, 0x1}, {0x6, 0x200, 0x200, 0x70a0}, {0x2, 0x0, 0xb06, 0x7}, {0x398, 0xfffffffe, 0x3f, 0x6}, {0xffff, 0x81, 0x60, 0xffffffff}, {0x9, 0x10, 0xfff}, {0x4, 0x1, 0x538f, 0x1}, {0x3, 0x6, 0x51d6, 0x3}, {0x1, 0x6, 0x8, 0x2}, {0x3, 0x8, 0x400, 0x4}, {0x1, 0x8b9, 0xfffffffd, 0x98c9}, {0x8, 0x81, 0x9, 0x8}, {0x9, 0x5, 0x6}, {0x2, 0x200, 0x200, 0x3}, {0x8, 0x1000, 0xfffffffc, 0x7}, {0x9, 0x7, 0x7, 0x101}, {0x1, 0x9839, 0x400, 0x5}, {0x0, 0x2a0b, 0x0, 0x7}, {0x1, 0x81, 0xc23, 0xe33f}, {0x2, 0x0, 0x3, 0x800}, {0x0, 0x6, 0x77bcc741, 0x9}, {0x4, 0x1, 0x8, 0x7}, {0x100, 0x0, 0x101, 0x9}, {0x1, 0x7ff, 0x3, 0x2}, {0x1, 0x5, 0x1, 0x5}, {0x80000001, 0x1, 0x9063, 0x6}, {0x0, 0x9, 0x7fff, 0xfffffffd}, {0x7, 0x1, 0x7fffffff, 0x9}, {0x7, 0x0, 0x8, 0x7ff}, {0x9, 0x1, 0x400, 0x8}, {0x80, 0x4, 0x7, 0x10000}, {0xdfb0, 0x39c, 0x8000, 0x2}, {0x7fffffff, 0x7, 0x3, 0x7f}, {0x7fffffff, 0x7e6e, 0x1f, 0xff}, {0x7, 0x3, 0x5, 0x4}, {0xea0, 0xf05, 0x1, 0x9}, {0x8, 0xf51d, 0xff, 0x9}, {0x9, 0x4, 0x2, 0x50}, {0x800, 0x7, 0xff, 0x7}, {0x7, 0xce9, 0x0, 0x5}, {0x9d0, 0x5, 0x8000, 0x4c5}, {0x3ff, 0x4df, 0xd7, 0x81}, {0x20, 0x3, 0xec0, 0x8}, {0x0, 0x3000000, 0xb302, 0x101}, {0x3b9, 0x46c2, 0x100, 0x8}, {0x9, 0x2ffd, 0xfb, 0x45}, {0x7, 0x1, 0x71, 0x7}, {0x86, 0x7, 0x4, 0x5}, {0x1, 0x3a4, 0x6, 0x1}, {0x6, 0x52c1, 0x3, 0x6}, {0xaa8d, 0x457, 0x7fffffff, 0x1d}, {0x80000000, 0x5, 0x76, 0x1}, {0x7, 0x5, 0x1000, 0x100}, {0x140, 0x800, 0x8, 0x80}, {0x7, 0x7, 0x2, 0x7}, {0x4, 0x4, 0x7fffffff, 0x7}, {0x81, 0xfffff478, 0x35, 0x2}, {0xc0, 0xd7d, 0x1f, 0x800}, {0x1000, 0x5, 0xc1, 0x6}, {0x8001, 0x7fffffff, 0xee9, 0x8000}, {0xf8000000, 0x1000, 0x606, 0x20}, {0x6f9fdb8a, 0x9, 0xfff, 0x3f}, {0x6, 0x45, 0x8, 0xffff}, {0x7, 0x7fffffff, 0xf8, 0xfffffff8}, {0x7, 0x2, 0x8000, 0x6}, {0x3, 0xff, 0x9, 0xfffffffd}, {0x7, 0x3, 0xfffffffb, 0x3}, {0x9, 0x401, 0xbd, 0xffffff00}, {0x6, 0x1, 0x0, 0x655}, {0xf74, 0x2, 0x2, 0x800}, {0x9, 0xcfe, 0xffff, 0x8}, {0x6f1, 0x30eb, 0x43, 0x1}, {0xfffffffe, 0x10001, 0x1, 0xfffffff8}, {0xffffffff, 0x5, 0x3f, 0x7}, {0x3f, 0xffff657b, 0x81, 0xbc3}, {0x7a, 0x2, 0x9, 0x7fff}, {0x18, 0x5, 0x99be, 0x3}, {0x8, 0x7fff, 0x1, 0x400}, {0xb, 0xa2, 0x0, 0x9}, {0xfffffffc, 0x2, 0x9, 0x1}, {0x892c, 0x1, 0x3, 0x8000}, {0x0, 0x7, 0x43, 0x7}, {0x3, 0x858a, 0x24000000, 0x2}, {0x1, 0xffff, 0x7, 0x549}, {0x1, 0x401, 0x100}, {0x6, 0x80000001, 0x7f, 0x1}, {0xfffffff8, 0x20, 0x5290, 0x4b}, {0x6, 0x4, 0x0, 0x3}, {0x2, 0x2, 0xb5a, 0x1000}, {0x8, 0x65, 0x1, 0x7fffffff}, {0x2, 0x3, 0x8, 0x400}, {0x3, 0x1000, 0x10001, 0xfffffffd}, {0x0, 0x3, 0x7fff, 0x2}, {0x6f0, 0xffa, 0x401, 0x3}, {0x1, 0x3950, 0x1, 0x7a99}, {0x5, 0xf0e, 0x6, 0x9}, {0x101, 0x2, 0xe69, 0x5}, {0x6, 0x6a6, 0x9, 0x1}, {0x17, 0x0, 0x3}, {0x4d2d, 0x20, 0x1, 0x5e}, {0x3, 0x0, 0x100, 0x80}, {0x0, 0x81, 0x1ff, 0x1ff}, {0x1, 0x81000, 0x0, 0x1}, {0xfffffffd, 0x6, 0x7, 0x2}, {0x1ff, 0x100, 0x1000, 0x18000000}, {0x9, 0x5b5, 0xfffff800, 0x800}, {0x8, 0x5, 0x1, 0x8000}, {0xfff, 0x0, 0x59b2, 0x9}, {0xfffffffc, 0xdf, 0x4, 0xff}, {0x81, 0x8001, 0x0, 0x1000}, {0xffff7fff, 0x8, 0x76, 0x80000000}, {0x7, 0x0, 0x8, 0x1ff}, {0x2, 0x66b, 0x2, 0x81}, {0xff, 0x2, 0x4, 0x7fffffff}, {0x7, 0x3f, 0xcd5, 0x3}, {0x5, 0x81, 0xfff, 0x3ff}, {0x9, 0x0, 0xc997}, {0x3, 0xe9, 0xffffffff, 0x4}, {0xfffffff7, 0x5, 0x80}, {0x9595, 0x100, 0x81, 0x8}, {0x1, 0x3f, 0x7, 0x4}, {0x4, 0x3, 0x4, 0x1000}, {0x7, 0x1, 0x9, 0x2}, {0x4, 0x8, 0x1}, {0x9a, 0x89, 0x2, 0x8}, {0xb1, 0x9, 0x80000001, 0x2}, {0x5, 0x2, 0x8, 0x3f2e}, {0x2, 0x5, 0x3f, 0x1bd88501}, {0x72, 0x0, 0x20, 0xf4}, {0x1, 0x9, 0x6, 0x3}, {0x9c, 0x1, 0x5, 0x10000}, {0x1, 0x7ff, 0xc7e8, 0x81}, {0x7fffffff, 0x4e, 0x401, 0xb3}, {0x658, 0x7, 0x80000001, 0x2}, {0x8, 0x4, 0xff}, {0x7, 0x6, 0x0, 0x9}, {0x3ff, 0x2, 0x5, 0x3}, {0x0, 0x200, 0x81, 0x4}, {0xfd, 0x1f, 0xe31, 0xfff}, {0xfffffff9, 0x1000, 0x2, 0x5}, {0x3, 0x4, 0x9b7}, {0x1, 0x5, 0x3f, 0x7}, {0x2, 0x0, 0x8, 0x6}, {0x8, 0x6, 0xffffff7f, 0x3}, {0x1f, 0xfffffffb, 0x7, 0x4}, {0xdf36, 0x3, 0x6, 0x5}, {0x0, 0x8, 0x1ff, 0x15}, {0x80000000, 0x1, 0x9, 0xc066}, {0x380000, 0x8, 0x0, 0x1}, {0x6, 0x100, 0x1f, 0x4}, {0x200, 0x5, 0x2, 0x401}, {0x0, 0x0, 0x6}, {0x3, 0x3, 0x2, 0x1}, {0x8, 0xedb5, 0x7fff, 0x1}, {0x5, 0x81, 0x4, 0x100}, {0x8, 0x8c10, 0x80, 0x7f}, {0x1, 0x5, 0x8}, {0x8, 0x20, 0x1, 0x8}, {0x15cf164f, 0x7, 0x6, 0x10000}, {0x5, 0x8, 0xfff, 0xd830}, {0x10001, 0xf94, 0x1, 0xffff}, {0x2, 0xa542, 0x400, 0xffffffff}, {0x4, 0x9ef, 0x53d6, 0x81}, {0x8, 0x3, 0x2d74, 0x37}, {0x7ff, 0x400, 0x7ff}, {0x400, 0x8000, 0x6, 0xfffffffb}, {0x8, 0x7, 0x0, 0x9}, {0x6, 0x1, 0x7, 0xa2}, {0x8, 0x7f, 0x6, 0x8}, {0x81, 0xffff, 0x0, 0x3}, {0x2, 0x7, 0x7e4, 0x1ff}, {0x5, 0xd1ab, 0x6f6e2cf9, 0x9}, {0x0, 0x6, 0x5, 0x9}, {0x7fff, 0x5ae, 0xffffff8b, 0x1000}, {0x4, 0x7ff, 0xff, 0x6}, {0x0, 0x81, 0x1}, {0x200, 0x0, 0x1, 0x9}, {0xfff, 0x7, 0x400, 0x240}, {0x0, 0x0, 0x1, 0x5}, {0x4, 0x4, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x80000000, 0xfffffffd, 0x3, 0x5}, {0x6, 0xffff, 0x8, 0x200}, {0x4, 0x1000, 0x3ff, 0x2}, {0x3f, 0xffffff49, 0xffffabcc, 0x8}, {0x20, 0x0, 0x8, 0xb95}, {0x3, 0x1, 0xd2b, 0x8b}, {0xd7e, 0xab, 0x2, 0x1f}, {0x4, 0x1, 0x5, 0x4}, {0x6, 0x9, 0x2, 0x8000}, {0x6, 0x7fffffff, 0x100, 0x8}, {0x2, 0x0, 0x1ff, 0x5}, {0x2, 0x1ff}, {0x1000, 0x401, 0x401, 0x8}, {0x1, 0xdb4, 0x6, 0x1}, {0x400, 0x62, 0x35, 0x2}, {0x9, 0x7f, 0x2df95446, 0x7ff}, {0x101, 0x7f, 0x7ff, 0xffff0001}, {0x4, 0x8, 0x1, 0x4}, {0x7b3a, 0x8}, {0x4, 0x4, 0x3, 0x6}, {0x8, 0xe9f4, 0x2, 0xc5b5}, {0x81, 0xf71, 0x4, 0xfffeffff}, {0x12, 0x5, 0x6, 0x7fff}, {0xcc6, 0x0, 0x4, 0x5}, {0x4, 0xbc3, 0x0, 0x2}, {0x20, 0x6, 0x8, 0x81}, {0x3, 0x4, 0x8, 0xfffffff7}, {0x401, 0x283, 0x6, 0x3ff}, {0x7f, 0x80000000, 0x1, 0x80000000}, {0x8, 0x9, 0x10001, 0x40}, {0x7, 0xd2ef, 0xffffffff, 0x2}, {0x4, 0x2880, 0x247, 0x50}, {0x1, 0x6, 0x3800000, 0x2}, {0x2, 0x6, 0x20, 0x8}, {0x1, 0x9, 0x8, 0x95d}, {0xafb, 0x7, 0x7, 0xee26}, {0x40, 0x6, 0x0, 0x2c}, {0x4, 0x8, 0x57c, 0x4}, {0x865, 0x0, 0x9, 0xa3e1}, {0x2, 0x2, 0x80000001, 0x6}, {0xfffffff7, 0x101, 0x9, 0xfffffff7}, {0x20, 0x3, 0x3, 0xb8c}, {0x7ff, 0xfffffff9, 0x9, 0x7fff}, {0x400, 0x3, 0xd9b1, 0x10001}, {0xfffffff7, 0x7fffffff, 0x4, 0x1}, {0x3f, 0x7, 0xfffffff9, 0x1000}, {0x0, 0x5, 0x0, 0x78a}, {0x5, 0x8, 0xfff}, {0x0, 0x5, 0x8, 0x7fff}, {0x2e2, 0x9, 0x4d, 0x6}, {0x10001, 0xaeb9, 0x7fffffff, 0xfffffff7}, {0x80000000, 0x297c, 0x2, 0x10000}, {0x8000, 0x7, 0x0, 0x9}, {0x5, 0x3, 0x20, 0x7}, {0x7, 0x1, 0x1, 0x83}, {0x4, 0x8, 0x1, 0x9d}, {0x100, 0x3, 0x81, 0x6}, {0x3f, 0x0, 0x40000000, 0x2}, {0x81, 0x4, 0x9be, 0x101}, {0x8, 0x6, 0x3ff, 0x3}, {0x5, 0x365, 0xffffffff, 0x7}, {0x6, 0x8000, 0x1, 0xa8}, {0xfffffffd, 0x7, 0x7, 0x8}, {0x5560, 0x40, 0x512b, 0x2}, {0x3, 0x5, 0xfffffff8, 0x1000}, {0x40, 0xfffffffe, 0x1, 0x7f6}, {0x1, 0xffffff01, 0x75868b86, 0x5}, {0xfffffff8, 0x1, 0x6, 0x7f}, {0x200, 0x90, 0x7fffffff, 0x6}, {0x6, 0x6f0f, 0x7fff, 0x3f}, {0x10000, 0x7, 0x80, 0x7}, {0xffffffe1, 0xff, 0x7, 0x6}, {0x2, 0x401, 0x2f, 0x81}, {0x7, 0x0, 0x401, 0x4}, {0xff, 0x2, 0x1f, 0xc055}, {0xcb, 0x1, 0xfffff4d5, 0x3f}, {0x8000, 0x101, 0x9, 0x5}, {0x14, 0x7, 0x7fffffff, 0x1ff}, {0x7, 0x5, 0xbe9, 0x20}, {0xfffffffa, 0x7, 0xfffffff7, 0x80000000}, {0x1, 0x2, 0x9, 0x2}, {0x7f, 0xffffb9c1, 0x3ff, 0x8}, {0xf888, 0x8000, 0x200, 0x2}, {0x6, 0x8e, 0x3, 0x7}, {0x9, 0x7, 0x9, 0x100}, {0xac0, 0x1, 0x6, 0x7}, {0x10000, 0x4, 0x800, 0x7}, {0xffffffff, 0xc9, 0x1, 0x8}, {0x95, 0x6, 0x1, 0xc1c}, {0xaadc, 0x3, 0x9, 0xffff}, {0x0, 0x80000000, 0x401, 0x5}, {0x9, 0x8, 0x80000001, 0xb6d}, {0x1, 0x0, 0x100}, {0x7, 0x8000, 0x2, 0x924}, {0x368, 0x5f93, 0x5, 0x6}, {0x4dfc, 0x0, 0xdfc}, {0xf402, 0x7, 0x96e2, 0xc76}, {0xffff, 0x0, 0x4, 0x8}, {0x1ff, 0x80000001, 0x5, 0x40}, {0x4, 0x3, 0xfff, 0xffff}, {0x7, 0x80, 0x2, 0x1}, {0x8, 0x800, 0x8, 0x3}, {0x20, 0x4, 0x1, 0x4c000000}, {0x9, 0x8, 0x3, 0xfffffffe}, {0x6, 0x9, 0x9d10, 0xfff}, {0x9, 0x200, 0x1}]}, 0x1b1a) [ 605.703433] Bluetooth: hci3 command 0x0401 tx timeout 04:18:33 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) 04:18:33 executing program 5: accept4$x25(0xffffffffffffffff, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) [ 605.769181] FAULT_INJECTION: forcing a failure. [ 605.769181] name failslab, interval 1, probability 0, space 0, times 0 [ 605.779865] FAULT_INJECTION: forcing a failure. [ 605.779865] name failslab, interval 1, probability 0, space 0, times 0 04:18:33 executing program 4: getgid() mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd!3fdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00']) fork() r0 = geteuid() mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x10000, &(0x7f0000000100)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@aname={'aname', 0x3d, 'rfdno'}}, {@version_9p2000='version=9p2000'}, {@cache_fscache='cache=fscache'}, {@access_client='access=client'}, {@access_client='access=client'}, {@afid={'afid', 0x3d, 0x9}}, {@cache_fscache='cache=fscache'}], [{@subj_user={'subj_user', 0x3d, '}@#!,['}}, {@fowner_eq={'fowner', 0x3d, r0}}, {@dont_appraise='dont_appraise'}]}}) getresuid(&(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000240)) 04:18:33 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) [ 605.838138] CPU: 1 PID: 20630 Comm: syz-executor.3 Not tainted 4.14.225-syzkaller #0 [ 605.846090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.855446] Call Trace: [ 605.858041] dump_stack+0x1b2/0x281 [ 605.861719] should_fail.cold+0x10a/0x149 [ 605.865869] should_failslab+0xd6/0x130 [ 605.869847] kmem_cache_alloc_trace+0x29a/0x3d0 [ 605.874529] apparmor_file_alloc_security+0x129/0x800 [ 605.879725] security_file_alloc+0x66/0xa0 [ 605.883963] ? selinux_is_enabled+0x5/0x50 [ 605.888292] get_empty_filp+0x15c/0x3e0 [ 605.892272] alloc_file+0x23/0x440 [ 605.895819] sock_alloc_file+0x113/0x2e0 [ 605.899906] ? sock_poll+0x220/0x220 [ 605.903631] SyS_socket+0x108/0x1b0 [ 605.907261] ? move_addr_to_kernel+0x60/0x60 [ 605.911678] ? __do_page_fault+0x159/0xad0 [ 605.915933] ? do_syscall_64+0x4c/0x640 [ 605.919997] ? move_addr_to_kernel+0x60/0x60 [ 605.924800] do_syscall_64+0x1d5/0x640 [ 605.928693] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 605.933878] RIP: 0033:0x465f69 [ 605.937066] RSP: 002b:00007f3d81354188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 605.944782] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 605.952056] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000011 [ 605.959423] RBP: 00007f3d813541d0 R08: 0000000000000000 R09: 0000000000000000 [ 605.966873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 605.978406] R13: 00007ffdd77726cf R14: 00007f3d81354300 R15: 0000000000022000 [ 605.985702] CPU: 0 PID: 20631 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 605.993622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 606.003088] Call Trace: [ 606.005733] dump_stack+0x1b2/0x281 [ 606.009369] should_fail.cold+0x10a/0x149 [ 606.013522] should_failslab+0xd6/0x130 [ 606.017497] kmem_cache_alloc+0x28e/0x3c0 [ 606.021648] __d_alloc+0x2a/0xa20 [ 606.025513] sock_alloc_file+0xc8/0x2e0 [ 606.029522] ? sock_poll+0x220/0x220 [ 606.033244] SyS_socket+0x108/0x1b0 04:18:33 executing program 5: syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(0xffffffffffffffff, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) [ 606.036898] ? move_addr_to_kernel+0x60/0x60 [ 606.041305] ? __do_page_fault+0x159/0xad0 [ 606.045545] ? do_syscall_64+0x4c/0x640 [ 606.049544] ? move_addr_to_kernel+0x60/0x60 [ 606.053988] do_syscall_64+0x1d5/0x640 [ 606.057898] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 606.063196] RIP: 0033:0x465f69 [ 606.066407] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 606.074155] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 606.081512] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000011 04:18:33 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xfffffffffffffffd) [ 606.088781] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 606.096055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 606.103327] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:18:33 executing program 0 (fault-call:0 fault-nth:4): socket(0x11, 0x3, 0x6) 04:18:33 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) 04:18:33 executing program 5: syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(0xffffffffffffffff, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) 04:18:33 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="f3adac8e94563dadf21ad9087b7472616e733d66642c7266646e6f3d1d5f63b8c4fcd18830be7c7eec41956199499dd3d1cf745e02490d5fe973175e30a51c", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00']) fork() 04:18:33 executing program 3 (fault-call:0 fault-nth:6): socket(0x11, 0x3, 0x0) 04:18:33 executing program 1: r0 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000000)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}) fork() 04:18:33 executing program 5: syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(0xffffffffffffffff, &(0x7f00000000c0)={0x9, @remote}, &(0x7f0000000100)=0x12, 0x80000) 04:18:33 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) 04:18:33 executing program 1: r0 = fork() tgkill(r0, r0, 0x19) [ 606.334521] FAULT_INJECTION: forcing a failure. [ 606.334521] name failslab, interval 1, probability 0, space 0, times 0 [ 606.373363] CPU: 0 PID: 20680 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 606.381285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 606.390647] Call Trace: [ 606.393256] dump_stack+0x1b2/0x281 [ 606.396895] should_fail.cold+0x10a/0x149 [ 606.401055] should_failslab+0xd6/0x130 [ 606.405067] kmem_cache_alloc+0x28e/0x3c0 [ 606.409226] get_empty_filp+0x86/0x3e0 [ 606.413124] alloc_file+0x23/0x440 [ 606.416686] sock_alloc_file+0x113/0x2e0 [ 606.420754] ? sock_poll+0x220/0x220 [ 606.424483] SyS_socket+0x108/0x1b0 [ 606.428124] ? move_addr_to_kernel+0x60/0x60 04:18:33 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(r0, 0x0, &(0x7f0000000100), 0x80000) [ 606.432540] ? __do_page_fault+0x159/0xad0 [ 606.436784] ? do_syscall_64+0x4c/0x640 [ 606.440764] ? move_addr_to_kernel+0x60/0x60 [ 606.445179] do_syscall_64+0x1d5/0x640 [ 606.449169] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 606.454366] RIP: 0033:0x465f69 [ 606.457554] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 606.465267] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 606.472665] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000011 04:18:33 executing program 3: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ubi_ctrl\x00', 0x402, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={&(0x7f0000000000)="1590fb018e7edcca0a6ec3c090d5d59c4436a4cca04a548949ee6a1bb1dd53d0a7900361e5827f0b1ca8baabd944cc8d218f71c2f7925eef4fde46ac53750ac02022d181a094c8a266a87e8a7d11edbd8dd4b42a9489c5964a48ba167d54c08d1b9466c24e24dc45218126098d0655e66e7c7717f98f885c0b33930ace8839d07cb9e508409cf0eb2c8c98b68c3c97545c1e820b1a869151fe96f5c3e9ef2a18b729d0ee0f8bf19fa18772e9518f3990523eba62e5d306dbacf691a651524299426966458beed9f6fe82ffb19bd0b8ee24e3120b6d1d1b883663774a46b3547f189837b8df78004d2865c9c3a1f73654eaec59416b7849", &(0x7f0000000100)=""/154, &(0x7f00000001c0)="42c9a1bdef706e845b0a3742dad28b5bb68faeae3c963b35a273e5f737b07d2476c469c26dfe6c730f", &(0x7f0000000200)="1625284189d75ac465d121adf440ef22b39261614363b3f7f7be82a53b5dd405c68bf90e7661262bef390a00f6cf2fb230eaeb3e50834d685cb98ba1f3c7b01b94e6dcf5cf5f37c20b739d46463f5c8e49d8abdd062c1c21262c525f243a267720a388d5c9884e3283450834b7e938ffc35df273ef0441768bd2a4cc70e53600333c9b6ce7317494423c7d0ebb7f8a162c3c650a6f8a2ee40722263304e6f9125728d824eed39fe3600d0272c2ba5b683049621c49ef08a7fb0f6546837fc114dc24265afb6c8237d9e93b", 0x5, r0}, 0x38) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vim2m\x00', 0x2, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) r4 = socket(0x2, 0x7, 0x6) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440)='nl80211\x00', r4) ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f00000003c0)={0x0, 0x1, 0x4, 0x8, 0x10000, {}, {0x3, 0x2, 0x3f, 0x81, 0x9, 0x2, "3ba27bcb"}, 0x8, 0x1, @offset=0x1, 0x3, 0x0, r2}) socket(0x11, 0x3, 0x0) 04:18:33 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00', r0) r1 = syz_open_dev$usbfs(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x1, 0x10d081) ioctl$USBDEVFS_REAPURBNDELAY(r1, 0x4008550d, &(0x7f0000000100)) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000000)) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f0000000180)) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() [ 606.479943] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 606.487487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 606.495052] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:18:33 executing program 0 (fault-call:0 fault-nth:5): socket(0x11, 0x3, 0x6) 04:18:33 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) 04:18:33 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(r0, 0x0, 0x0, 0x80000) 04:18:33 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = getpid() sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x2) tgkill(0x0, r1, 0x0) getpgrp(r1) 04:18:33 executing program 3: socket(0x11, 0x3, 0x0) socketpair(0x25, 0x800, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000040)=0x7fff) 04:18:33 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) 04:18:33 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(r0, 0x0, 0x0, 0x0) [ 606.734659] FAULT_INJECTION: forcing a failure. [ 606.734659] name failslab, interval 1, probability 0, space 0, times 0 04:18:34 executing program 4: socket(0x3, 0x4, 0x10000) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c7749a76e6f3dfa3d0b3644fca2d44cdf8dc7fa7aa9101987cf08b6eb2d92d5062875d8571013124b7578014000000000000000294bca17a891410c111818deecac3f5437e22ee4db8a4fab6513694f1da2bda2b5", @ANYRESHEX, @ANYBLOB=',\x00']) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) fork() [ 606.776811] CPU: 0 PID: 20720 Comm: syz-executor.0 Not tainted 4.14.225-syzkaller #0 [ 606.785074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 606.794550] Call Trace: [ 606.797942] dump_stack+0x1b2/0x281 [ 606.801604] should_fail.cold+0x10a/0x149 [ 606.805780] should_failslab+0xd6/0x130 [ 606.809849] kmem_cache_alloc_trace+0x29a/0x3d0 [ 606.814526] apparmor_file_alloc_security+0x129/0x800 [ 606.819721] security_file_alloc+0x66/0xa0 [ 606.823957] ? selinux_is_enabled+0x5/0x50 [ 606.828200] get_empty_filp+0x15c/0x3e0 [ 606.832265] alloc_file+0x23/0x440 [ 606.835835] sock_alloc_file+0x113/0x2e0 [ 606.839929] ? sock_poll+0x220/0x220 [ 606.843653] SyS_socket+0x108/0x1b0 [ 606.847287] ? move_addr_to_kernel+0x60/0x60 [ 606.851701] ? __do_page_fault+0x159/0xad0 [ 606.856033] ? do_syscall_64+0x4c/0x640 [ 606.860015] ? move_addr_to_kernel+0x60/0x60 [ 606.864433] do_syscall_64+0x1d5/0x640 [ 606.868334] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 606.873524] RIP: 0033:0x465f69 04:18:34 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, 0x0, 0x4, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0xfffff000, 0x60}}}}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfff}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x73}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x71a8f0c6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x188}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x35}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x101}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000}, 0x20008010) [ 606.876800] RSP: 002b:00007fc2ed16e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 606.884860] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69 [ 606.892130] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000011 [ 606.899401] RBP: 00007fc2ed16e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 606.906694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 606.913969] R13: 00007ffec574b8af R14: 00007fc2ed16e300 R15: 0000000000022000 04:18:34 executing program 2: r0 = fork() tgkill(r0, r0, 0x1b) r1 = getpid() sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x2) tgkill(0x0, r1, 0x0) getpgrp(r1) 04:18:34 executing program 3: socket(0x11, 0x3, 0x0) r0 = socket(0xa, 0x80000, 0x4) sendto$phonet(r0, &(0x7f0000000000)="fbd41f2da559651ce32c8ec1c8e5e12219c8984ce282338b2c1bef2c9121955ad8cf6ecb764dbb358b1eff29c604dc62dbc76a594895864a7f6a8824daf7e4b9f1a7c4c4f1273ad7e59ea2ec7f3ab8450a0845d0ea86e98c3c4a7d12da9196345e4f94456ba4758eae73407a37a324f154306da162259bac832aae979510b6c082223563ef0bdc0ef530c53b84d8ad12e89d9e", 0x93, 0x4004084, 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$SIOCX25SCUDMATCHLEN(r1, 0x89e7, &(0x7f00000000c0)={0x39}) 04:18:34 executing program 4: sendmsg$NL80211_CMD_LEAVE_MESH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x9, 0x7e}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x240400c1}, 0x48040) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:34 executing program 0 (fault-call:0 fault-nth:6): socket(0x11, 0x3, 0x6) 04:18:34 executing program 5: socket(0x3, 0x4, 0x10000) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c7749a76e6f3dfa3d0b3644fca2d44cdf8dc7fa7aa9101987cf08b6eb2d92d5062875d8571013124b7578014000000000000000294bca17a891410c111818deecac3f5437e22ee4db8a4fab6513694f1da2bda2b5", @ANYRESHEX, @ANYBLOB=',\x00']) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) fork() 04:18:34 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f00000002c0)={0x0, 0x0, @ioapic}) 04:18:34 executing program 3: r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x1000840, 0x10}, 0xc) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) socket(0x11, 0x3, 0x0) 04:18:34 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r0, 0x300, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x80c0}, 0x44) 04:18:34 executing program 2: socket(0x11, 0x3, 0x0) r0 = socket(0xa, 0x80000, 0x4) sendto$phonet(r0, &(0x7f0000000000)="fbd41f2da559651ce32c8ec1c8e5e12219c8984ce282338b2c1bef2c9121955ad8cf6ecb764dbb358b1eff29c604dc62dbc76a594895864a7f6a8824daf7e4b9f1a7c4c4f1273ad7e59ea2ec7f3ab8450a0845d0ea86e98c3c4a7d12da9196345e4f94456ba4758eae73407a37a324f154306da162259bac832aae979510b6c082223563ef0bdc0ef530c53b84d8ad12e89d9e", 0x93, 0x4004084, 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$SIOCX25SCUDMATCHLEN(r1, 0x89e7, &(0x7f00000000c0)={0x39}) 04:18:34 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bind$can_raw(r0, &(0x7f0000000000), 0x10) 04:18:34 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendto$phonet(r0, &(0x7f0000000000)="a44bbed6fcdb5e612486f0217e3d938c677e152078b2c71d4f47e54cae32b9dfcc84128a4ecf37ff8ea400cece10e51cc4f4bd116fd4b270d10bbc91f6372996867c8d3803409ad43f340af510ae1e0cae589b6d983447ba94f246029a5b6954de36bdd50b78266fb0844d9a44d8d3acdb7da921ce99e3783b7722c5fbfb1fedd6cdbf05bb007993c15e9072185a", 0x8e, 0x881, &(0x7f00000000c0)={0x23, 0x9, 0x3e, 0x1}, 0x10) setfsuid(0x0) syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x7f, 0x101080) ioctl$USBDEVFS_CLAIMINTERFACE(r1, 0x8004550f, &(0x7f0000000140)=0x1) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) write$usbip_server(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="000000030000000000000000000000017fffffff0000007f000000f80000000300000256000000800000000000000000856635969a958300eaae897759e6d485c73ec52840212331aaefbe71969904d977ffbe61bcbeea48ceb7ed732c87096bf7f89369077b7142fec41f6f829ce92487c495f8812782532418ecc3a8c5a3c244363549b9ac56690038540b814699a8aab950e628b854d9529370035f48b4bdc851100b7a9ec2d1aa795fac3e641aa3de56c8fb16fae59fade00f91bce443810b709d0bf40fb8047331bb7b23791505391fd50e2ddfb8f1f508c9538801c68c5eb74c50e0f3019bc736454d6bfcdd3584df67e4fea432880c3fa53d3c08c8aa0e810ae5e52b687e8fff2a275f5ea1d7a72cfdc9a882a5dd7330ce95ba1a20fea73243b75d885129000004cf00000005000000070000000900000000000000b000007fff000000070000000800000002000000fc000000f4000000ff0000000200000008000000090001000000000006000000050000003b000000020000ffff00000002000068c40000046b000000010000025f0000c1630000000900000006000000010000010100000004000000080000000300000a400000b1a0000000710000010000000000000000080000040000000001000000060000e033000000080000000700000000000000040000000800000009000000060000800100000009000000020000072200000d39000000148000000100000002000000800000000300000007000000060000000200000242fffffffb000000050000000900000005000000db000000050000000600000007000000040000003f00000020800000010000003f000000800000004100000004000000090000822000000003fffffff700010001000000040000000200000006000019e2000000a900000200000008000000010000000000000000080000000900008000000080010000040000000007800000010000000700000007000010000000000100000004000000000000200000000008000000040000ffff0000000100007fff00000fff0000003f00005cd68000000000000040000000060000000900000fff000000010001000000000009fffffff8000000070000000b00008bcf0000000100000005000000028000000000000001000000027fffffff7fffffff000000070000040100000efa00000003000000070000080000000005000000060000000680000001000000810000000600000004000007ff000000ff000000010000002f000003ff00000004000000020000080000000001fffffff900008001000000090000000500000003000000050000007700005a59000011900000000300000007000003ff00000fff0000ffff0001000000000000000000400000000700000d21000007ec0000000500000001000000080000002000000009000000070000003f000000050000000400000041fffffff90000003f000000000000400000000007000002000000000200000002000004c8000060c500000a0d0000000800000001000000070000000200000008000000800000000500000005000000000000007f000000090000000300000d70000000010000004000000002000000400000000100000965000080010000000500000001000000e30000000880000001000007a1000004010000000300000001000000030000000000000c87000000070000f600000000060000000700000008000000050001000100000800000000010000000900000008000000077fffffff000000010000100000000006ffffffcf0000000000000001800000010000000200007fff00000800000000040000000400000800800000005cebe5c5000000007fffffff0000000200006c8b00000004000055b9000058bdffffffff000000460000080000009e6a0000000100000800000000050000000500000d43000000090000000400003a350000000600000f310000004200000009fffffff9000001ff00003800000100000000003f0000000100000001000010000000000700000000000000020000000700008ef000000001000000010000ffff00000006000000087ffffffffffffff8fffffffa0000000000010000fffffffe00000040fffff82300000000fffffff9000000040000070a000000010000000200000884000000000000043d00001000000000030000000500000009000000060000000d00000037000000400000000500000004000000060000ffff00000004000000080000000700000002000000040000020000000008000001000000000300001963000000090000000500000f19000000f7000000070000000800000002000000010000000000000008000000097fffffff00000054000001010000000900000006000000a40000000400000006000000030000000100000003fffffffa000000ff0000000200008001fffffffffffff8010000000000000006000000b40000ffff0000000900000008000000020000ffff0000000100000006ffff287600000089000000050000c5670000003f0000000600000001ffffff9a0000020000000100000000010000008000000001000000027fffffff000003ff00008000000000090000000600000005000000bf0000800000000004000001d300005410000007ff0000000300000009000000390000000900004ebc0000824b000000158000000100000004000000b60000000200000026000000090000000300000003fffffa230000000200000a3c0000100000000089000000070000000800000101000000007fffffff0000000535214353000000760000013b000000090000000100000005000000040000094f00000bfaffffffff800000010000070900000007fffffffe00000006000001000000000800000005000000090000464c0000000100000200000000050000000200000004000000070000000100000008000000070000020000000005fffffff9000000f900000002000100000000d2c700009e150000000200000008000000080000020000000004000000080000000000000c4300000004ffffff1c0000000500000009000000090000dc0b00000fff0000000200000008000000010000002000000004007ff800000080000000000800000006000000040000fffffffffff8000001a800000001000001017fffffff000000010000000000000005000000017fffffff0000100000000080000000010000800100000d8f000000010000000500000003000000407fffffff000000400000000600000003010000000000ef420000a493000004000000000900007fff00000009800000010000000400000000000000400000000200000009000000000000000700000401000000070000ccdc0000000100000008000000070000001f0030000000000009000000070000007f000000eb0000a047000000030000a8010000040100000008000000030000008100000069fffffe9a000004000000000800000101000000a400000001ffffffff000000b6000000f0fffffff900000004000008000000040100000004000000010000ffff8000000100000001000000040000008000000008000000060000040100000001000000f5000000060000800000000bae00000002000000020000000500000004000000010000ffff00000000ffff9bd922f4e518000000b4000000a900000002000000000000000000000007000a0000000001ff000000a980000001fffffff7000000030000000900000000000000070000800100000009000000a0000000070000000900000007000001a600000005000000090000000300000400fffffffb00002ba90000007f0000000900000001000000050000000700000005000000f100000003ffffff8000000005000000200000ee91000000003c73ae4600000400000000ff00000005000000080000ffff000000ff000000010000000400000000000004010000000500000006fffff80000000003000000010000773800000006000000000000080000000002000000ff00000000000008008000000000000008000000050000000164a55506000000050000038200000b910000000600000000000033ba000000020000000500000007000003ff00000004000000070000000600000004fffffbff000000040000005e000000050000cb6d0000000500008001000004000000800000007fff00000003000000020000000200002fdb000040000000000700001f12000000400000000300000007000000080000000300007fff000000070000003f00000008000008000000000300000005000100010000084200000009112f8b800000001f00000100000000070000000100000fff0000002f000000000000001f000000080000000000000001000000050000001f0000000600000007000000030000000800000006000100000000003b0000100000000fff000000010000000400000401000010000000000100000004000000060000003f000029f100000004fffffffb00000000000000050000ffff0000008000000009000000040000000400000004000000020000000000000006f76800000000000700008001000000060000000000008000000000030000040100000fff0000000300000059fffffff900000002000000070000000700000005000000000000000300000004000000090000000600000000000000040000008100000008000000070000001ffffff801000000080000000000000002000000090000000600000000000000080000087e000000050000006100000008000000060001000100000007000000010000000400000002000004010000010000000005000003ff00000007000000806050acd7000000020001000000000200000000080000061a000000050000000700020000ffffff08000000020000000700000243000000030000000600000003000000080001000000000000000000f0000004000000000600000001800000010000f9770000000720000000000018dd0000000600000007e41ba7f100000008000007ff00008000000000090000044a00000009fffffffe000000bc00000cabfffffff70000000500000046000000030000051c0000ffff80000001000008000000ffff00000003000000ff0000000800000938fffffffc0000000900000000000024d00000004000000007000000025bc5de6800000036631dbc790000000800000000000100010000000300000000000000020000000000008001000000040000000200000008000000800000000800000006000000050000002a00000e0100000002000000047fffffff00000003000000097d718b7b0000000400000001fffffffa00000007fffffc00000000080000056500000009000000050001000000000401000000030000000300000050000000200000000300000001000000050000007f000000070000000700000fff00000009000000000000000700000100fffffff80000080000000004000000ff00000007000000020000000100000000000022ed0000000200000003000003ff0000000600000005000000020000005c00000007000080000000000800000004000000050000010000000efa0000f87b000100010000309e0000007c000000090000000300000008000000e90000010000000001000000050000007f0000000300000fff00000006000000cd00000fff00018000000004000000007fffff5e488000000100000000000000030000000300008af8000000010000000000000007000007ff0000000000000ffb0000000000000080000000040000000900000000fffffdef00000014000000040000000300000008ffffffff0000000900010000000000ff000000030000008000000001000000080000000400000002000008000000007f000000ff0000000000000200000000000000000900000ac90000000800000004000000010000000800000100000000e60000040100000006000000090000000600002858000100010000000900000003000000020000000300000004000000030000000600010000000000000000020000000004000000300000dd1700000003000010000000000500000008000000050000000600000800000000200000000600000005000002000000008e000000070000000000000fff00000003000000070000000300000003000000000000e7ec00000401ffffffe0000000050000b8e600000080000000000000008000010000000000030000000900010001000000060000000400000003fffffffd00000001000000080000006c0000000900001000000000000000000500000005000001010000080000010001000002600000008100000002000000010000015e000000020000000300000002000000080000000800008001000000090000000300001000000005480000000900000003000050b300000000000004000000000800000005000000010000000000000000000000290000000300000400000003ff00000001000000070000000300000003000000067fffffff7fffffff00000002000000040000000100000101ffffff800000000900000000000000060000000000000008000000010000000100000009000000ae0000000000000009000000000000000000000fff000000030000000800000401000007ff000000080000007f000000c5000000060000000700000ad50000000700000007000000070000000300000020ffff42f5fffff495000000090000000800000200000000500000000200007e7b000080000000002000001000000000040000eb43000006b80000002100000008fffffff9000061c4000000090000002affffffff00000001000000000000040100000080000000000000000300000101000000ff000000080000000000000006000000090000000400000040000080010000eaee0000000e0200000000000001000000090000020000000d23000010000000000800000000000000020000000100000006000000060000010100000004000007ff000000000000007f0000000700000009ffffffff000000a70000000000000009000000010000090600000007000003cd00000000000000040000068400000003000008b7000000040000007f0000257c00000000000000080000b6e200000008000000040000008000000005000000090000000263dedddb00000081fffffffe00000008000000060000000300000002000002000000000700008000ffffffd400001000fffffffb00000001fffffff700000003000068750000000100008f020000000400000fff000007ff000002f2000000400000800000000003000003be000000030000004000000005000000040000000300000009000000050000080000000800000000050000001f000002000000004c0000000600000008000003e000000ebd0000001fffffffff0000000600000ffe0000007f000000090000088700000008000000060000000200000008000000050000000700000009000000810000000200000040000000060000000100000000000080000000000000000fffffff87bd00000000000000d8000000020000000800000005000000350000000000000009000003ff0000080a00000007fffffff8000002e000000023000000a300000006ffffffff0000000000000000fffffffffffffff7000006a1000000080000000600000003000000050000a3a900000006fffffffc000000000000dbd9000000050000007f00003ef800000f70000000010000a26200000000fffffffa800000000000000200000003000000020000007300000007000051a100000002fffffff80000000200000004000010007fffffff00010000000000030000000000000fff0000000700000008000000010001000000000000fffffffb000000000000000800000e00000000010000000400000002ffffffff0000100000000008000000090000000800000020000000080000800000000009000000090000800100000b990000000800000002000001000000000200000002000010000000000300000006000003b2000000000000000600000002000000080000001f00000101fffffff80000000000000080000000035653c544000000010000001f33ae38e90000000000007fff00000008000000080000000300000000000000810000087e0000010100000e3f000000710000ffff00000100000000020000000300004de00000000400000024000001ffffffffc1000003ff00000008000001240000000900000003000000080000000600000008000000050000001f000047230000000900000003000000098000000180000000000063d70000239e00000009fffffffb00000004000000ff00000009000000010000007f3102514300000005000000090000000400000009000080000000000000000002000000010000000300007fff0000000000000001000000060001000000000010fffffffc000000090000000500000009000000ff0000000200000722000000200000000300000002000000070000b2da0000000400000009000000ea000000070000d191000000020000000600000fff0000000300000001000000020000007b00000003fffffed0000009e200007fff000008000000100000000003000000080000069a0000007f0000000044c00000000000057fffffff0000000200000001800000010000020000000081fffffc0000000077000000060000003f000008000000007f00000007000000040000000100000006ffffffff000000ff00000003fffffffa002000000000000000000004800000008000000000000006fffffe0100010000000000020000000300000006000000000000000900008001000000070000000700000001000000010000ff470000000000000001000000050000000400000200000000050000001800000000000000e50000000700000080000000000000007e000000030000020000000001197454fe000000eb0000007f0000001f00000001000000f5ffff7fff000000090000000400000000000003ff00000007000000010000000800000006000000080000000400002d4200006c307ffffffffffffff70000003f00000000000000020000010100000002ffffffe0000000010000000900000006000000050000000700000009000000ff000061c30000000580000001000005af000000040000001f000000200000010000000009000000000000000800000100753dd2d10000f9c200000004000000d900000c880000000400000000000600000000001ffffffffffffffff90000008000000000000007ff0000000500000003000000000000000800000fff000000030000ec3a00000005000000080000250400000008000000bf0000800000000003ffffffb80000001c000000030000000100000001000001ff00000100000000070000000300000001000001ff000000020000000200000000000000090000000900000008000000d300000081000000060000000300000005fffffffc000000010000003f0000000800000001002800000000000400000009000000070000004000000009000067630000970e00c000000000000100000ae10000000600000005ffffffff00000167000100017fffffff0000010100000f5900000100000001ff000000060000001f0000001f0000000400000008fffffffb0000000500000001000080000000000400000d0d00000009000000010000ffff00007fff0000000400000fff000000ff0000010100000002000000020000000900000007000008000000000500000009000008000000000000000000000000c400000038000000400000000700000f67000000030000000500000003000000010000962d000003fffffffffe00000008fffffff70000000600006003ef20de5f3c779d7109000000000010000000000000000002000000060000000000000008000000030000adba000000018000000100004100000000000000000500007fff000000200000000300000008000000050000000400000002000000050000000600002846fffffffc00000d660000000800000002000080000000000900000009000000010000000900000002ffffffff00005cabfffffffc000000010000000000000001000001ff8000000100000003000000050000000100000400000051b4000000090000006200000007000000020000000600010000000000200000000400008432000000090000000300000080000000030000000000000008000000050000000500000008000000000000000200000007000000090000008c00000080000000047fffffff00000003000000030000000300000002000000010000000100000fff00000074000000050000080000000009ffff800100007fff0000000400000002ffffffff0000000600000006000000080000ffff000006e60000000700007fff000087210000000800008b8f000100000000000500000004000000000000000800000004fffffffd00001000000000050000000000000200000001000000000000000004000000040000007f00000005000000030000000800000006000000040000000d0000000800000005000000060000000100003f5a0000000100000401000007ff00000000000000090000000200000004000000080000b5d80000001f00000b640000000400000005000000020000051100000007ffffe6270000000600000007000000020000010100000000000000020000d5a2000080000000000000000001000000020000000300000005000004000000000000000000000000020000000200000f3a00800000ffffffff000000010000080000000003000000070000399800007fff0000800000000020000000020000074b000000a60000000300000003000000090000000700000009000000087fffffff8000000100000003000000007fffffff000000021d8ab3dd800000017fffffff00000007fffffeff0000000500000001000000070000000100000007000000030000003c0000000000000000000001000000000600000008000004000000000400000fff00000005000010000000004000000007000000040000100000000004000000000000000800000fff00000fff000000060000000600000000000000b34eda569200000003000000030000006f000000060000009a00000c9e0000003700000007000001ff000000090000001f0000000400000004000003ff00010000000000e30000927500000008000000c3000000200000000300000006000000020000000100000007621885879fc6336ffffffc140000003e0000000600000007000000060000000000000001000000020000000400000004000000090000000400000be8000010000000003f00000008000000080000e9d40000001800000006ffffffc000000007000000eb0000e2f7000000080000000300000006000000080000093a00000c6c000000a10000000800000001fffffc7c0000000200000005ffffffff0000000800000401000000070000000000000800000000020000000700008001000000050000003e000000ba0000000000000006000010000000000600000101000000010000000200000fff000000088000000180000000000007ff0000007f0000010000000e5e0000000500000009fffffff700000007000000000000000100000000000009230000000300000006000000090000000300000001000000020000a69000000007000000020000000000000008000000000000000300000005000000070000000400000000000007a6000000060000000700000007000000040000000300000d36800000010000002000000d3c00000007000000080000001f0000e5e70000000700007bdc000000030000040100000401000000010000000600000010800000010000000900000080ffffffe100000009000000070000000200010000ffff000100000e71000000040000000600000009000010000000000100000005000004010000030000000040000000000000007f0000000200a00000000000020000000700000007000000400000006400000004000000020000002000000fff0000ca0f000000020000000700000064000000000000ffff000000067fffffff000000acfffffe0000000080000000080000000600000000000009d80000000300000000000046730000001000000034000000000000000104be5fa70000000600000e640000ffff00000bf40000010100000003000000031ce07169000000067fffffff00000005000000000000002000000000000010040000ffff00000007004000000000800000000008000010000000000600007a7e00000004fffffff900000003000004010000b0220000005f00000006000000050000083d00000008000000060000ffff0000515a000000a600008000000000080000000800000008000002c500000009000000810000000000000101000000200eec5f9700000003000003ff00000020000013440000000600000093000000ff0000000900000008000000060000000100000009000000060000996400000005000000fc000000040000000000000fee4000000080000000ffffae8900000000000000810000001f00000009000000050000004000000009000001ff00000005fffffff8000000000000000700000004000000800000ffff00000dcf0000000700000831ffffffff0000004000000fc3000000fa00000400000007ff0000000172158a19800000000000ad6000000002000000040000000400000000000000ff00000009000003ad00000000000000080000000400000cb10000008100000005000000030000000200004e0c0000000500000006000001000000000500000101000000070000000900000006ffffffff000000050000000500000001000000070000000800000002000000040001000000000003000000010000000300007fff0000fad8000002000000000900000004000003ff00002597000000520000000000000001fffffffb0000d5dc00000007000008000000000600000008000000060000000500000020000000010000000200010001000000010000000600000007000000fd000000020000ffff000001000000008100000005fffffffe000004000000000300000080000000060000000900000004000000020000080000000001000008000000000400000d800000000600000002000000810000005500000200000480000000000900000424000005ce0000000300000008000000ba0000007f000004010000000900000002000067030000000300000400000000090000000400000004000000ff000000000000000700000003000000067fffffff00000001000000070000007d00000f6c000000030000000200000008000000070000000700000009000005ec0000000000000003fffffffa000003c80000000500000001000000060000100500000001000000080000003f000000050000000300009ae7000000ff000008000000ffff000000050000b8f9000000050000000400000003000000040000000500000003000000040000000600000005000000ff0000008100000006000000000000000600000007000000010000000380000001000083b900000003fffffffd0000000900000006ffffa4a9000010000000010100000001fffffffb"], 0x2688) socket(0xb, 0x8000c, 0x7) 04:18:34 executing program 1: r0 = fork() gettid() r1 = getpid() tgkill(r1, r0, 0x1b) 04:18:34 executing program 4: fork() 04:18:34 executing program 5: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r0, 0x300, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x80c0}, 0x44) 04:18:34 executing program 2: socket(0x11, 0x3, 0x0) r0 = socket(0xa, 0x80000, 0x4) sendto$phonet(r0, &(0x7f0000000000)="fbd41f2da559651ce32c8ec1c8e5e12219c8984ce282338b2c1bef2c9121955ad8cf6ecb764dbb358b1eff29c604dc62dbc76a594895864a7f6a8824daf7e4b9f1a7c4c4f1273ad7e59ea2ec7f3ab8450a0845d0ea86e98c3c4a7d12da9196345e4f94456ba4758eae73407a37a324f154306da162259bac832aae979510b6c082223563ef0bdc0ef530c53b84d8ad12e89d9e", 0x93, 0x4004084, 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$SIOCX25SCUDMATCHLEN(r1, 0x89e7, &(0x7f00000000c0)={0x39}) [ 607.453359] Bluetooth: hci0 command 0x0401 tx timeout 04:18:34 executing program 3: r0 = socket(0x11, 0x3, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, r2, 0x400, 0x70bd29, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x4, 0x3}}}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x6}, @NL80211_MESHCONF_HWMP_RANN_INTERVAL={0x6, 0x10, 0x100}]}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x841}, 0x8081) 04:18:34 executing program 5: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bind$can_raw(r0, &(0x7f0000000000), 0x10) 04:18:34 executing program 2: socket(0x11, 0x3, 0x0) r0 = socket(0xa, 0x80000, 0x4) sendto$phonet(r0, &(0x7f0000000000)="fbd41f2da559651ce32c8ec1c8e5e12219c8984ce282338b2c1bef2c9121955ad8cf6ecb764dbb358b1eff29c604dc62dbc76a594895864a7f6a8824daf7e4b9f1a7c4c4f1273ad7e59ea2ec7f3ab8450a0845d0ea86e98c3c4a7d12da9196345e4f94456ba4758eae73407a37a324f154306da162259bac832aae979510b6c082223563ef0bdc0ef530c53b84d8ad12e89d9e", 0x93, 0x4004084, 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$SIOCX25SCUDMATCHLEN(r1, 0x89e7, &(0x7f00000000c0)={0x39}) 04:18:34 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="6cf2"]) fork() 04:18:34 executing program 0: sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="63b63ef64b2ea1cbc02501000000"], 0x14}, 0x1, 0x0, 0x0, 0x894}, 0x20000084) r0 = socket(0x11, 0x3, 0x7f) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r2, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r2) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r4) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r5, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r5, 0x300, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40440d4}, 0x20) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_TDLS_OPER(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)={0x50, r3, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_OPERATION={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000080}, 0x1) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@remote={[], 0x0}, 0x6, 'veth1_to_team\x00'}) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00', r1) sendmsg$NL80211_CMD_PROBE_CLIENT(r6, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x30000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x5c, r7, 0x600, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x7f, 0x68}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004000}, 0xd090) 04:18:34 executing program 1: r0 = fork() tgkill(r0, r0, 0x27) tgkill(r0, r0, 0x1b) ioctl$SIOCPNGETOBJECT(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)=0xc7) 04:18:34 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendto$phonet(r0, &(0x7f0000000000)="a44bbed6fcdb5e612486f0217e3d938c677e152078b2c71d4f47e54cae32b9dfcc84128a4ecf37ff8ea400cece10e51cc4f4bd116fd4b270d10bbc91f6372996867c8d3803409ad43f340af510ae1e0cae589b6d983447ba94f246029a5b6954de36bdd50b78266fb0844d9a44d8d3acdb7da921ce99e3783b7722c5fbfb1fedd6cdbf05bb007993c15e9072185a", 0x8e, 0x881, &(0x7f00000000c0)={0x23, 0x9, 0x3e, 0x1}, 0x10) setfsuid(0x0) syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x7f, 0x101080) ioctl$USBDEVFS_CLAIMINTERFACE(r1, 0x8004550f, &(0x7f0000000140)=0x1) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) write$usbip_server(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="000000030000000000000000000000017fffffff0000007f000000f80000000300000256000000800000000000000000856635969a958300eaae897759e6d485c73ec52840212331aaefbe71969904d977ffbe61bcbeea48ceb7ed732c87096bf7f89369077b7142fec41f6f829ce92487c495f8812782532418ecc3a8c5a3c244363549b9ac56690038540b814699a8aab950e628b854d9529370035f48b4bdc851100b7a9ec2d1aa795fac3e641aa3de56c8fb16fae59fade00f91bce443810b709d0bf40fb8047331bb7b23791505391fd50e2ddfb8f1f508c9538801c68c5eb74c50e0f3019bc736454d6bfcdd3584df67e4fea432880c3fa53d3c08c8aa0e810ae5e52b687e8fff2a275f5ea1d7a72cfdc9a882a5dd7330ce95ba1a20fea73243b75d885129000004cf00000005000000070000000900000000000000b000007fff000000070000000800000002000000fc000000f4000000ff0000000200000008000000090001000000000006000000050000003b000000020000ffff00000002000068c40000046b000000010000025f0000c1630000000900000006000000010000010100000004000000080000000300000a400000b1a0000000710000010000000000000000080000040000000001000000060000e033000000080000000700000000000000040000000800000009000000060000800100000009000000020000072200000d39000000148000000100000002000000800000000300000007000000060000000200000242fffffffb000000050000000900000005000000db000000050000000600000007000000040000003f00000020800000010000003f000000800000004100000004000000090000822000000003fffffff700010001000000040000000200000006000019e2000000a900000200000008000000010000000000000000080000000900008000000080010000040000000007800000010000000700000007000010000000000100000004000000000000200000000008000000040000ffff0000000100007fff00000fff0000003f00005cd68000000000000040000000060000000900000fff000000010001000000000009fffffff8000000070000000b00008bcf0000000100000005000000028000000000000001000000027fffffff7fffffff000000070000040100000efa00000003000000070000080000000005000000060000000680000001000000810000000600000004000007ff000000ff000000010000002f000003ff00000004000000020000080000000001fffffff900008001000000090000000500000003000000050000007700005a59000011900000000300000007000003ff00000fff0000ffff0001000000000000000000400000000700000d21000007ec0000000500000001000000080000002000000009000000070000003f000000050000000400000041fffffff90000003f000000000000400000000007000002000000000200000002000004c8000060c500000a0d0000000800000001000000070000000200000008000000800000000500000005000000000000007f000000090000000300000d70000000010000004000000002000000400000000100000965000080010000000500000001000000e30000000880000001000007a1000004010000000300000001000000030000000000000c87000000070000f600000000060000000700000008000000050001000100000800000000010000000900000008000000077fffffff000000010000100000000006ffffffcf0000000000000001800000010000000200007fff00000800000000040000000400000800800000005cebe5c5000000007fffffff0000000200006c8b00000004000055b9000058bdffffffff000000460000080000009e6a0000000100000800000000050000000500000d43000000090000000400003a350000000600000f310000004200000009fffffff9000001ff00003800000100000000003f0000000100000001000010000000000700000000000000020000000700008ef000000001000000010000ffff00000006000000087ffffffffffffff8fffffffa0000000000010000fffffffe00000040fffff82300000000fffffff9000000040000070a000000010000000200000884000000000000043d00001000000000030000000500000009000000060000000d00000037000000400000000500000004000000060000ffff00000004000000080000000700000002000000040000020000000008000001000000000300001963000000090000000500000f19000000f7000000070000000800000002000000010000000000000008000000097fffffff00000054000001010000000900000006000000a40000000400000006000000030000000100000003fffffffa000000ff0000000200008001fffffffffffff8010000000000000006000000b40000ffff0000000900000008000000020000ffff0000000100000006ffff287600000089000000050000c5670000003f0000000600000001ffffff9a0000020000000100000000010000008000000001000000027fffffff000003ff00008000000000090000000600000005000000bf0000800000000004000001d300005410000007ff0000000300000009000000390000000900004ebc0000824b000000158000000100000004000000b60000000200000026000000090000000300000003fffffa230000000200000a3c0000100000000089000000070000000800000101000000007fffffff0000000535214353000000760000013b000000090000000100000005000000040000094f00000bfaffffffff800000010000070900000007fffffffe00000006000001000000000800000005000000090000464c0000000100000200000000050000000200000004000000070000000100000008000000070000020000000005fffffff9000000f900000002000100000000d2c700009e150000000200000008000000080000020000000004000000080000000000000c4300000004ffffff1c0000000500000009000000090000dc0b00000fff0000000200000008000000010000002000000004007ff800000080000000000800000006000000040000fffffffffff8000001a800000001000001017fffffff000000010000000000000005000000017fffffff0000100000000080000000010000800100000d8f000000010000000500000003000000407fffffff000000400000000600000003010000000000ef420000a493000004000000000900007fff00000009800000010000000400000000000000400000000200000009000000000000000700000401000000070000ccdc0000000100000008000000070000001f0030000000000009000000070000007f000000eb0000a047000000030000a8010000040100000008000000030000008100000069fffffe9a000004000000000800000101000000a400000001ffffffff000000b6000000f0fffffff900000004000008000000040100000004000000010000ffff8000000100000001000000040000008000000008000000060000040100000001000000f5000000060000800000000bae00000002000000020000000500000004000000010000ffff00000000ffff9bd922f4e518000000b4000000a900000002000000000000000000000007000a0000000001ff000000a980000001fffffff7000000030000000900000000000000070000800100000009000000a0000000070000000900000007000001a600000005000000090000000300000400fffffffb00002ba90000007f0000000900000001000000050000000700000005000000f100000003ffffff8000000005000000200000ee91000000003c73ae4600000400000000ff00000005000000080000ffff000000ff000000010000000400000000000004010000000500000006fffff80000000003000000010000773800000006000000000000080000000002000000ff00000000000008008000000000000008000000050000000164a55506000000050000038200000b910000000600000000000033ba000000020000000500000007000003ff00000004000000070000000600000004fffffbff000000040000005e000000050000cb6d0000000500008001000004000000800000007fff00000003000000020000000200002fdb000040000000000700001f12000000400000000300000007000000080000000300007fff000000070000003f00000008000008000000000300000005000100010000084200000009112f8b800000001f00000100000000070000000100000fff0000002f000000000000001f000000080000000000000001000000050000001f0000000600000007000000030000000800000006000100000000003b0000100000000fff000000010000000400000401000010000000000100000004000000060000003f000029f100000004fffffffb00000000000000050000ffff0000008000000009000000040000000400000004000000020000000000000006f76800000000000700008001000000060000000000008000000000030000040100000fff0000000300000059fffffff900000002000000070000000700000005000000000000000300000004000000090000000600000000000000040000008100000008000000070000001ffffff801000000080000000000000002000000090000000600000000000000080000087e000000050000006100000008000000060001000100000007000000010000000400000002000004010000010000000005000003ff00000007000000806050acd7000000020001000000000200000000080000061a000000050000000700020000ffffff08000000020000000700000243000000030000000600000003000000080001000000000000000000f0000004000000000600000001800000010000f9770000000720000000000018dd0000000600000007e41ba7f100000008000007ff00008000000000090000044a00000009fffffffe000000bc00000cabfffffff70000000500000046000000030000051c0000ffff80000001000008000000ffff00000003000000ff0000000800000938fffffffc0000000900000000000024d00000004000000007000000025bc5de6800000036631dbc790000000800000000000100010000000300000000000000020000000000008001000000040000000200000008000000800000000800000006000000050000002a00000e0100000002000000047fffffff00000003000000097d718b7b0000000400000001fffffffa00000007fffffc00000000080000056500000009000000050001000000000401000000030000000300000050000000200000000300000001000000050000007f000000070000000700000fff00000009000000000000000700000100fffffff80000080000000004000000ff00000007000000020000000100000000000022ed0000000200000003000003ff0000000600000005000000020000005c00000007000080000000000800000004000000050000010000000efa0000f87b000100010000309e0000007c000000090000000300000008000000e90000010000000001000000050000007f0000000300000fff00000006000000cd00000fff00018000000004000000007fffff5e488000000100000000000000030000000300008af8000000010000000000000007000007ff0000000000000ffb0000000000000080000000040000000900000000fffffdef00000014000000040000000300000008ffffffff0000000900010000000000ff000000030000008000000001000000080000000400000002000008000000007f000000ff0000000000000200000000000000000900000ac90000000800000004000000010000000800000100000000e60000040100000006000000090000000600002858000100010000000900000003000000020000000300000004000000030000000600010000000000000000020000000004000000300000dd1700000003000010000000000500000008000000050000000600000800000000200000000600000005000002000000008e000000070000000000000fff00000003000000070000000300000003000000000000e7ec00000401ffffffe0000000050000b8e600000080000000000000008000010000000000030000000900010001000000060000000400000003fffffffd00000001000000080000006c0000000900001000000000000000000500000005000001010000080000010001000002600000008100000002000000010000015e000000020000000300000002000000080000000800008001000000090000000300001000000005480000000900000003000050b300000000000004000000000800000005000000010000000000000000000000290000000300000400000003ff00000001000000070000000300000003000000067fffffff7fffffff00000002000000040000000100000101ffffff800000000900000000000000060000000000000008000000010000000100000009000000ae0000000000000009000000000000000000000fff000000030000000800000401000007ff000000080000007f000000c5000000060000000700000ad50000000700000007000000070000000300000020ffff42f5fffff495000000090000000800000200000000500000000200007e7b000080000000002000001000000000040000eb43000006b80000002100000008fffffff9000061c4000000090000002affffffff00000001000000000000040100000080000000000000000300000101000000ff000000080000000000000006000000090000000400000040000080010000eaee0000000e0200000000000001000000090000020000000d23000010000000000800000000000000020000000100000006000000060000010100000004000007ff000000000000007f0000000700000009ffffffff000000a70000000000000009000000010000090600000007000003cd00000000000000040000068400000003000008b7000000040000007f0000257c00000000000000080000b6e200000008000000040000008000000005000000090000000263dedddb00000081fffffffe00000008000000060000000300000002000002000000000700008000ffffffd400001000fffffffb00000001fffffff700000003000068750000000100008f020000000400000fff000007ff000002f2000000400000800000000003000003be000000030000004000000005000000040000000300000009000000050000080000000800000000050000001f000002000000004c0000000600000008000003e000000ebd0000001fffffffff0000000600000ffe0000007f000000090000088700000008000000060000000200000008000000050000000700000009000000810000000200000040000000060000000100000000000080000000000000000fffffff87bd00000000000000d8000000020000000800000005000000350000000000000009000003ff0000080a00000007fffffff8000002e000000023000000a300000006ffffffff0000000000000000fffffffffffffff7000006a1000000080000000600000003000000050000a3a900000006fffffffc000000000000dbd9000000050000007f00003ef800000f70000000010000a26200000000fffffffa800000000000000200000003000000020000007300000007000051a100000002fffffff80000000200000004000010007fffffff00010000000000030000000000000fff0000000700000008000000010001000000000000fffffffb000000000000000800000e00000000010000000400000002ffffffff0000100000000008000000090000000800000020000000080000800000000009000000090000800100000b990000000800000002000001000000000200000002000010000000000300000006000003b2000000000000000600000002000000080000001f00000101fffffff80000000000000080000000035653c544000000010000001f33ae38e90000000000007fff00000008000000080000000300000000000000810000087e0000010100000e3f000000710000ffff00000100000000020000000300004de00000000400000024000001ffffffffc1000003ff00000008000001240000000900000003000000080000000600000008000000050000001f000047230000000900000003000000098000000180000000000063d70000239e00000009fffffffb00000004000000ff00000009000000010000007f3102514300000005000000090000000400000009000080000000000000000002000000010000000300007fff0000000000000001000000060001000000000010fffffffc000000090000000500000009000000ff0000000200000722000000200000000300000002000000070000b2da0000000400000009000000ea000000070000d191000000020000000600000fff0000000300000001000000020000007b00000003fffffed0000009e200007fff000008000000100000000003000000080000069a0000007f0000000044c00000000000057fffffff0000000200000001800000010000020000000081fffffc0000000077000000060000003f000008000000007f00000007000000040000000100000006ffffffff000000ff00000003fffffffa002000000000000000000004800000008000000000000006fffffe0100010000000000020000000300000006000000000000000900008001000000070000000700000001000000010000ff470000000000000001000000050000000400000200000000050000001800000000000000e50000000700000080000000000000007e000000030000020000000001197454fe000000eb0000007f0000001f00000001000000f5ffff7fff000000090000000400000000000003ff00000007000000010000000800000006000000080000000400002d4200006c307ffffffffffffff70000003f00000000000000020000010100000002ffffffe0000000010000000900000006000000050000000700000009000000ff000061c30000000580000001000005af000000040000001f000000200000010000000009000000000000000800000100753dd2d10000f9c200000004000000d900000c880000000400000000000600000000001ffffffffffffffff90000008000000000000007ff0000000500000003000000000000000800000fff000000030000ec3a00000005000000080000250400000008000000bf0000800000000003ffffffb80000001c000000030000000100000001000001ff00000100000000070000000300000001000001ff000000020000000200000000000000090000000900000008000000d300000081000000060000000300000005fffffffc000000010000003f0000000800000001002800000000000400000009000000070000004000000009000067630000970e00c000000000000100000ae10000000600000005ffffffff00000167000100017fffffff0000010100000f5900000100000001ff000000060000001f0000001f0000000400000008fffffffb0000000500000001000080000000000400000d0d00000009000000010000ffff00007fff0000000400000fff000000ff0000010100000002000000020000000900000007000008000000000500000009000008000000000000000000000000c400000038000000400000000700000f67000000030000000500000003000000010000962d000003fffffffffe00000008fffffff70000000600006003ef20de5f3c779d7109000000000010000000000000000002000000060000000000000008000000030000adba000000018000000100004100000000000000000500007fff000000200000000300000008000000050000000400000002000000050000000600002846fffffffc00000d660000000800000002000080000000000900000009000000010000000900000002ffffffff00005cabfffffffc000000010000000000000001000001ff8000000100000003000000050000000100000400000051b4000000090000006200000007000000020000000600010000000000200000000400008432000000090000000300000080000000030000000000000008000000050000000500000008000000000000000200000007000000090000008c00000080000000047fffffff00000003000000030000000300000002000000010000000100000fff00000074000000050000080000000009ffff800100007fff0000000400000002ffffffff0000000600000006000000080000ffff000006e60000000700007fff000087210000000800008b8f000100000000000500000004000000000000000800000004fffffffd00001000000000050000000000000200000001000000000000000004000000040000007f00000005000000030000000800000006000000040000000d0000000800000005000000060000000100003f5a0000000100000401000007ff00000000000000090000000200000004000000080000b5d80000001f00000b640000000400000005000000020000051100000007ffffe6270000000600000007000000020000010100000000000000020000d5a2000080000000000000000001000000020000000300000005000004000000000000000000000000020000000200000f3a00800000ffffffff000000010000080000000003000000070000399800007fff0000800000000020000000020000074b000000a60000000300000003000000090000000700000009000000087fffffff8000000100000003000000007fffffff000000021d8ab3dd800000017fffffff00000007fffffeff0000000500000001000000070000000100000007000000030000003c0000000000000000000001000000000600000008000004000000000400000fff00000005000010000000004000000007000000040000100000000004000000000000000800000fff00000fff000000060000000600000000000000b34eda569200000003000000030000006f000000060000009a00000c9e0000003700000007000001ff000000090000001f0000000400000004000003ff00010000000000e30000927500000008000000c3000000200000000300000006000000020000000100000007621885879fc6336ffffffc140000003e0000000600000007000000060000000000000001000000020000000400000004000000090000000400000be8000010000000003f00000008000000080000e9d40000001800000006ffffffc000000007000000eb0000e2f7000000080000000300000006000000080000093a00000c6c000000a10000000800000001fffffc7c0000000200000005ffffffff0000000800000401000000070000000000000800000000020000000700008001000000050000003e000000ba0000000000000006000010000000000600000101000000010000000200000fff000000088000000180000000000007ff0000007f0000010000000e5e0000000500000009fffffff700000007000000000000000100000000000009230000000300000006000000090000000300000001000000020000a69000000007000000020000000000000008000000000000000300000005000000070000000400000000000007a6000000060000000700000007000000040000000300000d36800000010000002000000d3c00000007000000080000001f0000e5e70000000700007bdc000000030000040100000401000000010000000600000010800000010000000900000080ffffffe100000009000000070000000200010000ffff000100000e71000000040000000600000009000010000000000100000005000004010000030000000040000000000000007f0000000200a00000000000020000000700000007000000400000006400000004000000020000002000000fff0000ca0f000000020000000700000064000000000000ffff000000067fffffff000000acfffffe0000000080000000080000000600000000000009d80000000300000000000046730000001000000034000000000000000104be5fa70000000600000e640000ffff00000bf40000010100000003000000031ce07169000000067fffffff00000005000000000000002000000000000010040000ffff00000007004000000000800000000008000010000000000600007a7e00000004fffffff900000003000004010000b0220000005f00000006000000050000083d00000008000000060000ffff0000515a000000a600008000000000080000000800000008000002c500000009000000810000000000000101000000200eec5f9700000003000003ff00000020000013440000000600000093000000ff0000000900000008000000060000000100000009000000060000996400000005000000fc000000040000000000000fee4000000080000000ffffae8900000000000000810000001f00000009000000050000004000000009000001ff00000005fffffff8000000000000000700000004000000800000ffff00000dcf0000000700000831ffffffff0000004000000fc3000000fa00000400000007ff0000000172158a19800000000000ad6000000002000000040000000400000000000000ff00000009000003ad00000000000000080000000400000cb10000008100000005000000030000000200004e0c0000000500000006000001000000000500000101000000070000000900000006ffffffff000000050000000500000001000000070000000800000002000000040001000000000003000000010000000300007fff0000fad8000002000000000900000004000003ff00002597000000520000000000000001fffffffb0000d5dc00000007000008000000000600000008000000060000000500000020000000010000000200010001000000010000000600000007000000fd000000020000ffff000001000000008100000005fffffffe000004000000000300000080000000060000000900000004000000020000080000000001000008000000000400000d800000000600000002000000810000005500000200000480000000000900000424000005ce0000000300000008000000ba0000007f000004010000000900000002000067030000000300000400000000090000000400000004000000ff000000000000000700000003000000067fffffff00000001000000070000007d00000f6c000000030000000200000008000000070000000700000009000005ec0000000000000003fffffffa000003c80000000500000001000000060000100500000001000000080000003f000000050000000300009ae7000000ff000008000000ffff000000050000b8f9000000050000000400000003000000040000000500000003000000040000000600000005000000ff0000008100000006000000000000000600000007000000010000000380000001000083b900000003fffffffd0000000900000006ffffa4a9000010000000010100000001fffffffb"], 0x2688) socket(0xb, 0x8000c, 0x7) 04:18:34 executing program 3: r0 = socket(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0)='nl80211\x00', r0) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, r3, 0x2, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x2f}, @val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7a, 0x13}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x8805}, 0x24004080) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r4) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000180)='SEG6\x00', r0) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r5, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_SECRET={0x10, 0x4, [0x19d7, 0x0, 0x8]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20006040}, 0x4040041) ioctl$KVM_ASSIGN_PCI_DEVICE(r4, 0x8040ae69, &(0x7f0000000400)={0x1f, 0x1, 0x9, 0x1, 0x3}) sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@SEG6_ATTR_SECRET={0x10, 0x4, [0x5, 0x2, 0x4]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040}, 0x800) 04:18:35 executing program 4: r0 = userfaultfd(0x0) select(0x40, &(0x7f0000000040)={0xd8, 0xfffffffffffffc01, 0x8, 0x5, 0x7ff, 0x2, 0x7, 0xffffffffffffffc1}, &(0x7f0000000080)={0x38, 0x4, 0xfffffffffffffffc, 0x7, 0x7, 0x1, 0x4}, &(0x7f0000000100)={0x6, 0x4, 0x100000000, 0x80000001, 0x4, 0x9, 0xfffffffffffffff9, 0x1}, &(0x7f0000000140)) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x2162c58, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=dn\x00', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',\x00']) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0x2}, 0x6) fork() 04:18:35 executing program 2: socket(0x11, 0x3, 0x0) r0 = socket(0xa, 0x80000, 0x4) sendto$phonet(r0, &(0x7f0000000000)="fbd41f2da559651ce32c8ec1c8e5e12219c8984ce282338b2c1bef2c9121955ad8cf6ecb764dbb358b1eff29c604dc62dbc76a594895864a7f6a8824daf7e4b9f1a7c4c4f1273ad7e59ea2ec7f3ab8450a0845d0ea86e98c3c4a7d12da9196345e4f94456ba4758eae73407a37a324f154306da162259bac832aae979510b6c082223563ef0bdc0ef530c53b84d8ad12e89d9e", 0x93, 0x4004084, 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) [ 607.773436] Bluetooth: hci3 command 0x0401 tx timeout 04:18:35 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x9, 0x189040) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000040)) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000200)={0x5, &(0x7f00000001c0)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000180)={r1, &(0x7f0000000080)=""/199}) r2 = fork() tgkill(r2, r2, 0x1b) 04:18:35 executing program 3: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:35 executing program 5: r0 = socket(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0)='nl80211\x00', r0) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, r3, 0x2, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x2f}, @val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7a, 0x13}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x8805}, 0x24004080) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r4) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000180)='SEG6\x00', r0) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r5, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_SECRET={0x10, 0x4, [0x19d7, 0x0, 0x8]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20006040}, 0x4040041) ioctl$KVM_ASSIGN_PCI_DEVICE(r4, 0x8040ae69, &(0x7f0000000400)={0x1f, 0x1, 0x9, 0x1, 0x3}) sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@SEG6_ATTR_SECRET={0x10, 0x4, [0x5, 0x2, 0x4]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040}, 0x800) 04:18:35 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = socket(0x2a, 0x4, 0x1) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='C', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',fscache,version=9p2000.L,func=MMAP_CHECK,audit,subj_type=/dev/bus/usb/00#/00#\x00,\x00']) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x84, r1, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xd}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x15}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x64}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x9}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1f}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x26}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x81}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xaa82943}], @NL80211_ATTR_DURATION={0x8}]}, 0x84}, 0x1, 0x0, 0x0, 0x1004c810}, 0x40881) 04:18:35 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@cache_none='cache=none'}, {@version_u='version=9p2000.u'}, {@access_user='access=user'}]}}) fork() 04:18:35 executing program 2: socket(0x11, 0x3, 0x0) r0 = socket(0xa, 0x80000, 0x4) sendto$phonet(r0, &(0x7f0000000000)="fbd41f2da559651ce32c8ec1c8e5e12219c8984ce282338b2c1bef2c9121955ad8cf6ecb764dbb358b1eff29c604dc62dbc76a594895864a7f6a8824daf7e4b9f1a7c4c4f1273ad7e59ea2ec7f3ab8450a0845d0ea86e98c3c4a7d12da9196345e4f94456ba4758eae73407a37a324f154306da162259bac832aae979510b6c082223563ef0bdc0ef530c53b84d8ad12e89d9e", 0x93, 0x4004084, 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 04:18:35 executing program 3: r0 = socket(0x11, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @inquiry={{0x401, 0x5}, {"aa80a6", 0x6, 0x3}}}, 0x9) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) 04:18:35 executing program 1: r0 = socket(0x28, 0x5, 0x7f) getsockopt$inet6_dccp_int(r0, 0x21, 0xb8016d3a9ebd4696, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = fork() r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0x9, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x300, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x0, 0x66}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00', r0) tgkill(r1, r1, 0x1b) 04:18:35 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:35 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x103, 0x10000) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}, 0x2}) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) r3 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x1, 0x400) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00', r3) fork() 04:18:35 executing program 0: socket(0x11, 0x3, 0x6) socket$can_bcm(0x1d, 0x2, 0x2) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x10000, 0x3, 0x3000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) 04:18:35 executing program 2: socket(0x11, 0x3, 0x0) r0 = socket(0xa, 0x80000, 0x4) sendto$phonet(r0, &(0x7f0000000000)="fbd41f2da559651ce32c8ec1c8e5e12219c8984ce282338b2c1bef2c9121955ad8cf6ecb764dbb358b1eff29c604dc62dbc76a594895864a7f6a8824daf7e4b9f1a7c4c4f1273ad7e59ea2ec7f3ab8450a0845d0ea86e98c3c4a7d12da9196345e4f94456ba4758eae73407a37a324f154306da162259bac832aae979510b6c082223563ef0bdc0ef530c53b84d8ad12e89d9e", 0x93, 0x4004084, 0x0, 0x0) 04:18:35 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0xfffe000000000000, 0x30040) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@remote={[], 0x3}, 0x6, 'veth1_virt_wifi\x00'}) 04:18:35 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:35 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="da89f843e2b590d5f085579ec2a86724ab88e117736c706435cc6a24af11895906449894f9a047bf329d79a86c84c3f911e7270ef4d79b9886126538587b6ff3d2c89b478fa3e764cf9202599fa66197cefe99ed1b3adc573bb4ce4d51784c88edfbb6fdbd1440367ea6af3ba41d0029008ca1ae235ac23abce50e4fda0db91faf2f221248a3d5e4ade46bff2cb44436fec73505f90f69fd02763329e4cb", @ANYRESHEX, @ANYBLOB=',\x00']) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x40, 0x42040) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000180)={r0, &(0x7f0000000040)="e1602b77892df3fe8c6536b35fb72893bada7c0bee0ca9a080e9c7db2d846dd9e022a5a8b14667360366c5f944fd48b023854eb45a29afe8576a91e4842618edfa5c9b0fbe08cab21b22e328ac60020427fc041c02345b569823cdf626", &(0x7f0000000100)=""/87, 0x4}, 0x20) ioctl$KVM_GET_NR_MMU_PAGES(r0, 0xae45, 0x985) fork() 04:18:35 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) getpgrp(r1) 04:18:35 executing program 3: socket(0x11, 0x3, 0x0) socketpair(0x1e, 0x2, 0x82f, &(0x7f0000000000)) 04:18:35 executing program 0: socket(0x9f1fe8db503ffd3a, 0x5, 0x80000000) socket(0xc198aec60efcfb7a, 0xa, 0x80) r0 = socket(0x8, 0x2, 0x2) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', r0) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000226bd7000fddbdf250700008f0a00180003030303030200000000000000030303030300001410040076657468305f8a6f5f68737200000000"], 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0) 04:18:35 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:35 executing program 2: socket(0x11, 0x3, 0x0) socket(0xa, 0x80000, 0x4) 04:18:35 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0xfff, 0x6a, 0x10001, 0x10, 0x1, 0x9, [], 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x40) socketpair(0x27, 0x80000, 0x6, &(0x7f0000001180)={0xffffffffffffffff}) connect$nfc_raw(r1, &(0x7f00000011c0)={0x27, 0x0, 0x0, 0x1}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000001140)={r0, &(0x7f00000000c0)="3fab673c93663a561acbc8fdff6fa546a2e3bbe066a6e72e17c33010b01a27b782cc0334dff6f110479234c395500ad16c272df1a40e81318a9844eb8c22b93eeb46d3247a28e8abf5da0f54d8f55d9ad5234280584f628fa201b0d38b927b6f17de5296631d3e", &(0x7f0000000140)=""/4096}, 0x20) socket(0x11, 0x3, 0x0) 04:18:35 executing program 4: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000040)=0xc) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000000080)={0x7fff, 0x8, 0x8c7, 0x2, 0x0, 0x0, 0x14, "d1c89c77b433ee9ec6fbbfddca7408f5433ceed8", "a6553b763d9be341689177fda5286addd664cdbe"}) mount$9p_fd(0x0, 0x0, 0x0, 0x4c92, &(0x7f0000000100)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r0}}, {@privport='privport'}, {@noextend='noextend'}]}}) fork() 04:18:35 executing program 5: recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:35 executing program 0: r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00', 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', r1) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x68, r0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x68}, 0x1, 0x0, 0x0, 0x8c84}, 0x40010) sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0x58, r0, 0x20, 0x70bd27, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast2}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast2}]}, 0x58}, 0x1, 0x0, 0x0, 0x44010}, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0\x00', 0x670182, 0x0) r2 = socket(0x11, 0x3, 0x6) bind$can_raw(r2, &(0x7f0000000140), 0x10) 04:18:35 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x1e}, @val={0x8}, @val={0xc, 0x99, {0xffffff00, 0x46}}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x24000054}, 0x1810) r1 = fork() getpid() r2 = getpid() tgkill(0x0, r2, 0x0) tgkill(r2, r1, 0x33) 04:18:35 executing program 2: socket(0xa, 0x80000, 0x4) 04:18:35 executing program 3: socket(0xa, 0x6, 0x0) 04:18:35 executing program 5: recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:35 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="0f20d86635200000000f22d82681640fcad70f35260fc7bf12630f01cbf2ad66b80500000066b9042b00000f01d9b8f8008ed8440f20c066350f000000440f22c06232", 0x43}], 0x1, 0x1, &(0x7f0000000140)=[@efer={0x2, 0x4000}], 0x1) fork() syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0xd9, 0x2) 04:18:35 executing program 0: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c7766646e6f3df0b7aa5aac226228b378f23d8418d299653f346b4b3832efa8fa20eef7279509b19ccc8ea022bf26b9409ff64ec53e858856d18e449660db088e30beccd6f01ee0f1e00e7f9c17480ee3661dc4e4c87ae31d47fb41d876152ec15f994138badb2896ba62c823aeb0ab01022c7c030fd435a0dcff95fc867f92ada1d1d02f1c77f44a5d07d3d801463d2ff77d9db5d58a9efdc2062da8c6cae7d6ee360abc37c88f38a47f11492a7fc0e5a1acb9a950c3d08976c3502a2a28f5b85d0557dae4da6d38b21ac435e96a12449840c74e8cec312e45da716d493cfa8f1ac10ed278896034", @ANYRESHEX=r1, @ANYBLOB=',fscache,version=9p2000.L,func=MMAP_CHECK,audit,subj_type=/dev/bus/usb/00#/00#\x00,\x00']) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000180)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x58, 0x0, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x20000801) r3 = socket(0x8, 0x3, 0x6) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r4) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000b80)=ANY=[@ANYBLOB="7801250000", @ANYRES16=r5, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f00000006c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000540)={0x108, r5, 0x2, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x9c7d, 0x2e}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x28}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x12d}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16df}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x8}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x401}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15a4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0xca3665ac56929069}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2ce}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1d43}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x93}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}]]}, 0x108}, 0x1, 0x0, 0x0, 0x715566546029e437}, 0x1) 04:18:35 executing program 3: r0 = socket(0x11, 0x3, 0x0) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000040)) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00', r0) r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SDTEFACILITIES(r2, 0x89eb, &(0x7f00000004c0)={0x8, 0x1000, 0x2, 0x2, 0x77, 0x6, 0x16, "58d79303d018f6a0b90d4f37055003d11991b486", "e9eca800e3f13ff6d43a49a885b157a51950fc76"}) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00', r5) sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r6, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0x34}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x80, r6, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_DST={0x14, 0x1, @local}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x47}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DST={0x14, 0x1, @remote}]}, 0x80}, 0x1, 0x0, 0x0, 0x40800}, 0x4) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xb8, r1, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x20}, @val={0x8, 0x3, r7}, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x18, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "9d997e95f7cfe44fb90848a87b2b3a131f76c4028f3494bf"}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "b6a27a8689a929c63ca4b1b926c1c8a667a89c922f6a0b20"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "7d38043af9bd255c18cdf553be74c2c8dc8e8fce26eee02c"}]]}, 0xb8}, 0x1, 0x0, 0x0, 0x800}, 0xc0) 04:18:35 executing program 1: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x6) r1 = getpid() tgkill(0x0, r1, 0x1c) getpgid(0x0) getpgrp(r1) tgkill(r0, r0, 0x1b) 04:18:36 executing program 5: recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:36 executing program 2: socket(0x0, 0x80000, 0x4) 04:18:36 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={@null=' \x00', 0x8, 'caif0\x00'}) socket(0x11, 0x3, 0x0) 04:18:36 executing program 0: socket(0x11, 0x3, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x3, 0x103540) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x88, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x51}}}}, [@chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x39d}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x482f}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x7}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x5}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x5}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x233}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]]}, 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x20004000) 04:18:36 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = fork() ptrace$peekuser(0x3, r0, 0xa4) 04:18:36 executing program 1: pipe2$9p(&(0x7f0000000000), 0x80000) r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc) gettid() setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xf, &(0x7f0000000100)="56e88d93511e969069bb5876f0e4a328fb73bcc78f5ae90aaa648b9edb6a822fa3b08516b78fb07f112a404348f3709ed2153dfc0914901867813f8d4c39fbc732eee80d19b980944ae8377e2d28e80369cef4d10cebedb757b1ac80fb178ee56442ae90a926b65244752a02ae91c5090b55be86489c962576650e39db6c87e4bbca84572aa150b2dd0c20ae2f6e6ad65bfdcf9222beb1c1d5b16eb82ad00c91", 0xa0) tgkill(r0, r0, 0x31) tgkill(r0, 0xffffffffffffffff, 0x1d) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x1) 04:18:36 executing program 5: r0 = socket(0x0, 0x3, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:36 executing program 3: socket(0x11, 0x3, 0x0) r0 = socket(0x3, 0x80000, 0x81) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xec, r2, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x0, 0x48}}}}, [@NL80211_ATTR_MESH_CONFIG={0x4c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x8000}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x7}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x80}, @NL80211_MESHCONF_RSSI_THRESHOLD={0x8, 0x14, 0xffffffffffffff10}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0x87}, @NL80211_MESHCONF_PATH_REFRESH_TIME={0x8, 0x9, 0x8}, @NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x1f}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x53}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0xff}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x6d}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x9, 0x73}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x5f}, @NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0xfffe}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x6}]}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x2, 0x13}}, @NL80211_ATTR_MESH_CONFIG={0x3c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0xdf}, @NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0xb2}, @NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0x7}, @NL80211_MESHCONF_RSSI_THRESHOLD={0x8, 0x14, 0xfffffffffffffff9}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x7}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x68}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x7}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x8080}, 0x48001) 04:18:36 executing program 2: socket(0x0, 0x80000, 0x4) 04:18:36 executing program 0: syz_usbip_server_init(0x3) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000000)={0x0, @sdr={0x39565559, 0xffffffff}}) socket(0x1e, 0x5, 0x1a) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000240)={0x3, &(0x7f0000000200)=[{}, {0x0}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r1, 0xc010641d, &(0x7f0000001280)={r2, &(0x7f0000000280)=""/4096}) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000100)={0x2, @raw_data="ced7813a904b83785b23da1dd8dcdd88b892ad77f5ac9c6edc0b9052dc7855de82a3c6729721676a7ecc129ed8c5e658e95bf4bf26bdd6c66e9206ceeff654de595eb9f25b884c0ba44275a4f51540ea182f974541cff1ba7bb2ead925897f0c32aa19ca790130ee36423c216293ec65cbc1ddf388272f250cd121d8c3e79b321872651734c3a93196b90bb799bd517fee1dbdc327ace2e2dc45ca2decd8f65e006eee6834d36ad4e6ff3264e6ee92ed47461255dfefc3d22c1b536140b1604ab1cb861d35d1c21d"}) 04:18:36 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="7472616e733d661fa675dbb5b55e38", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00']) fork() ioctl$SIOCX25SCUDMATCHLEN(0xffffffffffffffff, 0x89e7, &(0x7f0000000000)={0x5d}) 04:18:36 executing program 2: socket(0x0, 0x80000, 0x4) 04:18:36 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) ptrace$peekuser(0x3, r0, 0x867) [ 609.123962] vhci_hcd vhci_hcd.0: port 0 already used 04:18:36 executing program 3: r0 = socket(0x11, 0x3, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40020000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x400, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void, @val={0xc, 0x99, {0x77e709f6, 0x7d}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) 04:18:36 executing program 5: r0 = socket(0x0, 0x3, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:36 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x260646c4ce1eb35, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x4a4, 0x45}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000280)={&(0x7f0000000240)=[0x0, 0x0], 0x2}) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}) ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000340)={r2, 0x5, 0xffffff7f, 0x1, 0xffff0000, 0x200, 0x7fffffff, 0xc5a4, 0x0, 0x8001, 0x10001, 0xa7}) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000140)={@null=' \x00', 0x2, 'veth1_to_hsr\x00'}) 04:18:36 executing program 2: socket(0xa, 0x0, 0x4) 04:18:36 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r1, 0x8, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x4}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x400}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x20000000) 04:18:36 executing program 1: r0 = fork() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = socket(0x2c, 0x2, 0x7ff) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r3) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r4, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r6 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r5, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r5, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_RADAR_DETECT(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r4, 0x300, 0x70bd27, 0x8, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x7, 0x6b}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xffff8000}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3c}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x557a24e99bca3002) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) tgkill(r0, r0, 0x1b) fork() 04:18:36 executing program 5: r0 = socket(0x0, 0x3, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:36 executing program 2: socket(0xa, 0x0, 0x0) [ 609.543296] Bluetooth: hci0 command 0x0401 tx timeout 04:18:36 executing program 0: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000080)={{@host, 0x800}, 0x0, 0x0, 0x100}) r1 = socket(0x23, 0x5, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00', 0xffffffffffffffff) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000280)={0x2, [0x7, 0x80000000], 0x5}, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fddbdf251d00000008000300", @ANYRES32=r2, @ANYBLOB="0c009900000400006d00000008000500350000259d732e06932b600006000000"], 0x3c}, 0x1, 0x0, 0x0, 0x2400a0a0}, 0x20004000) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r3) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000a00)=ANY=[@ANYBLOB="b4151c36f97abaea74015f5e", @ANYRES16=r4, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd2076122f4bfd0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdfc5a0f46cb0ba0b0e24fcf61641fc69ced78ac07bc80b05055fbaa77459b4ee3314a104e2e6e9749bc92ff9def16c34ea8b296e19290de65793177ab2080d13abfe5ecbfc1a1bf38cdeb1106377b0a5e1b40c6768bcd82c9f1554616a6b73cde7d42b5f14dc8ea870020e64b97b2fe0784311ee9e58c240af46aa866c92bb7d2de90e2f522c8dfab32eb616395f8a6155db23a086a06ea14adea8cb34ba3e879b7a7706a657c3ed5345b32e4a2322a943d8b45089399199bb34544fecdd6d5b9035f3bd6161643b949717ac4eae010176c07590fbcdbcecc21f9899eb6f7de3b7cbeedce702efa2d6caadc2c65a78df157952b74d270334e5c7dbb6"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xec, r4, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x18, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x40}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "51022317319a9f96"}]}, @NL80211_ATTR_REKEY_DATA={0x7c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "c93d52b007b61914"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3f}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "0d6311f13e54a015"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "ceb652e6b595775b"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "222efefc4cf8980a"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="929ea88045d8751bf438d14b0da1541dd16889e9c316b242"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="fa64e3a33e25555d8c04b2eceecd411e212b581ce922c5af"}]}, @NL80211_ATTR_REKEY_DATA={0x38, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "a5a0c1610b913643"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="6af8fb5e0243a43748d4db282965561d"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="459445e535d75662e39722c0a49363c4"}]}, @NL80211_ATTR_REKEY_DATA={0xc, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xaa7}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x8000}, 0x80) 04:18:36 executing program 3: pselect6(0x40, &(0x7f0000000000)={0x63ad, 0x1, 0x100000000, 0xa3, 0x8e6, 0x80000000, 0xfff, 0x6d81}, &(0x7f0000000040)={0x86, 0x3, 0x100, 0x7, 0x2, 0x401, 0xc4, 0x7fffffff}, &(0x7f0000000080)={0x7, 0x3ff, 0x9, 0xfffffffffffffff9, 0x8, 0x8, 0x2, 0x6}, &(0x7f00000000c0), &(0x7f0000000140)={&(0x7f0000000100)={[0x1]}, 0x8}) socket(0x11, 0x3, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000380)='NLBL_MGMT\x00', 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180)='NLBL_MGMT\x00', r0) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240)='NLBL_MGMT\x00', r0) sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x68, r1, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0={0xfc, 0x0, [], 0x1}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @rand_addr=0x64010101}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0={0xfc, 0x0, [], 0x1}}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x21}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4000001) 04:18:36 executing program 5: r0 = socket(0x11, 0x0, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:36 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = gettid() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x3) 04:18:36 executing program 1: pipe2$9p(0x0, 0x0) r0 = fork() ptrace$peekuser(0x3, 0x0, 0x4) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, &(0x7f0000000040)={{@any, 0x2288}, 0x1, 0x3, 0x1f}) tgkill(r0, r0, 0x0) 04:18:36 executing program 2: r0 = fork() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = socket(0x2c, 0x2, 0x7ff) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r3) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r4, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r6 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r5, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r5, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_RADAR_DETECT(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r4, 0x300, 0x70bd27, 0x8, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x7, 0x6b}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xffff8000}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3c}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x557a24e99bca3002) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) tgkill(r0, r0, 0x1b) fork() [ 609.657636] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(3) [ 609.663495] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 609.672785] vhci_hcd: connection closed [ 609.674196] vhci_hcd: stop threads [ 609.681737] vhci_hcd: release socket [ 609.705181] vhci_hcd: disconnect device 04:18:37 executing program 5: r0 = socket(0x11, 0x0, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:37 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00', r0) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x38, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private0}, @NLBL_MGMT_A_DOMAIN={0xffffffffffffff0a, 0x1, ',*+\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x4045) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x50, r1, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_DOMAIN={0xc, 0x1, '\\{\x1f]%8{\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', r3) r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000540)='NLBL_MGMT\x00', r2) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f0000000600)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r4, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x40004d0}, 0xc0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000400)='NLBL_MGMT\x00', r2) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x3040000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) sendmsg$NLBL_MGMT_C_PROTOCOLS(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r1, 0x420, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x4000000) fork() 04:18:37 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) 04:18:37 executing program 3: socket(0x26, 0xa, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xb) 04:18:37 executing program 0: r0 = socket(0x11, 0x3, 0x6) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r2, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x137}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x2000) [ 609.866322] Bluetooth: hci3 command 0x0401 tx timeout 04:18:37 executing program 5: r0 = socket(0x11, 0x0, 0x0) recvfrom$x25(r0, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:37 executing program 2: r0 = fork() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = socket(0x2c, 0x2, 0x7ff) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r3) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r4, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r6 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r5, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r5, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_RADAR_DETECT(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r4, 0x300, 0x70bd27, 0x8, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x7, 0x6b}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xffff8000}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3c}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x557a24e99bca3002) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) tgkill(r0, r0, 0x1b) fork() 04:18:37 executing program 3: socket(0x2, 0x5, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000000c0)={r0, 0xffffffffffffffff, &(0x7f0000000000)=""/178}, 0x20) 04:18:37 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) r2 = socket(0x0, 0x3, 0x6) bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0x1}, 0x6) 04:18:37 executing program 5: socket(0x11, 0x3, 0x0) recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:37 executing program 1: fork() r0 = getpid() tgkill(0x0, r0, 0x0) getpid() r1 = getpid() r2 = gettid() r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) tgkill(0xffffffffffffffff, r2, 0x2e) getpid() r4 = getpid() tgkill(0x0, r4, 0xfffffffe) tgkill(r4, r1, 0x3a) tgkill(r1, r0, 0x17) 04:18:37 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dlm_plock\x00', 0xc02, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000680)={@my=0x1, 0x2}) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000004c0)={&(0x7f00000001c0)="c080f116f5f2d85d88dd91ea16234c79a3d0eca129d5abcec7a9727a250836bcc782c37846bab6b967ac90992595978d57d8fb4ee7874452ab480e078ab3045002d192212cd8c9c99fa622320051216a1ffc97c56f0190951c42bf5089400ee6f0829eb26933fe821e48003db26888b6014cb751da144572281bcc509245e1ecec98f193f21020956a8707c953c09bc2673a2f5a70205576d1c75a56f9ac4aa2e990", &(0x7f0000000280)=""/219, &(0x7f0000000380)="dd13596ebf226b3dc844e0f78e402c551fb5347c6926494e860a511a", &(0x7f00000003c0)="e5b038a710f0164033499e7b19f1d405a5c1cd177bf68ad861483f3d19438ef0872cb417a116e469639498b52ef100660a817d9785d15b5b202f1205ee78e9bdbb9a7ff8925bb87a2f2e4e3c4e2e72ef2b11e8badc2df239f691fc26def3f237b6955516b49170a37388be6703a42130b431740bc6fca07f4abc6b084dd647e9a8dd24748be27e0a99eef216ec9de7ffa5d5b2bd935369ccfe39e1f2ebb47bb24fc41dc0bff12b5fe84a0380c01da016d0634d49c35204c53595e7e2", 0x6, r0, 0x4}, 0x38) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x80800, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c63616368653d6d6d61702c76657273696f6e3d3926c72aae399d9bb3e5"]) getsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xf, &(0x7f00000000c0)=""/227, &(0x7f0000000000)=0xe3) r2 = fork() getpgrp(r2) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r7 = openat$ubi_ctrl(0xffffffffffffff9c, 0xfffffffffffffffe, 0x400000, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r7, 0x0, 0x3, &(0x7f0000000640)=0x2, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) sendmsg$NL80211_CMD_RADAR_DETECT(r6, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x101}]}, 0x24}, 0x1, 0x0, 0x0, 0x200000c0}, 0x20000000) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x8}, 0x10) 04:18:37 executing program 5: socket(0x11, 0x3, 0x0) recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:37 executing program 1: r0 = fork() tgkill(r0, r0, 0x38) r1 = getpid() tgkill(0x0, r1, 0x0) getpgid(r1) 04:18:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00', r0) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x38, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private0}, @NLBL_MGMT_A_DOMAIN={0xffffffffffffff0a, 0x1, ',*+\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x4045) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x50, r1, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_DOMAIN={0xc, 0x1, '\\{\x1f]%8{\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', r3) r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000540)='NLBL_MGMT\x00', r2) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f0000000600)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r4, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x40004d0}, 0xc0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000400)='NLBL_MGMT\x00', r2) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x3040000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) sendmsg$NLBL_MGMT_C_PROTOCOLS(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r1, 0x420, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x4000000) fork() 04:18:37 executing program 3: socket(0x11, 0x3, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00', r1) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0x34}}, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x78, r2, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x10000}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x272}, @SEG6_ATTR_DST={0x14, 0x1, @local}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x3f]}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x3ff, 0x7, 0x4]}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7f}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x4, 0x101, 0x7fe00000]}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x78}}, 0x800) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000080)={r3, 0x1}) 04:18:37 executing program 5: socket(0x11, 0x3, 0x0) recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000)=""/56, 0x38, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:37 executing program 1: r0 = fork() r1 = getpgrp(r0) r2 = getpid() tgkill(0x0, r2, 0x0) r3 = getpgid(r0) tgkill(r1, r3, 0x5) 04:18:37 executing program 4: ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='tdn/=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00']) r0 = fork() r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCUDMATCHLEN(r1, 0x89e7, &(0x7f0000000080)={0x55}) getpgrp(r0) 04:18:37 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dlm_plock\x00', 0xc02, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000680)={@my=0x1, 0x2}) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000004c0)={&(0x7f00000001c0)="c080f116f5f2d85d88dd91ea16234c79a3d0eca129d5abcec7a9727a250836bcc782c37846bab6b967ac90992595978d57d8fb4ee7874452ab480e078ab3045002d192212cd8c9c99fa622320051216a1ffc97c56f0190951c42bf5089400ee6f0829eb26933fe821e48003db26888b6014cb751da144572281bcc509245e1ecec98f193f21020956a8707c953c09bc2673a2f5a70205576d1c75a56f9ac4aa2e990", &(0x7f0000000280)=""/219, &(0x7f0000000380)="dd13596ebf226b3dc844e0f78e402c551fb5347c6926494e860a511a", &(0x7f00000003c0)="e5b038a710f0164033499e7b19f1d405a5c1cd177bf68ad861483f3d19438ef0872cb417a116e469639498b52ef100660a817d9785d15b5b202f1205ee78e9bdbb9a7ff8925bb87a2f2e4e3c4e2e72ef2b11e8badc2df239f691fc26def3f237b6955516b49170a37388be6703a42130b431740bc6fca07f4abc6b084dd647e9a8dd24748be27e0a99eef216ec9de7ffa5d5b2bd935369ccfe39e1f2ebb47bb24fc41dc0bff12b5fe84a0380c01da016d0634d49c35204c53595e7e2", 0x6, r0, 0x4}, 0x38) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x80800, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c63616368653d6d6d61702c76657273696f6e3d3926c72aae399d9bb3e5"]) getsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xf, &(0x7f00000000c0)=""/227, &(0x7f0000000000)=0xe3) r2 = fork() getpgrp(r2) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r7 = openat$ubi_ctrl(0xffffffffffffff9c, 0xfffffffffffffffe, 0x400000, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r7, 0x0, 0x3, &(0x7f0000000640)=0x2, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r6) sendmsg$NL80211_CMD_RADAR_DETECT(r6, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x101}]}, 0x24}, 0x1, 0x0, 0x0, 0x200000c0}, 0x20000000) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x8}, 0x10) 04:18:38 executing program 0: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000040)={0x0, 0x5d3f, 0x0, 0x4000, r0}) pipe2$9p(&(0x7f0000000080), 0x80000) socket(0x11, 0x3, 0x6) 04:18:38 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, 0x0, 0x0, 0x2000, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:38 executing program 3: r0 = socket(0x21, 0x3, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x20000, 0x0) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x3293d7ef00eecb05) recvfrom$phonet(r0, &(0x7f0000000000)=""/226, 0xe2, 0x40, &(0x7f0000000100)={0x23, 0x3f, 0x9, 0xec}, 0x10) r2 = syz_open_dev$mouse(&(0x7f0000000380)='/dev/input/mouse#\x00', 0x0, 0x2a683) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400)='nl80211\x00', r0) sendmsg$NL80211_CMD_PROBE_CLIENT(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x20, r3, 0x10, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x20000020) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r4) bind$phonet(r4, &(0x7f0000000500)={0x23, 0x4, 0x40}, 0x10) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000340)={r1, &(0x7f0000000280)="fc9a9f5001295845429e2895ba4cad9f7348a8a89ce2a2eb4345b293e1509a4598d74d6c29cd3d5aba0551dac1bdf4507b64d483fd3cc4fabbd3ca11d570ad6c3fc393eb6579d860539fba89cdbb401b0a4f90b4d6aa7241777d67f5b31b0d7f4e2525e1bae5abb83f3c30af9424a67f6766513e2579e77057e04ef622adfd8c93dc5529edc476490fe243b978c037813ade4190272bb6287dc2eb0965572ae8c905ed2ce6da0a8bbcdc97525a05d99b6622321c223664f3adbfd3bf"}, 0x20) 04:18:38 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000000)={0x9, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x2, 0x2, 0x5, 0xa, 0x9, 0x5, "954d746d"}, 0x4, 0x0, @fd, 0xfb}) 04:18:38 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x940038, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:38 executing program 2: socket(0x2, 0x5, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000000c0)={r0, 0xffffffffffffffff, &(0x7f0000000000)=""/178}, 0x20) 04:18:38 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:38 executing program 3: socket(0x11, 0x3, 0x0) socket(0x2c, 0x2, 0x101) 04:18:38 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) r2 = socket(0x0, 0x3, 0x6) bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0x1}, 0x6) 04:18:38 executing program 1: r0 = fork() getpgrp(r0) r1 = getpid() tgkill(0x0, r1, 0x0) r2 = getpgid(r1) tgkill(r2, 0xffffffffffffffff, 0x40) ptrace$peekuser(0x3, r0, 0x7) 04:18:38 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x88, r1, 0x300, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x5, 0x16}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000890) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:38 executing program 0: ioctl$vim2m_VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, &(0x7f0000000000)) socket(0x11, 0x3, 0x6) 04:18:38 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) ioctl$SIOCPNGETOBJECT(r3, 0x89e0, &(0x7f0000000040)=0x9) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000340)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000008c0)={0x28, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x3, 0x3b}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4008840}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000940)=ANY=[@ANYBLOB="600001005c075775b787a8af2ce2e09361240ca628197e04f1475a73789b63245f5b619e25362347c4b5a3f7f72594ada7babfd33988e561854cee7c4b5abd2e94598b9c6cf438a94cec2cef0ef3b027ecc111ec4d2a889e0c88468c6e2fa4d815213b6096c331b2b43e2f9ad1c042585d3c3347bd304959071633a806bf9c8edd57b750beb3aa919be2a3f9fdb7fa72c3d3b2b6ec06d6f64d51bdf004f737681ca7b32dc2e7a41e59d9849571e382c8a212efdc7a587044bf52597137c4bf57aef661bfc1a803ab08050c643c6a839f5d", @ANYRES16=0x0, @ANYBLOB="00022cbd7000fddbdf255e00000008000300", @ANYRES32=r4, @ANYBLOB="0c00990081000000420000000500190106000000050018010d0000000800a0008000000005001801070000000800a1000002000005001901070000000500180138000000"], 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="7c020000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fcdbdf094f00fc00080003009af8f34869819b9a66de6d8e6a8a6db1f0a14080c093a0699d8c3b13d8910ef7dcf9e81c616081c62083b9809c5dee1e3fddc3449592a03a6f9e7dc24ece41e3fb0109b78b85ee8fab4e9dd9a867b326e646e74508027017a84bdacbab76e9266fb68cf2adad9568b5107eb9ba8c464cb26ff903f9ead9a4dd0ef4f3c0fdb69a30abe00490ae979a9fcba3f19ad16da400a8616d5ab76c994f6386727272d66af160090eb774dd27ff88eecb8c04e95a455d51ab393b079b3f98643297e1871e1d62537bfaadf75cdeb310ada43fbc99d1a7f75c44c36dbf0a1a5f7eb99e157d1a49e07b1aaad90526ceb52e5400c9520a4bbaee37ac797faa8263b62fd19644a9086a4b946ebdf3972890936170a49c8ac907cb8bcd760bc5b0e3eb7601a6f379bbc9fe04613411dce4d20137458307da44af88e29cdbbd466208303140dddea6f14d1c5c1212902df5023dd4f8031d9cfa102348f56e7cb49354868fe7bdb7c5d1414d925504a559", @ANYRES32=r4, @ANYBLOB="0c00990000f0ffff5e00000068007a800c0003001474300b2ffc676108000400050000001400020018392205d826a8c71040e0c1b4187a780c000300f9ea277e3014f2cb08000400ffffffff1c000200c71230b52aea483187793da708b5bfbbbd9d2882217a857c0c0003006caec63cb4b6b9ccc4007a801c0002000a8fb9eaaa8a31431c835c63496980d54e5708e53f6fd88614000200263cc31e90524b46cc6a225817eb77fa0800040005000000240001001848759e6349529fc3d1d55caf8f85bb58782f9badd1d489a5f3e819b772335d1c00020085eba62daddf4f7c36a0dbacad8158b7dc0026c911b5ff700c00030044860835d0cd006c14000200cc58a15822f38b2b94488187ef68bcfb1c00020023b6b9d1210b7f44be7fd4191da6c73b135529f555cae3d20c0003006732299fcd88fee234007a802400010096db69cd0727f9e367de0c5e1e7a1ae6c0e37933b5afc9a31979442b7a8dcf760c000300aab01422e212d32230007a80080004000080000024000100ae167fd3ad9da3df6df0592a5165d95665c7fc806af34ffca14da8e446e162fe8c007a800c00030029956d45dc3756121400010088db18fe97480e444fa0e4bf9bef4912080004000500000008000400090000000c00030032337662d9fe755e140002007cb5be301b3e1dd9a260807bce733b3b24000100e42fc7c7c9cb561a9b5c6d3c3348403fa4ffbe308416f3dbaf26f26efd48e236140001004a7f3016b660b441b809115007e61b2b38007a801400010012121c8ae4e485c7422b27a1a52e4b300c0003003986b99d605ee8f9140002008f56b42e5a05ba763a1cc572fbb93b35"], 0x27c}, 0x1, 0x0, 0x0, 0x4}, 0x2c008000) 04:18:38 executing program 3: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000080)={0x200, 0x2, 0x4, 0x3, 0x7fffffff, {r0, r1/1000+60000}, {0x1, 0x4, 0x8, 0x1, 0x36, 0x80, "cd2b6fdf"}, 0x7fff, 0x2, @planes=&(0x7f0000000040)={0x1, 0x3, @userptr=0x3f, 0x4}, 0x9}) socket(0x11, 0x3, 0x0) 04:18:38 executing program 0: bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000040)="bf4d016e812053df0aebaca95c7d52a2cb50f07247846368770bc8cf4b35635419c45e4835bd345318f5dac77067e20f288d3675d505a675ee5ca5064adb48f3ab9bac52470b09f3da02ed95e6f6776459bb9739e59b01a4996f85", &(0x7f00000000c0)=""/235, 0x4}, 0x20) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000200)='/dev/fb0\x00', 0x420540, 0x0) socket(0x11, 0x3, 0x6) 04:18:38 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x48, r1, 0x100, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x55}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xfffffff8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1699}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9b4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xba}]]}, 0x48}}, 0x20008044) fork() 04:18:38 executing program 3: socket(0x4, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) write$usbip_server(r1, &(0x7f0000000080)=@ret_unlink={{0x4, 0x6, 0x0, 0x1, 0x9}, {0x2}}, 0x30) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0x4, 0x4, "22d06c", 0x20, 0x6b}) 04:18:38 executing program 1: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0xde) tgkill(r0, r0, 0x1b) [ 611.613395] Bluetooth: hci0 command 0x0401 tx timeout 04:18:39 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:39 executing program 0: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000000)={@remote={[], 0x3}, 0x0, 'nr0\x00'}) ioctl$SIOCPNGETOBJECT(0xffffffffffffffff, 0x89e0, &(0x7f0000000100)=0x8f) [ 611.933397] Bluetooth: hci3 command 0x0401 tx timeout 04:18:39 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) r2 = socket(0x0, 0x3, 0x6) bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0x1}, 0x6) 04:18:39 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00', r0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_INTERFACE(r5, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000780)={0xffffffffffffffb2, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x24004087) sendmsg$NL80211_CMD_RADAR_DETECT(r2, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r1, 0x969533235907d82, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x1, 0x12}}}}, [@NL80211_ATTR_REKEY_DATA={0x20, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x9}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="779169d3543b8e53becf1335ea842509"}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x4040800) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r6 = syz_open_dev$mouse(&(0x7f0000000500)='/dev/input/mouse#\x00', 0xfffffffffffffffd, 0x0) ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000540)={0x1, 0x0, @ioapic={0x10000, 0x8001, 0xc0, 0x9, 0x0, [{0x40, 0x35, 0x6, [], 0xff}, {0xf2, 0x3f, 0x0, [], 0x80}, {0x5, 0xcc, 0xca, [], 0xdc}, {0x8, 0x1f, 0x80, [], 0x8}, {0x3, 0x0, 0xbf, [], 0x1}, {0x0, 0x8, 0x9, [], 0x3}, {0x1, 0x7f, 0x64, [], 0x8}, {0x5, 0x1, 0x3f, [], 0x1f}, {0x8, 0x0, 0x5, [], 0x1}, {0x7, 0xff, 0x1, [], 0xba}, {0x4, 0x4, 0x7, [], 0x2}, {0x1, 0x5, 0x4, [], 0x7}, {0x81, 0x1, 0x0, [], 0xb8}, {0x2, 0x7, 0x9, [], 0x6}, {0x40, 0x61, 0x0, [], 0x20}, {0xff, 0x7f, 0x7, [], 0x5}, {0x7, 0xc4, 0x1, [], 0x85}, {0x2, 0x8, 0x3f}, {0x94, 0x5, 0x54, [], 0xf8}, {0x1f, 0x4, 0x4, [], 0x7}, {0x4, 0x8, 0x6, [], 0x9}, {0x0, 0x4, 0x7f}, {0x1, 0x7, 0x80, [], 0xd8}, {0x24, 0x3f, 0x0, [], 0x1f}]}}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2, 0x10000, 0x8, 0x6000}) getitimer(0x0, &(0x7f0000000000)) 04:18:39 executing program 3: socket(0x11, 0x3, 0x0) syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x1, 0x80040) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x47}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x52}]}, 0x30}, 0x1, 0x0, 0x0, 0x4041}, 0x1) 04:18:39 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = socket(0x26, 0x80000, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, 0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:39 executing program 0: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000001c0)=@bpf_tracing={0x1a, 0x1, &(0x7f0000000040)=@raw=[@jmp={0x5, 0x1, 0xc, 0x1, 0xa, 0xc0, 0xfffffffffffffffc}], &(0x7f0000000080)='syzkaller\x00', 0x400, 0x63, &(0x7f00000000c0)=""/99, 0x40f00, 0x9, [], 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x1, 0xb, 0x101}, 0x10, 0x15dd9}, 0x78) r0 = socket(0x11, 0x3, 0x7ff) getsockopt$PNPIPE_INITSTATE(r0, 0x113, 0x4, &(0x7f0000000240), &(0x7f0000000280)=0x4) connect$can_bcm(r0, &(0x7f0000000000), 0x10) 04:18:39 executing program 3: r0 = syz_open_dev$mouse(&(0x7f00000002c0)='/dev/input/mouse#\x00', 0x7, 0x400400) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000140)="66b8ffb24d870f23d80f21f86635400000c00f23f864660f38300f260f22a266b9a003000066b80991000066ba000000000f30c4c3bdcf54003bbaf80c66b8a4fbdc8466efbafc0c66b8fe1a0000640f00d60f01cf660f32f3af0f5102", 0x5d}], 0x1, 0x16, &(0x7f0000000100)=[@flags={0x3, 0x840}], 0x58) r1 = userfaultfd(0x80000) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000ff8000/0x2000)=nil, 0x2000}, 0x1}) r2 = socket(0x11, 0x80800, 0x3) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', 0xffffffffffffffff) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)={0x11, 0x8000, 0x5, 0x1, 0x0, r3, 0x4, [], 0x0, r3, 0x5, 0x2, 0x2}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000004c0)={r4, &(0x7f00000003c0)="0b260aef728f2f07bd5b116a0aa3f2072e42caecc65588ef27c340dd39", &(0x7f0000000400)=""/134, 0x4}, 0x20) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000040)=""/31) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0)='SEG6\x00', r2) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000c472b02e96677d7481d56dedfd891e14e70ba3e3e071c4bf004db302c67240f0b45219feaa19ea227d541e14acf5f986db15c83e9c79f9866d9c3d9d12e120", @ANYRES16=r5, @ANYBLOB="000425bd7000fcdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040000) 04:18:39 executing program 1: recvfrom$x25(0xffffffffffffffff, &(0x7f0000000040)=""/204, 0xcc, 0x100, &(0x7f0000000140)={0x9, @null=' \x00'}, 0x12) r0 = fork() tgkill(r0, r0, 0x8001f) r1 = getpid() ptrace$peekuser(0x3, r1, 0x4) tgkill(0x0, r1, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x6) 04:18:39 executing program 0: socket(0x11, 0x3, 0x6) socketpair(0x1a, 0x800, 0x4, &(0x7f0000000000)) 04:18:39 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c7766646e6f3d88a30333bf99a75e4207bc5fcf323b8d580e9bfa38a370d46512db6f3d77", @ANYRESHEX, @ANYBLOB="2c63616368653d6c6f6f73652c616e616d653d2c64656275673d3078303030303030303030303030303030302c6e6f6465766d61702c66736e616d653d2c0071170caac4db98f8cef54101c94774be282ba6a66f7d11e81a301d5d969e6fdf52a84a1ccb1a6f8b8adaa71c618e9ef4690e32b451828e22bb3b4c9a1425e797f7215159f12f03e5284f0be32bf97e20427f71b6cecf5541b2141ee159d5693db309000000000000004f603d439dc7ed6fa875d6d64ffbc7c2c56edc816267aa49e23d730ed8fef2f749196f099d3b56eb0548b412ae4610a70189971ee1d5dd81d6c9936a4b866d1d363397df09b7971fbe1950b13868fb23fd39de2bb21060d3c038e2212553d99ce5b3e1f45a3eba343595d04fd035dc2fd8031d02de58ebf4ecde8147ea8b8cd05ff6abbbfad2dd8490e20004d94415f9092a93a7a51050dda9f87a36e37fac23b9e845c923f4719ec0078196b5025f97edb6266f9cc990ec1fd41c78"]) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r0) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x10000c}, 0xc, &(0x7f0000000980)={&(0x7f0000000a00)={0x2040, r1, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x18, 0x45, "6ae3db9069b40a1eeee7d4bf5708f33c357f0490"}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "2eb4ecd494d1cb0f12484ef290f745d1fb06b419a8d76d5e2475e23d49aa945486ca4413be6c7fcdef85fa1b0b2d5d2cf02f01680a2890bc1d55f590e3a87f2c5b7df571482ea172b304af41fba2f738376acdc7aa72e0b75561fea4c4d7d66b8e92ee136a940ecdb7e01ea5103a99753844308a35d4f88e05d299fc8c55e9eba83baa0285d434e60eb745747dcb75808e7d2779bc5ce172eb17608e16b80fd4e36b585a650a99924545da4a7c466aaf91bc9bb7eb73a76af6674b021062efd0f8215004b936986604eda6ae9313ed93de29318d9bcc21459d855238df0a478b716faa00477406ca4060df39e2fdce3480608e27830cdb3f325d4a4904224b784ace78a4a8c8ae1b00ebded33a5754a1222cd3b4c8fda1a96764129b6664e7dfc78e46cfe4c83286fe21803fc9297e036e5d27482dc49e17bb6dac985dcf49353e2fff492beb6b195d122db67712e97df1c074fdac6a2115a42c9b1ac3973ab3e1fb43c7a3edcebe525738cc728e26ffab9168fd3ce6dede409dd2f507c3e4c7241d70dfdac5bca0ee552e70fc0335890afdbd7dcf36eef3d318321bca7cca902e20019f0a76a5d5b1f4c73bbed06588f01bf3b7bea77280fbdbfc5be6467eac80d946b302974961ad64328f1a32f85bbd4cd8664f1b798747dcb590623b435a9227688818969bf97471b8341d927eec4ad66ece17d7cfdd072d87fc3bbe3af901060f35b2e7ea624d64ff297b2ed75db48ebb8a2f02d255985221fdbac651bf019d2cd1d4a85a5e6541fec7746607376f68dc7fbd8c6c1d819f2365df6b045c9c1cdc295d98a77aa82521b6b74bb61ef59537f286616b6fa97f9dbb7abdd71731de9409ce7879335df21e2c11096836ba9615eb9e114cf2333494817606e2adc9efa42669bbb3cd643ab9de2364efd5f626857b076a82d9f5e4e612197c2f9006006f05ab70a9a1f883592dbec2b402fbfbe7ac12ea2efa36af998b12953bf41bde2f5d4ccd7529601a800d957fbbb6f1b1647b88fb254f344661bee5041da096674e5e3a8302873f8d51335bd7bcd1d7baa124e5f9098611d500cfed2c666157a230d4d8b16a1522e1780442a66dcbb59cbdfaa85952e0c999670f8c6bfed07f059375c1c869d7433e00b510a75a30e8322ac89ef6edf7e4b87aded1bbf279a71a6924f3c356ad7d60d80563ae9f85bd2a445f3538d8dad7f26e26d903c300ec6d3adfbb357d6c5b8852d713cf5ffa4305925c067021e0986f8e8490f9e930c50066f9b4d0984b14b4735eabf509510af038d2eb07d36f3b10d316ad6c9a2e05f56fb1677384dfec239b5d2402f921507bfd1c70cc864dcd949d1dc4f97596fd3ec28b9ae0a981526f7b0b193994e78583dc6b442bacb5c7330f87d07a46dfd461903e41459b14a462b75ec21a8d279e54e51e942977d6a071a91caf2668eaf1d95aab9b8aceba7bd810be9f53b5567d4a5aef7b4a3165f01f3c5e4ac052eda4fb50bf91f2baff45fc29824284c6bc1c576be2913a50b0b4f9cf63f15402ed5750bb435e39f061689cec97704fa73c4f16e880fbc3a15dda055c13c39da7a18bcd5ff6471f9b253fd71cea55b161788ea8f86ae28e8b15be7d850c9d648e609770d6670561ce8722963702eb98315898a17f238621ed19ea371a53c9af52a66ee71a966b93817b955dc78b62648b8fc43de8f612d2e32e5f89de151afb192a00e585cc94ea00e340ecc0af272d2f2f2c122a609de6d3ddb5e6f1f212fce65ed62aaa4527f8f910ef801233ecc0503d055add98a9c31f91f88a75d0daf2ab94270d59908e3dca705afa9f67de632863e5d9856c96ca85056a14642353db47d135ada8a6bdf173927f702dd2dd0577439e0877d9bbb741ef46a7ba0e865f255d246bb5a66593c28f3e052c2b3bad26d9a7f874a03c68c00136696bdac4d7b1ffdf80eac03165d8c43f53099eba31695d3d48c708509a0064bfa6e7a9555481e07e221db9324b65ce53bf3296b4f8947692c238745ef358b23f9c7508bedd11d87201c573e7dcce6b79c23d7e02693410d0b2474fcf436d596e0383a18e256478fdfe1da32c8f3e3eb6b160f1e479f55d2f92428b3cb6cb9853cf7151a8105ef42f920cde303531e89229459ce81c4df14f0ffd954dfb683421c396bf9f86ef5632750c440c2da30bb493e799d3d414fb0f2529ca5d158b9804f817646153f925a2a8641f4d3f4bd774e6207e5ce8c2cc541119ecd269a63bc58ff8fe4d24e54ca52f46b91e56cbe652fe057d281487c4b109894acfdd6a6200e721dc51a39818b202a4102b0b223cda46270b2d7a2d2f4a3a6f660a63cbc8e47cb1535f0c1e0e588e0859fb0b9a4560e828292e1c109e38e904aef482fc1ac8232323ebb6e5ecc64e0597ae4e54c14f2c34e658661961ee5b82c136883aa970d6d6011ca90ac0dd30a98f6f6a69ac308aeed952ef9ef321f569ff31b7a5fdbb3cbefe5672da8dcd06fa47ec0b3ded2f8ad15ce9da69f696aeb592ff1e4e1b20ad7d0e4c3ac2bbd869a56829cf77fd91e84ef8232b16b3931a6c1f17ef5b029493a90295ecfe14e195f2beb45df8cc84c4a73f9190832638cd080106211d01be66d8327a434699f7ff5740e5cb7a96bbd8c2e5bf9d62eba782c8ef7d3de7c470c7cee06fd3a8afd10b991888994dc45c9f4f003f79077ef1386f3adab0108d503e697be6744b63ddf2e02d577ef54b39114e8f59d74fbd16d067c3113dfae0ec1bf7af8954793409ee906a42b6113b1ff54e5ed111908de53bef42ff6f4f8b2abb06f9bd0a65f9e1d91bb4270f4d7afc7a75903285074808a439f9296fcf29531733442ed3d01c153eae9b4b9786f9bdeed373f6eae86d4f067b583a45be7d89a493903afbb2dbf85c229d6fce89c8de5d2b8077814a926d20b875ac9628e501158adc1e88a313b2b0be98af562e11b4f5848d7c8b4a2ea723202e757ff54b9bf615504fef85b2b844ab39373809af2a0303c14ec73595a9f495a53c4dff9b595197626baef39460b3c7d41d20489c585860a2b483cfb8d5fbd5f72d143151bc7403b054399faa265658bd7a2587857370bdc664a941a075f6dfb396fdb9bbda320f9cb43e24f4ed5d898619dc234cdff2991fc311182b3d93386047ac18122241d1a0016929438f894c1a4d22ab29d252c63373eb3aaf33513f2617f3d831f6aeced59d519460d711fe3404c3b52f117b4162603e7109061aeda31d48b14e1ce011be29dcd7afbb559e29a68f070da9bd8aecf7535ca1377a1e5826a977fa9fb55f4729824127c317af28df15435970efeedcccbd7cc4081bb0ef4f5453ea4e73f3db0056181735a16a0d3ab36c24d66d53ff2ab8e61c616ed7ab578653295ca8124ffb10830dfe4e5cbe74b34a9084a74abb8d826287afcdd3dfc47923dd2f015bf68fb398b04dc7ba8a5426e0b61663b39541d760d8772e575fde972646eb4ca3370aaa4238a0cc37c47e109475939d17ce391629cb77b54d06c301a19413add308f36cc0ea36d7acc0fa957075b17242111909e71b7bfec426cb5daffb683cceada8bf4e17a2147e96a40c3e1143453e27acec0fab303ed50f71ffa4a14b082bcab6da737bf7978430592f83d1436b3ee2d0b969bcebaa979e99f61b31c9afb647f75d4d3e7b522f456873247475144692cd30cb4accfc10d998ae3e9670a4331cb09cda9103b7b7fc86d64d10d821e6eac6e8c3681eb0f9a553f830f6c869fe8dfbdd94df78830c4679e14e328788288ad146a3f12eb7c408549d984ba50e846844319514376d668235f28bd8d2b48ed881d9e23fd46ef62f094a727cac2cb40285c68a191c22688f97e8475149ee0df1ff3f40eb2c357173127dacedc62bff837d2dab8a7f3f8a6b270c9df9ec7450878cc32596e50ccfd9d42ce72ce9b522964ab9b30e71d4bc3e4c53e2236c25033257e960c30d81c715945ec7194453e1f265d1e1fd09bac5eeec954b8394e428efdbce05b10e2ff7ccdc7141a613150b3f4cfafcf84637c5e4c0441fed8490e22a33310d808fba78463840a51a2343e9e3e36290a25bcb31159d4dde5011b206935b21a6e1abf15ad444382469f0e9df10c69d987fbdbcdaa0345a06dab45356f5e1577fcb5a97dc32f0f1dceee7e6d0520c136e6608dddfa31e98f6093b94ea5025c0f59e30e85db5d688dcd94cc68f8f2f99f117e13f7c30e3766e48e9002cdfbb6ce2eb87f4cebf15ea12a4fa5b3e0902824d3e3a89f4e6265c0e309511e78d05dfb45a57521e4ee44beaccfa486adf3b2574735da0962300b5e2fe909c4b636eaa912a3dc9339bd67399cd6f0f5d0ddd992200904546452628d35bb65c221b098f9c59b356c189f08d295f3167ed1b5b9cb83b89bbf0f1614de6f21855262449341578f70a5d90427040882a533d8ae98148af940e511d527752e860616a96d0f30dc1e030dba31442ef2a593c7dbc6dcf9d9d783021b404c80968d42eccafc92f5a832a555a7396508ccf896a9b4d522e96fa1e89dd44a5146651022e789e83d75d3a6219b777525d2e67ad6fb19aed0052f956e7e4e48b2498b5fa32b15577f3020fc7dae4d029146c37b2e78d27bc4f4b5b6f933a48a0631d9a2c22e60f4fa5737bf6fe924983bfa8b43e19792bbe9bf4ecc7bdd553416f23bd808920ecb81d6448e254d0a06e72318f2a459fd12af8c4ae4da558ca831dc4e3bc7d015c4c1d854f3602b958c3d2169a86b6df9f48b4191c983dc2e8958d8616d481ef7ade81329e475894c51d497ad0a83aec71defc42864cb349aae32494adae2d8695744a4556315c23e67c1a90963b4154d067b2f0167ca61fc73860c5830f812b598a7380accd70fcfe25456e1d7de06e18aac628a0baef391bb7b63e115f6c95ce7e5fae25b596cf16854b2f8995ec115c001479b906932e54c530ad3f19b3030dbc93e1feeab0bc281cb08d899ed94278f31072c0cba17a192b2fee208b08dc6e7f3c1ba6f24cc62a397d520581fd75f222bd0b7b59d6a2b0e179c8e448286a9fecb43924d42573acdb1e486f8310184f85a93445875f85b316ddba1b8f56245b3d0de44ba21b646db596c2be3ffa8603de9a5cc0d82ae8e0b5d102abab6e43e47efc0e716fb68ca733805a815e3f612a9f52f5903ede7c957b00470b6df39e5a1c6f277f50804e1f1d7df204bc0b3b632f964ad69c78a1490f4f7547f25d5c5d60040ba46d3d2f105561bff7eafc9d87f543ae0a67be625e4b0c388672a305b74cbf3e20ab18807b8cf83e68649df77f4fc70e433406b4228dd7338febff83e2500dd55aeae1374296b45b067c967071dc5a315a2e0c64c0f1261962b86b890ca84d939c1526151169b7ff778b26562f9c1536392fcf916c3e9fce5433fa9bf8ca80f86e95104df40e0fe07553fac358a03ead8f0cb809ffd074d343a23565904388b9fc206c2faec783146d021c7ee0aa896953dfdc6305d1d330efe1250ad6a8521552bf6b746b9f5e8540c52599017f72e8d62f440ace16573ddb0b7f2b1947049bd7e50f7eea07ac9071500cc4c952e01d7424a84bd23de160ae81be678881b4e681d855d0641c25eafcfdd2fca4117921a4e22f25c49edc789479da777c0928e1f662fc8380a7c6dde0c15f14e3b48f468bd4f4c264a020a5ed96ea326cc9951e40a057ec303c1e6e6ed03fd0eb94412351010aa96fa25c376a88a8effbe45d06feca2a0a8a055f439642268433d2d0ee4e8c4f42ccc7a7c85ee421f4d48e4b3becd0ffe616b76d29634145569c0c443afe"}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "4ffa29560880ec813c9840c9e125b05dfe721de4ad59a0b548859d9b855adeb5a49f76df8bfe1dc62f5ca0a6079d8223d8b2ec56172c94b4ce6f28621c55e56842ce6930c585b6b997bdfba3f0e6ec5fc7c1eb23cfb1c37c4a22376ac294c7c2c71fc8746702d6362bc09088150169ffa09fa908c14622dd75beacc03586361ed1956a40b77ba120eb905b6fd65945f85dd7d3da0416cfffb920d4df91fe80eed14ad460b93053db0e960c2313dfe1932462f8d24d6102146bbab842a1fb80b26560cc2d9c30efa0e5918f301bfed1625322672630e53e92676dbc2c8956973de5b53a48ded1f311f19a660ccbcec406102dfcdba0449c9d8f70f2842173edeafd1463c427a7a9e29f25e03905fac780c2cc9199c7e4da1ddb6aa4a589d24bc9c0b6dda7f155a734525dabb3acef12dd2d30c6cc0e271354ff5f2c3112463d51780cac874fe2ad8c22637f76562a65c6de95c82d8865c36348a47505a2c15abfa269f651b412397c786a8f66198a18dc2fca3c4755128b408a0b9cf48ee7d49aee82c4b3df6a99382f352a202cd4e4bb5f96bb044236ee8af71ad5653dedb182d36856fff44c1a6ad69e2f52ca98ab1060225798290c107150323e57f650c14142a620605acf16e895430f89a6bd216aaf6332c9d2aeaa1145c7c1b4f5b9da49f7cdfcdea23a0e2089ca6a40ac301d751ea7154e2b9360399dc58e29706bef6af3a6172f4869d9badd2fc7dfb55e925b59cd5334afbce8cd34a02f89a8a856feeb4b748195ab42e01ca595af308f328f6003dd61dac3269682deaced7f7497db3c1151baa19c734f40cf5f1247c9b466b5b95102245b27e78b2526e4897ce6b4c007ebd0ad74e700fc896d572a531e5832bf4ea4aa54c88101160615c1f73fbc7ca5a9c84572d8bb9c2ab1a491110aac4cdad9dce0731f67a858974675113d2789c9c7808af9f08547f2bdc64b2a4d7943bf8c26b0b7c8648d0e09f2e7915b72302996be9b00423c31e0bb54585f4f62e1ebaee2a77dac8ca74104440fdcdcf2001aa4e94473ce96a2a037970e3ab13821caa701f47239c7415daafb3e2d1feebff207ce7f7e6e6ed0a9e8a20851fe13ccec7965914a7d4574957169db3611f7bc25faf0659f5ccd5fc3d04a877a0baa215271a566d33daa4ed9d21e06c7cd18459a4bbb33ced51730e9ea77bc447aa70839edf1fe3d3a03bf3354818535b4b17b197e78a9cd3ec60d6b5e2cdf50fda88052a1b2b58792c26ba02ef72a761cdf0f0f6640f952891adfadc9b304d3d56dec4271b8ef59c6d81bc85bc4eacf6283b8f86228bf8d0042cb28cfee70dbd81bbc51f64fe64d5c3929bdf76087a6eaefe33a104038ea3441cf1d74227cff6e8a3d6d71ecd12640cd48ced4493b2dfa3ee5a59e8d4d40b6dcc2d2613119f4983c89bc1ee72033fec5b077067485c0bc85a177ca9c4d0fdd106570b07494ea3e8010168b31da90efbea10e01def3ca9341b9ec4cd334a8331389841f1827fca1c15befeecc9e10b0a2952078c50462c402771e3014df74f4c775b8197f4f233cecbf5ae9764e930873dcbf125ae3abae6d4e2068365bd8f8173287120adf17910d7ecf4e2e35929b73673cf407d5364fe8f4f5d3365ef868ae6800505e865c057ce3ec71410320e80cf88c9b49279caf117f3efd135563a907a87adaa38d9e35183c0afb8684e6758c67f10c586a568f9823a822a4c4cd4e59c2971522b3a6ff1caf31debb95016b3557d532361abcbceb30e735b65eaae2dcf7fa72665b46d94618be827f016ca85e345918d742561b2105503da8e011b946b86e3e529fd23900442d9e7a5315746b1e6e639806ef5d6ea9a7d526311dcc209f5c635a3e432c742c68cff451e134db548dc82ef504efa2dbffd933406da65342ccb78700b59be5cd1f1f2587183b35241fb358ad6f12fcdec62868f5bd02d81dc5611bace2bf7b59c786fa81d91d6dada4f1ed40f10f4d3379bfb3ce9160fa3637877c81e0e0713b669b390a9ba2b6873b1f562654744b172ea8a410d93718f5e304578ea143b74b6d2ffb508f66683afcfb60d9414fb132bb83a554c2ad83f7c51eeca968ff10ebc45ad82b5690b9faf08e3f99d0860e2c1672d80e1f1b4be32189370aef29a92ea29f250f2582fda553be5c35bdc9923f7be6410d02af7386044889b21a71d873fba023f63d4ae303b0cfc6f989c21c3a556ed764885744889391df98757a9adc1a93a64d71ea15ef74a69f873881111acbf61c3508bdf6adb5bfe2238d40785ef9e7fa663e3257ca49413d47bc3b3c5c97bb6d356429a1a6d5944842ebef22126af703f9e47ca3e71ea355e53f237867a69bbaa2b4eca6f1ccbc19eae2b26b3d22465ec47f33f51aaffd8bdf45e3588f6b7a7aaefe62186fa1bb6f79634034a500a5f638184c14d8083ee7033c0e91d8b3a38bd448a699f04c07db786a4fce8080eab838ef3514c0ecccf322f950f306befbb9d09405f9ba4a4f159c9f4d69fb9e5875f8f62b14d77e6ab0d3b901a9e72bb5f488b92d2a777ff74cfb6bd6069c3b016a28838e1665935cb3e041b3958095a064f144960c7a19d3826cf9a6714e191104d8d0bdae1abac9ab9b5460ab8111d1f2502f4ee20f61da01e6617f9ad09d4af789dd66f250c68d01383eae45c99ba2c70b2084ebc5099ce11081bd7f6afa120f82aacf4710096d9a379f5a99cae7902920c6051b004a79e29812b44fe0379aec9cd7904134bafbb21dd9848e6b165687cb6ad276c2d236fd417a2ab078af910193ea33873823fa68de8b5f1ffbcd699bb43af069da3923eac9c2b768595eae2465f1b5543de13a47cd88b882483f34b84a98ea6c4c47684dd4036a8b59a1f80654734b8d34d9a1756911ea6498a342684f300f20f8dbd6f85116704c1617270683ef21672772dfd08e4b1c08c220e1552dd50685dc837f061bdf529e5adb6dccbb82fe90fd08586c53f307d288c0f11f23f41ca1d0a3f1d39ac5fd8e4d2136e118d32cf335cdbe10bfaff4bf15b6de57f93951edf6984f3f1caa17224169bf98045503889b94cf956ad29ef7d5d9d27697daee57daa1e8050fb23a36b45e8edd9b0bdbf48fa6e9011a1924ce1bd754cff559cd3ef7f39c1e3f5d51e3885210bdc6fec19dc0040f7eba7cb78748341cc766bc8bda5ccc6b3c53ceae7189f3d1628030ddd7887d8e092aed3b1f0ef41950d95298a720fafb242a7ff3f5a58e9ef8387e8e041c49d34893b85cfaf7d41ca604b78bba2fef491ad8aa458f653e9a7b809b45e72936c3d93560a84800baa3fb4f2a8812b42e4e583bdd1a9d88acd8194563eac672a877a2ff6bd3585d55943e60c07bb8db4c1df50ca05c0370e036e9164e09f31f3b53c48c9c6fe5b90316bf9a45fda4732d19b97c96b691fa162107db874fb681534b2f81d03f97b7e1cdb1dd9b627da16e173c8e1044ec11e7ddaa4755890812a34d8459705dbc488650df0deaedea566aa8d06299b3f56b65cedead5b4c1e0484f5d55deea31a7f2a191cdd4ae987a65ce51f0077fc22825a439f7135049ce3ca67a3dcae687959191cf128854bde21015f271cde3d1c57a9e1b5276a93cd611bac18fdae0e5e0cfb1569630af451d7534715c2bd69d4a989d6af90383fc3dd295728a637c9415dced94eb570051f214c218d9cedc801a7aedf08ed057ec6f4ee761be0f36062dcbc6522b12fd0360edaf64ca56af72df9555be9b1ab4eb0927cc28707f605f4a6b348851a256f01cff633a4dbfde886fce10a9aafbcac251753fda804999e78b1db6c4fdce10d2b3a0159660fd36f9a7225ad8834dc2c5f86fadb6b2f96e3ccad0206009e63f659ac0477e84a57feabdd7e6768b239dd23b8147a677f5758c8ac4abdc817fe4942b654c412807410e5833fc31e71e0d3851c76f150f29e6fd2fb54d1db795f8dde3ecccf765517e41dd7e8f7b7fc037adb840b027a4041ad58f3ab79d60ff5a88bc0fe3aec764f9296b01db8db6824a7b555e7d102927a44b108c5503c6c1c129c904966abf755a952342e30597f93488d9db0564b7ad70dd6f5c0feb85a85ac9fc0ef13a09bd3e906f17bb59da03f34ec80e2238a040164ef0215fb60a13d667d9fdb979a314c866a32402ec9215f0d983893d069048346e8409fdc59c437cf615365ab39851e36272589f4b2b2c6a77fd4b2a359d2e32cccef06640e49af9407aca3f0e70b8c9953ade4ec1d4ea7561694ffc90384ba3cb8aff33e02adb0de5150d2cdf7fe36e853dfcd52985066b5cb95028346e2c00cc8c751f0a1bad45e75f433b38061368a80b9d9fe183102689f828b5129e6b3d32ca327c704a2e9eed0452ddc6514f43619bec28a26325b13ad0fb6d498da1a6911c0ca39952652ac4e113b07d17a8e9cc70c4c64c17270b8f666f7ed42595fce036c502058dfca716a8ffdd77229b7f4647fd6762523ee530ebb6c08114fa932f50107e418a895900b3fc7f7e5476dd50d78d8c58c99e00144a6f7043ed2fa8de3380b8fe43a277e2ee559206c57cd85ed961fa8ca5e43fdc34fc9808b2ce68113e48baca6e183fdb55acbfe48c3ca1025224bf016ba975f27836e2af7de11803f07f5690642bea9260cc8a4a4016c403999b98dedbe5ad5f5a44e7ad2909caf9a2f4c1d2e795d92efccef69931a525a7eee75da247de633e470d09ee21644033883bfd99d7b275b15a4f9739c80e55fb1ab0b90793e7f0ca6e4c0955bbc6dbde2637b8aa1257b9ec901d4c8550ceb00ed5084e8ab76fad7c8c4038bf96fe960981bdd28de21004ff7c2366d435a3e7ca6eb64081c5c59a6f676917718b3d70fe710f9ac851acb79130df5587e60e13fe212bae34d3d4f4ae6f210ca895f8c1fded3c91532a9ac7d918e0ca3fb937c4dc21269650e7782b41cdf3ba59b4464a37bae95d803500be3beb3636a1b5f16ec728e99294ce5166f7d987d55034a27b9123b1dac91532014ff021b095c44647cb38035bf8b665056e1b9dc31a928475581d8761252258dbb285a4f8700f1c7c3d52423fed0f521dd67a170483b76461f4a85538423d412ede08760b7aa6fb098b01c6fdc2844d23df0156dfdf856bd9d0ea5ea0d3e291cd05d78b2b79392a5c09cb0b514db08da4733cc841aab1518b4c73f4126a27fd470ccfc7783ec30fa6a197119f559e08aa0d182135f54f62d6b20cdb269aa064a2aeb2352f78b0ceaf0cda99a1fdee02e7889cae28e3398caf300ac4b4f0a9fe99e5b21f9e24418fc532b2b388b88a262a2e4887b4ffc5a6280b91332c244d9e9ed4419b6aecf5238c9235124bbfbf1a31a9e2abb74bac4910bee7973b1d1e17621ae458f639d70203532eb00aa45725465bbf60659dc56d248b5bf0f19f9b3e47f3c3ada488976ad35eca08040719623510bf2dbdbb4e673daa860d0cae053f3d73832a0b80c06866c419675693ebb3339714eb25796bcf0f09fa686751fe6eef94ab8b911ff6596f637c732d8cc98ff1275abf38548304140efe8cde48e399ac91323351734fe7097a23d1966a389b2b8e09c9b5a9a313333edd94bb771803c9f44cbf6afe03a55de172b5e2ca72a13f10fabb9aeb4f8c9cc5449343c445a7ef8795d92379a1f98b8438595f6c50476b2625fadf3522d78946e085316ac88f259641af6bea93bd7096b1d1b4e1f9e7fe063d590ce62a6621fda1cfea9d6c76bb727948339d49c04741da85cc0ee202c5c14bf0f19c3298fff09fc013253f1efe5f3c79902ed59a3945a1e241d917c68015e77e0758ded1a28e3"}]}, 0x2040}, 0x1, 0x0, 0x0, 0x680440d0}, 0x8008) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r1, 0x400, 0x70bd29, 0x9, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x7fff, 0x15}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x10008004}, 0x2004884) fork() getpid() 04:18:39 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) tgkill(0x0, r0, 0x41) r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r1, r0, 0x26) 04:18:40 executing program 3: sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @broadcast}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc0c1}, 0x2000c800) socket(0x11, 0x3, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100)='NLBL_MGMT\x00', 0xffffffffffffffff) 04:18:40 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) 04:18:40 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00', r0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0x34}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r1, 0x200, 0x70bd27, 0x25dfdbff, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_SECRET={0x10, 0x4, [0xb6, 0x1f, 0x2]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20008000) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:40 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x8, 0x0) ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f0000000040)) socket(0x11, 0x3, 0x6) 04:18:40 executing program 1: r0 = fork() fork() tgkill(r0, r0, 0x1b) 04:18:40 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) r2 = socket(0x0, 0x3, 0x6) bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0x1}, 0x6) 04:18:40 executing program 3: ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e3, &(0x7f0000000000)="78a6e59c0985f4da7326138dda696c2f3c5953998fe5484105509a234bac8f5cf056ac7d65702b5d61e7df612e7d229105b546345ba6fcce50b43154f715097d9596e6fc8c4c51e7e06eb593ddcc150f663b9e0c905eea46a209a9e36880") socket(0x11, 0x3, 0x0) syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) 04:18:40 executing program 0: socket(0x26, 0x1, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000001240)='/dev/vmci\x00', 0x2, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x7, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000001200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000011c0)={&(0x7f0000000100)={0x1098, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x2}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x42e}}]}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x1044, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x5d52}}, {0x1008, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x1004, 0x1, "3c086ffa1d2537b10ac98b70dfdc09db9726eb9e620e398baefbb7ed659d858d803178c98da4df0fbf297534ddce513718886d6269e9e6532f9181a90499c6fa825d1c9af509b590a211898138c2a8d55165ca6148ae6c0f821ae77504c1e67e87ab1cc0c0ec79b696f0d452098ceb5f72629b1449b4d78679e4015d0e7188f6a4e5430a25b04c61a0b1b59f884f6a675a370f46a30e910017461c525af2bd6f38ac1a01c6d24d6373cbfceacb434d481d5d4e7bfdee356a472a8771c303756730d82479841ab8b28b469318be9b5a6e2f045cbf5ca63a425c959acb866d0047137a21229bc4e1d1cc926e176011bb116851ae8325c87b60c2140fd7645f8f81061650c9228436664c45b59778666dee46596b04687e4be473c1a843f48ce342266fbb66d62ff214f6fd26be8f5379928cae9880ca58c5f6b7d41df8ac9fabd0b1199bddfad4d19735709742cc3f26792719b59b424690a04f22dca0496eab882bde7160e300679e79eea4f371abcdedb417bed05e76f0998a10cf2d0422b2ae92bb76644d8b8646ba3928769a6248e25cbd25c264868290b104e56ed71bcdf1607c4a2567babc1a7ddfac1c22859d94934a3955d5d2ef34cfcfcffe94fed462d170cb3ff2ed387dc2529826e9d673fd33e748d158b72736e5939c7a70843e45da578797d43e268d9b3b8c0f1ceae65ded8fafe790aff2b8616826d211409479825cbec61a0a9409fb690d5baf9b60bdd0e658b00969b7e6464d8d6619c0a890ce71cb77f3e6e1b65f546c8ea63a06d35465295440ec5f588e9bcfa81e43760cb32292a70148578eb07e6507a4564dfd3f550635dc1016d6b6dbd450d8277262819714d2c07af79a69db93bc7c524a42af177dd46e1d8c169931db0991f6384d1e2de14c753e85b0c3ff45adfb555acb37001edf4e33dfb6d83be22c10615cca4078571acc191724a13b851d317ff11e562ade92d4d4c93f346454b0de0804243faf0afa414f888624a422d98a7f5d47c56c8514f4ca74b161c4b0a69872cc18e376f16d82a519c8e89a3224c9dbec997de99d2ba6663e3dd3b88de601d95a1f0a079076b9de1365845d52f2155e89b2d7d1d7bbb44f75dc3483dbd05e24039196f55fddcac11b422cd9654b01732ed7952a31271e2e283e4bfa1ff3fba781194d7588c51922bd2beafcb32fb9d954df5e61a5b8707da919a2c056c96733d85314901f28b91376621b6c724db64615b8bced9b7c500c5e6b5c111e88495f9470b16a7d530460328213c0ef6a5d0a88c5fcb7adaca43a343d85e0f8f14ca7260be5d2de19b420cb15266f7eaf6b36db84e4f51399605cb967477edbcf8cdd081dfdc88ac1933c72432dd858c55cabf6b83cfd80697031e81397f4d226fb3d2ef0023cd1d2a07b102feb8a3a4b09e05528d5093956f40436cacccd09093f97cc4c15c70f05e56280bb1d7fd4b06c9f6ded69435c6648a912e334545be6f0e9c15a22a211caa9edcd372fccaac5a6d1213778dec6b895f2f701d5c853d6d040b9092f1cc1066544bbc479d7093bdee2046fa8fd5d18750bda1e9310cfc4704d53d73b1c28c0c20487a583b01b0565c7f0a8396d40289171f9bdb0a8d28c0d5ed6e42a87648e6332c3bebfc9a0c5c24f33e9d6dbbebd3f63b8c01ee3680daed3173be78f5faff5fbc8e5bceae89c4799a56661eb08ba29cbf681f0fbc056d6dd985c1bf9c8d41358f72342db3b5822d620b7347a9cf8de1f520b7408e1e9bc94f915e61e4af5a7f6e2ac12dca1cd7c550965f1201b1f058031e96aceb64aad65ab95a12c24056f0b28d70652eb3b8931b52377f35ae4d9afa1b41f7130b3b970c4ac9d733e9eb5d1303788572de6664e3086c7a7b705941d9f2efbdf73423773e905ae6a4c485daebae09c08ed1db1bcd936f2cc47686ca4828e7c06be0b1538010f76397317f688705f7be602e423f9002aa813d8dc1037e1bb295e8079296858879e994b0be9adb3259615f3d4ff3c366c0f5bae83bc8c700eb8dfbc9b6d4469805f5ea0d7dffc8ea2bdd21321e603b2759d8d47cf2c9e156ba512b44fcf20edb9f68013c2cea02e11ed6248769cec965549b67619e072c35434616384b8b647d121b1cda05910a265cb64733ff44559f6cd93caee30dc34678d0bcdee75a361ee38cf39d03fd1955859e97d228188e9908bb4c6856229726f56e2217818914eb2eb01b5ed204cf2cf8d78368c5faf2901aa1dddafd09ee4c72b5a7d2924953f33c298795880a54c8ab9362a7c238c9cbf0fe7c1404c937987ada5112cb47d08effd02d22ccaed5f9f0e51b72aab82266a52d39fbcc0096ba5b3d7cdf3cee45322ccb9de82cadd6f1088d324264b4b9fd1656452e0fde1ae89eeeaebc415b8456688d16214c77750e9e6c21b9b7e72b3127ebc7715e2ba1b22b38c96836f3adaee92c64d0ad4b443981bc1181917c0c9262637a8a433c75ddebac0ee55d573d0c0dcae45d94ba330821dd52725d4eba01eaddf6e0d0312d1c148347122130b8041852c42c0eaf8c1f05175a715881a09c2d94189639b36528553193f540019e405895388d9dd5a4cb44b923a434f3849822d87fa940d725767d76f61f22159c40f1ff41385a6b24af7a4cd27fa7f2dfb3054deb77fd9b28fb7586f80d7e2cf223deb33ed304b756b7fd998e09b5e6aa17fe357e6abdc6ca27f103e05709a702fc3de9171558df040f3fce0bd3441fe6b1bca84bf72a0690c6aeffb165b9a35514d3cb1adaf8fb8c14a91db089d80eeee3833d039cfb94a06cdf0a4ce30d37f81294bf2d36d9e53199608b671ba7c6f6483016ba25e42b56f6df79b3b42816f4767c072429252e7edf4f3ae95ee910cdfe01c8b310165bbb2e861da7194693d6cff7c4eb74e0a92b48f935b555825c5811ececdfc6f5e0064670306c5773575d30043ec035703c94840e89b90dc40966e2ebbff6c694ba0ae8116ae17f2fa960a6a34fb2854a5b0d823cb4bae55377b4f91a2eae34361da19d70272bb9c9de01c33ff8daef7506e0ae8a1d6920160cc5fadf1b1b8505abee5c261fb11f82cac1d8c81984507f7ce3b2ff847cb651fc371d9e1bc4041f471b86c4e7a09e2c981322db344dc4018edf3c5a01a7839e836f46035fdf1fa43083f6ff0a308bc1b89deec3a05fc04bc19e9141ea7cf79b2f9ead4fdebae94770af8cc6ed6a93f9ed092313de0ed6d3bb1c5f8401bc2878d2141adcb125240740070dbdedf72aaa7d77368b17fa0f979b5a598ab7c75ef061c4feabcf3649a0825b4681c2adfc59200b414e41cd7d124a2997f291b1fdc38fe9cfa37ec91361f60a70201d7f1654f11574bdd00d9b70d7c23cb563dd4ebde9bb4b74aa2082b66767221583c6dc161b8bcd5bee5aace3c23ca6b4daa8843b7a7a3f57489f14a2da3f45d01e02a921b45d1e9007a8b96aaa77330559c3f6031752f4a147c2c53794f35139e5939ecbee4d391cdf441e6f33f685d3976758810c4b1860c6bc3b5f2a7a54c3521f25a090a73e093232e3d6faf881908d13e6726bc09c14321b0d8705f98fa5324176ae9e1bdc8656e413b85b7fef4ad2b0aeb3e0aeb5cb5fc528dd6481cb5f456775dbcdf6e7d5f79c2e1f8364b01b7e67cf299960fa638ea4e59438083963d79ac496e87469adc906102ed21bcbd1e8de45b35f784b67f877a1986940f901b645da04c80655c6c797ee31d0c549bb096c683722ff174d60e023e73c06584a5c7d13d284a9a310602f013be1a06057dae959387e2d78ba2bb5509cea08acd711322beb98aa8e6e278e1f41376e4ddf991bd6a298a738de96ce4d737592889de6c8f3af73be063453cd0d1035273015e4caf71680e76767cb138a3c00d176bd0f51312692cf8b114bb631424fc8f4622c723522769b765914c7488fb5572ea1519c96b1344488b598928a8a7ac8e91411e89372e5bbb9e84a6b035ad3e234c6fb70ed36c70379fa0923c6b7ac90dbdcf6c905f93b13fa47a517306ea38a53ca4c0a3987b77824aab35ee0b722c95a13d0df25f43595b43868b24d80ce5ee2a93c7cd832cc729c1966df4b6cb4c8c4facdeecebc18e2d316fbfb9f2e48ee8337b23406d5be597a2f376087cf4195910011ab6d75a773556256a9cf938738222305c7328933bf6bca87a8c7aab6720b3e890f05abd5585dfd274af0055bb78e5b5ebf70c7c80d5518dc224f1535a247fc6b2576dd5abf32a064e6836487573cc3ecb0e102a24e3345c267f75c68b7965165839caba0c226d3b050591b8195991274c5a3f97f853b7e01de21e2f6e85c7865479fbe1428e5d0786dca2f8ddc02cea7b0b471b01ec8993c68ca375169b5dc2e43f1e981df6440b64472e121f1543dfc1c799690791d3c7a88ee3b57251ad0de327ca548538c66c5c0e5f6a0b26e8c55577dc410022c0b2c7c6a9900ada9b569db20b8d1823dfbde9facafee70180a6233ba8ca300b8caa31a1b229308fa01af715d9036b8bcf8d41d04bfc77af9689ae64255ea11212e6866c891bf430a0b014b8a92017f275442394130ebbf83c1846313dda23b2f1595058cd0daa56297b7b6e6a3c6ef4ac608f0198b1b8dfca4698f07fb86fddf92cf76226514e7bf17ad35f95f302b086efb2304d165159ea783817f25462f205e51cf918079cf65322e4b783c90b853c24c4f4197858f86433158e7036c1a6d499d857dff56cde1e799aec73569177683acc694db18c816c52d5f6a84b91cf0aff6e786c2ba266380b0214ee03216c231f3b318a39285c66c7d74e3b0e9d10914f9504b50cf99c68074f8da637fd9fa76662fd73e8b456495264711e7bc5b8c471fa5475940ca5d1ec3783cf5a09d586dd1e388beace6c3460bd8f915085b537047c4d42789119eda47c0ea77fbae5999d0b5f786f091ec4687d98e47049d988e338d95f5f9a0ba41a0431f3cb075521b112433c5bf5ddd14cbce9c950d310e723680bf5b10ac9e1e5fd6f4bf7edc60263c9f09a99d471ab4deefcf2d1e9be59007c2cdcb43705427b6892d448d942c47a951d4fd47f82ac3e1af134049f5d13ff49b648749dd7be178a83631c2aecac23020fa05569381cea88aa179839c6d48fb9412fd92af197c48c9fb1b56dfe0a0f04ff318584338d856541ace656d84d41025a60f8beefe2bb40d22f7e9dfa17182b38fd93cc2687e31396a8a72486326df306738a8411192d92830a3c7209c328b9296795aa4f8492b3d0ecd6ebdd9d2f6c02edfd3b7c79178887e417884c229312dcb84d9e7adf421c5850a7a17b976063b5ef8349a574621b8825fd94299772dd03d847611bb2c856adfb24d794005352c46d6deb95f8c96295ec34dba39e29f3b3086d61a1528f4923ceec09ffad89d0530b8fca7521c005971c0ac35f027c958f3a97ad731d88ada56cf7facb9b15d2622bf92aa8fd27ac842da2f84cbda300e1680153671e56070a3cd3fa2319a3852860efd05ab3f0491e9e1949c0b686bf07578132156acfdc7ef414a773e427091d06cd7cd756713de80bb86c92fd11351cd2b9f12323f849b109f1247194f06f0b2d6a71eba021d087ec3a1f8cc0ffd641b7ff0cf064ee243bce9b0b7c0932a0265409fbe35b87a7a2d30e430ffdd960f63b1659a2435065c39681271a9bb898c8e8b1ea06822ecfc2904d4648e1fa5ed79da4da93f8d9d43904ebb5589b91c65398e4ec3208e94b250705f95d721e8bddaf3bd91ff6b559f4e672ea13a81a77362b9a864e46ce9ef1a288d2a29cb8e949c215ad8edd9f58ea0866e44c42"}}, {0x2c, 0x0, 0x0, 0x1, @NL80211_PKTPAT_PATTERN={0x26, 0x2, "b9a071744c1c7cae590fbd20d7fcf5b91176d401b3e06f25aff69373ca344d1cc653"}}]}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x8001}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}]}, 0x1098}, 0x1, 0x0, 0x0, 0x80}, 0x40) 04:18:40 executing program 3: socket(0x10, 0x5, 0x5) 04:18:40 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040)='SEG6\x00', 0xffffffffffffffff) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x223004}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x38, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@SEG6_ATTR_DST={0x14, 0x1, @private1={0xfc, 0x1, [], 0x1}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x6}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x6]}]}, 0x38}, 0x1, 0x0, 0x0, 0x14}, 0x4) 04:18:40 executing program 1: bind$phonet(0xffffffffffffffff, &(0x7f0000000000)={0x23, 0x1, 0x80, 0x5}, 0x10) r0 = fork() tgkill(r0, r0, 0x1b) getpid() 04:18:40 executing program 0: prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x12) socket(0x11, 0x3, 0x6) 04:18:40 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00', r1) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0x34}}, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, r2, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x2}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x5, 0x6, 0x7ff]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x8000) socket(0x11, 0x3, 0x0) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xf}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008010}, 0x14) 04:18:40 executing program 5: r0 = socket(0x11, 0x3, 0x0) recvfrom$x25(r0, 0x0, 0x0, 0x2000, 0x0, 0x0) 04:18:40 executing program 0: socket(0x11, 0x3, 0x6) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', r0) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, r1, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010101}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, '\\])\r/6{^+\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @local}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010102}]}, 0x68}, 0x1, 0x0, 0x0, 0x802}, 0x20008071) [ 613.694231] Bluetooth: hci0 command 0x0401 tx timeout 04:18:41 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) socket(0x0, 0x3, 0x6) 04:18:41 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="7472616e73000000007266646e6f3de7be0d351e97d6876002cd18af3ab58d643db6dee02417cbdf30247eef279d2d72c290750d9344719fe0f6be733391c9ac5fb7b5ddcad225739de8c4258bc9ac6a89e9b93cca2a13310e26b79282ca71efe444e6cbc6747ec8b7915987f7ac3751236873894170268aabab7084cbadbcacb869fdd6eff4d2", @ANYRES16=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC]) r1 = fork() ptrace$peekuser(0x3, r1, 0x23) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) 04:18:41 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000100)="61d9cb61307db19ad5d7e485eea15892f12ddd06c9486dce9a276651f9f1c3f84e91c344e760eefa1aaa927633c831a1f3e048d4c9f5a336f7ab4c40acc41abb4f48f58060de15dfbbad8710ac77385258260f3bd21273f745473aa028dc48e60fb03eb16084d20c23671b34da7b79583c8b") 04:18:41 executing program 1: r0 = fork() tgkill(r0, r0, 0x1e) 04:18:41 executing program 0: ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r0 = socket(0x11, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) 04:18:41 executing program 5: socket(0x11, 0x3, 0x6) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', r0) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, r1, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010101}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, '\\])\r/6{^+\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @local}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010102}]}, 0x68}, 0x1, 0x0, 0x0, 0x802}, 0x20008071) 04:18:41 executing program 3: socket(0x26, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 04:18:41 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x2}) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000040)={0x0, 0xda, "9c0047", 0x5, 0x4}) 04:18:41 executing program 0: bind$can_raw(0xffffffffffffffff, &(0x7f0000001840), 0x10) r0 = socket(0x79, 0x3, 0x6) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) recvfrom$x25(r1, &(0x7f0000001700)=""/143, 0x8f, 0x200, &(0x7f00000017c0)={0x9, @null=' \x00'}, 0x12) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r4) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001600)='nl80211\x00', r0) sendmsg$NL80211_CMD_NOTIFY_RADAR(r4, &(0x7f00000016c0)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001680)={&(0x7f0000001640)={0x34, r5, 0x8, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1dd}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x39}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20044000) sendmsg$NL80211_CMD_TESTMODE(r1, &(0x7f0000001580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001540)={&(0x7f00000000c0)={0x144c, r2, 0x800, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x200000, 0x45}}}}, [@NL80211_ATTR_TESTDATA={0x8d, 0x45, "7609add1d31887e441990db38b6103b7c9ba0558f002bae931c5176aa18e24c15fb1cf285174fb3e1419225e6bcef3409a2c863514ccf39b58faebaa1e7c6bd84b6c5d2a3b0f74399c5af5c14448daa6f8b00661d2735e18db364dab7df81b48fc47ca6264da883ac6bb0a223bc01741604a0a213f5c1e30ff1ca88cea0482a64125c8d3688f66159f"}, @NL80211_ATTR_TESTDATA={0x48, 0x45, "0cd0c7354b4c915f51e376aa4c213fd05e8fb1363010e24fc0372325e6e40777afce6331909a62a53cb70d14a9bdf558bef637863191c5020f5955ddcc44607bf764f4fe"}, @NL80211_ATTR_TESTDATA={0x99, 0x45, "32db68033e6073a4dafee8f30185a83119db105d4e4690c5c042e903b5780b8be1eba59078633a71eecc6423c4c1870c77cf3a5a5dc58d2f6fe445b79dbc2da4ad914843dd7b814ce8405dd3e4a80a00c39c2da3b721745a671a0421e741d8b3268cfc5b16f698b357d31aeb0985de46a49a4b9df250180e7cdfd475469c8ee8402cc493614e82e4462f4c6555918aae38fae7a855"}, @NL80211_ATTR_TESTDATA={0x82, 0x45, "76eac0d00945812a5124c5d2dc1697a590d579a85f888450192d970e483f08feb7341c67c8a5443a394ac959b1f34206ffc20d7e270d2bef0a4ef47fe13c1c72b18009b49800d1707719ad18bac3e1305826321e7a3b93670d94d02eb20a8cc6768044ea842cb898a34cbfc2212df87c63929f69f397fd79b3601be4d55f"}, @NL80211_ATTR_TESTDATA={0x6a, 0x45, "7f32eb403cc9d4b1e3d90545aac5366c4e6ace57119fb533e4e5742f926c11b319a3ac85ca4381d7a16d5e2a3bd55939de0d04b7fb1057a4c16a359cf8832b8f5eb44df633f98da514bb72e251b1fc2f2b77646adb04392acd7feb2c04a65ea1002b98695ec5"}, @NL80211_ATTR_TESTDATA={0xb7, 0x45, "edfc2ade28f6f3b7259619183de99f1f4e203ec24fc5a39b75cc16430f59fc2af37129d4e92ba4edf844645fff634cac728370d1a24b32a3cd8506e37ba669440d2b6eb8c1be66888313f0c209b754157a5edae8b474b9a8e72597f0c7ac9e804c39bad06fa2230c308f5a0e62c4e5218c7757313a23c87d6c903b12547bddf456dd95e44eaac5899ce8588f8a5778450ec2e382e09ee31eb884bfaa950b8f6555e2432389a419cf47b478a215156a9fa75002"}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "695dac6b6b1606f5957c6b08f770f1e5453be6cc9ff27ee6d4deef6cba7607f65b84fb7fbf53289d7e2c5ca83ac5aa457a8a536657a47597c9bd8710171df4e23e3eaa1999e30ef1c52d6b19d066f3c62352ab3606020550a929cf8cba3e3694a11765007d477204f72a3f86ecf34653974071aa2a5d1d11344adcfb7628ff03efdc18b7d27e37b5f761b7763d96d0951e9e14605b7bde8baaba56f9ed82faead295d5083804b96a0be98921ae5b61fdcb8420c49f2b146b0d09c415f1cd7431f5623724f96975f6051fb7babf74e2ab039e84515d79952972445d8992e5fed465410a83cc5d78071b400a8f0b8eed6dac03a1e6b27d40e55f96db235b1490e8f5cc3366f645c3c6da6e7d2a0dca20201d9810b6f7318d86397f0097c18f133da5085c14c41c5511853ed18669332a681140595ad333e6ab89e4ab8f937a0274192b6d2d6b9c4f3bce360cf1df6e2e93987223908ec9757b0379460ec655303748fbf31995313ddbaae308dd90713946eb45d9d0361940f62f8688f3d3e32640e13c552d1c0caecf0d6376545fe103033c1aa997a2ff83dd139962e30fa6f59612e6c0d1ad0e68dbb688e24ceda5a79003ead3bfa85853daa9ce384ec44ad02d140e9479c0ca1f8694e1f2f0b9dec5b99555619b70a5dcf967d7c202ed624167b1e71a2bbba287c0972b061cf01b6811c5274bc2d7e1d7d7e104f57f49b37513049dca4e8533ca79a02f067e4668452043042ef74b17d23a1e0ba9a0f28a36b05c2fed8c94ec876a1c1dcdaa5d4b2bfc963592b48d0a2a18f4071f706a88ebae28bbd564e93889c8eead6e50a863c2b6edbb4182970b439f3dbcaf6f046bbb98f144dd8ea794be0af76e823e7eb73b76722ec7930c141712b9994fc254986795cbe6c598245eb7be228b2fc3b87e28a1ca34a3acd192a4788c95748d7154c34142e733437ab1f0490b7fb23249026d19e8bd1dc6d3b35e120585159c8b233948a869eb50071b5c4a04e85425420b9d686e86b8bed7dedb53d071dc6918b8e2b595ad0c3319a85bd35a1e4eff99bdf86005c64775a69a2d327bee24f49eea053ba79a2f84c6914ce3c06a25a4daaab1409725626a79999ed7826445f84bbb993b827b282860c10ed75ad5c66814d5363a4fe1814a052a15faaf7aa75f905b1f903da0b85f1106114658ff972afe58f598b1c9a288e22a1de95fcad0c964394cb882202137c85ad21d0dbae6bc39258bd83002fbd4bf341bf88af70643cd92f4e17ecf428caf62259c508b20b9f57e0178d5244098cb0a0a41a2ce1ac23dbaf241cc38610e4820cd73ae998753fba0e75cb46677c20cf02cf3c2528d78887a39b514dcd6b2f7108e09f50d63a50ec46a248e813a216947118bd18ddb2708694b7ea4c3b3d5cb85aee9b746c53c4a1bbc1fcf3f45ae339c866f6cbd025da58e540a46c597f4830f75e4bb5e3b1199457b09257a5ad8dc1a6bf6b1f9b9eaeeabd8c54f2b9e2334981f33b97555fed611742f90e31699ce3dba75af1cd7b3ca563ce821690c3ced8debad25b596987af86de4b889629041e9ddf34a4d7ee0de746cfa367c1727bbada4be1865481732aa5990bcb1176d4f9a95f029b75ad9476fd6e8081d8e90c1479f371657a2638ff98e8b161183cf96d97a1aa46ffc8b41e12c2934ab892ad155d2f8ee111ec3260070dffd0dbbf81a8cbf0b2f5d088cbeb738d9a091f41f57cafb246244900c2fc4f0ace4dc6fe3c70f2248a344d0b73e755a350b53195e8021053417005094a6300a16b34870846870fe3a7f2bd337900d5dff060382c06023e591ee1ef04b6012a73dc7638c6ba8e2217a6ad0fbc635d38e237310cb61f3396470de051efbf58b13464b08ea750210ecefa496de6db7b9c60add9c17304229101593fd1b7170c3b642af68deb3d71abf669b49aa34838034157fe80d29228ecd9d5e70f1598b8fb5031f98e791c15a8427225e5d93d2cbe5db0be5d9782e5d72efc6ef1f6fae7ea926c9896894bad6414eb1beb732beae8acc2bcf7095d6a720d2193b9afae3377adef2d6336b55ef3e32c2bfda83fc73b8f3ff1f458353eca9cdc5161a41b14a8f69dc9c66b45372c2851c68885e9f24a56f7b27681e45edac73d3c3fec63540ee2f594cece5698a62a80232c38e4f9872d64f1456b8a436e3acd4067fcfd7786a11657ec58eb08d17a8e47b9779c699c8bb199e16847b37ec1688cd76098b9ff81ca5ad3134a804c535fdba2d2664410ab80affddb6fbb0f9a3366ad2288974d89549224b4accc9987dd2965ac1ffc5cdfc07475d62c34cff7ac4d75b4379fe89598fd9c0ea438d847e97175adf046354042fbebb1b29e08e3d9d775c34a447fa76bf227ea7b5e8d2210c9da2eac5eb66cb8fd6c65521a58366044856322b2c9342558e5fb27fb39b6a1f981c786f5032b05b0afeef19faad57970bd60d2d560374a4178d941ee8ddd38420f062b1883397876a2c27fbf2aad9ddbecb17572dafbc80fff7fef8bf0750e3cf4e3fa8626922dbe377bd3b3c8350b921f5e98ebf7870e40a0d71456441130adc923e8610510aa35a9d1c59abb179ed7488c73db646ad978981dd939e7f8f5b5984b47ee5d50370bf0bb256ae39dc354d4fd3576f58bd007a834626f9eb78cf0aa16236e773df99cce2ac6eb25a869cc3e1bbd4a702956094b20544e4c7694bbf9d90170822fc6a5a3ab323a7fe6284b613506b18aaa00d1934bd2b16d032d47be514ed6b51d812d652c1d1c6fd661f270e13ad7b2d15336e8a9d70e10c1fb0ae7cdab25f41122a62b781404c51f9db11f1a70725535249429bbf4a9d21d0b5f59ea9d813310f597d8fbbf290d7a3c2a48f9fe05baefd20effee7fe3c415c9794f18ac6e2fadb8cf194cda61891218c7dca327722405cf90e4fcdac796e460f94a4f25d46b278902a8e605eee31062a251d448916792ea7090ef08f1c31cde176d227ebe325c1d400a8c6ca3f115352591fbaf46c142f505ca5743cb8563b0ff8db9e6cc945a7d25733287c0aa6bf7e4ed978daa0f8d95d5e5b9339855b3e02343ca7549d631b3376182d3d30fb5036c1c928300f25c7a99c8fe3b8e8ddfb1db1dc789176d1b49feacf306d25b9069da6a46e88c6009bfa5e211f8a6944d0fd7ae90ed87b78355c90d14dea6f5cd1f60cf2f6d93cb9d1ecea4cfa0fc4cae81136f1f60a5c2a8310045dc59fd8dbbe47122943f0d389f131d82545a4c5b2e341658e548a46263ed3e645208d82a345a4edc61cb759244f69eba413804283b1b9a8f53a82a9d39c66f7fe68c75ad00551e6a1d24860ba568f1dbfad483bc2b6261b87cecdbcad0098d43009e339f50e8bad8d2a559ba0a6c1cbffa086d290f423a199c71c5e8fef12c81ae0b0bf090f5d05e26a5de43a2ab2dfc9788cbe1db09b118d60882cab9b33fa7ab53feafe48b38afb795e9b4afaa4b554accbbcc057a9bb76470e06129587b54ee591f1c513496c8534e7ea33d12f2331f62a599e89103e08db55fca59968dd0a8fd2e5f0e193df35bdb5da10d8c90e961632b1d8a790949d09fefb38232c279e6fa20e274e9f25865d0eb5fc379d45c289db700baf3a2d2617ae41ab9cc78399f60ca22cd10b50783ccfb75c59ad5d84b60299a154f321c7787cf86c4fb2216de460d23b5fc3ab4ffd5fd6fb1cde01b74806e82a85fbf08f7ae57a7013d41fd8b13e20df855ab6ba68297bb9cef097bb2f4625968ca37d37540c4f772c985599a6b917f41c71edd410ea5dba88fe6195c7591f0619a302f73fb0105cca5441402767bec548d5b9551676025a53a541eb0ad170b7e0bf86b2e75d845c1ffb4c7c1eecdd1012b1c8756bb4233663f22c2a8b9ee72dd40b250af1fe2d910529634bae00d0181dd8eab7e37c4ed502f8c37144152d24f315d0868a5a18f6434ee23cd4472d020f6959bdce1823c3e2c0bb0a5658800944007b9e18d3df6a9b226d7630ae9577a856de9baedeafdda6fae8a224605072294bf45f51b747edb9ea7eab6e255e6a9860e617a1b435c9583afe1c7da92abb4d95b4a15a598a5a0c203cc75721e2a772982534804d6f6ba1ecfa657c77f00421eae90a45af50ba8cb536b848b1ea6a3b7a699aeeae319ee0183c691ae83dc9adc4672857babdf92180fdc95c212a24570044d440a06a67ece713ee89632a74eb635d8722d22403f327d64bcf44c77f438d4cb00782fe2b1eeafaed02f17cd133b44a9092c94313482b0c0cdb4ba7f68ad9ee8f68d6385844e5f2dcd86c1e80b32e654b3f1027ea09fd7378b02e1376d77e104ae525a5139bf9a28e08910784abcadfa1cbd42bb94b980ea19b481d9353b186b0860206b199bf5363a0894c1e87e65fb9f1ab84494584057874095132060880b2142cc720b6c78194dd20fe06fb2dfdef159ded59f680d86ebf8bd0795a721b11b00f56c1f752e3c5a2c72c92e19fbe3de3c2f90b332585f1711ea3c210716325dafc0ba967ea39ecbae2533e5e5c42e216e71a8050028621c9ec249c8c581465882eb6d9d8233745d0454baf20478fbebabb107e3c0cc0c52daa42afcfa21dc5b19e8cf2f38be20591f4da5422c0c5a1bc56f92ac37484a0a71ae5984321895b7af084cb11aac0d466fa51c19a8dd02d40793303ad85251944973166566c847bc2426b7b904be87d4a21e6f4355d30f7a76982c40ee875c17ae5a1193574404a55ef0a8eab77c299408375f19f78bc78aeb4940cdbfd0a016370a169f6729d43364080864209f54a8da22d4447d68f0b0d2d220b6e990455db0a220d7055ebcc073961d01ab18a2fc73f95147ad61133e4907af2e464c81374383ed4e8c03b6d1b929fa0061cc8a951c291cd0d05d0b4dd22eac494e695a712194cec9f4474e3974cb173ba4f1e03caf4a8713141fa6fbe1288c2fa14ea8e66b2ecbd48457b100c2926b26b36713d3d1dae6399b8ac6274015919a72a432bb67c5e16ce8c5bb44feef4da4200dd9e88e4e4935dab49e01537eaa54c0f741df5901fa8c1df6111ceabe020eac174ae7d6e0c1dc9b3f4a74ee6455ea26696b7c111a12a81820e377aa595a0af09d578b3f7b7d4ce8004d214990253bab8839ee5e87a00ca8d08244ee70cd8f1cdd9e36e81f155985cbedd535e2b8a84b581a578a11805c257217530b240bd0411270de6e28fcdd74ff7b7a033f3ac6828532677e4d3e8c600869736eb4113b137c7689cc057c6bb477a2d189fdce5240c943db3a2f498d68eb8e5e0a442a08c167a73c7102048199d338a8084a6a7f392bede8f9a6e02e44d52aa7f14d47f14ddda8d559344ce5d06825ed206345ad7f027e25ce0e0bfd5fddd865f7fabc103e016fe0e09babd73116e719b696e45ddc821a78bac8071ec7210d10fcb11c2c88355446241403ff0519e1cccde291c2cab87a158bf1edbbfe678a645dad939e9856b28ac9c66c3ea4623cb8e74d0581433aa7c929990faf657db7ec3986513fd7a8de99836a9148e9bbb489d82eaba5e17e71e7a9fe847c21cd8801fbed9bbd56c32ccc75e954e63f24fc8dfb2764fa57ad3a2f288fcc541179a4da6abc19f232bc293a9edd572618278354bcaf71c11bb392bd83e2a4e38598ab06d99261eee195622dfe1e63b6f6699c51203b0b139906c567de91d909e05693bc3e155c0597dc2851d24afe8d9f581373af906b8e3ddf14ec594672c8e98749ef172a73a76a09a79a5eeaeeec4a6b1bba8494440a7998828185bf65901e7f405be4cdd2895fccceb9c331eb2b2e6e1cee4978e0bd7"}, @NL80211_ATTR_TESTDATA={0x103, 0x45, "88846c61aa45f39194539de8c4bf0723b8936b49eca89ff380632db122a40ab3344f46fa72b9834f1358f2d23261772ceda53f38f1b6ad3db12372978279b7de6bf3efac89f37ea2d57bd3c5648d86bcb1fab6c32667651d7b216b24f4de688817d0712ac96e745225597bf28699aa5dcb4646eaaee6a8ff7b57a7c9a77c24eea0006aa7c61d58a3e9eaeb9fa7adca93c2aaf736de0e9923aad470bfcec3f8e6a99390dbca7753c0b5c3619e52390db6f4e095bc0a6eb68dbde9ada43a6af00d75e9608cb7227c0db7f0ab458d0f1c5a227308c58c3dce57cb470bdd4e1c9986847c7c8b9260eaead056220c4f3839a310f63571758a65f3d0bb53da5b860b"}]}, 0x144c}, 0x1, 0x0, 0x0, 0x30008001}, 0x20000882) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000001800)) 04:18:41 executing program 5: socket(0x26, 0x1, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000001240)='/dev/vmci\x00', 0x2, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x7, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000001200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000011c0)={&(0x7f0000000100)={0x1098, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x2}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x42e}}]}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x1044, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x5d52}}, {0x1008, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x1004, 0x1, "3c086ffa1d2537b10ac98b70dfdc09db9726eb9e620e398baefbb7ed659d858d803178c98da4df0fbf297534ddce513718886d6269e9e6532f9181a90499c6fa825d1c9af509b590a211898138c2a8d55165ca6148ae6c0f821ae77504c1e67e87ab1cc0c0ec79b696f0d452098ceb5f72629b1449b4d78679e4015d0e7188f6a4e5430a25b04c61a0b1b59f884f6a675a370f46a30e910017461c525af2bd6f38ac1a01c6d24d6373cbfceacb434d481d5d4e7bfdee356a472a8771c303756730d82479841ab8b28b469318be9b5a6e2f045cbf5ca63a425c959acb866d0047137a21229bc4e1d1cc926e176011bb116851ae8325c87b60c2140fd7645f8f81061650c9228436664c45b59778666dee46596b04687e4be473c1a843f48ce342266fbb66d62ff214f6fd26be8f5379928cae9880ca58c5f6b7d41df8ac9fabd0b1199bddfad4d19735709742cc3f26792719b59b424690a04f22dca0496eab882bde7160e300679e79eea4f371abcdedb417bed05e76f0998a10cf2d0422b2ae92bb76644d8b8646ba3928769a6248e25cbd25c264868290b104e56ed71bcdf1607c4a2567babc1a7ddfac1c22859d94934a3955d5d2ef34cfcfcffe94fed462d170cb3ff2ed387dc2529826e9d673fd33e748d158b72736e5939c7a70843e45da578797d43e268d9b3b8c0f1ceae65ded8fafe790aff2b8616826d211409479825cbec61a0a9409fb690d5baf9b60bdd0e658b00969b7e6464d8d6619c0a890ce71cb77f3e6e1b65f546c8ea63a06d35465295440ec5f588e9bcfa81e43760cb32292a70148578eb07e6507a4564dfd3f550635dc1016d6b6dbd450d8277262819714d2c07af79a69db93bc7c524a42af177dd46e1d8c169931db0991f6384d1e2de14c753e85b0c3ff45adfb555acb37001edf4e33dfb6d83be22c10615cca4078571acc191724a13b851d317ff11e562ade92d4d4c93f346454b0de0804243faf0afa414f888624a422d98a7f5d47c56c8514f4ca74b161c4b0a69872cc18e376f16d82a519c8e89a3224c9dbec997de99d2ba6663e3dd3b88de601d95a1f0a079076b9de1365845d52f2155e89b2d7d1d7bbb44f75dc3483dbd05e24039196f55fddcac11b422cd9654b01732ed7952a31271e2e283e4bfa1ff3fba781194d7588c51922bd2beafcb32fb9d954df5e61a5b8707da919a2c056c96733d85314901f28b91376621b6c724db64615b8bced9b7c500c5e6b5c111e88495f9470b16a7d530460328213c0ef6a5d0a88c5fcb7adaca43a343d85e0f8f14ca7260be5d2de19b420cb15266f7eaf6b36db84e4f51399605cb967477edbcf8cdd081dfdc88ac1933c72432dd858c55cabf6b83cfd80697031e81397f4d226fb3d2ef0023cd1d2a07b102feb8a3a4b09e05528d5093956f40436cacccd09093f97cc4c15c70f05e56280bb1d7fd4b06c9f6ded69435c6648a912e334545be6f0e9c15a22a211caa9edcd372fccaac5a6d1213778dec6b895f2f701d5c853d6d040b9092f1cc1066544bbc479d7093bdee2046fa8fd5d18750bda1e9310cfc4704d53d73b1c28c0c20487a583b01b0565c7f0a8396d40289171f9bdb0a8d28c0d5ed6e42a87648e6332c3bebfc9a0c5c24f33e9d6dbbebd3f63b8c01ee3680daed3173be78f5faff5fbc8e5bceae89c4799a56661eb08ba29cbf681f0fbc056d6dd985c1bf9c8d41358f72342db3b5822d620b7347a9cf8de1f520b7408e1e9bc94f915e61e4af5a7f6e2ac12dca1cd7c550965f1201b1f058031e96aceb64aad65ab95a12c24056f0b28d70652eb3b8931b52377f35ae4d9afa1b41f7130b3b970c4ac9d733e9eb5d1303788572de6664e3086c7a7b705941d9f2efbdf73423773e905ae6a4c485daebae09c08ed1db1bcd936f2cc47686ca4828e7c06be0b1538010f76397317f688705f7be602e423f9002aa813d8dc1037e1bb295e8079296858879e994b0be9adb3259615f3d4ff3c366c0f5bae83bc8c700eb8dfbc9b6d4469805f5ea0d7dffc8ea2bdd21321e603b2759d8d47cf2c9e156ba512b44fcf20edb9f68013c2cea02e11ed6248769cec965549b67619e072c35434616384b8b647d121b1cda05910a265cb64733ff44559f6cd93caee30dc34678d0bcdee75a361ee38cf39d03fd1955859e97d228188e9908bb4c6856229726f56e2217818914eb2eb01b5ed204cf2cf8d78368c5faf2901aa1dddafd09ee4c72b5a7d2924953f33c298795880a54c8ab9362a7c238c9cbf0fe7c1404c937987ada5112cb47d08effd02d22ccaed5f9f0e51b72aab82266a52d39fbcc0096ba5b3d7cdf3cee45322ccb9de82cadd6f1088d324264b4b9fd1656452e0fde1ae89eeeaebc415b8456688d16214c77750e9e6c21b9b7e72b3127ebc7715e2ba1b22b38c96836f3adaee92c64d0ad4b443981bc1181917c0c9262637a8a433c75ddebac0ee55d573d0c0dcae45d94ba330821dd52725d4eba01eaddf6e0d0312d1c148347122130b8041852c42c0eaf8c1f05175a715881a09c2d94189639b36528553193f540019e405895388d9dd5a4cb44b923a434f3849822d87fa940d725767d76f61f22159c40f1ff41385a6b24af7a4cd27fa7f2dfb3054deb77fd9b28fb7586f80d7e2cf223deb33ed304b756b7fd998e09b5e6aa17fe357e6abdc6ca27f103e05709a702fc3de9171558df040f3fce0bd3441fe6b1bca84bf72a0690c6aeffb165b9a35514d3cb1adaf8fb8c14a91db089d80eeee3833d039cfb94a06cdf0a4ce30d37f81294bf2d36d9e53199608b671ba7c6f6483016ba25e42b56f6df79b3b42816f4767c072429252e7edf4f3ae95ee910cdfe01c8b310165bbb2e861da7194693d6cff7c4eb74e0a92b48f935b555825c5811ececdfc6f5e0064670306c5773575d30043ec035703c94840e89b90dc40966e2ebbff6c694ba0ae8116ae17f2fa960a6a34fb2854a5b0d823cb4bae55377b4f91a2eae34361da19d70272bb9c9de01c33ff8daef7506e0ae8a1d6920160cc5fadf1b1b8505abee5c261fb11f82cac1d8c81984507f7ce3b2ff847cb651fc371d9e1bc4041f471b86c4e7a09e2c981322db344dc4018edf3c5a01a7839e836f46035fdf1fa43083f6ff0a308bc1b89deec3a05fc04bc19e9141ea7cf79b2f9ead4fdebae94770af8cc6ed6a93f9ed092313de0ed6d3bb1c5f8401bc2878d2141adcb125240740070dbdedf72aaa7d77368b17fa0f979b5a598ab7c75ef061c4feabcf3649a0825b4681c2adfc59200b414e41cd7d124a2997f291b1fdc38fe9cfa37ec91361f60a70201d7f1654f11574bdd00d9b70d7c23cb563dd4ebde9bb4b74aa2082b66767221583c6dc161b8bcd5bee5aace3c23ca6b4daa8843b7a7a3f57489f14a2da3f45d01e02a921b45d1e9007a8b96aaa77330559c3f6031752f4a147c2c53794f35139e5939ecbee4d391cdf441e6f33f685d3976758810c4b1860c6bc3b5f2a7a54c3521f25a090a73e093232e3d6faf881908d13e6726bc09c14321b0d8705f98fa5324176ae9e1bdc8656e413b85b7fef4ad2b0aeb3e0aeb5cb5fc528dd6481cb5f456775dbcdf6e7d5f79c2e1f8364b01b7e67cf299960fa638ea4e59438083963d79ac496e87469adc906102ed21bcbd1e8de45b35f784b67f877a1986940f901b645da04c80655c6c797ee31d0c549bb096c683722ff174d60e023e73c06584a5c7d13d284a9a310602f013be1a06057dae959387e2d78ba2bb5509cea08acd711322beb98aa8e6e278e1f41376e4ddf991bd6a298a738de96ce4d737592889de6c8f3af73be063453cd0d1035273015e4caf71680e76767cb138a3c00d176bd0f51312692cf8b114bb631424fc8f4622c723522769b765914c7488fb5572ea1519c96b1344488b598928a8a7ac8e91411e89372e5bbb9e84a6b035ad3e234c6fb70ed36c70379fa0923c6b7ac90dbdcf6c905f93b13fa47a517306ea38a53ca4c0a3987b77824aab35ee0b722c95a13d0df25f43595b43868b24d80ce5ee2a93c7cd832cc729c1966df4b6cb4c8c4facdeecebc18e2d316fbfb9f2e48ee8337b23406d5be597a2f376087cf4195910011ab6d75a773556256a9cf938738222305c7328933bf6bca87a8c7aab6720b3e890f05abd5585dfd274af0055bb78e5b5ebf70c7c80d5518dc224f1535a247fc6b2576dd5abf32a064e6836487573cc3ecb0e102a24e3345c267f75c68b7965165839caba0c226d3b050591b8195991274c5a3f97f853b7e01de21e2f6e85c7865479fbe1428e5d0786dca2f8ddc02cea7b0b471b01ec8993c68ca375169b5dc2e43f1e981df6440b64472e121f1543dfc1c799690791d3c7a88ee3b57251ad0de327ca548538c66c5c0e5f6a0b26e8c55577dc410022c0b2c7c6a9900ada9b569db20b8d1823dfbde9facafee70180a6233ba8ca300b8caa31a1b229308fa01af715d9036b8bcf8d41d04bfc77af9689ae64255ea11212e6866c891bf430a0b014b8a92017f275442394130ebbf83c1846313dda23b2f1595058cd0daa56297b7b6e6a3c6ef4ac608f0198b1b8dfca4698f07fb86fddf92cf76226514e7bf17ad35f95f302b086efb2304d165159ea783817f25462f205e51cf918079cf65322e4b783c90b853c24c4f4197858f86433158e7036c1a6d499d857dff56cde1e799aec73569177683acc694db18c816c52d5f6a84b91cf0aff6e786c2ba266380b0214ee03216c231f3b318a39285c66c7d74e3b0e9d10914f9504b50cf99c68074f8da637fd9fa76662fd73e8b456495264711e7bc5b8c471fa5475940ca5d1ec3783cf5a09d586dd1e388beace6c3460bd8f915085b537047c4d42789119eda47c0ea77fbae5999d0b5f786f091ec4687d98e47049d988e338d95f5f9a0ba41a0431f3cb075521b112433c5bf5ddd14cbce9c950d310e723680bf5b10ac9e1e5fd6f4bf7edc60263c9f09a99d471ab4deefcf2d1e9be59007c2cdcb43705427b6892d448d942c47a951d4fd47f82ac3e1af134049f5d13ff49b648749dd7be178a83631c2aecac23020fa05569381cea88aa179839c6d48fb9412fd92af197c48c9fb1b56dfe0a0f04ff318584338d856541ace656d84d41025a60f8beefe2bb40d22f7e9dfa17182b38fd93cc2687e31396a8a72486326df306738a8411192d92830a3c7209c328b9296795aa4f8492b3d0ecd6ebdd9d2f6c02edfd3b7c79178887e417884c229312dcb84d9e7adf421c5850a7a17b976063b5ef8349a574621b8825fd94299772dd03d847611bb2c856adfb24d794005352c46d6deb95f8c96295ec34dba39e29f3b3086d61a1528f4923ceec09ffad89d0530b8fca7521c005971c0ac35f027c958f3a97ad731d88ada56cf7facb9b15d2622bf92aa8fd27ac842da2f84cbda300e1680153671e56070a3cd3fa2319a3852860efd05ab3f0491e9e1949c0b686bf07578132156acfdc7ef414a773e427091d06cd7cd756713de80bb86c92fd11351cd2b9f12323f849b109f1247194f06f0b2d6a71eba021d087ec3a1f8cc0ffd641b7ff0cf064ee243bce9b0b7c0932a0265409fbe35b87a7a2d30e430ffdd960f63b1659a2435065c39681271a9bb898c8e8b1ea06822ecfc2904d4648e1fa5ed79da4da93f8d9d43904ebb5589b91c65398e4ec3208e94b250705f95d721e8bddaf3bd91ff6b559f4e672ea13a81a77362b9a864e46ce9ef1a288d2a29cb8e949c215ad8edd9f58ea0866e44c42"}}, {0x2c, 0x0, 0x0, 0x1, @NL80211_PKTPAT_PATTERN={0x26, 0x2, "b9a071744c1c7cae590fbd20d7fcf5b91176d401b3e06f25aff69373ca344d1cc653"}}]}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x8001}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}]}, 0x1098}, 0x1, 0x0, 0x0, 0x80}, 0x40) [ 614.013302] Bluetooth: hci3 command 0x0401 tx timeout 04:18:41 executing program 3: r0 = socket(0x11, 0x3, 0x0) getsockopt$PNPIPE_INITSTATE(r0, 0x113, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0x7ff}, 0x8) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x10002, 0x1, 0x1, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) 04:18:41 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @read_stored_link_key={{0xc0d, 0x7}, {@fixed={[], 0x11}, 0x4}}}, 0xb) r1 = fork() tgkill(r1, r1, 0x1b) gettid() 04:18:42 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:42 executing program 5: r0 = fork() fork() tgkill(r0, r0, 0x1b) 04:18:42 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x2}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x0, 0xd2e, 0x9a1, 0x4000}) 04:18:42 executing program 0: socket(0x26, 0x5, 0x6) 04:18:42 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)={0x6, [0x3, 0x3], 0x1}, 0x10) 04:18:42 executing program 1: r0 = fork() getpid() r1 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000080)=0xffffffffffffffe4) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0}, &(0x7f0000000140)=0xc) tgkill(r2, r0, 0xfffffffd) sched_setaffinity(0xffffffffffffffff, 0x8, &(0x7f0000000040)=0x6) sched_setaffinity(r1, 0xfffffffffffffeaa, &(0x7f0000000000)=0x808) tgkill(r0, r0, 0x1b) 04:18:42 executing program 0: r0 = socket(0x11, 0x3, 0x6) bind$can_raw(r0, &(0x7f0000000000), 0x10) 04:18:42 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00', 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x3d}}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private1={0xfc, 0x1, [], 0x1}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x4c051) sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_DOMAIN={0xd, 0x1, '.})$\'d@*\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4040) 04:18:42 executing program 4: ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x48, r2, 0x8, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x50}}}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26a}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15a4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3f}]}, 0x48}}, 0x4000000) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x0, 0xe04, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x10001, 0x35}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x20000) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c17ad646e9742", @ANYRESHEX, @ANYBLOB=',\x00']) fork() 04:18:42 executing program 0: socket(0x2a, 0x3, 0x2) 04:18:42 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00', r0) 04:18:42 executing program 1: r0 = fork() r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r1, r0, 0x41) r2 = getpid() sched_setaffinity(r2, 0x8, &(0x7f0000000000)=0xffffffffffff8001) tgkill(r0, 0x0, 0x1d) gettid() 04:18:42 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:42 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='tranq=fd\frfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00']) r0 = fork() ptrace$peekuser(0x3, r0, 0x2) 04:18:42 executing program 3: socket(0x6, 0x3, 0x0) r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) accept4$x25(r0, &(0x7f00000000c0), &(0x7f0000000100)=0x12, 0x80000) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) sendto$phonet(r1, &(0x7f0000000000)="18350be6861f16c3dae9aa442f7b3f01746c6ffe9299e28b05f39ee5b9f86f0997caba0d8733cbb2a2358f7d70a4f56b487d8ee68a5953b0fffbffbb22429d88aa2d3d390f8c16f24b8eb71f5b915f38db4088d9f3f2e71213180263a3172f94c12c786b0c3dc3ba59f355b11614ac057b3446fc", 0x74, 0x40004, &(0x7f0000000080)={0x23, 0x7, 0x6a, 0x4}, 0x10) 04:18:42 executing program 5: ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x48, r2, 0x8, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x50}}}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26a}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15a4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3f}]}, 0x48}}, 0x4000000) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x0, 0xe04, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x10001, 0x35}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x20000) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c17ad646e9742", @ANYRESHEX, @ANYBLOB=',\x00']) fork() 04:18:42 executing program 1: fork() r0 = getpid() tgkill(0x0, r0, 0x0) r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r1, r0, 0x1b) 04:18:42 executing program 0: ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000)) syz_read_part_table(0x0, 0x1, &(0x7f0000000340)=[{0x0, 0x0, 0x4}]) socket(0x11, 0x3, 0x6) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)={0x10001}, 0x8) 04:18:43 executing program 1: r0 = fork() r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x3ff, 0x40) ioctl$SIOCX25GFACILITIES(r1, 0x89e2, &(0x7f0000000040)) tgkill(r0, r0, 0x1b) 04:18:43 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:43 executing program 3: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x22341, 0x0) accept4$x25(r1, &(0x7f0000000040)={0x9, @remote}, &(0x7f0000000080)=0x12, 0x80800) 04:18:43 executing program 4: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000040)=0xc) mount$9p_fd(0x0, 0x0, 0x0, 0x200040, &(0x7f00000001c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@privport='privport'}, {@privport='privport'}, {@dfltgid={'dfltgid', 0x3d, r0}}, {@afid={'afid', 0x3d, 0x8}}, {@uname={'uname', 0x3d, 'trans=fd,'}}]}}) fork() [ 615.775671] Bluetooth: hci0 command 0x0401 tx timeout 04:18:43 executing program 0: socket(0x18, 0x800, 0x6) 04:18:43 executing program 5: ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000)) syz_read_part_table(0x0, 0x1, &(0x7f0000000340)=[{0x0, 0x0, 0x4}]) socket(0x11, 0x3, 0x6) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)={0x10001}, 0x8) 04:18:43 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:43 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, 0x0) mount$9p_fd(0x0, &(0x7f0000000380)='.\x00', &(0x7f00000003c0)='9p\x00', 0x68, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_client='access=client'}], [{@audit='audit'}]}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) write$bt_hci(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="01110402c90049769d937dfe45d3ad9ca6419a920852cd829fdd114d3586a66092a73da5f0319401e8dfba8cfd01eb3514b3128cb5e1c6ca9a850acf43b95141f30893a8ab50"], 0x6) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TESTMODE(r5, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000580)=ANY=[@ANYBLOB="daa5ab9c2c84fb254b7f4bfbb198a141c355a54e15c7c14c440f9cfe29da15e1155c449308734660b47f865732280d6a86b63f9b", @ANYRES16=0x0, @ANYBLOB="000226bd7000fbdbdf252d0000000c0099000200000006000000"], 0x20}, 0x1, 0x0, 0x0, 0x8044880}, 0x8) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x124, r4, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x100, 0x5b}}}}, [@NL80211_ATTR_TESTDATA={0x62, 0x45, "aa365c5c20f2755f70e9d02b70672f25a5e152f63b7b6f64a96d60baab73732e95eb4f8ee2353be05085598fc245f2e574363ff82d9f37d516c9b5c2f3470c96b4e5295a4dbbd872ef676398bb7416d54f4f71362ec9d165418574ccea6f"}, @NL80211_ATTR_TESTDATA={0x97, 0x45, "f9409ff45cbbbeb0ca5a0a31c23300926edf141e31eeb10cf882f40433848c2d26cd36964a0b74f5318819f507163fe99b370f8de947d40960e7bd275d0afa18a53e4d11c9e8196ae012acaee611badbea00bdda2689eef9072071913426904cd84be36d5a6eb0ae9c50e40c58fdf284bc511578243ac20641a4fd4ae4fe219a2eba2eb5b93028032ea47614bd9d901cd7d669"}]}, 0x124}, 0x1, 0x0, 0x0, 0x1}, 0x4008800) socketpair(0x0, 0x6, 0x1, &(0x7f0000000240)={0xffffffffffffffff}) r7 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x8, 0x800040) ioctl$UFFDIO_COPY(r7, 0xc028aa03, &(0x7f0000000680)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x2000}) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000004c0)={0x4, &(0x7f0000000480)=[{}, {}, {}, {}]}) sendmsg$NL80211_CMD_GET_WIPHY(r6, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r4, 0x8, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x40004) 04:18:43 executing program 0: r0 = socket(0x11, 0x3, 0x6) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="98020000", @ANYRES16=0x0, @ANYBLOB="000429bd7000ffdbdf254f00000034007a801c000200820a791ff95cfcd73b1a45fb244831ff6bf6aa4bc3a8877a1400020021f359ef4a760bd20c3c260fb93b12d744007a8014000100f8e3bd5e424ca9c75f8903d8588790c8080004000010000024000100552dc4201fc1cc8044ff48bb27b8427ac097786811f70416f76249afe6eccf9d10007a800c0003004f6c337b8a1f148b4c007a8014000100c02af3be9708886082d75040da5e898208000400040000000c000300213977112fe5db43140002000847150a5fac4ea257761273b33d2b4b0c0003008352cb580c23542f0c007a8008000400faffffff30007a802400010049f4668163485b8ccdd208bc1b5ede85de42b82d6c48790edbaab279c4cc600508000400ff00000074007a8024000100ab3a8fb9311a05730811215584b471c33df1b6cb24b46f0610f8fe128f18f8b21c0002005fc7ad395e3c0aff0db460a23cd8dfc4bd8b1a8e18bfcf410c0003003bbfbac8ba8991c724000100eb8c50d0592045c960b29202455809ccf3c0c6a964d9cdd9d48b0fa9f3b3a9b08c007a801c000200340d9e094d454c229479cc09a07a58d663f773eae3c4f9f20c000300b98c68df416e8939240001008f6f1dd0728dda50c019badfe3b3b70461e936e960356c12e6c595505f71b86f0c000300374d1c415f7de58e0c0003004733021babff030000000400000000001c000200c63cf3b738edfdaf670c5cd05c3019f80e46dcb39c9a52c504007a8070007a8024000100225bc11864a93b1702923bf434f53ab8191a72a02b4667a3aa1847aaeb01e39a0c0003007ddbbec01e044b341c0002000b5fe111e5554313e199e45bdc98b7ca490e0388928d76e0140001002e6bbf34eeb0f24ea483c3a90fce02f10c000300fc2c39f231b85134"], 0x298}, 0x1, 0x0, 0x0, 0x4040000}, 0x4) 04:18:43 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7472616e7b3d66642c7266646e6f3db25a3843caa277359a2d6b50c5c1378200b6a21c49f2be4239b3283d5c4f94f7816e06780b4cfe1a05aa6b408950c2110ac839c64cf4bdcf7fdefb60e22835c0c8039b06050aa0e998be4835a4ec3a1c7b2d8a6ac7e9718d412d598cc578a04d9872ff5b44f979b1af22cda89809556fda86827d8b2153db54196d62155265c73f0500fffcc9b852a9d56ddd4f6a1866ea88aa2100cb754f2b65821a8606e802a1558256", @ANYRESHEX, @ANYBLOB="2c7766646e6f3d0212a350733aa35ae2e3d4354125b73e111a6a26b7a99b9b47346951417a38f93550ccf446e75f4a8d0fdb843dbf8022375c15421c4b5302c7faa94bea19ab1c5455ea39283b6669e910ec979730f1d10e53441b0e538e185c135785d0e93ca31b15968927f17e5d19da53719748d97d4771267b585478dcda81a5e2b1bb8227a15bf1651673eb4d2467d0ceb6187085d747f74c48f37fc0000083a0728ecaedb95f5b65c356633276a83d48a58b17538320f587a4cf8d6e47ff9ff080f5772357a4e013c16bd8f9270772fe8bf7d83158ea1c9f2adf82e8ec509885389f85be0c9b7480c502633846d66c65ab2b8400560008ebdcc795c35ba2c57fbbb9746012ac28ebe9ea4d6e011e724dc5f1", @ANYRESHEX, @ANYBLOB=',\x00']) fork() 04:18:43 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) write$usbip_server(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000030000080000000000000000010000000000008000000000bc00000003000000030000000300000000000000009cbebc17c7a84b02fe9a36db246b0728084182ea3c6a5a5457d3a3a4a086c075312ce9993f1576e052a906a7386de6bd04dc37270557cab19ec69a03e9e8e34a03ee650c61a74c35bc00d4a25d7e5dfea3128779cc48536628234a4ebf8fa0f6ba863d22f9db072fec75df65fcc0ca344f49f763cf8fb74274765bec805ecf15b5bfd448a6df76e3fa46ac3c7b0d8ce53c4f79e20f204e34f5bacf664a326d17bef597541c061c003f1a6fb6b2c12a7fe4f5b322e98e20bbe5f5206b000002a80000007e0000010000000200000000000000000300000001000007ff000000a48b2d648900000001000007a6"], 0x11c) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:43 executing program 1: getrlimit(0xe, &(0x7f0000000000)) r0 = fork() fork() r1 = getpid() r2 = getpid() tgkill(r2, r1, 0xd) r3 = getpid() tgkill(r3, r0, 0x23) 04:18:43 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x22341, 0x0) accept4$x25(r1, &(0x7f0000000040)={0x9, @remote}, &(0x7f0000000080)=0x12, 0x80800) 04:18:43 executing program 4: r0 = geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=0xc) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[], [{@obj_user={'obj_user', 0x3d, 'wfdno'}}, {@euid_lt={'euid<', r0}}, {@fowner_eq={'fowner', 0x3d, r0}}, {@fowner_eq={'fowner', 0x3d, r1}}, {@pcr={'pcr', 0x3d, 0x15}}, {@uid_lt={'uid<', r2}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}]}}) fork() 04:18:43 executing program 0: socket(0x11, 0x3, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x1, 0x200) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000000)={0x1, 0x1, 0x4, 0x8, 0xfffffffa, {0x77359400}, {0x3, 0x8, 0x81, 0x7, 0x0, 0x5, "fb0fc999"}, 0x39a1, 0x3, @offset=0x2, 0x7d, 0x0, r0}) 04:18:43 executing program 3: socket(0x28, 0x3, 0x0) [ 616.093387] Bluetooth: hci3 command 0x0401 tx timeout 04:18:43 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) getpgrp(r0) 04:18:43 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x22341, 0x0) accept4$x25(r1, &(0x7f0000000040)={0x9, @remote}, &(0x7f0000000080)=0x12, 0x80800) 04:18:43 executing program 0: prctl$PR_SET_IO_FLUSHER(0x39, 0x0) socket(0x11, 0x3, 0x6) 04:18:43 executing program 3: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400002, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) bind$phonet(r1, &(0x7f0000000080)={0x23, 0x2, 0x5, 0x8}, 0x10) ioctl$KVM_SET_BOOT_CPU_ID(r0, 0xae78, &(0x7f0000000040)=0x1) socket(0x11, 0x3, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x5, 0x400000) ioctl$USBDEVFS_RESET(r2, 0x5514) ioctl$USBDEVFS_CLAIMINTERFACE(r2, 0x8004550f, &(0x7f00000000c0)=0x8001) 04:18:43 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x16040, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x000000022d800000,appraise_type=imasig,euid=', @ANYRESDEC=0xee00, @ANYBLOB='\x00\x00']) r0 = userfaultfd(0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, 0x1000}) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(0xffffffffffffffff, 0x4010ae74, &(0x7f0000000080)={0x5, 0x8, 0x9}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) r1 = userfaultfd(0x80400) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}}) fork() 04:18:43 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x22341, 0x0) accept4$x25(r1, &(0x7f0000000040)={0x9, @remote}, &(0x7f0000000080)=0x12, 0x80800) 04:18:44 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:44 executing program 0: socket(0x11, 0x3, 0x6) socket(0x6, 0x2, 0x5) 04:18:44 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) 04:18:44 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x22341, 0x0) 04:18:44 executing program 3: socket(0x23, 0x80806, 0x6) 04:18:44 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x10, &(0x7f0000000000)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:44 executing program 0: socket(0x11, 0x3, 0x6) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x7, 0x3, 0x5, 0x3b238254, 0x1, 0x1, 0x0, [], 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x5}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r0, &(0x7f0000000040)="4a7a562dc6e0daa8c485cefd06e965ad77a57a1756042f594c4bc6470fc41eeeb1640d655fe551a87ae7bad3e49b3173d797dedaa4d8bf7091a8fa95257a92fa857ed16203bc4ebeb82b60147a6722b05ef15b1a36ebc12f4148a02a35d4d4"}, 0x20) 04:18:44 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:44 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB='v\x00']) fork() 04:18:44 executing program 1: r0 = socket(0x23, 0x1, 0x9) recvfrom$x25(r0, &(0x7f0000000000)=""/180, 0xb4, 0x100, &(0x7f00000000c0)={0x9, @remote={[], 0x3}}, 0x12) r1 = fork() tgkill(r1, r1, 0x1b) 04:18:44 executing program 3: socket(0x2b, 0x5, 0xfffffffe) 04:18:44 executing program 5: setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:44 executing program 2: syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:44 executing program 0: syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x3, 0x481) r0 = socket(0x11, 0x3, 0x6) socketpair(0x1a, 0x803, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r2 = syz_open_dev$vim2m(&(0x7f00000001c0)='/dev/video#\x00', 0x9, 0x2) ioctl$vim2m_VIDIOC_QUERYCAP(r2, 0x80685600, &(0x7f0000000200)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm_plock\x00', 0x20a040, 0x0) sendmsg$NL80211_CMD_NOTIFY_RADAR(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[], 0x24}}, 0x4040000) r3 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x4, 0x4c0141) setsockopt$inet6_dccp_buf(r3, 0x21, 0xd, &(0x7f0000000280)="b3b32e94b2b0999ddaa002f679c650b1859a5b63f3246df0810b980ebfa5d5752b64c7d9f907600c4ff65546bae774017c3742b9bec03b1b8e96ce8e18a9ef413d3f833e07", 0x45) ioctl$sock_x25_SIOCDELRT(r3, 0x890c, &(0x7f0000000340)={@null=' \x00', 0x5, 'vlan1\x00'}) 04:18:44 executing program 5: setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:44 executing program 3: socket(0x21, 0x80000, 0x0) 04:18:44 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x940035, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:44 executing program 1: r0 = fork() getpgid(r0) tgkill(r0, r0, 0x1b) 04:18:45 executing program 5: setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:45 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3dacbb61231f5b4b2bc97020556a57ada0a895", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00']) fork() 04:18:45 executing program 3: r0 = socket(0x11, 0x3, 0x0) accept4$x25(r0, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80000) 04:18:45 executing program 1: r0 = fork() fork() tgkill(r0, r0, 0x1b) getpgrp(r0) [ 617.853855] Bluetooth: hci0 command 0x0401 tx timeout 04:18:45 executing program 5: r0 = socket(0x0, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:45 executing program 0: socket(0x11, 0x6, 0x6) [ 618.173398] Bluetooth: hci3 command 0x0401 tx timeout 04:18:45 executing program 3: r0 = socket(0x11, 0x3, 0x1) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ubi_ctrl\x00', 0x26d7c32c29f7f805, 0x0) ioctl$USBDEVFS_RELEASEINTERFACE(r2, 0x80045510, &(0x7f0000000200)=0x8) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, 0x0, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private2={0xfc, 0x2, [], 0x1}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0x3a}}]}, 0x38}}, 0x40080c1) recvfrom$x25(r0, &(0x7f0000000000)=""/110, 0x6e, 0x40, &(0x7f0000000080)={0x9, @remote={[], 0x2}}, 0x12) 04:18:45 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = getpid() tgkill(0x0, r0, 0x0) getpgrp(r0) 04:18:45 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:45 executing program 5: r0 = socket(0x0, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:45 executing program 1: r0 = fork() tgkill(r0, r0, 0x7) fork() r1 = gettid() r2 = getpid() tgkill(0x0, r2, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x10000) r3 = getpid() tgkill(0x0, r3, 0x0) tgkill(r1, r3, 0x3a) 04:18:45 executing program 0: r0 = socket(0x11, 0x3, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000040)=0x4, 0x4) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r2, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r2, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000240)={&(0x7f00000004c0)={0x1c8, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x401, 0x49}}}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x0, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x7fff}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x1ff}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x168, 0x3, 0x0, 0x1, [{0xfc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0xfffffffffffffd05, 0x1, "1f5aa6e8350c0e1402e052c4d795bea97efed61b3bfebbfe63ae5359b647561aebdf44c43014241369e5d81cf626fe26195a0273883c48a33bb3ec8aa3dffb1d381ec6c3671bac2134c24541447f9673b7f640b1df5e918bf41107465b8fd49f55df145da730361d72f7ec46ae90b6c8c1efa077c3326f7099903ee1f1a8fab5795a6745177974fe7c37b22301b4f1770d2002fc53274fb4ecdf62d15d48f1be7d8bbe170f692095ac580a48a1525c3c95775b39e18d056eabcd02f99ea11cb0917e6299f5f98961934a8b61d3dc562c924ef7bc2721c89dc1d3a5315f15254d245935f21af93379444b49856bc33de3b783044e"}}, {0x68, 0x0, 0x0, 0x1, @NL80211_PKTPAT_PATTERN={0x62, 0x2, "8d88118bff8bc3801c6061b6a26c0197156b2761ea0785be0c96de3ca87fe4d1592db4f6d645c963a45e99175606a470679cb75ff66da50f38c39650e760b01a8e434b6631dec7fbf13a33906c69cb644beedf6689e3b6de21628a768394"}}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x11}, 0x4000) socketpair(0x9, 0x4, 0x5, &(0x7f0000000000)) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r5, 0x800448f0, &(0x7f00000006c0)={0xffffffffffffffff, 0x9, "0e29da", 0x13, 0x2}) 04:18:45 executing program 5: r0 = socket(0x0, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:45 executing program 0: r0 = socket(0x11, 0x3, 0x6) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x328004, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@aname={'aname', 0x3d, '!.\\(\xf6}-\xa4]{:[s'}}, {@cache_loose='cache=loose'}, {@version_L='version=9p2000.L'}], [{@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@subj_role={'subj_role', 0x3d, ',@&'}}, {@smackfsdef={'smackfsdef', 0x3d, '^\x05%*'}}, {@appraise='appraise'}, {@obj_type={'obj_type'}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}}) 04:18:45 executing program 3: r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r2, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r2) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)={0x114, r3, 0x1, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3, 0x67}}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x3}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x20}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x4}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0xc8, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x1000}}, {0xb8, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0xb4, 0x1, "7f80f9b1a290d73adbb7e7d3f17739c64442520e7d2dad6237c3d94c4bbdd0d14a0e97062008a8332745e3f0e3fc39563bc4da72329dbb3626181c888b103932a5dea453eaef80ed99983c5f948723b46a21571f2bc41e63beb5519208f42e534164ab14ec5f81497923a4f7a3a69c5d06550da6006e64432e0b885d901fae643dcdbbb55c1c966c8a216ee9ff4129ce52a216fd20936bc78bd02916ec502736410766683f106b26bde39fd7f0e94120"}}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x4044000}, 0xc841) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0xffffffffffffffff, 0x2, "efbd08", 0x9, 0x1f}) r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x600, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x4, &(0x7f0000000200)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@posixacl='posixacl'}, {@version_9p2000='version=9p2000'}, {@uname={'uname'}}, {@msize={'msize', 0x3d, 0x2}}, {@msize={'msize', 0x3d, 0xfffffffffffffffe}}, {@loose='loose'}], [{@smackfshat={'smackfshat', 0x3d, '{'}}, {@smackfsroot={'smackfsroot'}}]}}) 04:18:46 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x20, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x7, 0x4f}}}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x48001}, 0x30) fork() ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3}) 04:18:46 executing program 0: socket(0x11, 0x3, 0x6) ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000100)={0x2, @win={{0x8, 0x0, 0x9, 0x3}, 0x9, 0x40, &(0x7f0000000080)={{0x8, 0x8, 0xbf, 0xdcd2}, &(0x7f0000000040)={{0x1, 0x8000, 0x80, 0x67}, &(0x7f0000000000)={{0x4, 0xe34, 0x8000}}}}, 0x0, &(0x7f00000000c0)="847f98d89af3ee599131760db46ba668bf5ca633", 0x7}}) 04:18:46 executing program 5: r0 = socket(0x11, 0x0, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:46 executing program 1: r0 = fork() r1 = getpid() tgkill(0x0, r1, 0x0) r2 = getpgrp(r0) tgkill(r2, r0, 0x2b) 04:18:46 executing program 3: socket(0x3, 0x3, 0x0) setgid(0xee00) getsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xd, &(0x7f0000000000)=""/129, &(0x7f00000000c0)=0x81) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x7, 0x3, 0x9, 0x0, 0x280, 0x1, 0x7, [], 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x6}, 0x40) 04:18:46 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:46 executing program 5: r0 = socket(0x11, 0x0, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:46 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:46 executing program 0: getpgrp(0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) accept4$x25(r0, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80800) socket(0x10, 0x3, 0x1) 04:18:46 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) ptrace$peekuser(0x3, r0, 0xe2) r1 = getpid() tgkill(0x0, r1, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x5) 04:18:46 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) socket(0x11, 0x3, 0x0) 04:18:46 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x40, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_client='access=client'}, {@posixacl='posixacl'}, {@access_user='access=user'}, {@version_9p2000='version=9p2000'}, {@version_9p2000='version=9p2000'}, {@access_user='access=user'}]}}) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000825bd7000fcdbdf25020000000800020020000000100004002e23d3851a6f89ea0700001a0d6f82000400000008000300041900000800020002000000140001000000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4008001}, 0x4040000) sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x30, 0x0, 0x300, 0x101, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x685, 0x2f}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x32}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x1) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='9p\x00', 0x100001, &(0x7f0000000280)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@cache_loose='cache=loose'}, {@version_L='version=9p2000.L'}], [{@obj_user={'obj_user', 0x3d, 'access=client'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@uid_lt={'uid<', 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, '((\'@*'}}]}}) 04:18:46 executing program 1: r0 = fork() getpgrp(r0) r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r1, r0, 0x1e) 04:18:46 executing program 5: r0 = socket(0x11, 0x0, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:46 executing program 3: socket(0x11, 0x3, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10001, 0x0) 04:18:46 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:46 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:46 executing program 0: socket(0x2, 0xd, 0xfffff801) 04:18:46 executing program 5: socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:46 executing program 1: fork() r0 = getpid() fork() tgkill(0x0, r0, 0x22) 04:18:46 executing program 3: r0 = socket(0x11, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) 04:18:46 executing program 2: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000280)={0x0, 0x1, "1f63cd", 0x6}) 04:18:47 executing program 0: r0 = socket(0x11, 0x3, 0x6) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000001440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001400)={&(0x7f00000000c0)={0x1314, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x6, 0x42}}}}, [@NL80211_ATTR_TESTDATA={0x30, 0x45, "898ef6d879e987a683290d78d5e1c8b3b18f3c07d5780e473846e48ddc877d93c66a5ad61101b2fcf68b3321"}, @NL80211_ATTR_TESTDATA={0x9c, 0x45, "2c319ed23224724932313dcafd60795427f99e5902f56c8fc2b96ac8cbde5416568fe551e257b9662b556cb17383753c9e046ade2c88452f2bc0b34159a650063a994516d6877ae0546bc0df462fbbea8ed60a6b0cee9dfe89c1c91d53a6030e089ac5b3bed0ecfcd34d338a4cfc89f041f34cf24f220a402270f7604d8b905ae11eb73117036e85a33fc907119c02be413b9d69ae43edb9"}, @NL80211_ATTR_TESTDATA={0x47, 0x45, "5b6e295cf46597a4f2ebe6909aad4b95260ada3062c3260ba4132689d22611b458120acb9c90f4f089a98ba1f45574b3ce95f5e27cdeca7b061411eb42fac63b0c722f"}, @NL80211_ATTR_TESTDATA={0x6a, 0x45, "30799a76b85433a78a17ed6aba722105e006a0d42422d666af564219190ff804f42c5c12cf528ac5eac67f67420811d1e3db141c73e5576d7c36f0df07acdc9a18eea60c5189ac50597563067a7df75e7ef0878adc8ecd8feccf95fce5c9bba434ede60fb629"}, @NL80211_ATTR_TESTDATA={0xc9, 0x45, "f31ee95bd8bccc142ad352a7010c73691215e34a3a7f9c3b2a6ee7f13111a21fcede5a7dd7005c0e11df18b3bc9aab45a2bfb48592486914827c1815425629f7b428fd9022f64db844526fe9d8fd20d9827cd911a075492b411925316766bdcafdf95e24428daa5150c69d74fdc9ba88454d4f2f9a8ad301f6481a7f31dee368bb3dc352779e9725d55789ebde3ae14fa13a9a639d1289214d2d607d04f8ca7bd19692c3030b2f6d5a4341d281637cbb0e3d4667717dd1f63d69c6cb3c9ed4ae815b407a03"}, @NL80211_ATTR_TESTDATA={0x2d, 0x45, "fd312f5d28949935730adeeb02e19f6ee56354b0da67ad2f05a790c388d5043b3b8c614adb14c1b53d"}, @NL80211_ATTR_TESTDATA={0x73, 0x45, "5437eac3e096afe1bf47d75521d318d3433760da3c8cf71790328e09f997128a4da7cefbaacc6c0882730df3e9650709c3fd48c1f6f4022697c0a92d6d0e8194555551c1048a712a04e3b152fbaa6d28cd1f50db9b3fcd3ba2dde58db62cff730e5a78af078be5711ad89b623e667e"}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "7188cee55bf88fc0349d4c4f8db5f115acd768588f510b81344f82d974615096157fbfac48f5b6689e36725a472d19d84bfde4275409a4b5dabf9089cfa661ec301376897da993a6ddb8f0694badb2c540e21ae2598efa50f807f2c1d9d6073a64a372e4e906a497562a9062bef213ac3cf2109f4a84f621e5c81cabe115cb8d00ccbf145f7f42077cdc08acc5537acb054e35c69544e3e1f231ddd6048e2dddfaa5a7e6b3733467f126a2992efddf427e9409e9740ea3266d7c69f8c9ddbfdab17948a29a61b4003aefb3591c72acc77071f98416b131b7499c4e244224e6bdea532dcf39d19862b2d40c5b77bc0aa08f5eb7977b9ab1a2e100511a1066eb191aa0c9bc5457379d68d566d94e45dd21f94fe34cbc5c559dd114b6ff0c276136b86c8cedead8bb1f03b167971bcb8a474a3e7c4fcf3e426facf1a65b32454df25ac7d7f6c8c953cff7f3e5c2f135642be929729bcb0b53e4f6a356656715673a0a8d31497de462fc46402272f3b8b970f6a266c45b879dca6dadb47c41f9d4634d768d743d5d0d176e12299ab0d9df475f965f82186bafaf62bf1ddb2d29cf36d943949d381315da1f5bf7a813a262dc5f55e521e95774eb45864f9fca5e5b07d718ca7cf453f9a6070deb4e5b1e8e9a415fa84e4a2b253cd53f2aeee67ebd88db322636c7237f40beb9f1850f06047c6ccb1374a68ef36c7a851844bb51f89698a7eee925859349b46c4df8e90b10b88523223dc948409da5729864220f3cd1231fe7a4f6e9c9641e666a0b50cd2ceba8e370709e3dd4668d2c7e86e7f767ca1486e05a345df56f6e200000d3e24dd8d8cce1b0912a08b94ede1019fdf360d5b3b80fcd935bcb888243f3e31a582a141272e5c19b8865964cc81a97d3434ecff0b54faeba11ef3c00df07fba95bd11f60329ee17ee113e8d7ff9cf94011c50f5ad51fdc2cab118c6853296988dfee1018f425ee2c33630ee1111dd17f1bdcc67fd139ce278eefcb16d6e80e92de0a98fae7b81500ea74de6e24b9cc6327ab8e67007308cd8d32a118deebf0416149c3d611f8bb7bab0471719c8ff6133ce3fe2113b2c7e7dbf6e4921c1e46429b94772ba19163f8c9ab01c51e6417d6a9e5c231cdc6bd9e7e497b8c58cbb5d6ced7ac421ca4fd5527a013006d8aac2f378a163fd5b2aa41369f863b9988f543f197f728cb1d5cf4e6ffd670bf3a1066bffb6779a2883607c9c8718fb4b85f5fda145a259605cb29e9f89d9d3842ff0b7c8ee3809e60d09a57a86947b36035635e8a990d6d041eedfd809c2ea63b3a40f64e2ce7382967aad1b00adbbcc28d2ea53caf39cc70eae87f900830beb8907ef01af99d493da2d28e2faa4f04841189388bd269e5959456c5585c79ca522a076641580f875bf5730e02e2f198be69a5436e0b24c6838b737c3c956036b91919119723066baf31cf908523cd6945a2987618425307359c1e5cc63c6ae2bce9a49da36b8ff61e86b6f16fb20eb16dbf3565432721d91b11e8c4ba1fbab647b2339457b2de69536c20d5675fccf2f39ab334b3f7e25249583934a2190c53dd44473c88309e17b543e1882fb442bdb8241c7777808a9cdf527f48666de32818db6e9bac377a0c3bfbb5f34d1703074393cc376836c6f10fff0d6ebd3596c63a482cca289f1feec7397be36cefbc2fa60e1d8ecf26f8c9e8ba91b38afee9ecd6bf808f7af06748990446b308134b23a1d3e8a9042c6c830bd92b38257b73699c5754d7087b88b8944fa64601593b81c6fc85d986a28bae69dad686f6d9e18d91ff7b6b53c8e044a3af378508a5e889a042f80821af172b59db64329f6735ea3ac4bd753d98148dd65d2a0e27dc1253f14ec7af369d53470b1f702ad0ddd7c87ed1e7e1f4aa2895e2e89e1b65d3fda6a689137d572dc4d724ce172446d9fb5ce807d69632d50b941a3134301935362b9a1fdfdbb4b3d2307aae0c8c8af5d2a7d58fcd023aa84e51597ed1c8c3f3c5afddefa94547ef541f0a902256074e858eb473cb574da70c789b5035acf5f9cf1ebc7e3ac4c1516b3c4abc207bb9ddaff7400ccd18f548c88100f08459241ab3a24b359a95eaa0876c14c3ed3f50a54b8e22ac4f778d84cacd54a530d4a26c2fd39effb6df7015e88cd7824c27e330ff77bb07f2d3056edbb41514ab8691d296a41bc0a4b81a8c94512f8b2fc78d3963a01a1f321201bff955ce2c6a93ddee6cb9fbc4fc4948a67da9212d23836aa1a6657df9b509074525af3c7e2d730dc2769532241455ec1970ac205565dbb0c60ab7bfbf9baba05d997308f45f9d48134240fe817defd986dd4130398dfa6c8418f2153fbd824743aaf0b6319f7b3f99a73f660af411295b826a6241428be77ea90d61118301f82658a78b2a6589b5d340782867a77e4f30fa55d1d485d8c6024cad6203bac3f4606921802b45502ffc9b671c5c84459980e4a8d47f38eac60742cb7dbad046cc64adc268cab73b5654ad8f22efe4b7ae5376d9cc6113ee0a38336a1ccacade7f9003b0c65365b9169f5fa585d895c1fafe37c36ea6c736857abe6c639b4f1fa882d52e56753e38dbd95c057303c9373f6e43052ffa648f0f50570811509b04c4d05e11f9c87325dda6226c6102d23cab92f38f891305244cef500894ad8f671dcd5d135b58da6e809950aaf9b7c8bd5bb889f24f6d27fe057efe7d04bcf6ba87ed13b39f5b47b5d67fd70a41ddeff3209a8bb50f275b7059166126104debe8bc52f16453005da75fe4245096758edb2fbcfe7c75a34fac62b12f297ffffeda545ac4148605059f0efc2de7cd41df6f76c790e4d08cb8cf4601a370f6ea5ebeede7d13d26a547fbdd8cb620bb270018352184b7538a20be89dbe26203ed46325fbacc112a020e09e7da56efe8568f8b30ebcd4e6de6ce1e96c5979fb253f18b0ac37f37b4f200eb50381d0aa2fe3039bf2fefeaf243b48fde26687eb2c37a56bb093b97aa5fce06fc3f23f608c72f0c1aad5d369345ef5655dc1dde7354d6d7aa864709a3349a96f6e3936bc83966aaf4b21e8c9e8b2068a7e43a6aca2ccac97d550d571fb90004ec7138fa4101053f60059735e0c2dfb2567de45403f7e6f7394549c8343d9a6933cfac944a24a3d8012cfe12bab8dc0e6e699ce31031212f39c8300771d44198bfa5f22eaafcefd860319cf54e1400712327ef43278bc426b321b747156f07f868ee41097aebfb881a7051347f68312e79879918323f28f83f8dc810e2b914d691ca540bc9aa6c956259109ee6b0dbd40b3487b8f3a31983ec990c4d7ab237fd1a322db3fb36998a0bee6b54b6ecddc7f393049ac47244fd9e6df257b4a97e0be48bb68a6d967b29a931e308f9be4ed83e2fa940c0d2a6af9c1d5e2489f8ff05f6b482a3b60816d0d5e14ab5af6b6a1f11b54ff70718580e2cc9e17401ddc3fb4203eaad6d93630938c05a3c52834910544479494add06ca10bf1790fd54e8bc5978e94657d533918a2dd4d2dc3961e75883d84142da8cc1a55f405a6a94265da7be14969bd8ef7ce7c2bb7f7498d24616be23f6eba1b777c674e53b5195c9d6f0fa313120167fe4c13ed6c76e71e0610fca14515766d3b7da0bd4a435dc1090139ed8308dc11a57b53d0a3eb332657687c1f3d30ac884c1f0276e96a4eb50e9d1391c55fad312904a7c7ddcd932817dffbda2249d5af58671dd2b92fafee8bb53a9b3c0c1c48b7a1e222445e1d46708e7c7edb978b4c8dae376430e0a07c736b3941f9196505dd79a696ccb0b571796cb8d5434f7a89320935519fea8b057ba582ebff2f53852173e1bb3d3b8b56ca122aa829c71e8e91f137458059c208a454f783a82117ae920786df5aad6edaa3d9977565d9a2eacde17d136780676cf57caecefa07aa8848073c4ebdee58afdcd42e129dec265a26cd1f51ada38759cbfb74fb864f8f0e1177c5daac5fe31482053d54f3429060db82a0a070a0409da1330bb5e5e76fb3fd5e4d91d8e5c11eb7ffab081e862aef05320e5457c12f5cb251c79f09ed0f9a0e5f28c1dbcaaa45d7311c17c43e1befac5b102c4934ce12bea6b40c71d0f99e20ff7c312abfb2b2d6243edc2e6ffe9bdca08e73307fef5abf9d23bd2b764e5492a33f3142abfe5dcd36a3b4d1234b0d34970a7b6e67d425431c8f8414f6b90329f0fffa9d0ea86774a4d5cc884643a35f0853072677d37c1512dd835ef32ec129351f77c51c3eaf9c975f8b8fb54b829863ed6917fa3d5f3a1f21b1a0d66b1fe82c06287e6e37195e10d1ae3f6b9d2b6b04a5539edbca9853fd02c8f9771266fdb2c2c326c5e8185f00431990241ffbaf1d793eea719e6eea1993d1ba7095d9797e5ffdde34366f1339709fca03803bce53424338723826f923d0e461cc1512bd816db64b914e53be1e33f70db4087706659d7c76e52747b4e6e42f39c5a60a3bb0488ca33042d423ab480921f84e351bd1acb6747880cbb41001b1d4fa71a4173071325e63a636c33bac50edd80e9a63a51a28ab8150fceae0c879047e647411ec6ee849019ffc054ef6b1cdfaa6117a47d3b91a3ced341cbf4011d8a49efb45413a975543ce43fa8181b92ada4fbc6f509950686598b20ac5d948a4f4bb28fc3efaba29cd6ba6cbe2e465012b6fad292d7d9602f963a2bee0fcd0cd82e0beaf5ccfe28f2a3294ba7e952c801805b46834f8531cf8de8c7d5683eb3aa7c2b20335fcd3ec495c4238718ef9bb6d6b63baf681b77e35913bebb1f86a97648bd842fa9200319112050b17467ed088263bdfcce30b59d2fb0a5f2319ba469cb219fedc4049dc6a09a94ce23bd771ca36819cdc50b92cf3ddf4173f513de081ac4b93597385ac458738bb6f182047ffe986d61594d8f38dc058889acab63dfd720cf99c66e5f355d7383e06f88cb7105e00cf3218b82d07244ea2c94b6882b798d700e678fe68ccffb3585b8b6e81c7307b9bd3c46b1734ae8dd11e3ead3f792ee25fae91dbfc66b355e8be7aba7be001ffc006aa69120df2bec34b77096bca3e89ae19181a94bb60e84794bd851711264fc6f253f66a629647a78801f42fbed92ee977bcbd6f4ba86b13cce213a0763a6b15e09f14ce19a886516a333fd0168d438fb11ef025b54eff4cbd6027c6249ff6ece85e30dc0c2976021dd04fe5f2ff23eea28009d131fb5a1a924ca9ee66886127680b2abb6ac8f3b2d0c3f6581793a00ffcca2eed6352e13d87cf2b3170cd6a9ed5acabf7e47c806c9c4379ec5d02970843dbe06a41e17e66cc81d86a466488729708eddb1a9d8c1f122622525d2a89b107bebbe87feb57f9fac26d60d0fca4a8bdacfd66e988b3c36a0d6058f36b57bc1d1622debd7b61b98d7f2c853e13928779c73d6d5d53ae46b1378f28d06413ec3efee37aa209f7fdb9fd34f401dba8d171c2324781ef7da797b68629a61c7b80f199b93a38a690c929313cde6f6b487f72c81523080db330fd0587085baf269a109ac8d239c0647945cf345b3fc3a6710d5721f989580dd0498e2dbab6e33f43acdaed5b0e90e3e4a73a5057eba75758e6f5acf2afce68a0ae8d7751a1188ba7243bf77417bd016541da7f53b37b4ea691b448648eaf3ea325e2668fcd49006530e5ee4d19f97797a30b24021298d263eb5f25c3655c30a18076c8652c505354b2d0e547e4c3ea7e5af997fc88eeb76601c0ebbfc663f2974b28b2ff1d1c800e1c335932fe224412eb8a4550427a417d40e609a09f0603fc7433bd19f74b0d2eee6fba93448591a53f3deeaf86d12355f4e71"}]}, 0x1314}, 0x1, 0x0, 0x0, 0x40840}, 0x20000044) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x9, 0x80000) ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000040)={0x0, 0x7ff, 0x4, 0x4, 0xfba, 0x1, 0x46, 0x4, 0x9, 0x30, 0x7fff}) 04:18:47 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x9) 04:18:47 executing program 5: socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:47 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 04:18:47 executing program 3: socket(0x12, 0x3, 0x0) socketpair(0x8, 0x3, 0x1f, &(0x7f0000000040)) 04:18:47 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}) fork() r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x16008000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, r0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x4b}}}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x46}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x60}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x349}]}, 0x38}, 0x1, 0x0, 0x0, 0x1000c015}, 0x4040044) 04:18:47 executing program 5: socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:47 executing program 0: r0 = socket(0x11, 0x80000, 0x8) setsockopt$inet6_dccp_buf(r0, 0x21, 0xe, &(0x7f0000000000)="7115ec47be65df661aba771770a5b6f3d4489bcc6d4e883bfe04f2b0e99c961bf9917fbdd5a71afa28ddea53ed0f6aa21a793354fe146386be69b6a0f310a90cf15a464f8ab1ad22582b22dfd8c1c3e7c36390a011c9e0e6ba871ba95d1070b0fb591d9fdb38dfbfc035db89b1fb435f8b361b1ea768ffb8567f2f116f1367784f3f52067bebf66d2ee2a552efd9d87bb6fed9c5010d886cb324141af8038eea42030be5f02a7a17a56666a23bc7", 0xae) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm_plock\x00', 0x4000, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r2, 0x4010ae74, &(0x7f0000000180)={0x1, 0x284, 0x7}) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x10280) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r3) getsockopt$inet6_dccp_buf(r3, 0x21, 0xd, &(0x7f00000000c0)=""/187, &(0x7f00000001c0)=0xbb) 04:18:47 executing program 2: r0 = socket(0x11, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) [ 619.933819] Bluetooth: hci0 command 0x0401 tx timeout 04:18:47 executing program 1: r0 = fork() tgkill(r0, r0, 0x40017) 04:18:47 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0x0, &(0x7f00000000c0)="bcc88cf56b2cb29ca64179fc2307a5008bb1d3b808dff68d48833e97996a731234c03cf400ed894fa0e993bbe180394f0c674a6b5471855d83ee3f4981d72c342276b60340442553673afa926f10da662469e02ad82bf3434ba501e851dd10b2b4e97dcc45846424ab3e304288557d2dd7406e29b8c37c33799e73d12f42a22aac2ee7dc131d28b1b2d659269f9a7786c6d19808d14b351cc261725059c744ec5b2d012570", 0xa5) 04:18:47 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x68937b53, 0x105400) getsockopt$PNPIPE_INITSTATE(r0, 0x113, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4) socket(0x3d, 0x3, 0x6) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 04:18:47 executing program 3: r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00', r1) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private2}]}, 0x34}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, r2, 0x2, 0x70bd2b, 0x80000000, {}, [@SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x1494157]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x8840) 04:18:47 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000080)='/dev/video#\x00', 0x4, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000100)={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "11a45d38"}, 0x0, 0x0, @fd}) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() 04:18:47 executing program 2: r0 = socket(0x11, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) 04:18:47 executing program 0: r0 = socket(0x11, 0x5, 0x6) setsockopt$inet6_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000000)="ed00cd3229d14269a6aeb6d636443f16294db7beb951ac8762589ecb029e0b2b12d8369450c29a08368a976df69395e636fe9d238642e2a5855919b9ae7c7571ee6b26a66484860456a945214b940d151b5fae11d0cbd6db2087cbdc83597ae5a408954acb0d36af07ba004f224def2b3faaff7f70ab8aa6236504ca7debe944ec1af38124defbae3a0cd9c2569d208fca2266b438e71099902ad4eae968d0ac92cc9ea9ab93e57776bf8b8566ef371568ce5b65db92eb1f5f20762a48cf", 0xbe) 04:18:47 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$inet6_dccp_buf(r0, 0x21, 0x0, 0x0, 0x0) 04:18:47 executing program 3: socket(0xa, 0x3, 0x0) 04:18:47 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() gettid() 04:18:47 executing program 2: r0 = socket(0x11, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) 04:18:47 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r0) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r1, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r2, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r2) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x20000401}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16f3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x4040010) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0)='NLBL_MGMT\x00', r4) sendmsg$NLBL_MGMT_C_REMOVEDEF(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, 0x0, 0x302, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast2}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000080}, 0x10000) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}, 0x1}) r5 = fork() tgkill(r5, r5, 0x1b) 04:18:47 executing program 0: r0 = socket(0x11, 0x3, 0x9) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000000)=0xa9, 0x4) 04:18:47 executing program 5: getpgrp(0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) accept4$x25(r0, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80800) socket(0x10, 0x3, 0x1) 04:18:47 executing program 2: r0 = socket(0x11, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) [ 620.253447] Bluetooth: hci3 command 0x0401 tx timeout 04:18:47 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="7472616e731c66642c7266646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c736d61636b66737472616e736d7574653d5d142923ea9becbe6fbdadb704c6704bea145f7e2a48f598f67116efd9dbe8dc12afea7b1cbfb27da7c8cf8612a5790af08f02b5ba0d0c8bc059096c634a6c24f500e3bd0c458bd15925db4ca575b18a0d530b8c726644e807e83f097ff7a56ae4d9e8b868e5115edf4ef9886f5c4e65759885c10f20318508eb4c4432c995f17ffaf0eb7535ddb641c97f84ff1ff6487c0524c9971cea22ae8365a6451a7581c3c124a267a4abfd645b2b9b0d2b456e5ddeb91b5de5454c9466977c1a004a7c5ddccb671da86459b12d72c29d02ae37baa5e335c7a3abdaaffe3f5be56ada14e10d2409d908529db2d82166bc6e2eb92f32589276543b62000000000000000000002c726f6f74636f6e746578743d756e636f6e66696e65645f752c736d61636b66736861743d7766646e6f2c7365636c6162656c2c646f6e745f61707072616973652c00"]) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) syz_open_dev$dri(&(0x7f00000003c0)='/dev/dri/card#\x00', 0x37, 0x40000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000000)=""/26) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/245) ioctl$sock_bt_hci(r0, 0x800448d3, &(0x7f0000000380)="6d5e5e40072d475e04a0b5be7b3cb89c7295e45359e6b5d0f3e17328f12babb505642534a44419917d") fork() 04:18:47 executing program 5: getpgrp(0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) accept4$x25(r0, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80800) socket(0x10, 0x3, 0x1) 04:18:47 executing program 3: socket(0x1, 0x5, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 04:18:47 executing program 0: socket(0x11, 0x3, 0x6) r0 = socket(0x2c, 0x3, 0x4) getsockopt$inet6_dccp_int(r0, 0x21, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) 04:18:47 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$peekuser(0x3, r0, 0x3) 04:18:47 executing program 2: write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:47 executing program 5: getpgrp(0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) accept4$x25(r0, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80800) socket(0x10, 0x3, 0x1) 04:18:47 executing program 2: write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:47 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@posixacl='posixacl'}, {@cachetag={'cachetag', 0x3d, ',.-,('}}, {@aname={'aname'}}, {@uname={'uname', 0x3d, 'tra\x9c\x16\xc2\x94d,'}}, {@cache_none='cache=none'}, {@access_client='access=client'}, {@access_user='access=user'}]}}) fork() 04:18:47 executing program 1: r0 = fork() r1 = getpid() sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x1) tgkill(r0, r0, 0x1b) 04:18:47 executing program 0: socket(0x11, 0x2, 0x6) 04:18:47 executing program 3: r0 = socket(0x11, 0x3, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r2, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r2) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r3, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'tunl0\x00'}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}]}], @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x40890}, 0x4040090) accept4$x25(r0, 0x0, &(0x7f0000000000), 0x800) 04:18:47 executing program 5: getpgrp(0xffffffffffffffff) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socket(0x10, 0x3, 0x1) 04:18:47 executing program 2: write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:47 executing program 0: socket(0x11, 0x4, 0x8) 04:18:47 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = getpid() getpgrp(r0) ioctl$KVM_SET_BOOT_CPU_ID(0xffffffffffffffff, 0xae78, &(0x7f0000000000)) 04:18:47 executing program 3: ioctl$USBDEVFS_CLAIM_PORT(0xffffffffffffffff, 0x80045518, &(0x7f0000000000)=0x7) ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514) socket(0x15, 0xa, 0x0) ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514) r0 = syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xfffffffffffff353, 0x143) r1 = socket(0x2, 0xa, 0xd87b) mmap$usbfs(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000000, 0x8010, r0, 0x70b) sendmsg$NL80211_CMD_NOTIFY_RADAR(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x48, 0x0, 0x200, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x31}}}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1671}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x99e}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2d}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4080}, 0x20044091) ioctl$USBDEVFS_RESET(r0, 0x5514) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000080)=@usbdevfs_connect) 04:18:47 executing program 1: r0 = fork() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x4) tgkill(r0, r0, 0x1b) 04:18:47 executing program 2: r0 = socket(0x0, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:47 executing program 0: r0 = socket(0x11, 0x3, 0x6) getsockopt$PNPIPE_INITSTATE(r0, 0x113, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20881441}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, 0x0, 0x2, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x6, 0x3b}}}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4800}, 0x8001) r4 = getpgrp(0xffffffffffffffff) r5 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r5) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00', r6) sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000001000000050005000058a8f77fbf8174930000000400040014000100fc02000000000000"], 0x34}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r5, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, r7, 0x42b7308655fe3c22, 0x70bd2b, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @loopback}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x40}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x40051}, 0x20000000) ptrace$peekuser(0x3, r4, 0x20) 04:18:47 executing program 5: getpgrp(0xffffffffffffffff) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) socket(0x10, 0x3, 0x1) 04:18:48 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = userfaultfd(0x800) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x2}) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000000)={0x1, @pix={0x8, 0x30000, 0x59565955, 0x8, 0x3, 0x4, 0xc, 0x1, 0x0, 0x0, 0x0, 0x6}}) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000100)={0x1, 0xbf3, "78aa6f", 0x4, 0x70}) [ 620.721145] syz-executor.3 uses obsolete (PF_INET,SOCK_PACKET) 04:18:48 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = getpgrp(r0) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x9) 04:18:48 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r0, 0xc0086421, &(0x7f0000000080)={r1}) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB='$\x00']) r2 = fork() r3 = getpid() getpgrp(r3) sched_setaffinity(r2, 0x8, &(0x7f0000000100)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x7fff) 04:18:48 executing program 2: r0 = socket(0x0, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) [ 620.788367] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 04:18:48 executing program 5: getpgrp(0xffffffffffffffff) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socket(0x10, 0x3, 0x1) 04:18:48 executing program 3: socket(0x11, 0x3, 0x0) socketpair(0xb, 0x6, 0x1, &(0x7f0000000000)) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000040)=0xfffffffd) socket(0xb, 0x5, 0x6) socketpair(0xa, 0x5, 0x10001, &(0x7f0000000080)) ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r0, 0x7aa, &(0x7f00000000c0)={{@hyper, 0xffff8001}, 0x7, 0x1}) [ 620.848121] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 04:18:48 executing program 2: r0 = socket(0x0, 0x3, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:48 executing program 0: socket(0x11, 0x3, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04012d001000000000000000000008000300f138bfd3fcd1f5ce4f22b31d1dc3c89c069fec5a0fdd9ad473a216bc6ed819cf111a17bab51fa6904601370ed5accfbd55446cfd7765f9e3a914cf", @ANYRES32=0x0, @ANYBLOB="0a00060008021100000100000a00060008021100000100000a0006000802110000010000"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x200000d3) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0)='nl80211\x00', r2) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r4) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000700)='SEG6\x00', r0) sendmsg$SEG6_CMD_SET_TUNSRC(r4, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r5, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040040}, 0x44000001) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r7) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00', r7) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="080147009633c346644e99ce2563edb8a8aeddba7dd1bd4af5a4321a88fa91c88d8e2bcafe7e50aba1f22eb26729d2b567c86c5d513bc094fd592f45478fb197ff35205408cf6f", @ANYRES16=r1, @ANYBLOB="10002abd7000fcdbdf25370000000c009900ff070000390000000800a100040000000800a00001800000050018012c000000080022013e0200000500190108000000050019010d0000000800a000080000000800a000090000000800a0007ba000000800570004000000080057000700000008005700ff0700000800270000000000080057008e000000080222015903000008002704030000000800a0000b8500000800a0000000f8070800270000000000050018011ed235540500190104000000080026000500000008002700030000000800a10000000100080027000300000008002201ed01000005001801020000000800220167020000"], 0x100}, 0x1, 0x0, 0x0, 0x50}, 0x2) r8 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r8, &(0x7f0000000680)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)={0x15c, r3, 0x8, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x400, 0x13}}}}, [@NL80211_ATTR_MESH_ID={0xffffffffffffff1a}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "f4792ac9a86926a3870f26561bb54dcde8e5b48f66854d34"}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}], @NL80211_ATTR_IFTYPE={0x8}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "7387576a266f877dfe74f055bf524abb2d0e1bd2b6821b61"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "357734d1206b834d111678fb46bb25443987bc2cd776ff32"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "577ed9e03ae20bd3e41153e6f583cf8a13bd51b66897bbe3"}, @NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0x0, 0xe8, @broadcast}], @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x15c}, 0x1, 0x0, 0x0, 0x80}, 0x20048814) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r8) recvfrom$phonet(r8, &(0x7f0000000300)=""/45, 0x2d, 0x2040, 0x0, 0x0) 04:18:48 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = gettid() getpgrp(r1) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x1) 04:18:48 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() ioctl$KVM_ASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x8040ae69, &(0x7f0000000000)={0x7, 0x1, 0x1f, 0x2, 0x5}) 04:18:48 executing program 3: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x80000, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x7, 0x80) ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f00000000c0)={0x1, @pix_mp={0x4, 0xff, 0x41416770, 0x6, 0x7, [{0x8, 0x5}, {0xab9, 0x6}, {0x1, 0x8}, {0x8, 0xab}, {0x0, 0x3f}, {0x1f, 0x1}, {0xeef, 0x7}, {0x7, 0x179}], 0x3, 0x3f, 0x3, 0x0, 0x5}}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0x20, 0x200}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$vim2m_VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000280)={0x1, @pix={0x3ff, 0x3, 0x302c457a, 0x1, 0x19, 0x8001, 0x8, 0x2, 0x1, 0x7, 0x2, 0x7}}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x181480, 0x0) r5 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@fscache='fscache'}, {@version_L='version=9p2000.L'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_INTERFACE(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x30a, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x4001) sendmsg$NL80211_CMD_RADAR_DETECT(r4, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x81, 0x42}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x200}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044080}, 0x4010) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x48, r3, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x40081) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000200)={0x7f, 0x2, 0x4, 0x20, 0x0, {r7, r8/1000+60000}, {0x7, 0x2, 0x0, 0x1, 0x27, 0x59, "6c99c18b"}, 0x9, 0x1, @planes=&(0x7f0000000500)={0x7, 0x7fff, @userptr=0x8, 0x8c}, 0x101}) syz_init_net_socket$x25(0x9, 0x5, 0x0) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r2, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x80, r9, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x3, 0x63}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x3a}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x8001, 0x25}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x7f}, @NL80211_ATTR_MESH_CONFIG={0x44, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_RANN_INTERVAL={0x6, 0x10, 0x6}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x3}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x76}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0xac}, @NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0x75}, @NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x1ff}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0xa}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) socket(0x11, 0x3, 0x0) 04:18:48 executing program 5: getpgrp(0xffffffffffffffff) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) socket(0x10, 0x3, 0x1) 04:18:48 executing program 0: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x604381, 0x0) ioctl$USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000040)=0x4) socket(0x11, 0x3, 0x6) ioctl$USBDEVFS_RELEASEINTERFACE(r0, 0x80045510, &(0x7f0000000140)=0x6) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x10200, 0x0) ioctl$USBDEVFS_RELEASEINTERFACE(r1, 0x80045510, &(0x7f00000000c0)=0xc290) 04:18:48 executing program 2: r0 = socket(0x11, 0x0, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:48 executing program 5: getpgrp(0xffffffffffffffff) socket(0x10, 0x3, 0x1) 04:18:48 executing program 3: ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000000)={0x0, @pix={0x1ff, 0x8, 0x31364d4e, 0x8, 0x7, 0x40, 0xa, 0x6, 0x0, 0x8, 0x0, 0x2}}) socket(0x22, 0x3, 0x0) 04:18:48 executing program 2: r0 = socket(0x11, 0x0, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:48 executing program 0: socket(0x11, 0x3, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="2d010000", @ANYRES16=0x0, @ANYBLOB="000829bd7000fedbdf252d0000000c0099001f00000050000000380045000e3ee622b62d9de522a5a6485f4c67a3a353d0793cdc4cb97c033b233c34192998e3987996da0a905815596118df44d1d2dc712c160045001d2ad4969b1ff2af41ce7d07ba12ad2073a00000da004500f9bd9844c1525a2c16311d334dc868e98ca94dc28ca3580d47229ffb4b897d5ad749dff57b224d856707860aa1202e041e8001a9544651ebf79bd76cdd241338de9dd81a9e521fc11a0133e50e543532a6c02c4a67833056bbc3fbeea3502ad9d08cd14c01b24d8130ffa371abe3fedd2dd36b68f5af666deb94b1b98c3f7962ee96bdc5fe8e4e86c5d75e28416a5447fef7951596de3835d2aeb8cffdd67b7bd875106597887b3b60efc30815fe96a4c2aa4df6f8ce6e1554a74f6156df22a0de08dad54b5db937e1b5c7ecab8c77171ba7981f44f0000065004500cc2cc90c446e4b95a6e68d60c3eee898d053c5dc05cda5904cc2d123d57d4e0ed5e6a9f14b72eb8e3637a5113954b7fed7d137a295bb62ddde116165648a167acf902eb24dd96ed4b2a3a92c85ad7dce08e10089f71699b964624108e726369fa7000000"], 0x1b4}, 0x1, 0x0, 0x0, 0x8010}, 0x4000000) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) getsockopt$inet6_dccp_int(r1, 0x21, 0x5, &(0x7f0000000200), &(0x7f00000002c0)=0x4) 04:18:48 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000000)={0x0, 0x4}) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[]) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) fork() 04:18:48 executing program 1: r0 = fork() ptrace$peekuser(0x3, r0, 0x8) gettid() tgkill(r0, r0, 0x1b) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000000000)={0x401, 0x10000, 0x80000000, 0x5, 0x8000006}) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x40000, 0x0) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000000080)) 04:18:48 executing program 5: socket(0x10, 0x3, 0x1) 04:18:48 executing program 3: socketpair(0x6, 0x2, 0x1000, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="f4ff000012b42f0b67a9f49b1ee323164223984ed6db3c90e4cf13e88a76d4fdb0e5f70074918627002b2834f137bed5bbffc04d79857727584f64ad1283a22ab8f444d73d2d6e22e398fe531c253c8433a264423634fecaf4f2e83f7a815a6351b826eac168fca49a94fcc7cf02cc1cf44fb6594e2dd46e78f382b63c1f0d456a34b56207adf28a21ce4ed58fce6e5e9cb94b10681285d47f1f2360e1d4657d3f9564d939cb31e2e4ba062b0ab9b61d6a77a27471e24c50cb9afcda5113bbd127736072664790d867a7feca49ea3a8a3d89d812ab419b5d99e7a7826b5a66e67a9a254f3ca2cfdf146dcecd7568663de5261db87872efa9757ef6678a36eeb08ac1863aacdd8a2b82ca05df327826f34c944f2e9e4fa9c1c649bf", @ANYRES16=r1, @ANYBLOB="000226bd7000fddbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40000) r2 = socket(0x11, 0x3, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180)='nl80211\x00', r2) setsockopt$bt_hci_HCI_FILTER(r2, 0x0, 0x2, &(0x7f00000004c0)={0x7f, [0x8]}, 0x10) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000400)={0x4c, r3, 0x200, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x25}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x4c}, 0x1, 0x0, 0x0, 0x60}, 0x804) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ubi_ctrl\x00', 0x102, 0x0) mmap$usbfs(&(0x7f0000fee000/0x11000)=nil, 0x11000, 0x2000001, 0x11, r4, 0x6) r5 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) getsockopt$inet6_dccp_buf(r5, 0x21, 0x0, &(0x7f00000001c0)=""/37, &(0x7f0000000480)=0x25) 04:18:48 executing program 2: r0 = socket(0x11, 0x0, 0x0) write$bt_hci(r0, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:48 executing program 5: socket(0x0, 0x3, 0x1) 04:18:48 executing program 0: socket(0x11, 0x3, 0x6) ioctl$KVM_GET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, &(0x7f0000000000)={0x0, 0x0, @ioapic}) ioctl$KVM_SET_BOOT_CPU_ID(0xffffffffffffffff, 0xae78, &(0x7f0000000240)) 04:18:48 executing program 2: socket(0x11, 0x3, 0x0) write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:48 executing program 3: socketpair(0x21, 0x3, 0x2659, &(0x7f0000000140)={0xffffffffffffffff}) ioctl$SIOCX25SSUBSCRIP(r0, 0x89e1, &(0x7f0000000180)={'xfrm0\x00', 0x3, 0xfff}) socket(0x11, 0x3, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f0000000000)="2dd77f9934ee4f9b22a11806b508c28a590fb6b462af7756d082a02226e14c1f2f8b1c3c34fc103927152c46d90db83e50b9b9432211aef635ac2d341016e9f3757132a34a14522590f94ec531a82ba55b94785d921d5046feddf6502719b7c4ab8a6e2a3ed54864c3dfa6edb694b732020e213b4c196c430241ead66ddbd239197a61f81d6ec245e6f9bfee43cb0318f72f3e7b059bf51c42b52dafe5ba0b705629a9ba03888371215899d0a37435b6217b7cf172ad0584a52e26e177dfdb7c70a3cae2fd757b450dcaebdac57855d3e682aa22cde9011b12cf8f8d069fe25b542453395a9bb9de91e4c779b94532"}, 0x20) 04:18:48 executing program 5: socket(0x0, 0x3, 0x1) 04:18:48 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3ff, 0x10800) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_ext={0x1c, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000a00000000000000003000000950000000000000050bb4e9c134f63b969aa472e5b3c87eb637f17a87edb3c91f51be4a6d2b8da5a9b725307691b5cf8cbd07e8ec1230e9379c873cb186afa06998d5bf451b5435031be4a4641fa7b21602f5db7f02939eae5d348e075e10e55487abd33d3e5d8c8ac3dbe11ff8ae9d1f6ce646521651db18711d06d404e778e8d0fec9209b5c83b027dfb675840ce8d85d17e137068932d741fe613a5ef2d5236b277da9a3c0a588e34403a79313b02207b15da7fb52b04bb085346020a717d871e4555e066920e5efdd56759339271f93c44496014164a0c5d1ef5535f84358bfe02e2e91ff78f6cf55532"], &(0x7f0000000040)='GPL\x00', 0xfa, 0xc5, &(0x7f0000000100)=""/197, 0x41100, 0x13, [], 0x0, 0x0, r0, 0x8, &(0x7f0000000200)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0xc, 0x8, 0x1}, 0x10, 0x24ced}, 0x78) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc) 04:18:48 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:48 executing program 2: socket(0x11, 0x3, 0x0) write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:48 executing program 3: r0 = socket(0x9dd8f630e5977386, 0x3, 0xfffffffe) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="30010000", @ANYRES16=0x0, @ANYBLOB="00fe2abd700000db1d69b76e838cf6e9417a0094", @ANYRES32=0x0, @ANYBLOB="0c0103809800008092000100f9d3dbaf55abe81affc824b5798ccb86e1959f8994fb8b9c0654d55be8d5af487e235aae504fc238b9a23a8eedf02a0fd37cb6bd1ee0194a92b8efd0e98f24a82f26ec6b6b95c7abc674719f96c225163be4867300fd6c496ae579164228d5aa2be7eff2d8034fe19d4f511856e29d3baf422d336b7effd95559b6093ca8585795ceb3cae911ad0dc4231964adcc00004c00008047000100d910e239753d78e7a3eead055e85e56190b3db367a20afd9618746e8b7583418ec685501871d6da3bb62ba2455cd74f7189e7527f1471a248107c3c7c73ed09969cb6c002400008020000200a1f471d70e6503aed04d7a1e4f3213ff3c279ad979ecb615823c30c90800020001000000"], 0x130}, 0x1, 0x0, 0x0, 0x4000}, 0x4004800) 04:18:48 executing program 5: socket(0x0, 0x3, 0x1) 04:18:48 executing program 0: socket(0x11, 0xa, 0x9) 04:18:48 executing program 2: socket(0x11, 0x3, 0x0) write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@fixed={[], 0x11}, "4a2890437669ec1ecd03c48746787f65", "03aa151e385b8b2987db04e5f17d676c"}}}, 0x2a) 04:18:48 executing program 0: socket(0x11, 0x3, 0x6) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400000, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) 04:18:48 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() getpid() 04:18:48 executing program 1: recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x10061, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) r0 = fork() tgkill(r0, r0, 0x3e) 04:18:48 executing program 3: r0 = socket(0x2c, 0x3, 0x0) socket(0x25, 0x100000, 0x9) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x80000, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000480)={0x2, 0x0, [{0x8, 0x2, 0x0, 0x0, @irqchip={0x7, 0xff}}, {0xfffffff9, 0x1, 0x0, 0x0, @sint={0x8, 0x8}}]}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00', r0) r3 = syz_open_dev$mouse(&(0x7f0000000500)='/dev/input/mouse#\x00', 0x2000000, 0x200) ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) sendmsg$NL80211_CMD_TESTMODE(r1, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000400)={&(0x7f00000000c0)={0x334, r2, 0x300, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TESTDATA={0x34, 0x45, "5f62874441e5dc7a68007a8a74fbd03b9c17e8f2d4641e2023bbda8b644ec29e1ed9d8131759b399231d41544891eabf"}, @NL80211_ATTR_TESTDATA={0x32, 0x45, "1c235f7964bd1944945cda7714c5f4a521f940459c3a4bc33510bf496367233e7b59d49f3cd90e60c4a16d8ede6e"}, @NL80211_ATTR_TESTDATA={0xb8, 0x45, "1eda367726b5c5c3ca8328e777a2fcf05e13341aa43724be3a79b950cdbd6ff143cdbf63579e8cbe0df6f3995f39e670e2755e3c0b0d59eac87fd0d749fcc8519daadbb3eac8de6d991dafef48ea5a49174dd8ec2833805c940840bba829e44a2edbfec1e768bea4288687c58be01a28364827c5f230b34da6607ffc05c635b35a5a3f4ee0ad037b2fdc7a6f05e4b14a6fd4a207dec8007e48c187e4b01992514a182bbc06b0f4837bebf20d59fdc189291e156a"}, @NL80211_ATTR_TESTDATA={0x62, 0x45, "304c4cc20fd1c039114aaf5351fa105234c73314216905f9ad7ca9d72726ab061b77d1d8851a9eb98b8d3badfb509f050d0fc9a200030c63781b5d9fdc2c78e4e8420b739441bcddce7f38d307703dafbc4ec02d867ab35a01d1509fa17c"}, @NL80211_ATTR_TESTDATA={0xa2, 0x45, "423884d96772192948f233ddbac3d400992ef7c7a9ba6ad530e91950fcb32409b6182d9bb6b6e320188b7d73231d70d8eb342b8c115e05ba22d25bec19e1e2b5e40433a9de30e7bcdf0b32f19c6e31c69202b3e64a824dde52ff1e351a3bca662305f278c898188823d836a8fa3346330a313ebe82cf72aa0c923d2df955f7d24541047be48af6826c38d57446089ad35b03e47639e8b53568db747e51bb"}, @NL80211_ATTR_TESTDATA={0xf5, 0x45, "a4fbb4a8d695bc258d4c57182d77380bc9ddb0dc31151e9ebaddc93b56c2a08fd89c27ce69e072e75ddd745470d45b49122fbd9b0f8294e0eae98932a37b8e815f4857f9b6c51e4d4807622e2f6fcc212b911d57acdf8355096fe8e34ac7cffcecec90224a207ae37bdc7c1018a6f69d1efccff4a15cb82882dbbc14463668428bdfcb2a1f94503c8e770cf9a9f2f23cfc7a5851aff7fa51150070d78c090e62043713ca7eed5684d49084dfa5431868c482680b7a1a84ec42692ba0b8d5d0734aa220da9c60f611ce7a75b1d6067a51b4d3a57272ec58077f43300e85a7dc1a716c985117a5b0ed1d423f511b5d8fdd67"}]}, 0x334}, 0x1, 0x0, 0x0, 0x1}, 0x840) 04:18:48 executing program 5: socket(0x10, 0x0, 0x1) 04:18:48 executing program 2: r0 = socket(0x11, 0x3, 0x0) write$bt_hci(r0, 0x0, 0x0) 04:18:48 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000000000000000000800400000000000000000000000300000000000000750000000000000004000000000000000200000004000000040000000200000000000000000000001f00000000000300810000000000000007000000000000000000000002000000"]) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x20b00, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00', r0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r2, 0x10, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x47}, @val={0x8}, @val={0xc, 0x99, {0x9b0c, 0x19}}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x85}, 0x4000000) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x4) socket(0x11, 0x3, 0x6) 04:18:48 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) ioctl$USBDEVFS_RESET(r0, 0x5514) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) getsockopt$inet6_dccp_int(r0, 0x21, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) 04:18:48 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x8000, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}}) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x7, &(0x7f0000000240)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xffffb8e4, 0x0, 0x0, 0x0, 0x6}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @ldst={0x3, 0x0, 0x2, 0xb, 0x1, 0xfffffffffffffff0, 0x10}, @ldst={0x1, 0x3, 0x2, 0xb, 0x3, 0xfffffffffffffff8, 0x1}, @map_val={0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x3ff}], &(0x7f0000000500)='syzkaller\x00', 0x383d, 0x0, 0x0, 0x40f00, 0x0, [], 0x0, 0x1b, r0, 0x8, &(0x7f0000000280)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0xb, 0x0, 0x9b7}, 0x10}, 0x78) getpgid(0x0) fork() ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x58, 0x0, 0x8, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x80000001, 0x44}}}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xb}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16e4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f0000000140)={0x0, 0x1, &(0x7f0000000000)=[0x9], &(0x7f0000000040)=[0xfff, 0x8a6], 0x34, 0x6, 0x1f, &(0x7f0000000080)=[0x10001, 0x5, 0xff, 0x634, 0x10000, 0x1b], &(0x7f0000000100)=[0x1, 0x9]}) 04:18:48 executing program 2: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() getpid() 04:18:48 executing program 5: socket(0x10, 0x0, 0x1) 04:18:49 executing program 1: prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0xc) syz_usbip_server_init(0x4) r0 = fork() tgkill(r0, r0, 0x1b) r1 = gettid() getpgrp(r1) accept4$x25(0xffffffffffffffff, &(0x7f0000000080)={0x9, @remote}, &(0x7f0000000040)=0x12, 0x0) 04:18:49 executing program 3: mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='9p\x00', 0x2082000, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',nodevmap,dfltuid=', @ANYRESHEX, @ANYBLOB="2c76657273696f6e3d3970323030302c646669643db18a93d8e6edf1db2a044503aa7cb9c3f545caaa52ec5047bee9099f2723f48345ced472e8ae86ef1fbebee0d5ca000000", @ANYRESHEX=0x0, @ANYBLOB=',afid=0x0000000000000008,cache=fscache,version=9p2000,measure,\x00']) socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100000000, 0x50000) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@null=' \x00', 0xf, 'gre0\x00'}) socketpair(0x23, 0x6, 0x7fffffff, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$x25(r1, &(0x7f0000000200)=""/240, 0xf0, 0x1121, &(0x7f0000000080)={0x9, @null=' \x00'}, 0x12) 04:18:49 executing program 0: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r0) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000240)=ANY=[@ANYBLOB="780100005efb14b5bd414fb50b2d4c0935b6df33d87b766a9418855090732568a6766981129261bb4dee18b993da85", @ANYRES16=r1, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="568ef33b2c815b0a076f3885549c7f350b5100f67894a329d74ed9455fb6808a3767432ace0b3d00008000"/67, @ANYRES16=r1, @ANYBLOB="100026bd7000fcdbdf255e0000000c0099000300000046000000080122017b03000008002600f8ae000048ece0d955f804941225e4301bffff607b79b315abc68d02c89244470f419fedf250f5444fda0e99634225"], 0x30}}, 0x8000) socket(0x1d, 0x3, 0x6) 04:18:49 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x7}, @void, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4040) fork() 04:18:49 executing program 5: socket(0x10, 0x0, 0x1) 04:18:49 executing program 2: recvfrom$x25(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x10061, &(0x7f0000000040)={0x9, @null=' \x00'}, 0x12) r0 = fork() tgkill(r0, r0, 0x3e) 04:18:49 executing program 5: socket(0x10, 0x3, 0x0) [ 621.897125] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 621.902983] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) 04:18:49 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x44c101, 0x0) sendmsg$NL80211_CMD_PROBE_CLIENT(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x20, r1, 0x100, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x1) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, 0xffffffffffffffff, 0x16}, 0x10) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() [ 621.960257] can: request_module (can-proto-6) failed. 04:18:49 executing program 0: r0 = socket(0x1b, 0x3, 0x7) socketpair(0xa, 0x4, 0xea, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00', r1) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100627bd7000fcdbdf250800000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099001000000030000000bbd5d33f04e4f7180de21393f99c58c8907f0aa9"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) 04:18:49 executing program 3: r0 = socket(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="041e28bd7000f0dbdf2508000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0xc) 04:18:49 executing program 5: socket(0x10, 0x3, 0x0) [ 622.013662] Bluetooth: hci0 command 0x0401 tx timeout 04:18:49 executing program 2: socket(0x10, 0x3, 0x0) [ 622.034068] vhci_hcd: connection closed [ 622.034248] vhci_hcd: stop threads [ 622.041770] vhci_hcd: release socket [ 622.074400] vhci_hcd: disconnect device [ 622.333310] Bluetooth: hci3 command 0x0401 tx timeout 04:18:49 executing program 1: ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000000)={0x4, 0x4, 0x380d, 0x4, 0x81, 0x14, 0x11, "4081ef4b3e0a40248e33089b1e32e23531db1f81", "a4e212cdd235495693b2eda7935ed1dc71f0213b"}) r0 = fork() tgkill(r0, r0, 0x1b) 04:18:49 executing program 5: socket(0x10, 0x3, 0x0) 04:18:49 executing program 3: r0 = socket(0x27, 0x800, 0x0) ioctl$sock_bt_hci(r0, 0x400448c9, &(0x7f0000000000)="5c5c772c8e94ee6192b9a1085979ce02e8cd8d67624debb41bffcec3f5b399fda368bb3846833c89418b7adfe63c0ebc7c9c194b486b6ce4771b1719fe81d0262b51cf9fee2177132bf7fa426ea675c847fccce8e5d1247de804fa09ab2181314d452e3cd8489715f83efdf539598f7204af88c2262a257ed4311a4778665994995320e9041ef51a7f076da137ad3d24e330b3e06159dbd57a40d438eb86d506283be7795604af802ce64811983ac3412011") 04:18:49 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x200004, &(0x7f0000000000)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r0}}) fork() 04:18:49 executing program 2: socket(0x10, 0x3, 0x0) 04:18:49 executing program 0: r0 = socket(0x21, 0x3, 0x80000006) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) 04:18:49 executing program 0: r0 = socket(0x11, 0x3, 0x6) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000000)=0xfffffff8) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xe0e00008}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0xffffff99}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x800}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x1) setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f0000000140), 0x4) 04:18:49 executing program 3: sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f0000000a00)={0x304, 0x0, 0x700, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x24, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="fc9a56c399881ba4a3cb3d6599cb23fc"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "ac5c33595692ee61"}]}, @NL80211_ATTR_REKEY_DATA={0xac, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x9}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="69fd5cd20f6300d8e21b89b38bf2fa011925c1e1bed302ab"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x6}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f696418061b0b727"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="2720d13049f5527d89db0ecc885b2f03"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="d6803af79547eb26ce161cc917b46816b669440c7146c946601c988a09ad1037"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="7800daea126a19d11414c3f6285599948816b6d09211c83926735367b34363f0"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x20}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "12740f1edc62260b"}]}, @NL80211_ATTR_REKEY_DATA={0x58, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x4}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="a590038fea06aaa0c568ec72af1ff585"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="12cf9ff0c480ff7c116156a43c6eccac71797d4506d11e6c4f1814a378685339"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="23651b531ae4c7b5950f727b6a34d6dd"}]}, @NL80211_ATTR_REKEY_DATA={0x40, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "72d050eca1bd4b61"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x9}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "02671ad9f67a089e"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="dc194d1b2744b4c638663cbf8108122048e8ea2bd64b9811"}]}, @NL80211_ATTR_REKEY_DATA={0x6c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="aacf3640c6c87eab8beb2deaf8c19ef0"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="ffc0a9b7c9880c52bcf245886953ac32"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="aca028c1278fa3ba9a3205cd1e21cd39"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xff}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="6a7d06b96fa1593ff29c69d792cd6b03e06c063d00213b07"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x6}]}, @NL80211_ATTR_REKEY_DATA={0x3c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6fc156fc6212a39a"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x6}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="09d2df7f8faed98de3273408b7ab166925b3acc78adb0e3517352c2a0f1ae2a9"}]}, @NL80211_ATTR_REKEY_DATA={0x68, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xfc4}, @NL80211_REKEY_DATA_AKM={0x8}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="f10a6b0abc886c63fa2b964b1ec495394c2282e1f53bd29c"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="a01204a1388ebc50dca31274d4e9c2e9"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="72561861d40f0b2fc1d7c927e17be712"}]}, @NL80211_ATTR_REKEY_DATA={0x78, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "0dec2da3ba885482"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="48219736d53550bea9ce9764d0a21bf3"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="1c8d1d0e4a96fed140cc877b42ab9e8017a4632e9399b5c31e027193bc46049a"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "886c5c10e808fa87"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="77a1f0f6ddbce01e69046b1ddc3d0fec9b265e681ae26a24fd11ae8926acca43"}]}]}, 0x304}, 0x1, 0x0, 0x0, 0x44}, 0xc0c1) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r0) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000200)=ANY=[@ANYBLOB="78010000", @ANYRES16=r1, @ANYBLOB="02002cbd7000fbdbdf252d0000000c00990002000000060000008f004500cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc059b1ff5357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1008b004500656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465003c0045001f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdfd7e0141bffebc546ef8591fa75ddaf778e464ed0916aaa97d7621535482c2af8e4d76e95193ea3a3a8afb35fc0f2e4bb4ce679f189829ef31be9e7e3d165d565b654a8376be70003740136790be276e117a6af7391d380259659541faa8e0be3e948b680e61577603d96c6"], 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032dbd7000fedbdf255100000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900ff070000790000000a000600080211000001000005008a000300000005008a00000000000a0006000802110000000000532a0f778290b3fa32204f511a52ff27862a4d2c824ba2ad070a0ed3674d2d39ff02ec4a0461955a7e043a53fb59b4978aa29ecd65497756200a", @ANYRESDEC], 0x50}, 0x1, 0x0, 0x0, 0x8041}, 0x4c010) socket(0x26, 0x3, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xfe9e, 0x400800) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @mcast2}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x480c1}, 0x10) [ 622.529074] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(3) [ 622.534915] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 622.546609] vhci_hcd: connection closed [ 622.546806] vhci_hcd: stop threads [ 622.554604] vhci_hcd: release socket [ 622.558453] vhci_hcd: disconnect device 04:18:49 executing program 2: socket(0x10, 0x3, 0x0) 04:18:49 executing program 5: prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0xc) syz_usbip_server_init(0x4) r0 = fork() tgkill(r0, r0, 0x1b) r1 = gettid() getpgrp(r1) accept4$x25(0xffffffffffffffff, &(0x7f0000000080)={0x9, @remote}, &(0x7f0000000040)=0x12, 0x0) 04:18:49 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000040)=0x10001, 0x4) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000000)={0x1, 0x2, "960378", 0x81, 0x44}) fork() 04:18:49 executing program 3: socket(0x1e, 0x3, 0x5) 04:18:49 executing program 1: r0 = fork() bind$can_raw(0xffffffffffffffff, 0x0, 0x0) tgkill(r0, r0, 0x1b) 04:18:49 executing program 2: socket(0x0, 0x3, 0x0) 04:18:50 executing program 3: ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000200)={@null=' \x00', 0xc, 'ip6erspan0\x00'}) socket(0x9, 0x1, 0xfffffffc) r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x1e, 0x181680) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={@remote={[], 0x1}, 0x6, 'syz_tun\x00'}) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x101, 0x501000) mmap$usbfs(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000002, 0x20010, r1, 0xffffffffffffc2b3) 04:18:50 executing program 0: setitimer(0x0, &(0x7f0000000000), &(0x7f0000000080)) setitimer(0x0, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, &(0x7f00000000c0)) getitimer(0x3, &(0x7f0000000200)) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0x1, 0x2}, 0x6) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x10002, 0x0, 0x4, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) accept4$x25(r2, &(0x7f0000000140), &(0x7f0000000180)=0x12, 0x80000) getpgid(0xffffffffffffffff) 04:18:50 executing program 2: socket(0x0, 0x3, 0x0) 04:18:50 executing program 1: fork() fork() r0 = getpid() tgkill(0x0, r0, 0x0) tgkill(0x0, r0, 0x8000001b) [ 622.761937] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 622.767791] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) 04:18:50 executing program 3: ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000000c0)={0x3, @raw_data="d706a0dda696ce9ffcd6856427458eb3419493f7b1cc36eaefeaa9104e876139fcf0b3313fb6436f5693ad14428a13f0a57d73fe6f67180b322d15ae36ab0508ec18dfeb9e2aa32e698b8fa5a72c763a45f06bedbd7483cf34b97c4ecb6b7f9709c1d7d9ad2c1544db5d2dee231807279423791a082d48b688f6d4957fd79d7dec7644eadd4625fa3a036c8f0dbd0eb4ff7eed751e089a42c3b6106722f21ba3d4cf35200fb6710178f98782bb23d065b352647e6c10fd84bd4afb0a3686256c071a1d59424e2b93"}) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x7, 0x0}, 0x8) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0], 0x1}) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080)=r0, 0x4) r1 = socket(0x26, 0xa, 0x0) bind$can_raw(r1, &(0x7f0000000000), 0x10) 04:18:50 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) mount$9p_fd(0x0, 0x0, 0x0, 0x200000, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@privport='privport'}, {@cache_mmap='cache=mmap'}, {@debug={'debug', 0x3d, 0xfffffffffffffffb}}]}}) fork() 04:18:50 executing program 2: socket(0x0, 0x3, 0x0) [ 622.931482] vhci_hcd: connection closed [ 622.931640] vhci_hcd: stop threads [ 622.966749] vhci_hcd: release socket [ 622.990605] vhci_hcd: disconnect device 04:18:50 executing program 5: prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0xc) syz_usbip_server_init(0x4) r0 = fork() tgkill(r0, r0, 0x1b) r1 = gettid() getpgrp(r1) accept4$x25(0xffffffffffffffff, &(0x7f0000000080)={0x9, @remote}, &(0x7f0000000040)=0x12, 0x0) 04:18:50 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) socket(0x3, 0x6, 0x6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x2, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x280101, 0x0) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0x0, 0x1}, 0x6) 04:18:50 executing program 3: r0 = socket(0x2c, 0x3, 0xa92) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) bind$phonet(r0, &(0x7f0000000000)={0x23, 0xe9, 0xfd}, 0x10) 04:18:50 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x210480, &(0x7f0000000000)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@noextend='noextend'}, {@debug={'debug', 0x3d, 0x80000000}}]}}) fork() openat$fb0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0\x00', 0x10000, 0x0) 04:18:50 executing program 2: socket(0x10, 0x0, 0x0) 04:18:50 executing program 1: r0 = fork() fork() getpid() tgkill(r0, r0, 0x1b) 04:18:50 executing program 3: r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040)='SEG6\x00', r0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r2, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@SEG6_ATTR_DST={0x14, 0x1, @loopback}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x976}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4008480) 04:18:50 executing program 2: socket(0x10, 0x0, 0x0) 04:18:50 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = socket(0x15, 0xa, 0x3c6) ioctl$KVM_GET_NR_MMU_PAGES(r0, 0xae45, 0x4) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x20800, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c667363616368652c64656275673d3078303030303030303030303030303083a530332c76657273696f6e3d3970323030302e4c2c616669643d3078303030303030303030309dc23030303030392c6f626a5f726f6c653d2a2c6673636f6e746578743d73797361646d5f752c736d61636b66737472616e736d7574653d2425245d2540232e2c736d61636b66736465663d2c6d61736b3d4d41595f57524954452c00"]) socket(0x11, 0x3, 0x6) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$KVM_ASSIGN_PCI_DEVICE(r2, 0x8040ae69, &(0x7f0000000080)={0x3, 0x1, 0x80000001, 0x4}) 04:18:50 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c776600100005", @ANYRESHEX, @ANYBLOB=',posixacl,msize=0x0000000000000006,nodeuid=', @ANYRESHEX=0xee00, @ANYBLOB=',cache=none,posixacl,access=', @ANYRESDEC=0xee00, @ANYBLOB="2c76657273696f6e3d3970323030302e4c2c0086821b4daef55ecb7f46743ba032b4de5b73cbcb9030198bf842303805cb60efd5c6419eaec5678969ce7cd2543cbb3653d7fdc389e0b6f4b07eb47c6334b941197bcf6cc52d708747aa7963"]) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000080)={0x1}, 0x8) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000000)=0x8, 0x4) fork() ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f00000000c0)={0x3, 0x4, 'U=L'}) [ 623.511074] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 623.517340] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) 04:18:50 executing program 2: socket(0x10, 0x0, 0x0) 04:18:50 executing program 3: ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xf}) socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_read_part_table(0x3, 0xa, &(0x7f0000001780)=[{&(0x7f0000000140)="f5868a8fc048cb870c99614375636a4dcc771f55e17224a8f0c9b9e639da9fdb7aa19cf6", 0x24, 0xa87}, {&(0x7f0000000180)="d5c316d1e97c8d4484268ccc276f81a3f84d4b3a3f3758bc3d0114ae480886f46af55c6471ff8c9fa4c490dd820dd26de8b7b0bfaaa246f81991b887093b3103cd3f664624833b9d9ffc160e1257877def11f9e3e8ec7ff35dd5aee592f5a120a6dfeeafcdabe7797d5ff6306095b56e6ce4f72591c2511907f625527b44c4baae01c823cd6c344164da2fa0dbc87db0cf585ae2523c78b8469d7f", 0x9b, 0x705}, {&(0x7f0000000240)="397e7429b1edd9277bf489c42c2620f03f260f7ab7c1b56cac7ea91ffd8a7d26af5c39316e6ae3ff230efbfefc3c62515dfe3dfa7037cb5ce8653e8efa02ebd5414197392d6f3c076efe98ff9e315bf80224303b0b65c57c1e87b711580671d9b1f3b8d7368ba602bb48c8e57e23801f3972dba4380069c68044e3ad92603ed85faa4e9099", 0x85, 0x800}, {&(0x7f0000000300)="154ce1df6b8d1e7a60f146cf3b8c30e53981ce2c525d9fc9dbe61f8664a88d4d2e09ffb69489019ac00e99e28f9bfb74c11a78c7a9ae0f1a95f29e69069f04bf2a35fa48d1a5aab5f5e9830539391aa682204a0701f066eb83b3e5c97c9854c088f1952b4329095000742152658014c407a828ff99a573f8dcf4e124839275a259fc463b735484288838427809bd45ffcc13e79f325cd4a05c0a5f4a7281cf685ddf407672a7bc959bd5f2547e9098cb19af7d0fe1dc85d3d5c59a35e9be747338f357859af34f7bb0d36d197b0c483be544ef44010e0d86ec49d610d493fdcba30a0ad5a803c6c8398f6429adad2010d7b7db03c2c2a1ebdc2f", 0xfa, 0x6}, {&(0x7f0000000400)="ff212a315a2afa5c1888aea62b27a650f7bf05885c56d7619acbe5abb62dcddb099d142407e0df64c981f54a7a7977c9bc4d83dd2156290a42b19230dad53aac1ad7b6c9bd5c57221ce6095f620475beb7d59e0d61832dc3c8566bbdeaf9c548c9196499ba776f26b4b7b308e3df7844c38f34275a381ba888f110635f63fdb1879c86d5488b05ed7d1588037242424d4176c49b6a85e4bd3da6af5d00e2d7c21d2dee9557af50e521c40e4c3aa59cd59121a551a148985e1885c1add973eb079168c4ac6076b2789983cbcdf54c5ef97171cbae4be129a32bc8f7dda733692c256affbeb9d0c3f299c8802fd11e7af2", 0xf0, 0x81}, {&(0x7f0000000500)="9e6027a9ea836234b519fd33f96c48c495586863db20f33241b9645fca6702ca1621ae445c829e531bef4094c21c547f2182f704bd9fa68dfd56eb5b9287e21f114adbc99efa96032e28281521bff08b86943fc33b14130bc4254662d7fe7c667645b9e75d19c29f96412b2bdce31e099892f8eed0334616f66bc238835355463b1b5b96300d81447a24bd29f5f82a426b80ac5fd324182a4f4534e56221f78ce71b2707316d78478a476a45207bcd4143e0e878a764f80d252fdffb423304cbea41a6a0fb2d8e6bbc64cf5af2480c7f6beb41c19e7b94309101691f5952a65abd065e4297a55b40ade42032736961e5a4d2b423a6ff7c13c49d5b93592ccd52e43a01ff3a7b5a32c9d9ecc3ac097fb9b11cf1bf750333df4496f58306ce32e2f97e17ddd714134ab7dbacb3db7a3a6fe3912df78042c78e971cfd4e1aaf662a8ff516f4cf60aab062a559b123cc164748bff8fbd975b17106f1ebca00fdef0a65ef6e74e02c143436f680715d331705151c70e08dae1181a41e9d82033d7de9ef434926bbac3ce42a1a72a218e81dd73c8696d50dfac9cfc857451353ff3bdbd49b5b829a803eefe01802913c853ddd96477e2b7def244de697a9ed73e34324ac00cbe23def2e1171beea576b69e7bb7ef22585193ff11e9fe4bf07769ad1fd8fce4aa4bf500230b76749f52547d0bbe2c079a185e5e6d104484fa51631a7089501d397fa691caa025af40be33f4d92603075a69c0f0d7bd71b7a345b0a22057a5ef664ab7d949ba3f0f76c367e68b6aec774633bd085841665278edd7ea50366c1396060ac67328d56d5cd110d482eaabec6346fc1b311f469bcc75ceb28b5a76f69e27e3ba9678a0424e53748c28463ce524a94d45e55ed9a564ad85ffe2d26c461cd632c012c71e5b35f9f57bc9f6ce74706c56139393a16760529fa082f21174f34cfa3fef8f8f16d66d3448ac170145e9796ad8b0314267ad990b9ecb4234f2edb45408ebb8e12c285d191eddcb6a5ee9b158406247d33f66eaac0af23d7d98956939b846b425d0eb400a0dc3c7e3b2d1ec9d77a5175eb4cac161dd3b7d70ac8aa0efd2d70186e8e6f20e472eae97e797afcf27642dae156373ee80a38d406d171d42b7acae0a7756c7d67898df0bc2094df3fad259c0d1050bfddd825bd0c0a0b099610336936989bf73e644ad51be4e060ddc02ccfe9e92ffade5f2d69acbe00b0c9f47ceae12c68d1dba5dad1982fdee5b11aeefe80882ab4692bbb037aab2a5ea71e15319a4e31c512cee2bf54bbe10f2aba98496e33cd0e05824c9482db176670129cdf93c79ad1404150ee191228a9811505e9e4bb6d63c24ef0b0de883fc3aae1c2fa9598d70da7bf02d09330bc8a56c133da2c94c6c24f7bdc2000cba9475168313fefd50f56c798eba96daf96505c6a4cc3887162b33b7cb1d8dabdc79e08c65a6a777d893254fa69fe5535469a334b1308c15c015264081febb460b76a2a03e700c439c1a026a3892bf98ceab0c64a1aaf9faeec074f65195b3b61dfe4e270648de60236978f98bbe636ae8ff1f067157cb8dcafcd9e47f94ba9b2de497d87c286c4f4cd6e4771c05ddf535a10bd45cc9765158772f3e12039c7fddb5b7a4cbedff5ecbfa91c20d98377dde7fbe42b357b59282caf6a1635a4f9b51c8e775c48ef1f3b44db57342c0b5bb74ad91a8107059b5b2485f9f5e9c057fb916453e8a00a0dc9f2b62646b1be03281c132100cf5d50df70370cd5e6c6326193e88b8232188d8b341e7feee7c46806910b818ba347b5f4ff0a5ef6b902f8a17e3a4f54633d30ee44a63efdedc5377254752a0bda81e4510d421f081db92c317b8629eed925cb472d933f41bfc5da4f753c704e801af732e3824f497b62b44f1f8535318c78bd53af8ce38be35489592ab75e34e550d99318536a466fc5afe1bc8d1e6180840b28fd9340893077c523afd1bfbf61a4dcfb33b5797f45c72f5027858b8725730dd192eefc80d2dc595cdd1b08a0e9ccf045ab9c8242dde68e83e67e0c17946b14f4206b13b5ec5088d915f94ea32c31d84e36233a849ed8c95c6714cd976be832032cff2ad4c782f035e1427f41e72093387d5be1e14a2c6a2e87c332373169ac82a48305ee953a821370bea324cca14c5b9a3aa1cb836a9f7f6d011e1d6b370f4fc53f4bafe4d315214b004f543e47f89e5206f52faecc4e7635ff57ec067019bc5fb50221d8b1e9e8bbd1485cc805ba91097d0e1c61bf918497c7a5a18d70f00688ab1a3bf3e9124ba07cf082f515e92007eb099564be1251f8327db99e5dce62c66d4ed444c5fbf67befd8326942e00d7a629c5f74e5d87d8ddad5a7bf25dd9e9c595902aa3e531901edcfa636c522f9d8e15415dc0d3d3940bf8b6d2dcfce26dc3b343d2913941d74d7e622944d48c3c2beb20d009503672292801029f026a6bd7d94fae27d2b236d245a992fd0feb97620e04a0d8f7fcc905b8f3e20dc0d52e2997cba65c10951296bef67b38a92d8310f993a938eef9ea2e81beb13ebdd9036f26fcdd6de21ea5887822623069333d5bf35356f3ccfa6869ee9ef5f4c10ea54784da7edb1f46a8a57ff2649564f89f46b8ae8e80b137dd046547b755691eeb0896bf6e0c9c62290185348e84365ef10e7a2d43eec8a9086efd153bf26032ec746e9f65a9b3066c6223e583b83afdca5e5756c8e70f6767da5deb25834890ea0baa35c254f344ebafe2956c1b657c120eba3d5655f8e739f361f5c1ef419d186bc6d376a656768f09ff470be0663e7794781a402d8f450ab933866a69f7545570248e385c6b9b339e251e2b506eb595c36fdd9c212cd53a9f8ab800c3ca291a872a0b32766eb5ce799fb780a1122b9ee64dc59a0f344f0cf368384d3c87fb24445c4868b1b670597f08b471deb3a13b370770da69f3b89ff261fee0e550abf33ff94fcb76071b0e905e0d010f2858d46365a97d357e07c2ebd8f3190f6d9f40cf95a1f226b1f843c746a201dc1b12c295154ee6080483424ae35be80f8932b2f5c9687a8530ed691d5440f9bb8c45534bd7597c2a81266661d0f44c854400e91a8074e1e7859b148c602a7b712c6938baed7041cb6d3cc165f9fb7c6b2bce06c3a2796be77aa2eef90b81571071421bd8f51d2f67cb65f9b6d5993ce8c692954c81cc569fecf704084c6a1a986acf0a7f462bcc85e44468d0e89100893a487b3b638a818152bcf41789ee2452f367b73fc877cc064a02c1c72072948d937fef423a2056c3511b9c7b55817d11b8b4271f653c51b8e838a971801b5374492f791476b598bd2c3a8ad59bf4ebe0c0f80df134aa18c362c010c794301ac1e446727c2f0bf59dda90ae71e2443bc23ce0a03a634edae1209c16c575f7d0cfa52e71e981f2bcd826aa1bba7d459c5132b68eb649106c377fa94747ac5a35baca319ce82646349b7139dbe6643599b18de34791c90ef5931f62af89c4177fd4901761cf7a5b7cde2d963e569a888fa2ca2ccc70f0f65824908311dc0e4783b7536dc67a686ac6d27e37c82dac694167d680f0eca34aa3660744c151e361ed533954caa4a51870bfdacfe44b6644bc76054c473568b9e08a688cb0561d5bcd65e01bd37e134f1e228cd90cc11e3c530acc1b14675c7a5de6185bd4d001cfeb64760e344b9dad98cd441bc6de8fab6bc239eee2e8f212e6b59266ca159d9cc8b619eb8f280c671087793139b08f24d12ced732cc031c91b39dce79406aa2f80b3cd51250c82cc0091517a1b1f79e7d69460e055896a5c6ca080c6ac7db95e3aed0d35e687f6148673427e49a554ad695e03aea4f281a38bb2933425a4d97d44f740ceb2ed33cb35a78b5329e62bd5e39ae752ac871e505381616fd111b2828808d57d1285e96b7b9911f990661d07f3100cb6b99dd3d4855808d4a99911f8ee9568bfab7161852238f12bc1217c5ed319bc620fb814f6d3edfcac25ee46d2bfe8340c1ff9bed4a15b3d4785bbe7647c4eb80be4d89b32b6e988868fe25a4b25299d51679623b31a3add1c64113a1c585633708d8a776a337d01bcfcbf6f9034960ab51a467383943972868e53f3c1ffbc2dc11b57afd87d6a8a4b086a2313b274acdcc556e0988c6c457962e98817413977e4609a48e484f8ca0afb9b2add5c1fb3e9f4dc4f030988eb1bac4872954f0be51b372b220ed7f9336345ddd56f7f4da4861ad40e8731664331a607f9154f71e7f109263c1eac564392189fee0c9598b9594c3e79cb388a3b8d2a5e674ee3cacf64236ba645a2eb4259413cc042b2bd51999edfe4187ff691d4cb0ddeabaa6c88b04164705718319ba0a59548fc2363312e317a0391d501742af2c066c6857a05008d00f016f931de4f2384036b2bcfac8e765d336205251150a43c4baba2fbba9e4e0ad0d729218f9e6e4773176f81ab0e253292f81a0e3cf60852f42c0639e251ea8300540e0cc632dc9bbfc137efc7f14f2ea6bdfafa43971c16a6861e7e8fb13411d14e7e94c81a4964b9738bc747bc300e47d1a1d91490d98b46969f860ea6c2e6ef25b89bffa52149e53b4b68e7744333924296513a7d23c4f2b69c6cb0c1465c9d19b11e5dd748503779c90cc31d0d9bf23ca00dd05ea19287b490f6791ee2a68ad67bc940d7fad3bc923bf0f0b5ec29702cb8f5699bfe95da39a0c65c068c10837fcb033ab779947b23a2fb3b3b9d852fb60e9384c586d16b3c871ac5dda55fda67134661554ca542fedf5af71796667c6bb01b2b6eb5309bf68b2876562c5a31c8ba1e09baf9c6253a311bbb561faf8003001a4d40cfeaa646212bf3bab63a2966d616aa62d44f35a4044a35f25ba957a1bf3b444bfec4002c1fffebacc9da515d978380d3797651cbbfbbdfe75767d4fb794ba12c2b738111c9bf37d536b7687b4eb3860140491b7b3caa3b28fd467a836f3b227e09250bd4e76929f2cbe31c1fbd10ac32e746d8b52b3939762836e529860687c0c0c07778a340f133a7567087257a08cbf9dc6fd3d454d06deb21a9946f56d4ed107d790bae110c27e11e284825fc58bf69d4054977454c76da9aa7b4e60e44e0bf62b9ba958afc3461d993dc1c4225ad5564de00c54074020c1f2b12f14ec39ba3a3e436c9aecf1a733cbc2f56f2646cab75834eb3dcc205360062a1bf4be2c4c8d861df96b9dc0cca80069834abbae2e608d6c9b9624a3524c9dc0e684a31ad234b15bb2e094ac3035bb050d38d8a67dff23f2bebcc7e620a0d4c6682b8e4250fc51204c76a4a2de2383efe1cf8ea1f63ae9ae0a374bd6d07c9af82798ba99e64446521a51efc25abfd9a7880257dff19b8f633c4af6a692162a10719f0b7b8498ddcf723bafa7d97f98563be4e20c1357a43f33ffafd3141ff2812504a1ad25740630f69d2fba354da4762306f0c0626f5a8c46485855f6b8350bea950698c746c9a91b6381692d377a458d333e58d30f6dc72c7689809c0540643d9eca0d73fdd297ef74e6f56a896f5a6dc3226ce7f60461037ba64ab33f3697514c08e62f275af34151fe35e25b9803db4fa036c6933fc14dad1f57991ea46152bc96141b451356de47f3fff850f30ff44d9af7e427649f5161520d1397fb7606c0efc3fa86bf8ba5462229acc3bc5f6749c73ddeb24ff532072c059dd623b4f185a49a9fa19e4cc1ca72f73a73130859923ee8ddd99f8796beb0157def3af59b3d4716cb319d50623a05c344372c0488a9ac4212eab598ca3039251d56ce50eaf6f6a5c44b69c1db277c033e8aa6a76d5e", 0x1000, 0x1000000}, {&(0x7f0000001500)="9cf6db6ad52dd152b32da902d9e88513277930ddf459350c35d11c5daefbe3ed9c8a13a6f5af4a65db86f8fc3b8ac4f5040db3bbdd2b8aaa3afb0fdd3d7bc4a78423b54fdb12f473be86bf43133e245b96c3b9f617d7ff84707cf26796186cde8cd7e663bf9dac2cf12fe819fc706574325c652675166c6a692520abe58714c0eb012223e0875432236ad0393d53", 0x8e, 0x5}, {&(0x7f00000015c0)="06b97b53bbaac97167768ab2edd854257613cb65cf4961cfc8f8ae9e40a7ffad34d3fb2d0d3ae2e66dc544d733", 0x2d, 0x3f}, {&(0x7f0000001600)="672b6be04a38f5482d73e4c516ee245c0d2a21266318fe953016ebfc3f640b010f6fd21748a146b0207998eddfadf973f827fd4d7fd982ce3f28f74afaf809470aea5daa7e68447eddc1b51e6ce11769f3", 0x51, 0x4}, {&(0x7f0000001680)="d0e86fdecdea0544570c55d46385f2c5f78802c2a2091bbaf8ab0f9ee3e88633b75c8a50ffb16af2ad0df8b0124cfa47bc409c7564cd4acd079c6934dc91a2ae4efdaf9f464d199755e90045a359d2651aa21771bb9ab95c5fa27d0d6bb5979903f0838a6a3d01159491daf29e30456fe6464d6e4b37856d4cdf8806397875ab3eee1336e1d646fdfbc7a74ad223b5c827f45b3ca70a261cf68126611752ff936395c150180f83ec81d6e5661538e6274826f49137812e86b2ba397e7846affb081d37df4cd57ac9a32f53cde91f7865def854caaf8e593d093b7570ee6c563735c413378e7ef9bb3d6a1f", 0xeb, 0x6}]) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{}, {0x0}, {}]}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) connect$can_bcm(r2, &(0x7f0000001880), 0x10) ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f0000000100)={r1, 0x3}) [ 623.670937] vhci_hcd: connection closed [ 623.681653] vhci_hcd: stop threads [ 623.711066] vhci_hcd: release socket [ 623.733879] vhci_hcd: disconnect device [ 624.093325] Bluetooth: hci0 command 0x0401 tx timeout 04:18:51 executing program 5: prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0xc) syz_usbip_server_init(0x4) r0 = fork() tgkill(r0, r0, 0x1b) r1 = gettid() getpgrp(r1) accept4$x25(0xffffffffffffffff, &(0x7f0000000080)={0x9, @remote}, &(0x7f0000000040)=0x12, 0x0) 04:18:51 executing program 1: r0 = fork() tgkill(r0, r0, 0x10001b) 04:18:51 executing program 0: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) tgkill(0xffffffffffffffff, r0, 0x27) getrlimit(0x5, &(0x7f0000000240)) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd0, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x78}}}}, [@NL80211_ATTR_REKEY_DATA={0x60, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7f}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="4fe45ec8942dbe8e75e1e8b7446a92de"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x40}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="d2f44ff513d0694807c0b900e5c2b20c"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1f}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="4740dafad2594bdf607020cec8565a2fe4aaade4c90ee5e8"}]}, @NL80211_ATTR_REKEY_DATA={0x48, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="62889781fb6e0578a2190c5ce5dd04c9"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "2e9d0fb028cb5922"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8001}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="a30f8ecca57e9f8443feaf330927a53c"}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x800}, 0x4091) 04:18:51 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) socket(0x3, 0x6, 0x6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x2, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x280101, 0x0) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0x0, 0x1}, 0x6) 04:18:51 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x585000, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9) 04:18:51 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bind$phonet(r0, &(0x7f0000000000)={0x23, 0x9, 0x0, 0x3f}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x1a, 0x4, 0x2, 0x1, 0x214, r0, 0x3, [], 0x0, r0, 0x4, 0x4, 0x2}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f00000000c0)="f3c9e6e7ed34b273c227b675dc90506fab9009c79120582f975da3cb50c54c511953de5379c399b1e49ba83d"}, 0x20) 04:18:51 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) socket(0x3, 0x6, 0x6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x2, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x280101, 0x0) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0x0, 0x1}, 0x6) 04:18:51 executing program 3: ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) socket(0x11, 0x3, 0x0) 04:18:51 executing program 1: ioctl$KVM_SET_BOOT_CPU_ID(0xffffffffffffffff, 0xae78, &(0x7f0000000000)) r0 = fork() ptrace$peekuser(0x3, r0, 0xfffffffffffffe01) tgkill(r0, r0, 0x1b) 04:18:51 executing program 0: socket(0x1f, 0x3, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0x80, 0xffffff80}) [ 624.225681] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 624.231576] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) 04:18:51 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="747261646e6f3dac73fcd19fb5515637fdd9456c38da4ba15140b4905d5829d4a8bde1406f9b9c7892118c66abfcdf1ab02bcb3a690492efdf0fc6eba40491234abc8aa3614fe8a78f903f190fed930511f408c235fed78ee78901c5d05ab06b6f21f6ae62149aed43ce2c906f6166f151e15a0ea5e8b9457097eb946cc5a00fe181f1a82de81c69398624422a170cf996cdc77334a4b8582fcca05e8de858de8b7deb909341161e3e45665bca6263c059f4a4edba239501bebf5110108959bac28b46f7c0211786d81988ae2cc1cf4fd2bf7cd0072736590a02a8a2ce5575991011beea9c437e3011a4d3d95e88313480", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESDEC=r1, @ANYRES64=0x0]) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, &(0x7f00000000c0)) r2 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x380) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={0x0}) r4 = syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x8, 0xc000) getsockopt$inet6_dccp_buf(r4, 0x21, 0xf, &(0x7f0000000200)=""/4096, &(0x7f0000001200)=0x1000) ioctl$DRM_IOCTL_GET_SAREA_CTX(r2, 0xc010641d, &(0x7f0000000080)={r3, &(0x7f0000000100)=""/106}) fork() 04:18:51 executing program 3: socket(0x11, 0x3, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000012c0)={&(0x7f0000000000)="eac19a1bddff351bb8ce1b23bc060a5267ce940126c7f2f61128018f168ef9dc8311c92c0f6e9a3f88b253a61c55cbb553f48a759755104ffadd4de883a10f53cc3fa05cf9be529a42b0df2dea1205c3c580bccc73b50de7d8203eeb0eb9dfeeef355a321c49b19032a461be6e2027b9f4935aa00eaa3b7ec7af309586baee0bc634074e83ce99094f7ebcbe3589cfa174e44b438545e7f1b9727f50391a891bb6e69f3506b3dda8d3447be3b42d9b18a02574b8a338174120649aed8989f58c46fb6d5abb4bb9b59dd340e7a8bd58a550d77d6b3197c7212a7120073634a6fff786aebfc542c63b07550cf77ff95f8912", &(0x7f0000000100)=""/4096, &(0x7f0000001100)="14a77059038c8b7303e3447cce4349d7674fa75af442dd31f7c8f000c120d8e36f6c32b3f2784a7ea997577dd874452b31d401883a5641d3bb16df7d57045aeff22311d47d1cef986aeba685d7c36bdc81fb2e18507e5d328d50b9b9429a15527aa571187e3740d53200475b9df510131d6829848d9ebcc3daa14430e895392fd26c8c4510b82955bc429164eab79d1797783741ca608e21c64d81084e4fa7b0810f22a5ea335dd26490a77c2f4b94572319b7bd6c3fe4ab57f1c63b190126b82b8192397903b2391579100f5bafe2fac1437751b1c280d36cd05563e0c50bf470cd8c", &(0x7f0000001200)="8a4e6a4f909a215b2553420c15026263e1de2244e76ab124a3ecab084d34d6ea88deab6936b868ae9c6b7f325c56f85ed6d2fcaea89baa101db9263d29b71d2135a617deb625b235e2009ae448c3046224da87712877d5070ca3cffd25c7d48b7094b10f8fa31608e8f59730680bb733b058903d45cadde341712ee59534c641634f1d4fead49742d0300a48c095d48542933c0194498164e80724", 0x7, 0xffffffffffffffff, 0x4}, 0x38) [ 624.365621] vhci_hcd: connection closed [ 624.365879] vhci_hcd: stop threads [ 624.384888] vhci_hcd: release socket [ 624.407149] vhci_hcd: disconnect device [ 624.413496] Bluetooth: hci3 command 0x0401 tx timeout [ 624.475829] vhci_hcd: vhci_device speed not set 04:18:52 executing program 5: ioctl$KVM_SET_BOOT_CPU_ID(0xffffffffffffffff, 0xae78, &(0x7f0000000000)) r0 = fork() ptrace$peekuser(0x3, r0, 0xfffffffffffffe01) tgkill(r0, r0, 0x1b) 04:18:52 executing program 0: socket(0x25, 0x2, 0xfffffffe) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) connect$can_bcm(r2, &(0x7f0000000080), 0x10) 04:18:52 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) socket(0x3, 0x6, 0x6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x2, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x280101, 0x0) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0x0, 0x1}, 0x6) 04:18:52 executing program 1: r0 = fork() fork() r1 = gettid() sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0xffffffffffffff00) tgkill(r0, r0, 0x1b) r2 = getpid() tgkill(0x0, r2, 0x0) getpgid(r2) 04:18:52 executing program 3: r0 = socket(0x11, 0x3, 0x0) bind$phonet(r0, &(0x7f0000000040)={0x23, 0x0, 0x7e, 0x81}, 0x10) setgid(0xee01) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000000)) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 04:18:52 executing program 4: fork() ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) 04:18:52 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) socket(0x3, 0x6, 0x6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x2, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x280101, 0x0) 04:18:52 executing program 3: sendto$x25(0xffffffffffffffff, &(0x7f0000000000)="e6af5e1543ee894bccbb6a2bc24e9bd4206643170db58c653c7cecfc9509e31c7064014bc0ef8430e90385a17ed1deee5ba1c5de8ce3cd4adf81546318f81c0357f6c9d256fa7d1160da79daf7ef5b21564afc032b0b044ff9390824d20e1fe73c17ce47aa24091c47ceebf9a6bc4f20ae86ebfc9d08896c9743a7b33cd4b9140d27bba8c1d63f8977a3725a180d4facf470253f9c3dfcb30e1e03ec2b937e6dbec790", 0xa3, 0x0, &(0x7f00000000c0)={0x9, @null=' \x00'}, 0x12) socket(0x11, 0x3, 0x0) 04:18:52 executing program 0: socket(0x2b, 0x5, 0x6) socketpair(0xf, 0x2, 0x1, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$phonet(r0, &(0x7f0000000040)=""/199, 0xc7, 0x6, &(0x7f0000000140)={0x23, 0x9, 0x4, 0x20}, 0x10) 04:18:52 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xaa, 0x80000) ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000040)={0x0, 0x2, 0x9, 0x0, 0x7f, 0x8, 0x800, 0x1, 0x13, 0x3, 0x7, 0x1}) r1 = fork() tgkill(r1, r1, 0x1b) 04:18:52 executing program 5: ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xf}) socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_read_part_table(0x3, 0xa, &(0x7f0000001780)=[{&(0x7f0000000140)="f5868a8fc048cb870c99614375636a4dcc771f55e17224a8f0c9b9e639da9fdb7aa19cf6", 0x24, 0xa87}, {&(0x7f0000000180)="d5c316d1e97c8d4484268ccc276f81a3f84d4b3a3f3758bc3d0114ae480886f46af55c6471ff8c9fa4c490dd820dd26de8b7b0bfaaa246f81991b887093b3103cd3f664624833b9d9ffc160e1257877def11f9e3e8ec7ff35dd5aee592f5a120a6dfeeafcdabe7797d5ff6306095b56e6ce4f72591c2511907f625527b44c4baae01c823cd6c344164da2fa0dbc87db0cf585ae2523c78b8469d7f", 0x9b, 0x705}, {&(0x7f0000000240)="397e7429b1edd9277bf489c42c2620f03f260f7ab7c1b56cac7ea91ffd8a7d26af5c39316e6ae3ff230efbfefc3c62515dfe3dfa7037cb5ce8653e8efa02ebd5414197392d6f3c076efe98ff9e315bf80224303b0b65c57c1e87b711580671d9b1f3b8d7368ba602bb48c8e57e23801f3972dba4380069c68044e3ad92603ed85faa4e9099", 0x85, 0x800}, {&(0x7f0000000300)="154ce1df6b8d1e7a60f146cf3b8c30e53981ce2c525d9fc9dbe61f8664a88d4d2e09ffb69489019ac00e99e28f9bfb74c11a78c7a9ae0f1a95f29e69069f04bf2a35fa48d1a5aab5f5e9830539391aa682204a0701f066eb83b3e5c97c9854c088f1952b4329095000742152658014c407a828ff99a573f8dcf4e124839275a259fc463b735484288838427809bd45ffcc13e79f325cd4a05c0a5f4a7281cf685ddf407672a7bc959bd5f2547e9098cb19af7d0fe1dc85d3d5c59a35e9be747338f357859af34f7bb0d36d197b0c483be544ef44010e0d86ec49d610d493fdcba30a0ad5a803c6c8398f6429adad2010d7b7db03c2c2a1ebdc2f", 0xfa, 0x6}, {&(0x7f0000000400)="ff212a315a2afa5c1888aea62b27a650f7bf05885c56d7619acbe5abb62dcddb099d142407e0df64c981f54a7a7977c9bc4d83dd2156290a42b19230dad53aac1ad7b6c9bd5c57221ce6095f620475beb7d59e0d61832dc3c8566bbdeaf9c548c9196499ba776f26b4b7b308e3df7844c38f34275a381ba888f110635f63fdb1879c86d5488b05ed7d1588037242424d4176c49b6a85e4bd3da6af5d00e2d7c21d2dee9557af50e521c40e4c3aa59cd59121a551a148985e1885c1add973eb079168c4ac6076b2789983cbcdf54c5ef97171cbae4be129a32bc8f7dda733692c256affbeb9d0c3f299c8802fd11e7af2", 0xf0, 0x81}, {&(0x7f0000000500)="9e6027a9ea836234b519fd33f96c48c495586863db20f33241b9645fca6702ca1621ae445c829e531bef4094c21c547f2182f704bd9fa68dfd56eb5b9287e21f114adbc99efa96032e28281521bff08b86943fc33b14130bc4254662d7fe7c667645b9e75d19c29f96412b2bdce31e099892f8eed0334616f66bc238835355463b1b5b96300d81447a24bd29f5f82a426b80ac5fd324182a4f4534e56221f78ce71b2707316d78478a476a45207bcd4143e0e878a764f80d252fdffb423304cbea41a6a0fb2d8e6bbc64cf5af2480c7f6beb41c19e7b94309101691f5952a65abd065e4297a55b40ade42032736961e5a4d2b423a6ff7c13c49d5b93592ccd52e43a01ff3a7b5a32c9d9ecc3ac097fb9b11cf1bf750333df4496f58306ce32e2f97e17ddd714134ab7dbacb3db7a3a6fe3912df78042c78e971cfd4e1aaf662a8ff516f4cf60aab062a559b123cc164748bff8fbd975b17106f1ebca00fdef0a65ef6e74e02c143436f680715d331705151c70e08dae1181a41e9d82033d7de9ef434926bbac3ce42a1a72a218e81dd73c8696d50dfac9cfc857451353ff3bdbd49b5b829a803eefe01802913c853ddd96477e2b7def244de697a9ed73e34324ac00cbe23def2e1171beea576b69e7bb7ef22585193ff11e9fe4bf07769ad1fd8fce4aa4bf500230b76749f52547d0bbe2c079a185e5e6d104484fa51631a7089501d397fa691caa025af40be33f4d92603075a69c0f0d7bd71b7a345b0a22057a5ef664ab7d949ba3f0f76c367e68b6aec774633bd085841665278edd7ea50366c1396060ac67328d56d5cd110d482eaabec6346fc1b311f469bcc75ceb28b5a76f69e27e3ba9678a0424e53748c28463ce524a94d45e55ed9a564ad85ffe2d26c461cd632c012c71e5b35f9f57bc9f6ce74706c56139393a16760529fa082f21174f34cfa3fef8f8f16d66d3448ac170145e9796ad8b0314267ad990b9ecb4234f2edb45408ebb8e12c285d191eddcb6a5ee9b158406247d33f66eaac0af23d7d98956939b846b425d0eb400a0dc3c7e3b2d1ec9d77a5175eb4cac161dd3b7d70ac8aa0efd2d70186e8e6f20e472eae97e797afcf27642dae156373ee80a38d406d171d42b7acae0a7756c7d67898df0bc2094df3fad259c0d1050bfddd825bd0c0a0b099610336936989bf73e644ad51be4e060ddc02ccfe9e92ffade5f2d69acbe00b0c9f47ceae12c68d1dba5dad1982fdee5b11aeefe80882ab4692bbb037aab2a5ea71e15319a4e31c512cee2bf54bbe10f2aba98496e33cd0e05824c9482db176670129cdf93c79ad1404150ee191228a9811505e9e4bb6d63c24ef0b0de883fc3aae1c2fa9598d70da7bf02d09330bc8a56c133da2c94c6c24f7bdc2000cba9475168313fefd50f56c798eba96daf96505c6a4cc3887162b33b7cb1d8dabdc79e08c65a6a777d893254fa69fe5535469a334b1308c15c015264081febb460b76a2a03e700c439c1a026a3892bf98ceab0c64a1aaf9faeec074f65195b3b61dfe4e270648de60236978f98bbe636ae8ff1f067157cb8dcafcd9e47f94ba9b2de497d87c286c4f4cd6e4771c05ddf535a10bd45cc9765158772f3e12039c7fddb5b7a4cbedff5ecbfa91c20d98377dde7fbe42b357b59282caf6a1635a4f9b51c8e775c48ef1f3b44db57342c0b5bb74ad91a8107059b5b2485f9f5e9c057fb916453e8a00a0dc9f2b62646b1be03281c132100cf5d50df70370cd5e6c6326193e88b8232188d8b341e7feee7c46806910b818ba347b5f4ff0a5ef6b902f8a17e3a4f54633d30ee44a63efdedc5377254752a0bda81e4510d421f081db92c317b8629eed925cb472d933f41bfc5da4f753c704e801af732e3824f497b62b44f1f8535318c78bd53af8ce38be35489592ab75e34e550d99318536a466fc5afe1bc8d1e6180840b28fd9340893077c523afd1bfbf61a4dcfb33b5797f45c72f5027858b8725730dd192eefc80d2dc595cdd1b08a0e9ccf045ab9c8242dde68e83e67e0c17946b14f4206b13b5ec5088d915f94ea32c31d84e36233a849ed8c95c6714cd976be832032cff2ad4c782f035e1427f41e72093387d5be1e14a2c6a2e87c332373169ac82a48305ee953a821370bea324cca14c5b9a3aa1cb836a9f7f6d011e1d6b370f4fc53f4bafe4d315214b004f543e47f89e5206f52faecc4e7635ff57ec067019bc5fb50221d8b1e9e8bbd1485cc805ba91097d0e1c61bf918497c7a5a18d70f00688ab1a3bf3e9124ba07cf082f515e92007eb099564be1251f8327db99e5dce62c66d4ed444c5fbf67befd8326942e00d7a629c5f74e5d87d8ddad5a7bf25dd9e9c595902aa3e531901edcfa636c522f9d8e15415dc0d3d3940bf8b6d2dcfce26dc3b343d2913941d74d7e622944d48c3c2beb20d009503672292801029f026a6bd7d94fae27d2b236d245a992fd0feb97620e04a0d8f7fcc905b8f3e20dc0d52e2997cba65c10951296bef67b38a92d8310f993a938eef9ea2e81beb13ebdd9036f26fcdd6de21ea5887822623069333d5bf35356f3ccfa6869ee9ef5f4c10ea54784da7edb1f46a8a57ff2649564f89f46b8ae8e80b137dd046547b755691eeb0896bf6e0c9c62290185348e84365ef10e7a2d43eec8a9086efd153bf26032ec746e9f65a9b3066c6223e583b83afdca5e5756c8e70f6767da5deb25834890ea0baa35c254f344ebafe2956c1b657c120eba3d5655f8e739f361f5c1ef419d186bc6d376a656768f09ff470be0663e7794781a402d8f450ab933866a69f7545570248e385c6b9b339e251e2b506eb595c36fdd9c212cd53a9f8ab800c3ca291a872a0b32766eb5ce799fb780a1122b9ee64dc59a0f344f0cf368384d3c87fb24445c4868b1b670597f08b471deb3a13b370770da69f3b89ff261fee0e550abf33ff94fcb76071b0e905e0d010f2858d46365a97d357e07c2ebd8f3190f6d9f40cf95a1f226b1f843c746a201dc1b12c295154ee6080483424ae35be80f8932b2f5c9687a8530ed691d5440f9bb8c45534bd7597c2a81266661d0f44c854400e91a8074e1e7859b148c602a7b712c6938baed7041cb6d3cc165f9fb7c6b2bce06c3a2796be77aa2eef90b81571071421bd8f51d2f67cb65f9b6d5993ce8c692954c81cc569fecf704084c6a1a986acf0a7f462bcc85e44468d0e89100893a487b3b638a818152bcf41789ee2452f367b73fc877cc064a02c1c72072948d937fef423a2056c3511b9c7b55817d11b8b4271f653c51b8e838a971801b5374492f791476b598bd2c3a8ad59bf4ebe0c0f80df134aa18c362c010c794301ac1e446727c2f0bf59dda90ae71e2443bc23ce0a03a634edae1209c16c575f7d0cfa52e71e981f2bcd826aa1bba7d459c5132b68eb649106c377fa94747ac5a35baca319ce82646349b7139dbe6643599b18de34791c90ef5931f62af89c4177fd4901761cf7a5b7cde2d963e569a888fa2ca2ccc70f0f65824908311dc0e4783b7536dc67a686ac6d27e37c82dac694167d680f0eca34aa3660744c151e361ed533954caa4a51870bfdacfe44b6644bc76054c473568b9e08a688cb0561d5bcd65e01bd37e134f1e228cd90cc11e3c530acc1b14675c7a5de6185bd4d001cfeb64760e344b9dad98cd441bc6de8fab6bc239eee2e8f212e6b59266ca159d9cc8b619eb8f280c671087793139b08f24d12ced732cc031c91b39dce79406aa2f80b3cd51250c82cc0091517a1b1f79e7d69460e055896a5c6ca080c6ac7db95e3aed0d35e687f6148673427e49a554ad695e03aea4f281a38bb2933425a4d97d44f740ceb2ed33cb35a78b5329e62bd5e39ae752ac871e505381616fd111b2828808d57d1285e96b7b9911f990661d07f3100cb6b99dd3d4855808d4a99911f8ee9568bfab7161852238f12bc1217c5ed319bc620fb814f6d3edfcac25ee46d2bfe8340c1ff9bed4a15b3d4785bbe7647c4eb80be4d89b32b6e988868fe25a4b25299d51679623b31a3add1c64113a1c585633708d8a776a337d01bcfcbf6f9034960ab51a467383943972868e53f3c1ffbc2dc11b57afd87d6a8a4b086a2313b274acdcc556e0988c6c457962e98817413977e4609a48e484f8ca0afb9b2add5c1fb3e9f4dc4f030988eb1bac4872954f0be51b372b220ed7f9336345ddd56f7f4da4861ad40e8731664331a607f9154f71e7f109263c1eac564392189fee0c9598b9594c3e79cb388a3b8d2a5e674ee3cacf64236ba645a2eb4259413cc042b2bd51999edfe4187ff691d4cb0ddeabaa6c88b04164705718319ba0a59548fc2363312e317a0391d501742af2c066c6857a05008d00f016f931de4f2384036b2bcfac8e765d336205251150a43c4baba2fbba9e4e0ad0d729218f9e6e4773176f81ab0e253292f81a0e3cf60852f42c0639e251ea8300540e0cc632dc9bbfc137efc7f14f2ea6bdfafa43971c16a6861e7e8fb13411d14e7e94c81a4964b9738bc747bc300e47d1a1d91490d98b46969f860ea6c2e6ef25b89bffa52149e53b4b68e7744333924296513a7d23c4f2b69c6cb0c1465c9d19b11e5dd748503779c90cc31d0d9bf23ca00dd05ea19287b490f6791ee2a68ad67bc940d7fad3bc923bf0f0b5ec29702cb8f5699bfe95da39a0c65c068c10837fcb033ab779947b23a2fb3b3b9d852fb60e9384c586d16b3c871ac5dda55fda67134661554ca542fedf5af71796667c6bb01b2b6eb5309bf68b2876562c5a31c8ba1e09baf9c6253a311bbb561faf8003001a4d40cfeaa646212bf3bab63a2966d616aa62d44f35a4044a35f25ba957a1bf3b444bfec4002c1fffebacc9da515d978380d3797651cbbfbbdfe75767d4fb794ba12c2b738111c9bf37d536b7687b4eb3860140491b7b3caa3b28fd467a836f3b227e09250bd4e76929f2cbe31c1fbd10ac32e746d8b52b3939762836e529860687c0c0c07778a340f133a7567087257a08cbf9dc6fd3d454d06deb21a9946f56d4ed107d790bae110c27e11e284825fc58bf69d4054977454c76da9aa7b4e60e44e0bf62b9ba958afc3461d993dc1c4225ad5564de00c54074020c1f2b12f14ec39ba3a3e436c9aecf1a733cbc2f56f2646cab75834eb3dcc205360062a1bf4be2c4c8d861df96b9dc0cca80069834abbae2e608d6c9b9624a3524c9dc0e684a31ad234b15bb2e094ac3035bb050d38d8a67dff23f2bebcc7e620a0d4c6682b8e4250fc51204c76a4a2de2383efe1cf8ea1f63ae9ae0a374bd6d07c9af82798ba99e64446521a51efc25abfd9a7880257dff19b8f633c4af6a692162a10719f0b7b8498ddcf723bafa7d97f98563be4e20c1357a43f33ffafd3141ff2812504a1ad25740630f69d2fba354da4762306f0c0626f5a8c46485855f6b8350bea950698c746c9a91b6381692d377a458d333e58d30f6dc72c7689809c0540643d9eca0d73fdd297ef74e6f56a896f5a6dc3226ce7f60461037ba64ab33f3697514c08e62f275af34151fe35e25b9803db4fa036c6933fc14dad1f57991ea46152bc96141b451356de47f3fff850f30ff44d9af7e427649f5161520d1397fb7606c0efc3fa86bf8ba5462229acc3bc5f6749c73ddeb24ff532072c059dd623b4f185a49a9fa19e4cc1ca72f73a73130859923ee8ddd99f8796beb0157def3af59b3d4716cb319d50623a05c344372c0488a9ac4212eab598ca3039251d56ce50eaf6f6a5c44b69c1db277c033e8aa6a76d5e", 0x1000, 0x1000000}, {&(0x7f0000001500)="9cf6db6ad52dd152b32da902d9e88513277930ddf459350c35d11c5daefbe3ed9c8a13a6f5af4a65db86f8fc3b8ac4f5040db3bbdd2b8aaa3afb0fdd3d7bc4a78423b54fdb12f473be86bf43133e245b96c3b9f617d7ff84707cf26796186cde8cd7e663bf9dac2cf12fe819fc706574325c652675166c6a692520abe58714c0eb012223e0875432236ad0393d53", 0x8e, 0x5}, {&(0x7f00000015c0)="06b97b53bbaac97167768ab2edd854257613cb65cf4961cfc8f8ae9e40a7ffad34d3fb2d0d3ae2e66dc544d733", 0x2d, 0x3f}, {&(0x7f0000001600)="672b6be04a38f5482d73e4c516ee245c0d2a21266318fe953016ebfc3f640b010f6fd21748a146b0207998eddfadf973f827fd4d7fd982ce3f28f74afaf809470aea5daa7e68447eddc1b51e6ce11769f3", 0x51, 0x4}, {&(0x7f0000001680)="d0e86fdecdea0544570c55d46385f2c5f78802c2a2091bbaf8ab0f9ee3e88633b75c8a50ffb16af2ad0df8b0124cfa47bc409c7564cd4acd079c6934dc91a2ae4efdaf9f464d199755e90045a359d2651aa21771bb9ab95c5fa27d0d6bb5979903f0838a6a3d01159491daf29e30456fe6464d6e4b37856d4cdf8806397875ab3eee1336e1d646fdfbc7a74ad223b5c827f45b3ca70a261cf68126611752ff936395c150180f83ec81d6e5661538e6274826f49137812e86b2ba397e7846affb081d37df4cd57ac9a32f53cde91f7865def854caaf8e593d093b7570ee6c563735c413378e7ef9bb3d6a1f", 0xeb, 0x6}]) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{}, {0x0}, {}]}) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) connect$can_bcm(r2, &(0x7f0000001880), 0x10) ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f0000000100)={r1, 0x3}) 04:18:52 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) socket(0x3, 0x6, 0x6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x2, 0x0) 04:18:52 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="12000000000000", @ANYRESHEX, @ANYBLOB=',cache=none,access=user,msize=0x0000000080000000,access=any,\x00']) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x50c, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x48004}, 0x4040) fork() 04:18:52 executing program 3: socket(0x11, 0x3, 0x0) r0 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) 04:18:52 executing program 0: socket(0x11, 0x3, 0x6) ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)=0x1000) 04:18:52 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) socket(0x3, 0x6, 0x6) 04:18:52 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3de6a2a06cbc32a3ee178361707ac3be365faacc53794227b16f2143c286f2fc2e10609e9077ccaa51eeba99924bc6cd594769cb077c1704509cec12bbd98830836fb40cc66e8c1a97278f49b9ba2b22eadfd2a2be10146625fd695f73aff50b65ec9a5b3443", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c0700e02496d18cf5bcb965f32392c1f461c1e5c2f12e61e96a56b1179f32ef36f39779ff8b2b43684f37467012411c4210a15f6dc6de855131a8c8c03d0c7bcabc9195c8aadaac68fed2e683bcf91b285bc7c9e54b8d9a383a4bb8e2e3a756721655eb16b421fca0af268e23b8c85cc6aeeeb533074b43deb68becf6589da6cd8cd26a9e385c1515d21b47f9b50df4ce6463fcdc415a685b4320caad573015f7441ecb34312ff05fcfa736eedcff922081ff202964a84d0b7a16dd7d14964761cc69f2e0bcf4e71577afb14d3a2999904efb41c34b3f58fe"]) getsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0xb, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fork() r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_PROTOCOLS(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x7c, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @dev={0xfe, 0x80, [], 0x20}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xfffffffffffffffe}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x2}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={[], [], @broadcast}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000081}, 0x0) 04:18:52 executing program 5: socket(0x2b, 0x5, 0x6) socketpair(0xf, 0x2, 0x1, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$phonet(r0, &(0x7f0000000040)=""/199, 0xc7, 0x6, &(0x7f0000000140)={0x23, 0x9, 0x4, 0x20}, 0x10) 04:18:52 executing program 0: socket(0x25, 0x0, 0x8094) 04:18:52 executing program 1: r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) r2 = getpid() tgkill(0x0, r2, 0x0) tgkill(r1, r2, 0x17) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) recvfrom$phonet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) tgkill(r0, r0, 0x1b) 04:18:52 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:52 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$sock_bt_hci(r0, 0x400448e4, &(0x7f0000000000)="5df894110ceabdebee620c1141ac27782e29292f5d6b1715eb33c65ca9e4bf93aaf49ca64ae4a0d7ae344bd5e9360e2bc569d52842e38c712c6841ccd05894297e4efc443e041fd12e9c7de8c75aeefd38dc64fbee372488417994f0894ddedb9ccb2834fa3b1e56cb997d3b486b43121483211e35721b78165eb25f7806b65b2de7dc716c5518b2e663e424273c43b49a216e09edf6ca5c8ac89cc96fc798") 04:18:52 executing program 5: socket(0x2b, 0x5, 0x6) socketpair(0xf, 0x2, 0x1, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$phonet(r0, &(0x7f0000000040)=""/199, 0xc7, 0x6, &(0x7f0000000140)={0x23, 0x9, 0x4, 0x20}, 0x10) 04:18:52 executing program 0: r0 = socket(0x11, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7, 0x48}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x840) 04:18:52 executing program 4: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x301, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x3004000, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c7766646e685667d63a6891d06f0000fad55c112f6174d3a25aa526360ff742181a82c9ac43018201b8f1105879cddd95cde7cdcb5502e27238accd603f66fb4815fb11cfbf5a092a0a6dcaf9ad54fd901d1fba1b36ceb6d53533ba7918e0", @ANYRESHEX, @ANYBLOB=',euid<', @ANYRESDEC=0xee00, @ANYBLOB=',appraise,\x00']) r1 = fork() write$bt_hci(r0, &(0x7f0000000040)={0x1, @delete_reserved_lt_addr={{0xc75, 0x1}, {0x6}}}, 0x5) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getpgid(r1) 04:18:52 executing program 2: ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:52 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000001000)={&(0x7f0000000000)=[0x3b4cf4ab, 0x1ff, 0x80000001, 0x400, 0x8, 0x7, 0x7, 0xff, 0x4, 0x8, 0xcb3, 0x3f, 0x1, 0x7, 0xe3, 0x2, 0x7, 0x800, 0x3, 0xff, 0xfffffff2, 0x9, 0x6, 0xfeaf, 0x101, 0x20, 0x3, 0x8, 0xb41, 0x9, 0xffffffff, 0x7fffffff, 0x70258410, 0x101, 0x0, 0x6, 0xffff, 0x200, 0x2, 0x200, 0x2, 0x80000001, 0x40, 0x40, 0x8, 0x101, 0xffffffff, 0x4, 0x8001, 0x15c3, 0xfffff800, 0x7, 0x7, 0xe3, 0x8, 0x3db, 0xfffff001, 0x3, 0x0, 0xff, 0x40, 0x5, 0x2, 0xfffffffb, 0xfffffffa, 0x4, 0x7fffffff, 0x7, 0x0, 0x6, 0x2, 0x10001, 0x80, 0x7, 0x101, 0x7, 0x16cb, 0x37, 0x0, 0xacc, 0x6, 0x3, 0x0, 0x2, 0x0, 0x4, 0x93bd, 0x81, 0xadd8, 0xffffffff, 0x400, 0x1, 0xf50, 0x1000, 0x7fff, 0x3, 0x905, 0x2, 0x6b, 0x4, 0x7, 0xfffffffc, 0x7fff, 0xfff, 0x10000, 0x5, 0x37d0, 0x80, 0x6, 0xffffffff, 0x3, 0x8001, 0x6, 0x29, 0x2, 0x9, 0x7fbc, 0x3, 0x7, 0x7, 0x9d, 0xb87, 0xfff, 0x40, 0x1000, 0x1, 0x10000, 0x1, 0x6a, 0x1, 0x9, 0x800, 0x5e, 0x9, 0x6, 0xc0fa, 0x7b66, 0x3, 0xfe, 0x5, 0xc4, 0x69, 0xfffffffb, 0xfffffffc, 0x10000000, 0x8, 0x3ff, 0x8, 0xce15, 0x20, 0x9, 0x3, 0xfffff001, 0x81, 0x3714, 0x4, 0x6, 0x6, 0x4, 0x85e, 0x8ef5, 0x7fffffff, 0x2, 0x3, 0x0, 0x9, 0x80000001, 0xfffffffd, 0x200, 0x3, 0x8, 0x7a3da848, 0xcbbe, 0x7, 0x600000, 0x9, 0x1000, 0x20, 0x5, 0x5, 0x100, 0x1f, 0x3b, 0x9, 0x400, 0x8000, 0x8, 0x0, 0x9, 0x6, 0xffffffff, 0x6, 0x4, 0x1, 0x8001, 0xf7, 0x8f, 0x0, 0x8, 0xffffffff, 0x5d2, 0x101, 0x5, 0x5, 0x5, 0x9, 0x101, 0x7, 0x400, 0xe764, 0x4, 0x0, 0x401, 0x1ff, 0x9, 0x3, 0x101, 0x8, 0x9, 0x0, 0x0, 0x0, 0x54, 0x0, 0x1, 0x1, 0x9, 0x20, 0x7fff, 0x3, 0x1, 0x7, 0x5, 0xffff, 0x5, 0x53d, 0x5, 0xfe, 0x2, 0x8001, 0x5, 0x2, 0x1, 0x7, 0x8000, 0xfffffffe, 0xbf22, 0x5, 0x5, 0x3, 0x3ff, 0x100, 0x6, 0x3, 0x0, 0x3, 0x2, 0x1ff, 0x7, 0x6, 0x10000, 0x400, 0x7ff, 0x0, 0x8000, 0x2d, 0x84, 0xffffffff, 0x5, 0x122, 0xffffffff, 0x144d, 0xbf1, 0xffff, 0x0, 0x4, 0xa4000000, 0x7, 0x6b7, 0x200, 0x3, 0x0, 0x6, 0x7, 0x9e79, 0xffff, 0x7, 0x401, 0x1, 0x3, 0x9, 0x81, 0x5, 0xffff, 0x5, 0x1, 0x800, 0x0, 0x7, 0x7, 0x58f5, 0x6c2, 0x2, 0x5, 0x8, 0x0, 0x6, 0x7f, 0x1, 0x7f, 0x2, 0x5, 0x7, 0x1, 0x7fffffff, 0x7ff, 0xfffffffd, 0x40, 0x8, 0x5, 0x8, 0x2, 0x0, 0x34, 0x1000000, 0x3ff, 0x400, 0xdc9, 0x46a1, 0x11, 0x7, 0x200, 0x1, 0x97, 0x6, 0x1, 0x98bd, 0x6, 0x2, 0x0, 0x4, 0xca5, 0x81, 0x0, 0xff, 0x8, 0x2, 0x2, 0x1000, 0x2, 0x842, 0x8, 0x3, 0x4, 0x5, 0x8000, 0x6, 0x1f, 0x2, 0x6, 0x2, 0x2, 0xfc9edcb5, 0xffffffff, 0xc2, 0x2, 0x5f, 0x9, 0x0, 0x0, 0x3, 0x3f, 0x6fef0b2, 0x3, 0x6fe9, 0x7, 0x9e2, 0x9, 0x6, 0x200, 0x40, 0x4, 0x4, 0xffff0001, 0x100, 0xffff, 0x1000, 0x81, 0x56, 0x200, 0x1, 0x6, 0x10000, 0x4, 0x100, 0x1, 0x7, 0xe87, 0x0, 0x800, 0x3, 0x1e5f456d, 0x5, 0x8, 0x1, 0x6, 0x78, 0x1, 0x1, 0x28, 0x5b2, 0x40, 0x80, 0xfffffffe, 0x9, 0x5f5, 0x80, 0x7f, 0x2, 0x3, 0x7, 0x7, 0x5, 0x101, 0x8, 0x1, 0x0, 0xa2e, 0xff, 0x7, 0x200, 0x400, 0x80000000, 0x81, 0x81, 0x2, 0x7, 0xffffffff, 0x7fff, 0x1f, 0xe6e0, 0x7f, 0x0, 0x0, 0x1, 0x7, 0x8, 0x200, 0x8, 0x5, 0x3, 0x2, 0x8, 0x9e41, 0xfff, 0x49, 0x0, 0x80, 0x9, 0x8, 0x1, 0x4, 0x955, 0x7, 0x3, 0x2, 0x80000000, 0x401, 0x3, 0x5, 0x3, 0x101, 0xbd, 0x8, 0x52, 0x2, 0x8, 0x2800, 0x0, 0xb84, 0x1, 0x4, 0x80000000, 0x4, 0x1, 0x739, 0x9, 0x80000000, 0xff, 0x6, 0xffff, 0x7, 0xff, 0x2, 0xfffffffb, 0x1, 0x7, 0x1, 0xcd, 0x1f, 0x9, 0x80000001, 0x2, 0xfffffff9, 0x0, 0x6, 0xffffffff, 0x42f, 0x3, 0x6, 0xfb, 0x10001, 0xb3, 0x1, 0x3, 0x4, 0x80000000, 0xeb, 0x0, 0x6, 0x8001, 0x0, 0x8000, 0x100, 0x8, 0x0, 0x7, 0x1, 0x8, 0x8, 0x2, 0x954468a, 0xf49d, 0x1, 0x6, 0x10001, 0x9, 0x20, 0x400000, 0x1000, 0x3f6b0b4e, 0x6, 0x6, 0x6, 0x80000000, 0x1ff, 0x3, 0x800, 0x7, 0x0, 0x9, 0x400, 0x3, 0xb6ce, 0x40, 0x915, 0x2008, 0x6c46a66f, 0x7, 0x9, 0x3, 0x1e7d, 0x7, 0x43, 0x2, 0x3ff, 0x37, 0x200, 0x4d, 0x3, 0x100, 0x0, 0xffffffff, 0x5, 0xea53, 0x200, 0x0, 0xfff, 0x9, 0xff, 0x3, 0x9, 0x8, 0x4, 0x7fffffff, 0x9, 0xf41, 0xa08b, 0x2, 0x5, 0x0, 0xfffeffff, 0xfffffffb, 0x864, 0x8000, 0x6, 0x7fff, 0x8, 0x80000000, 0x1000, 0x4, 0xfffffffe, 0x222, 0x7, 0x3, 0x7, 0x7f, 0x2, 0x7fffffff, 0x2, 0x1f, 0x6, 0xffff, 0x9, 0xe10, 0x1, 0x6, 0x73f, 0x2, 0x9, 0x71, 0xef4, 0xbfb9, 0xfff, 0x80000000, 0x0, 0x7, 0x2, 0x7, 0x4fd000, 0x5, 0xf75c, 0x401, 0x0, 0x80000000, 0x7, 0x80000001, 0x5, 0x8, 0x9, 0x20, 0x6f46, 0x5, 0x4, 0x24, 0xcb6, 0x5, 0x2328, 0x1, 0x5, 0x7d5f, 0xfffffff8, 0x81, 0x5, 0x6590, 0x5, 0x4, 0x71, 0xffff, 0xffff5fb8, 0x14a, 0x4ac, 0x10000, 0x5, 0x4, 0x8001, 0x1, 0x6, 0x1, 0x0, 0x3, 0xd95d, 0x2, 0x400, 0xffffffff, 0x9, 0x5, 0x6, 0x1fb, 0xb3e6, 0x9, 0x4, 0x1, 0x0, 0x2, 0xffffffcc, 0x5, 0x1ff, 0x80000001, 0x0, 0xff, 0x8, 0x6, 0x0, 0x0, 0x1, 0xfffffff7, 0x1, 0x3, 0xfff, 0x44c3, 0x7f, 0xe5c, 0x0, 0x7, 0x0, 0x9, 0x1, 0x7, 0x0, 0x4, 0x4, 0x4, 0x3, 0x1, 0x0, 0xec, 0x0, 0x3ff, 0x100, 0xfffffffa, 0x8001, 0x1000, 0x7fffffff, 0x0, 0x19, 0x1, 0xfffffffc, 0x3, 0xffff, 0x7fff, 0x8cb, 0x8001, 0x6, 0x1, 0x1000, 0x8, 0x6, 0xffffffff, 0x5, 0x3, 0xffffffff, 0x415, 0x83da, 0x5, 0x2, 0x6, 0x4, 0x1, 0xc5e, 0xffffffff, 0x3, 0x0, 0x80, 0x8, 0x1, 0x8000, 0x7fffffff, 0xb6e, 0x6, 0x30a7, 0xffff, 0x5, 0xd71a, 0x9, 0x57, 0x1, 0x24d7, 0x8, 0x8001, 0x4, 0x8d, 0x5, 0x1, 0x7fe6, 0x3a8, 0x3ff, 0x1, 0x7f, 0x400, 0x8001, 0x1, 0x9, 0xdf, 0x7ff, 0xfffffffe, 0x685c, 0x8, 0x8, 0x38, 0xfffffffb, 0xa7, 0x8, 0x6, 0x1, 0x1, 0x2, 0x1000, 0x6, 0x40, 0x5, 0x7, 0x7, 0x200, 0x10001, 0x8001, 0x6, 0x4000000, 0x4, 0x0, 0x41aa, 0x35d, 0xccc, 0x9, 0x1, 0x2, 0x9, 0x254, 0x3, 0x2, 0x6, 0x9, 0x9, 0x2, 0x0, 0x5, 0x174bc6cc, 0x8, 0x6, 0x8001, 0xffff6d20, 0xb5f4, 0x1000, 0x2, 0x9, 0x100, 0x0, 0x4, 0x2, 0xff, 0x2, 0xfffffc01, 0x9, 0xffffffff, 0x7, 0xfff, 0x8, 0x8dbb, 0x3, 0x81, 0x8000, 0x7ff, 0x12, 0x4, 0x4, 0x100, 0x0, 0x1, 0x1, 0x8, 0x4, 0x4, 0x4, 0x3f, 0x2, 0xffffffff, 0x400, 0x7, 0xfcb, 0x7, 0x2, 0xd1b, 0x8cb6, 0x6, 0x7, 0x0, 0x1, 0x2, 0x1, 0x1000, 0x800, 0xe64f, 0x100000, 0x4, 0x100, 0x7, 0x4, 0x1, 0x4, 0xfffffffa, 0x4, 0x8, 0x1000, 0x800, 0xffffffff, 0x9, 0x6, 0x3, 0x4, 0xfffffffd, 0x0, 0x6, 0x3, 0x9, 0xfffffffe, 0x20, 0x5, 0x9, 0x8, 0x0, 0x75a1, 0x2, 0x3, 0x81, 0xffffb81b, 0x2, 0x5c, 0x0, 0x1000, 0x3, 0x3cf7a8dd, 0x7, 0x9, 0x2, 0xffffffff, 0x400, 0x6, 0x8001, 0x2, 0x5c99aa4f, 0x7, 0x2, 0x8, 0x9, 0x37121c10, 0xec, 0x7ff, 0x1, 0x0, 0x3, 0x7, 0xffffffff, 0x2400000, 0x20, 0x6, 0xffffffff, 0x81, 0x8000, 0x1, 0x100, 0x100, 0x1, 0x1f, 0x3, 0x4, 0x80000000, 0x3, 0x10000, 0x7fff, 0x9b, 0x1, 0x40, 0x1, 0x7, 0xfc71, 0x7, 0x4, 0x1, 0x200, 0x1, 0x1ff, 0x5, 0xb, 0x5, 0xa2, 0x8e0a, 0x4, 0x5, 0x1, 0x9, 0x80000001, 0x3f, 0x9, 0x80000000, 0xe15, 0x8, 0x6, 0x6, 0x577, 0x5, 0x1000, 0x5, 0x7, 0x0, 0x3e3, 0x7, 0x7, 0x8, 0x387000, 0x562, 0x80000000, 0x101, 0xddf, 0x3, 0xe, 0x10001, 0x6, 0x8, 0x100, 0x2, 0x6, 0x1, 0x1000, 0xf53c, 0x9f4, 0x5, 0x3, 0x100, 0x9, 0x2, 0x1f, 0x315, 0x8000, 0x8], 0x1, 0x400, 0x0, 0xfffffffc}) r1 = fork() tgkill(r1, r1, 0x1b) 04:18:52 executing program 5: socket(0x2b, 0x5, 0x6) socketpair(0xf, 0x2, 0x1, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$phonet(r0, &(0x7f0000000040)=""/199, 0xc7, 0x6, &(0x7f0000000140)={0x23, 0x9, 0x4, 0x20}, 0x10) 04:18:52 executing program 3: socket(0x11, 0x3, 0xfffffffd) 04:18:52 executing program 2: ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:52 executing program 0: ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) socket(0x11, 0x3, 0x6) 04:18:52 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="7472616e733d66642c7266929ab909", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00']) fork() 04:18:52 executing program 5: socket(0x2b, 0x5, 0x6) socketpair(0xf, 0x2, 0x1, &(0x7f0000000000)) 04:18:52 executing program 3: ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, &(0x7f0000000000)={0x9, 0x31}) socket(0x11, 0x4, 0x0) 04:18:52 executing program 2: ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:52 executing program 1: fork() r0 = getpid() r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r1, r0, 0x0) ptrace$peekuser(0x3, r0, 0x8) r2 = getpid() tgkill(r0, r2, 0x18) fork() 04:18:52 executing program 0: r0 = socket(0x11, 0x3, 0x6) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', r0) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r2, 0x2a, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x80000000, 0xb}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x801}, 0x4000080) 04:18:52 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:52 executing program 5: socketpair(0xf, 0x2, 0x1, &(0x7f0000000000)) 04:18:52 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) fork() 04:18:52 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', r0) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r1, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8000, 0x7b}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20040802) r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100000001, 0x80c000) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x5000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="936aba0dff145db27c7106575090222f", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fedbdf2545000000"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0) syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x9, 0x440000) socket(0x27, 0x2, 0x10000) 04:18:53 executing program 1: r0 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f0000000000)=0xfa71c9bb2b389350) getpgrp(r1) r2 = getpid() tgkill(0x0, r2, 0x0) r3 = getpid() tgkill(0x0, r3, 0x0) tgkill(r2, r0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) 04:18:53 executing program 0: sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x40, 0x0, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x37}}}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x3, 0x7fff, 0x63]}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x4004080) r0 = socket(0x1f, 0x0, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$SIOCPNGETOBJECT(r1, 0x89e0, &(0x7f0000000080)=0x6) 04:18:53 executing program 5: socketpair(0x0, 0x2, 0x1, &(0x7f0000000000)) 04:18:53 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:53 executing program 3: socket(0x11, 0x3, 0x0) socketpair(0xf, 0x3, 0xffffffff, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) 04:18:53 executing program 0: socket(0x11, 0x3, 0x6) ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514) 04:18:53 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x82081, &(0x7f0000000040)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@aname={'aname', 0x3d, 'noextend'}}, {@noextend='noextend'}, {@fscache='fscache'}, {@uname={'uname', 0x3d, '-}#*'}}, {@loose='loose'}]}}) fork() r0 = getpid() tgkill(0x0, r0, 0x0) getpgid(r0) 04:18:53 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:53 executing program 1: r0 = fork() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2, &(0x7f0000000300)=@raw=[@jmp={0x5, 0x1, 0x7, 0x1, 0x0, 0x20, 0xc}, @func={0x85, 0x0, 0x1, 0x0, 0x6}], &(0x7f0000000340)='syzkaller\x00', 0x54, 0xea, &(0x7f0000000380)=""/234, 0x41100, 0x8, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x0, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0xe, 0xb0000000, 0x1e}, 0x10}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x13, 0x1, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x8e}], &(0x7f0000000240)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x2, [], 0x0, 0xc, r1, 0x8, &(0x7f0000000280)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0x3, 0x401, 0x3f}, 0x10, 0x0, r2}, 0x78) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10200, 0x0, 0x0, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) tgkill(r0, r0, 0x1b) r3 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x1, 0x101000) ioctl$USBDEVFS_RESET(r3, 0x5514) getsockopt$inet6_dccp_buf(r1, 0x21, 0x14d, &(0x7f00000000c0)=""/212, &(0x7f00000001c0)=0xd4) getpgid(r0) r4 = syz_open_dev$mouse(&(0x7f0000000600)='/dev/input/mouse#\x00', 0x400, 0x301440) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r6, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x1c, r6, 0x8, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x2008000}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008800}, 0x80) 04:18:53 executing program 0: socket(0xf, 0x3, 0x8) 04:18:53 executing program 3: sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x45}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000840) r0 = socket(0x8, 0x6, 0x1000) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8c5}, 0x1) socket(0x11, 0x3, 0x0) 04:18:53 executing program 5: socketpair(0x0, 0x2, 0x1, &(0x7f0000000000)) 04:18:53 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:53 executing program 0: r0 = socket(0x11, 0x2, 0x6) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00', r0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x2, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1f23}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x6e}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x1f}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22008000}, 0xc801) 04:18:53 executing program 3: socket(0x11, 0x3, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x4000, 0x0) sendto$phonet(r0, &(0x7f0000000040)="4e524f44b30933e03f090f63fa5179a7c1a23b0ba20b99535e037b1dcf90816c720df6524d7bd9914b4db70a92fd06d90306659a2ab3b7de36faf303be22bc3cb13651", 0x43, 0x80, &(0x7f00000000c0)={0x23, 0xfd, 0x1}, 0x10) 04:18:53 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r0}}) fork() r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000000)=0x2) 04:18:53 executing program 1: r0 = fork() r1 = getpgid(0xffffffffffffffff) tgkill(r1, r0, 0xa) 04:18:53 executing program 5: socketpair(0x0, 0x2, 0x1, &(0x7f0000000000)) 04:18:53 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) 04:18:53 executing program 3: ioctl$SIOCX25SCUDMATCHLEN(0xffffffffffffffff, 0x89e7, &(0x7f0000000000)={0x1b}) 04:18:53 executing program 0: r0 = socket(0x2a, 0x3, 0x9) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x14) 04:18:53 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x10}, 0x10) 04:18:53 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) fork() 04:18:53 executing program 5: socketpair(0xf, 0x0, 0x1, &(0x7f0000000000)) 04:18:53 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xfffffffb, 0x983}) [ 626.174218] Bluetooth: hci0 command 0x0401 tx timeout 04:18:53 executing program 3: socketpair(0x27, 0x6, 0x7, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$phonet(r0, &(0x7f0000000140)=""/83, 0x53, 0x101, &(0x7f00000001c0)={0x23, 0x1, 0x20, 0x8}, 0x10) socket(0x12, 0x3, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) sendto$x25(r1, &(0x7f0000000000)="910f46a2eda4f2e1e25eca89a795fbac721edec4bfed5fbfd16c536e3d7e39026b6657928badb4c466e0b453922f9113173e72216755814b05a3a9af742089b2b2c7a2854710fa56ce0699966420a867c116b88a0d9226525a5b148acc36846f37b306b25bdb97024baa2ea13e4dbd9d756adbbd95b5e7136eaca31b26408042a696a8838ff3900713594081608fb8088401184b4c8c69decc16f0d62341801d7d27a26b678ed37b2d3d4db58152b5", 0xaf, 0x8000, &(0x7f00000000c0)={0x9, @null=' \x00'}, 0x12) 04:18:53 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 04:18:53 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@cache_loose='cache=loose'}, {@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@loose='loose'}, {@posixacl='posixacl'}], [{@smackfsfloor={'smackfsfloor', 0x3d, '!!-}*^.-^@+(-+-!}['}}, {@fsmagic={'fsmagic', 0x3d, 0x20}}]}}) fork() 04:18:53 executing program 5: socketpair(0xf, 0x0, 0x0, &(0x7f0000000000)) 04:18:53 executing program 0: bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x5}, 0x8) r0 = socket(0x11, 0x3, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00', r0) sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000001240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001200)={&(0x7f0000001280)=ANY=[@ANYBLOB="041100007522a08d59ea2e401b254a8701ef7416d994b12340c23f4096fbeb81d0f07c616d20abc7bf55b6c653144dcf4f010c38abed80d797139ea77aa26b945889bc7a848c74821cade17e731607ca1b77de7d84fcb8f64368ff85f7cb432bb31e191aee2deb010f9b57c91e7a938a9b0f3c3787a5c32a95bf9b65c71cce1ecd46dc45cf3f5f9d00399694e3d927895b6d632021584f9da4b72899dbbf96", @ANYRES16=r2, @ANYBLOB="020028bd7000fbdbdf25650000000800010003000000d8100380cc000080c6000100d8160ed20c71bb892739f13d7261eed72f5fa0682031229d006cea7769b0b3c8a685cbcd9dae2cf54c87144b50d390938092d5f44e0a844b1b398ba0ec748bc3cb29c6c6a7576b5a82a05059cc67ad4c928804d24bee3b156b7a233e291d5ad9f0eece5786aba3a53e81e22a7373c51548fce85cbeae5bbec01758c2f290349670647fe886ca0f5af6fdfaedd04e2771cad52825af64f8d4b2aff3a638fa852549e0c1c175ee5ae7766cc2be49b093b99312fd0b06f1265769063c1dbea2897aba88000008100080041001005b0a6d8776a59fd146881311b02cebc64832e4d1afbbc83029c178cdbc013142a5f6dd726845e575b104c5e854b0054d4008033b49a0aaae59a57708cfc34281647b5c343f359fb68ce460bd119e7e76b43429bc9b0f1bfb74d8074e5e061bea4ef89549964e05480618435021bb9308f7111ce5e12f21ea4be98bd626e8d8bede78923b4309d339b4daa8e4101ed1aadeae620bfecc5a2b251a1f40d4ad83a62735e0099d1a5831ece3a2b26f300785a414fae42cd3692e119e2b1cabd0880dabb75125af89c20f399b36d65c63a1866657e8d1f34e46726958d8350fc10f8834321dc8e5f45cd75e35dbddbf5d4e39018d51619a0ad511158e8bc9ab99043a161fd0d4512a420ab73b90a66ac19d9702620a63400ac8e7b21908019bd9a0ba1d8bead9ef43d6bcd52f3885ef3e2ef3790c85701639d5ee6327738c6287ac6b9b6b262c14b14e01817bf9c90acb5e03852be96afbf30f028ba6306e334f8ccaa62db0b253bd2029daeb99d2c12e7122d49a64b4a409fe3409032bde0cf16340f3ca8f9a16c84f11489b12dbf7b9e1d60000d455145917a6462695320c4a100f1c409d393a5d6dc34c573cbc414098fb10d7e9a9af22e525cf9b1098fff64452d677a58e64bea85d7d1b237737e45b28fa1f4215f1d85088b690069059fcb4fb53cd0435637c5218be5894eea18ae44db2518cf7b9d4c2b35e09d9811c414079ad745366aa97f331cfc3e94a89c2f2c72da7546744b5aa2b90814aeb9c67bc8a67508a7b2d1532ed971712ddb44acd47f218100f22cf049831c48920fc5b00ed3d2a9f3f032837e0f4554dcbf568c3ca2a3df4a0e69dae8e0b2d4c2864c109b90ef2b3600f9bc4568a9fb7e09a1e15d5fc8bfe5f6e1ced4aeb52b855d4f3711718b10ccdf98a7fb038ceec7f8f113fa348f705d83ac177a9b6c0a4e19f3a3a45525d34148ab310a48aa7e4a7d18bc0c44345fc38495658e19c53a69bc35c2be6f4a52080f8b56bec3e12ec315393fe3b64f25d86bd86a8f44709f2495f10a33aa08c5b861ec51105635f7517af2ba692a9b5d90302bea77833de99689b25300c83935b2a111105af9700bc48b223c6e48ea8597f3a13c604d0fbdf951a11d09d7e7fcc03f107c5e3c7c758a64f3eee22e250227dca74889c45704c219ec4d3017910e0f6037fa763ce0da1497e4b94017a8f8c3a49d93a4c6e801ef864faa3dae9fb1145ca29a765c99cd3b7e902590b1c1956f36ad783776f93a153b93bd93361e664eea345d8c37924d8a79402e7ea239d212307ce79e2d7ac5b4f063b7dda0f6f23198a89c2f824b089aeadfd3dbf713bc82f079ab59b4abb1517f65e5566f1f4f850f6697f33cd352667ca357eff805859c589f6ea74f069f0f823b6d3f205f38d734f0d98f0905ae4e90240e7a43a75e170df366b582bf9928161c03ac3d246ef14606f82f3cf6f9adaa9332040e36d3c0b4df737d44ba899bc3ff6769c5b3336bd3de371431ff372177a753acabdc194bddb418f7c73ce58b1a3043941f0e78586f91c8d47f5da5eedab83128653060799cac633056da78ebd8abec54276cef536d13c0a0a0f58caa7bb57c1d0813e6256fb745438e71388701ea68dc05ca69484099dc51a8e8271559e8682cc4b71f687bea7dd0a870244d40295ef2515c3dc254c3eaf6e38247751b7ca05a817030f0ab73817ce2571d8ee6fb6b74cb2249bd8caccf0403a029caf360c3351f2f054666ce4b36b85858bfa5b3b4d97b08d26524f08a62243dde97f09625a1ce90bccc835c6b64eb0343c84233d8639026f896c23f0daf6ff10a0630c22857e09cf7f386ab9511e47760b5e36d41a14e604ed34c1b8e376e737daec4f3e2cda8fb8b9f444e6d7b94c123dd2271dafdb561947b382ed46f3dce8e508dc4996e3f7c9ea8745a195c0258e42fa12dc8f9519af3118abd076cb062af040e151a253e2cf4d304a9740da05efeee4b98bf4404f4d41535dc1581bff3fbad8ae0dc86f117e245ef9923a0a8bdaa30f197188fcdc2c67fa07660aab17284bc31f97976ab4a1fd26fe868b1dee561ddc4b5aa5efa32949da335e9ee06bf928c2f0c9c2d365091806b04d4360d4dc5555ea0f3f943856def7ab44a72c8f5d2c20fd42267134d1b02d21c9eb7ecf9e2cf0bb863c698b0d255651f8bfdbff3ae2ea8261fdf774ca9f9106d98b25b2142797c261887672011f76a2eaec1e546eddd594b5d39a6d3fc9772bab2dd3e0d82ffda3233038ce1d2c0801dcd7671331fb3f130ec2ea50388927e9ee4572ec6e6947c8170d692ae7de4bf6c7956530c069ec2d331d730356ba7e0fe3a5c1749fe6303757edfe87208d8b13bbdb60ce7806695af355b202e30b1d94ed3ecbe958f15ddce84fb85797041e7b87d92fe5eac84f932bf7dc03e3c632c03b6b7853a5e6d581e5d90e38aad8ce6209909a76b9fed8330d2b262d057f454f879785f4f46947687e891e7afa8e21a47568d1e24531f3dc6ddb8b062fffff9f884e2e2fd4322fb5ec673b3411f7fc6cd03724a246f0e3bac12f546d9b17dc8f69c7e54cd82952a039aeaf1c10a26a5ef71ac6284ec45ea3f5b37b67c6678b5a565572a3e0683910e14c842894921980d2cd71b1c958395ffe3f1a449ae562cfb82b889b4fb61f7d9947c45ad9a4ad17c4e444828dd276694d951639a920490448e6dcdb3b1f9fc148480377f18b7c37f2598cf94e8c366e69317db74114d171eb7428720b4b2e860aceabcb49978e0bdae01ab3ce60cea773cb4782421e49bf1147ffbe27e4db2b23c1118b34fb7102370772a244e6c7272438c3dd85da2266a3e4968a659eb763284d7a746f58dd07a7a397c5aecd185431ed9b9d9f5987b3de80f4ac86554b656569b8b76e29e603aa3465577b9752c74c561bdd3137f583f7ee257bc0233b3e5fb1d27db7764a3b2d4a33de759b191b630d13b9341752b8a258eea27da3ae6ee38aebd146bd12d00283e5cfd000667b36528156d8c1b4e26c509d10ddba14c09b68ca2769f1375b8f932ac27e3938817a90bc8ef96baa86a3ea9659aa2594d7f2c407175820c333f0663b4ab911b35594e3b5434168b62765c63965294b30599fa2009ae44a16ae485288596e4b5e3c49f51ee35571807c514dcd891d1628e5b4ddf52e608d1511547678bf2714120e4896c46746b30b54a7f97b1288741d1f1423c0e46b10eede4104b20e91cef8abb8db4f5e7f8cedca45728cefb60ba900a4e94532a2bdd40e8c0e65de74d5e9775c426c9b7da0ea226e22880b3e511937a05a8fc6b6009afe139265df799856496a86dfd8fdfdc5d2d2b33e2748bd0398a581880d4755bbc721743b34d470801c496e911ab0e35c9b1f31b2b90100b552e37287924dd52e841a90f3e300c174d6efefd5663e4681a02274e003ebd1da722f29accc3163c9a1a16a12e41d09c98a8a6d2bce7fe47a198963091bb3f22295a2190b4ad55be988f5d67702bd62aa2e98bae69b804619ced9d0eed7108ec8f7840d4ff8880289456195d05b5c937f767aca169f4fa9915df73151b4dec7d55a574b0eb5f2c3eafeae34f2c99fbfe3875092db01f83d82d9536977be59bf55037964a799f50e97c8ab5f265b4f84b21dcceb6c8751ec7ce5568bcc8cc350010c386dcda197efa32129e1c4ccf106783e6f643814a0d9663de2a91cca7d31fc7f97e4fb4e31da046d766978edf460113485411f2767cf0899471520c18a1fd6e6860125004497e606d085892d5154c702a9ff50b8ca43582673400cb3063c00d487c26d8ddc8981aeeb5653559e05ed3d7f42e3e0e3831b6cfa8f0d9088cc77ac15763f718c91b57d9c6e32da1b196e59e7236fe30b8a3e56d992e655bcd123459663e1508cb7a1a86104936d11480f4288409b496432892c30f8ef7b80f06a713a82e26fbf12dd82c4327b0bc5921d693d0d8f501ea8ea50c4e7991b15cf18822a512dbf4b0eebca2cdbc3e50ab7fc9ef89848fc0b768ae81579e94372786967fac119cc1466fdd05cce4bf4a1d55f49a3fdd51454a3444a1aa5f44d410e258d622f48a4258eb7a84295b8ad9876ddb55ae7437bda1ea54ae003582ef99e61b61ecb73c1e43bde95a7acf3959773963228f29da3a02eb955295890c87e6a8b675d38c506b964416bb8d81f854c5d856a5b669a6a8ba25c53612a7d9c12a29d93bf07502a369f4b3ce035c4e10109e8c11ba791ef55e92dd4af4e2734dad16c51cb6eb6bcb93a0e58e7cc76e71631a813356cca20960d58c41d42077f3fecba3e6c350dccac2ed42a9643dd0c84497bf5de665061543a2b66e5ce4e2ffde827bf82485765ac0831df263cea567ebffeb13d10ecad0664ddc59b1bb3d373d2af80ab4891d0ff94bceb7ee6d545d7f1eee33111616976a6c4f501ae832abb7630b695b2b3c7d73fa1f27e0d6f930c2496761f3d3140e1a7670a11b953116dee7956190180388972e751a9065fa8b2acbb2da18a52c4ad612134217439b7e59880cfa0f69435924450e336ed2582cff6a9facb954d66df1fa22415d5a29cb748dd1c4e56b5cc458f10d2bdda1772fd24d623d4de2fb7fa3f38935200f74e01d7f06ec341a7d6873bf0fd59387c7988a1d316501b2781ff11608198f3807d2316062fd5a2faa7aa18bc431a7197a6842d2a3a815016f150c89acebaa3d366d8fbf6916c1dd8dcf309b8c7d418a86a496c410fe3f22c63efea5e0a720d91a728a20594151f617865a80d3fc92f89c41c821537c14791f50389c0ece46d615636426228651381207b532888287db948bdd9e06ec32403d170c28f66d91729846325a7c0c74dfd7c4fcd7294e6d59f5ec9698c72ef62fe8baf135bfdca934ad1201c13b6efbb57672bab327e036d68da8d44e223cc750be9d8d68e6b892a3b6691f4840b2a133973f597c8e4bacd833b1394fd370391d18feaebd9f0d5160810115edaf5ee47a014f3d8d4e04046958ec1970a186160e4480541901956ea01fbe41309304f1621e0e6417d1859b878ccdaa9806196700d854a066c1e6d980daa4822c0ea42d17b4c909c057a047e85d46fc0bc1138fe0d2dc520dd6716fc4d833bb6bd0c7e9aaee59dfd4345d7e8f4a8d8d0b53b01df3ff886bd6d2b81d1aec8b1d6c1826dce143e24d8b4572fc17ae59fb137408fb675d55ba6ba0e5676adb731e49863b71a8aafd9a1a1b6a2c36ea74461d6e4d1b4fb03e12d920eaf99a8123079ea38ba8133fe1f6bffdae39fd821c20fff45c75024cd0df0a0332c86972451bdfa78d67f3de22979c90d79f9be488b276ba3495c541a1a5da2da9e0edff02a8deb173984ca5a02d23c83f734bebbbdcd8c7b7f410c4d75150cf6557afd7b274167aa0ef596778c5525c7067b6dd0f28d0ed5c69c7c0100886692eefc553014b8c6cfb74b3c52155ad829f8840b0ace1f4595c97189758bc92f58000000000100000052dfd49468b51e379f9275d6250fcc0e28a61baef7fd7fdc38576518bedf008addfb86ea104200879d197733f5dc1142d283bf6506bea76ffb022752e19642a45d679368de136e8f27ffe0f62372f47b55e47d799a38ac14c3346b974a4af6eb03322c60acee6c5b3d385ec49546b1ab7f4c763787e057e34844f50e632438655949719f213679c8b1e6cf54fd312cbe9cd951ada5b8dfa225a27d216d33e833f146d8a4e78cf188af3d6ca95ab6ffdb7a3810796e5ecf06164105dfd7d0837b37d6a938f8a7931063be558ac00965342019df6e4d1bc1aef242e2fec4769939e9000f08000100018000000800010000000000"], 0x1104}, 0x1, 0x0, 0x0, 0x4000080}, 0x20004000) 04:18:53 executing program 3: r0 = socket(0x15, 0x3, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0x1, &(0x7f0000000000)="ed7d1ebf2b35479dd466b0301aed86167a783e52f620712a132227cacd95f310431705d4abd8b2e63df81b97bdb2861baca7d4c32951aaad23f75c30495a84e6a1acfd0a7158a441ee7518b1a690e02ba128fb65161c"}, 0x20) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00', r0) sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r1, 0x2, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4081}, 0x11) 04:18:53 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 04:18:53 executing program 1: r0 = fork() getpgid(r0) tgkill(r0, r0, 0x1b) 04:18:53 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x5, 0x400000) ioctl$USBDEVFS_RESET(r0, 0x5514) ioctl$USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000080)) ioctl$USBDEVFS_RESET(r0, 0x5514) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x54801, 0x0) mmap$usbfs(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x4000010, r1, 0x5) ioctl$USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000000)=0x5) socket(0x29, 0x80000, 0x81) 04:18:53 executing program 5: socketpair(0xf, 0x0, 0x0, 0x0) 04:18:53 executing program 0: socket(0x11, 0x3, 0x6) openat$vmci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vmci\x00', 0x2, 0x0) 04:18:53 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x858000, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="839561837d511d7a11f0e1f0bfe313adeb3a8d5a7602c72a31d9a7be244fafb9cd81720e4d3e74905c9311399dadf5c54449442af7a1c92eaccce06c14987da4af1166c190ca8d9f07afe3cd0577e639400cd5a5627c136da85f908838e2bbad70d6fed496e876df1573dbf4fa4820aa9eec48eb642205b588c41238c30f9e96c500"/159, @ANYRES64=0x0, @ANYBLOB=',\x00']) 04:18:53 executing program 5: r0 = fork() tgkill(r0, r0, 0x1b) fork() 04:18:53 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 04:18:53 executing program 3: bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={0x1, &(0x7f0000000000)="2bc153c7db68717accd0dfcc8bc0d9", &(0x7f0000000040)=""/52, 0x4}, 0x20) socket(0x11, 0x3, 0x0) r0 = syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x1, 0x2000) connect$nfc_raw(r0, &(0x7f0000000300)={0x27, 0x1, 0x1, 0x6}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x1d, 0x0, &(0x7f0000000380), &(0x7f0000000140)='syzkaller\x00', 0x97, 0x3b, &(0x7f00000000c0)=""/59, 0x40f00, 0x0, [], 0x0, 0x1b, r0, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0xb, 0x2, 0x80000000}, 0x10}, 0x78) mmap$usbfs(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x13, r0, 0x4) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0x0, 0x3, 0x10}, 0xc) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000180)={r2, 0x9}) [ 626.493549] Bluetooth: hci3 command 0x0401 tx timeout 04:18:53 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000080)) ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)) 04:18:53 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:53 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000240)={&(0x7f0000000000)="456bab4abec8d5cd63363d10c03a621c867600ccf4e7a456a0d49c72e8a473c1671b24878883db84160a10eaeaa3ae7b7d6c73afa3149985b8936a1971ff07015583757496a2a27cbfc01b8a4d5eabcf5930b78b1c0a731b71ef536ed715de5ba5121e6bedf72af53f88ade4c04120de0f17a10e29378b3f899a60d3db7d4bbfc83ef193ecb2b53054d0b4c34118c5f284a9d034ce58311b0a04ccffbc78baae1e88dde4dc6e9c51880d1639b5c7663f6e90150a5e96ae40a3e7ac1cb15581c2ae24b424241ba354e46721b4fb4e776bc3fbb2c2630237d722e27a72152b95cffde260329ae6cd01ece028448f6a20cb23e9424c7ed287f943d300cf99aa48", 0xfffffffffffffffe, &(0x7f0000000100)="0ed93b979970ffa731eb24a0e17b4387ca0b4dec4a45636acb70f68712224f7e22372fe2f8f0f145570b1ae1d99a08d8c40d4398447a7e7ebd4c5a00ee403852e8a95f01df4341de5f4a43c6ad18d8c7d15598e523d6be9d71004f838f90fe3165456085d0eed1603334c5012e46a98ac70632518d0cdac70f45d843f301a2a0bac643c921e691340580ca2a313e2821b1bcb56e32d6e7260911e7032e3d1f0aa6eb081aa0edb1de3a2e797aed64eaf59e635a67bcb573b36a3664b6f092be0330e7ac817dc95beef950691f160665f25fc3d48ee676913633caf0a2faf343e327ec078680", &(0x7f0000000200)="f1beace4fc95", 0x80000000, r0}, 0x38) socket(0x11, 0x3, 0x0) socket(0xb, 0xa, 0x5) 04:18:53 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c775c9d6e6f3ddb268735f155aed75f8fc490a48435b634b80a2a92b8b3db4c0d0d4870c94012587ecd2f2e917adfa91a773a71e73f75090d7fd38511a710517f0700a2400b12d7d9473995bc9496f1fee4ffa46ec92f2ee392abe4b1fd8b58f49980a22759b058e9a0f835ec5d4de20e4416061b93bb1b1ac30010e3e35742522359ca63d4fdb537216a446c78fed26e2039c0e7278b2a505df923a6a5576c4feb72968305838c9609fdc39eba2c4057841852c720cadd98494dbe0935d7bbe2b1b5719f8aa7edac8ef23917abba75c26644dd9497976fb1d9491f8dcb1a8882f0cb0080000000000000526d", @ANYRESDEC=0x0, @ANYBLOB="2cca"]) fork() openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vim2m\x00', 0x2, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x82040, 0x0) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000040)) 04:18:53 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = fork() sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x8000) ioctl$vim2m_VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, &(0x7f0000000000)) 04:18:53 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:53 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000000)="b511c4beaf96e8ba98ef13552b3f9e6a5f4d77d42e38866e84135c39") r1 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet6_dccp_int(r1, 0x21, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0x4) 04:18:53 executing program 0: syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) ioctl$SIOCPNGETOBJECT(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)=0xffff) 04:18:54 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = fork() pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff}, 0x2800) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x20040, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno'}, 0x2c, {[], [{@seclabel='seclabel'}, {@dont_measure='dont_measure'}, {@smackfshat={'smackfshat', 0x3d, 'rfdno'}}, {@appraise='appraise'}, {@smackfsdef={'smackfsdef'}}, {@uid_gt={'uid>', 0xee01}}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}, {@fsname={'fsname', 0x3d, '^'}}, {@smackfsdef={'smackfsdef'}}]}}) socket$phonet_pipe(0x23, 0x5, 0x2) r2 = getpgrp(r0) getpgid(r2) 04:18:54 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 3: socket(0x1e, 0xa, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', 0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [""]}, 0x14}}, 0x4000) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xb8, r2, 0x2, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TESTDATA={0x30, 0x45, "9f131057e246d8de17d66ae26ef9a1ee4a455c56f90c100e467f79ba22fbd24397d87dd74a76afcf2e1f0260"}, @NL80211_ATTR_TESTDATA={0x72, 0x45, "085c1914090f3ead91a0c29a732f505116e44a472c9a4b39787d06f1efab8a56e99f2161ba91cabdb75fd17690fc1b554eeef39f9cb4614d5aee66259a065abf0857f57f30922f3c04e93268b5d9826ae44426d7920bf73ec6167046c2e2ba6b2aa776fa9946b16dc12c540fde00"}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20040080}, 0x18000) 04:18:54 executing program 0: r0 = socket(0x11, 0x3, 0x6) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x74, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x1, 0x47}}}}, [@NL80211_ATTR_REKEY_DATA={0xc, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x23}]}, @NL80211_ATTR_REKEY_DATA={0x48, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="081834fb14947607b8fcefcbe30cd3b4b28d664e43ebfc6c"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "d15b5a9eba939651"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="75c3742be901fda56a9a38d03a167ae14dd77f7ad87482f3"}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x24040010}, 0x4000040) 04:18:54 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb}) 04:18:54 executing program 1: r0 = fork() tgkill(r0, r0, 0x1f) 04:18:54 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x9}, @map_val={0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x200}]}, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x8, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0xa, 0x3}, 0x8, 0x10, &(0x7f00000000c0)={0x1, 0xd, 0x7fff, 0x500000}, 0x10}, 0x78) r1 = socket(0x11, 0x3, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', r0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x40, r4, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x680d, 0x13}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x30}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xfa, 0x5c}}, @NL80211_ATTR_WDEV={0xc}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000040) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000480)={&(0x7f0000000200)={0x278, r3, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x6c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="5bf568037d30a645d5103f9e40067d64"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="6fb8beb4167926f752972b8a3a584415009719d1beb434f9b1f4f2cb93a84f2e"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="c9b858aa8729be74e6724001ed1878f8ce3554a878f2c366"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="59484d2a53f29b41385ae1b592f10028"}]}, @NL80211_ATTR_REKEY_DATA={0x24, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="5d68f74edd7ce6eb5a9499d093ac6b7b"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "34a70f8112d3660e"}]}, @NL80211_ATTR_REKEY_DATA={0x30, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7fff}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="d71d3ca8a5c53a42f5455dc69462af51e54cd741a878764154e9a7a39dcfb5ee"}]}, @NL80211_ATTR_REKEY_DATA={0x10, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "7de61a60c1b21c6a"}]}, @NL80211_ATTR_REKEY_DATA={0x3c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="75178f46898a1e9c270217866b895ccfc289ca8c0e253d9528fee0c9f16cf1a7"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="e611d53e9a726ac6d0003525c6280bc3"}]}, @NL80211_ATTR_REKEY_DATA={0x18, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x2}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "125288375d15084e"}]}, @NL80211_ATTR_REKEY_DATA={0xa0, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f42512a84bf884e0"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="9e8e482ccbee0b9fac2cc2af33c2655b1d0ea31bc9a872d5eb16dcde921d6d51"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "3eac5b7f6a32e272"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "eb337979e8073bce"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="ddfeb28f3343a905bd4dfa2a095ec40106b097e09f27147a6f372156dc94eba5"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1ff}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "93da427457b2c23c"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="7c5709bf6548648cc6fc6d44e14f8531"}]}, @NL80211_ATTR_REKEY_DATA={0x94, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "bd2824a05728440e"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="5df5b17affbbcf53eccc2097f621d6737fec12a8e12787817885cdebe72af24f"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="e306efef9955e38addbb2cf6a0bcda68"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="77fb02f8f2f79a6ae7b98b97c5e71a3f"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "11b7e48aa22119d2"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6124a4b2e37a308a"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f9363ea2823f6821"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="580ae0e831ebccd84cf171b73c8f77bd"}]}, @NL80211_ATTR_REKEY_DATA={0xc, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1}]}]}, 0x278}, 0x1, 0x0, 0x0, 0x24004051}, 0x4044040) 04:18:54 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) 04:18:54 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 0: r0 = socket(0x11, 0x3, 0x6) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000000)=0x1, 0x4) ioctl$sock_bt_hci(r0, 0x800448f0, &(0x7f0000000040)="9589f41aa0862f3546dc1b901abe168d182f0b827e74a636c40d9985afab7507127be6da39dd97ada60d9b0ce7c0d74c145223") 04:18:54 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb}) 04:18:54 executing program 5: ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 4: r0 = syz_open_dev$usbfs(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x5, 0x400000) ioctl$USBDEVFS_RESET(r0, 0x5514) ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000040)) mount$9p_fd(0x0, 0x0, 0x0, 0x24809a, &(0x7f0000000000)=ANY=[@ANYRESHEX, @ANYRES16]) fork() 04:18:54 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x9}, @map_val={0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x200}]}, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x8, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0xa, 0x3}, 0x8, 0x10, &(0x7f00000000c0)={0x1, 0xd, 0x7fff, 0x500000}, 0x10}, 0x78) r1 = socket(0x11, 0x3, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00', r0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540)='nl80211\x00', 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x40, r4, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x680d, 0x13}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x30}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xfa, 0x5c}}, @NL80211_ATTR_WDEV={0xc}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000040) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000480)={&(0x7f0000000200)={0x278, r3, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x6c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="5bf568037d30a645d5103f9e40067d64"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="6fb8beb4167926f752972b8a3a584415009719d1beb434f9b1f4f2cb93a84f2e"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="c9b858aa8729be74e6724001ed1878f8ce3554a878f2c366"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="59484d2a53f29b41385ae1b592f10028"}]}, @NL80211_ATTR_REKEY_DATA={0x24, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="5d68f74edd7ce6eb5a9499d093ac6b7b"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "34a70f8112d3660e"}]}, @NL80211_ATTR_REKEY_DATA={0x30, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7fff}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="d71d3ca8a5c53a42f5455dc69462af51e54cd741a878764154e9a7a39dcfb5ee"}]}, @NL80211_ATTR_REKEY_DATA={0x10, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "7de61a60c1b21c6a"}]}, @NL80211_ATTR_REKEY_DATA={0x3c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="75178f46898a1e9c270217866b895ccfc289ca8c0e253d9528fee0c9f16cf1a7"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="e611d53e9a726ac6d0003525c6280bc3"}]}, @NL80211_ATTR_REKEY_DATA={0x18, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x2}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "125288375d15084e"}]}, @NL80211_ATTR_REKEY_DATA={0xa0, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f42512a84bf884e0"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="9e8e482ccbee0b9fac2cc2af33c2655b1d0ea31bc9a872d5eb16dcde921d6d51"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "3eac5b7f6a32e272"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "eb337979e8073bce"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="ddfeb28f3343a905bd4dfa2a095ec40106b097e09f27147a6f372156dc94eba5"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1ff}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "93da427457b2c23c"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="7c5709bf6548648cc6fc6d44e14f8531"}]}, @NL80211_ATTR_REKEY_DATA={0x94, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "bd2824a05728440e"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="5df5b17affbbcf53eccc2097f621d6737fec12a8e12787817885cdebe72af24f"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="e306efef9955e38addbb2cf6a0bcda68"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="77fb02f8f2f79a6ae7b98b97c5e71a3f"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "11b7e48aa22119d2"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6124a4b2e37a308a"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f9363ea2823f6821"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="580ae0e831ebccd84cf171b73c8f77bd"}]}, @NL80211_ATTR_REKEY_DATA={0xc, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1}]}]}, 0x278}, 0x1, 0x0, 0x0, 0x24004051}, 0x4044040) 04:18:54 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x2) 04:18:54 executing program 0: ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3}) ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000080)={r0, 0x3ff, 0x2, 0x8, 0x4, 0x10001, 0x4, 0xc7ec, 0x3, 0x64, 0x5, 0x7ff}) socket(0x11, 0x3, 0x6) 04:18:54 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb}) 04:18:54 executing program 5: ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 3: r0 = fork() tgkill(r0, r0, 0x1f) 04:18:54 executing program 0: socket(0x11, 0x3, 0x6) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000000)={0x0, 0x800, 0x8, 0x1ff, 0x40000, 0x9, 0x1f, 0x81, 0x0, 0x9, 0x2, 0x35819006}) 04:18:54 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xfffffffb}) 04:18:54 executing program 5: ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 1: r0 = fork() tgkill(r0, r0, 0x18) 04:18:54 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x1000010, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r0}}) fork() 04:18:54 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 0: socket(0x11, 0x3, 0x6) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) sendto$phonet(r0, &(0x7f0000000000)="154e398184be1640946331a9cea4da2e4e29547cb60cb80895a4a7f44620cdff5fb5bbc50f1759c855761c9748c6023a13fcc7614cb3cae1855b8fd71f4af23779", 0x41, 0x40010, &(0x7f0000000080)={0x23, 0x6, 0x4b, 0x4}, 0x10) 04:18:54 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x5, 0x400000) ioctl$USBDEVFS_RESET(r0, 0x5514) ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000040)) mount$9p_fd(0x0, 0x0, 0x0, 0x24809a, &(0x7f0000000000)=ANY=[@ANYRESHEX, @ANYRES16]) fork() 04:18:54 executing program 1: r0 = fork() getpgid(r0) r1 = getpid() tgkill(0x0, r1, 0x0) tgkill(r0, r1, 0x1b) 04:18:54 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 2: r0 = fork() tgkill(r0, r0, 0x1b) sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x2) 04:18:54 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x0, 0x0) syz_init_net_socket$x25(0x9, 0x5, 0x0) 04:18:54 executing program 3: socket(0x1e, 0xa, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', 0xffffffffffffffff) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [""]}, 0x14}}, 0x4000) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r1) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xb8, r2, 0x2, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TESTDATA={0x30, 0x45, "9f131057e246d8de17d66ae26ef9a1ee4a455c56f90c100e467f79ba22fbd24397d87dd74a76afcf2e1f0260"}, @NL80211_ATTR_TESTDATA={0x72, 0x45, "085c1914090f3ead91a0c29a732f505116e44a472c9a4b39787d06f1efab8a56e99f2161ba91cabdb75fd17690fc1b554eeef39f9cb4614d5aee66259a065abf0857f57f30922f3c04e93268b5d9826ae44426d7920bf73ec6167046c2e2ba6b2aa776fa9946b16dc12c540fde00"}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20040080}, 0x18000) 04:18:54 executing program 1: r0 = fork() getpgrp(r0) r1 = getpgid(r0) tgkill(r1, r0, 0x24001b) 04:18:54 executing program 3: r0 = fork() tgkill(r0, r0, 0x1b) r1 = fork() sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x8000) ioctl$vim2m_VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, &(0x7f0000000000)) 04:18:54 executing program 0: sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="64010000", @ANYRES16=0x0, @ANYBLOB="2e042abd7000fbdbdf252d00000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990071c400006c00000012004500a47fdd821f0dff5d5f59fc1979ab0000e6004500b5bdc603635be378bb15859e731dd20d849af59dd141fc381978e6768cc499a90c09e9aa81d110b397493a607e2160722337d0c2783211350c1c30fa94a83cd9b434ed2df0c6a32f83c4004e904e33f55c69e29e081567af79f4786d3e6ab710f2dab3e23fd3fc26bfefe2008f26b698d76153265f27876bee7e5cd4bc415af0d15f6fe9bc6e78f4908f1e1da3e99930ed21ef917eb7de14a03c5347e955c8436c5d3b2cf02f59d7b0335eee511ca8c613320f756a88a97f7d61a461ac2723ab330caa49a9ad8c0bd8ac472e307d5fefd98d567e397d3075a67bfa8a35d102e236870000530045000e8cc1860521ccb9813e3ab200bfc5676ac5c2b8378724582e13804c8bcf7ffee8112c4b8e5a1754ca22710d995df9182bf13a3fd57d3a4e90766811738e532f300846cb5a0f8d1d44f152482724f400"], 0x178}, 0x1, 0x0, 0x0, 0x8001}, 0x1) socket(0x11, 0x3, 0x6) 04:18:54 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 2: socket(0x11, 0x3, 0x6) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) sendto$phonet(r0, &(0x7f0000000000)="154e398184be1640946331a9cea4da2e4e29547cb60cb80895a4a7f44620cdff5fb5bbc50f1759c855761c9748c6023a13fcc7614cb3cae1855b8fd71f4af23779", 0x41, 0x40010, &(0x7f0000000080)={0x23, 0x6, 0x4b, 0x4}, 0x10) 04:18:54 executing program 0: socket(0x28, 0x3, 0x8) 04:18:54 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c776664856f3d", @ANYRESHEX, @ANYBLOB=',\x00']) fork() 04:18:54 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:54 executing program 0: r0 = socket(0x11, 0x3, 0x1fd) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) 04:18:54 executing program 1: r0 = fork() ptrace$peekuser(0x3, r0, 0xff) tgkill(r0, r0, 0x20) 04:18:55 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)=0x5) syz_init_net_socket$x25(0x9, 0x5, 0x0) 04:18:55 executing program 2: r0 = fork() getpgrp(r0) r1 = getpgid(r0) tgkill(r1, r0, 0x24001b) 04:18:55 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:55 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000000)="b511c4beaf96e8ba98ef13552b3f9e6a5f4d77d42e38866e84135c39") r1 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet6_dccp_int(r1, 0x21, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0x4) 04:18:55 executing program 0: r0 = socket(0x11, 0x3, 0x6) recvfrom$phonet(r0, &(0x7f0000000000)=""/83, 0x53, 0x10162, 0x0, 0x0) 04:18:55 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) fork() mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x1018, &(0x7f0000000100)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@access_uid={'access', 0x3d, 0xee00}}, {@afid={'afid', 0x3d, 0x5}}], [{@measure='measure'}, {@smackfsdef={'smackfsdef', 0x3d, ','}}]}}) 04:18:55 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0x0, 0x983}) 04:18:55 executing program 1: fork() gettid() r0 = getpid() tgkill(0x0, r0, 0x0) tgkill(0x0, 0x0, 0x0) r1 = getpid() tgkill(0x0, r1, 0x0) getpgid(r1) tgkill(0x0, r0, 0x1a) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) syz_usbip_server_init(0x5) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 04:18:55 executing program 2: r0 = fork() ptrace$peekuser(0x3, r0, 0xff) tgkill(r0, r0, 0x20) 04:18:55 executing program 0: socket(0x11, 0x3, 0x6) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400800, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x80003, 0x0) 04:18:55 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000000)="b511c4beaf96e8ba98ef13552b3f9e6a5f4d77d42e38866e84135c39") r1 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet6_dccp_int(r1, 0x21, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0x4) 04:18:55 executing program 4: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x4800) mount$9p_fd(0x0, 0x0, 0x0, 0x8000, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}}) fork() 04:18:55 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 04:18:55 executing program 0: r0 = socket(0x11, 0x3, 0x6) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x38801, 0x0) ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000640)={0x0, 0x1e}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xcc, r2, 0x4, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x2}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x275}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16e9}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x9}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x23d}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14a0}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x143c}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x15f}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x324}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1ff}]]}, 0xcc}, 0x1, 0x0, 0x0, 0x4}, 0x24000005) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r3) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x178, r5, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TESTDATA={0x8f, 0x45, "cd606d5d1db9892ba1795246dd139fb2aacdc3350ba2793a0f2b605b76f5533658e3894e2924140cf452258a7ea6737cb70f85da6d5af2815a674be9edd712ae50fee2d7d6772f68e65db4e0d1f85f4c05c17ea278c607acf1e3dc5b7fbc0101cfead02dc259b1195357f64e8418a4e73fe17337896b8fa7aa6dab1e4f54e58220836a32fe8cd7559af5f1"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "656dd20793e60748d0960a51bb33fca122761d2d63c5fecaea893df7d1e562a35404115dcd80918c9ddf181e059fc7e16ec20976f65e065bec808a5178502262cf137551595e6c426dc6d2c8674722dfe3a19b4e25085115af8597da28d2f1f1d4c25afecd4d4567cbd2cee5820ed79a51b0ffa605f0f2037a0f26a650dd665416e245a5d60465"}, @NL80211_ATTR_TESTDATA={0x3c, 0x45, "1f8ccb553b6c0e989b434386c1071b7fcce3643882279324f4d3b6506dd564cf4a7b1b62677df6ca506d2b8f80914b4bf76bd316785c4cdf"}]}, 0x178}, 0x1, 0x0, 0x0, 0x8040090}, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000008}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r5, 0x2, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x8}, 0xf17f5f2f32ff63d8) 04:18:55 executing program 2: r0 = fork() ptrace$peekuser(0x3, r0, 0xff) tgkill(r0, r0, 0x20) 04:18:55 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000000)="b511c4beaf96e8ba98ef13552b3f9e6a5f4d77d42e38866e84135c39") r1 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet6_dccp_int(r1, 0x21, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 628.080529] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 628.086381] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) 04:18:55 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 04:18:55 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000000)="b511c4beaf96e8ba98ef13552b3f9e6a5f4d77d42e38866e84135c39") socket$inet6_dccp(0xa, 0x6, 0x0) 04:18:55 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x19b100, 0x0) write$usbip_server(r0, &(0x7f0000000040)=@ret_unlink={{0x4, 0x0, 0x0, 0x0, 0x2}, {0x3b}}, 0x30) fork() [ 628.175200] vhci_hcd: connection closed [ 628.175444] vhci_hcd: stop threads [ 628.190965] vhci_hcd: release socket [ 628.208030] vhci_hcd: disconnect device [ 628.263511] Bluetooth: hci0 command 0x0401 tx timeout [ 628.573329] Bluetooth: hci3 command 0x0401 tx timeout [ 628.679708] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(4) [ 628.685524] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 628.698175] vhci_hcd: connection closed [ 628.698310] BUG: unable to handle kernel NULL pointer dereference at 000000000000001c [ 628.710275] IP: kthread_stop+0x47/0x640 [ 628.714238] PGD 0 P4D 0 [ 628.717102] Oops: 0002 [#1] PREEMPT SMP KASAN [ 628.721710] Modules linked in: 04:18:55 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x50000, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r1) 04:18:55 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 04:18:55 executing program 2: r0 = fork() ptrace$peekuser(0x3, r0, 0xff) tgkill(r0, r0, 0x20) 04:18:55 executing program 0: r0 = getpid() tgkill(0x0, r0, 0x0) tgkill(r0, 0x0, 0x2e) socket(0x11, 0x3, 0x6) 04:18:55 executing program 3: socket(0x11, 0x3, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000000)="b511c4beaf96e8ba98ef13552b3f9e6a5f4d77d42e38866e84135c39") 04:18:55 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}}) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r2) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xb0, r1, 0x800, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0xfaf, 0x69}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xffffffff, 0x61}}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xffffff00, 0x15}}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x5, 0x1}}, @NL80211_ATTR_MESH_CONFIG={0x3c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x3ff}, @NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8, 0xb, 0x3ff}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x2}, @NL80211_MESHCONF_FORWARDING={0x5}, @NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8, 0xb, 0x6}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x3}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x1, 0x4e}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x7, 0x38}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x50001}, 0x4) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x34, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3ff}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x81}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xc3}]}, 0x34}}, 0x20040091) fork() 04:18:55 executing program 1: r0 = fork() tgkill(r0, r0, 0x1b) r1 = getpid() tgkill(0x0, r1, 0x0) ptrace$peekuser(0x3, r1, 0x9) [ 628.724905] CPU: 0 PID: 33 Comm: kworker/u4:2 Not tainted 4.14.225-syzkaller #0 [ 628.732516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 628.741872] Workqueue: usbip_event event_handler [ 628.746624] task: ffff8880b5640180 task.stack: ffff8880b5668000 [ 628.752678] RIP: 0010:kthread_stop+0x47/0x640 [ 628.757160] RSP: 0018:ffff8880b566fc70 EFLAGS: 00010297 [ 628.762523] RAX: ffff8880b5640180 RBX: 0000000000000000 RCX: 0000000000000000 [ 628.769803] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000286 04:18:56 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)) [ 628.777090] RBP: fffffffffffffffc R08: ffffffff8b9a6628 R09: 0000000000000000 [ 628.784376] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880aa3cccd8 [ 628.791926] R13: ffff8880aa3cccc8 R14: fffffbfff1924338 R15: ffffffff89858680 [ 628.799194] FS: 0000000000000000(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 628.807410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 628.813279] CR2: 000000000000001c CR3: 0000000008e6a000 CR4: 00000000001406f0 [ 628.820540] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 628.827806] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 628.835069] Call Trace: [ 628.837670] vhci_shutdown_connection+0x12a/0x240 [ 628.842508] ? mark_held_locks+0xa6/0xf0 [ 628.846572] ? kfree+0x14a/0x250 [ 628.849932] ? event_handler+0x141/0x4a0 [ 628.853989] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 628.858999] event_handler+0x1c3/0x4a0 [ 628.862886] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 628.868513] process_one_work+0x793/0x14a0 [ 628.872755] ? work_busy+0x320/0x320 [ 628.876549] ? worker_thread+0x158/0xff0 04:18:56 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00', r0) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004010}, 0x4004040) r1 = fork() tgkill(r1, r1, 0x1b) [ 628.880601] ? _raw_spin_unlock_irq+0x24/0x80 [ 628.885103] worker_thread+0x5cc/0xff0 [ 628.888990] ? rescuer_thread+0xc80/0xc80 [ 628.893127] kthread+0x30d/0x420 [ 628.896497] ? kthread_create_on_node+0xd0/0xd0 [ 628.901162] ret_from_fork+0x24/0x30 [ 628.904873] Code: 00 65 8b 1d 6c 2b ca 7e 83 fb 07 0f 87 5b 04 00 00 e8 5e cb 1d 00 89 db 48 0f a3 1d bc 67 d1 08 0f 82 a2 03 00 00 e8 49 cb 1d 00 ff 45 20 48 8d 7d 24 48 b8 00 00 00 00 00 fc ff df 48 89 fa [ 628.924226] RIP: kthread_stop+0x47/0x640 RSP: ffff8880b566fc70 [ 628.930197] CR2: 000000000000001c [ 628.933647] ---[ end trace 98a483867bd2772b ]--- [ 628.938393] Kernel panic - not syncing: Fatal exception [ 628.943788] Kernel Offset: disabled [ 628.948106] Rebooting in 86400 seconds..