Warning: Permanently added '[localhost]:17903' (ECDSA) to the list of known hosts.
2023/02/26 21:00:14 fuzzer started
2023/02/26 21:00:14 dialing manager at localhost:41417
syzkaller login: [   36.057085] cgroup: Unknown subsys name 'net'
[   36.172077] cgroup: Unknown subsys name 'rlimit'
2023/02/26 21:00:28 syscalls: 2217
2023/02/26 21:00:28 code coverage: enabled
2023/02/26 21:00:28 comparison tracing: enabled
2023/02/26 21:00:28 extra coverage: enabled
2023/02/26 21:00:28 setuid sandbox: enabled
2023/02/26 21:00:28 namespace sandbox: enabled
2023/02/26 21:00:28 Android sandbox: enabled
2023/02/26 21:00:28 fault injection: enabled
2023/02/26 21:00:28 leak checking: enabled
2023/02/26 21:00:28 net packet injection: enabled
2023/02/26 21:00:28 net device setup: enabled
2023/02/26 21:00:28 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2023/02/26 21:00:28 devlink PCI setup: PCI device 0000:00:10.0 is not available
2023/02/26 21:00:28 USB emulation: enabled
2023/02/26 21:00:28 hci packet injection: enabled
2023/02/26 21:00:28 wifi device emulation: enabled
2023/02/26 21:00:28 802.15.4 emulation: enabled
2023/02/26 21:00:28 fetching corpus: 50, signal 31315/33173 (executing program)
2023/02/26 21:00:29 fetching corpus: 100, signal 47401/50966 (executing program)
2023/02/26 21:00:29 fetching corpus: 150, signal 60431/65546 (executing program)
2023/02/26 21:00:29 fetching corpus: 200, signal 67789/74464 (executing program)
2023/02/26 21:00:29 fetching corpus: 250, signal 75289/83435 (executing program)
2023/02/26 21:00:29 fetching corpus: 300, signal 80281/89885 (executing program)
2023/02/26 21:00:29 fetching corpus: 350, signal 86859/97832 (executing program)
2023/02/26 21:00:29 fetching corpus: 400, signal 92092/104373 (executing program)
2023/02/26 21:00:30 fetching corpus: 450, signal 97847/111429 (executing program)
2023/02/26 21:00:30 fetching corpus: 500, signal 103709/118552 (executing program)
2023/02/26 21:00:30 fetching corpus: 550, signal 106326/122553 (executing program)
2023/02/26 21:00:30 fetching corpus: 600, signal 109980/127481 (executing program)
2023/02/26 21:00:30 fetching corpus: 650, signal 112034/130885 (executing program)
2023/02/26 21:00:30 fetching corpus: 700, signal 116359/136378 (executing program)
2023/02/26 21:00:30 fetching corpus: 750, signal 119101/140368 (executing program)
2023/02/26 21:00:30 fetching corpus: 800, signal 121781/144245 (executing program)
2023/02/26 21:00:31 fetching corpus: 850, signal 124342/148000 (executing program)
2023/02/26 21:00:31 fetching corpus: 900, signal 126944/151761 (executing program)
2023/02/26 21:00:31 fetching corpus: 950, signal 129465/155420 (executing program)
2023/02/26 21:00:31 fetching corpus: 1000, signal 131596/158737 (executing program)
2023/02/26 21:00:31 fetching corpus: 1050, signal 132939/161279 (executing program)
2023/02/26 21:00:31 fetching corpus: 1100, signal 134716/164201 (executing program)
2023/02/26 21:00:31 fetching corpus: 1150, signal 137023/167602 (executing program)
2023/02/26 21:00:31 fetching corpus: 1200, signal 139008/170721 (executing program)
2023/02/26 21:00:32 fetching corpus: 1250, signal 142553/175147 (executing program)
2023/02/26 21:00:32 fetching corpus: 1300, signal 146139/179562 (executing program)
2023/02/26 21:00:32 fetching corpus: 1350, signal 149000/183285 (executing program)
2023/02/26 21:00:32 fetching corpus: 1400, signal 152151/187276 (executing program)
2023/02/26 21:00:32 fetching corpus: 1450, signal 154362/190461 (executing program)
2023/02/26 21:00:32 fetching corpus: 1500, signal 156445/193488 (executing program)
2023/02/26 21:00:32 fetching corpus: 1550, signal 158390/196393 (executing program)
2023/02/26 21:00:32 fetching corpus: 1600, signal 160482/199382 (executing program)
2023/02/26 21:00:33 fetching corpus: 1650, signal 162948/202711 (executing program)
2023/02/26 21:00:33 fetching corpus: 1700, signal 164722/205429 (executing program)
2023/02/26 21:00:33 fetching corpus: 1750, signal 165938/207624 (executing program)
2023/02/26 21:00:33 fetching corpus: 1800, signal 167644/210261 (executing program)
2023/02/26 21:00:33 fetching corpus: 1850, signal 170095/213468 (executing program)
2023/02/26 21:00:33 fetching corpus: 1900, signal 172065/216279 (executing program)
2023/02/26 21:00:33 fetching corpus: 1950, signal 173756/218833 (executing program)
2023/02/26 21:00:34 fetching corpus: 2000, signal 174696/220790 (executing program)
2023/02/26 21:00:34 fetching corpus: 2050, signal 176509/223399 (executing program)
2023/02/26 21:00:34 fetching corpus: 2100, signal 178075/225829 (executing program)
2023/02/26 21:00:34 fetching corpus: 2150, signal 179861/228409 (executing program)
2023/02/26 21:00:34 fetching corpus: 2200, signal 181070/230446 (executing program)
2023/02/26 21:00:34 fetching corpus: 2250, signal 183243/233271 (executing program)
2023/02/26 21:00:34 fetching corpus: 2300, signal 184303/235199 (executing program)
2023/02/26 21:00:35 fetching corpus: 2350, signal 185565/237261 (executing program)
2023/02/26 21:00:35 fetching corpus: 2400, signal 186695/239210 (executing program)
2023/02/26 21:00:35 fetching corpus: 2450, signal 187783/241122 (executing program)
2023/02/26 21:00:35 fetching corpus: 2500, signal 189247/243289 (executing program)
2023/02/26 21:00:35 fetching corpus: 2550, signal 190281/245150 (executing program)
2023/02/26 21:00:35 fetching corpus: 2600, signal 191504/247155 (executing program)
2023/02/26 21:00:35 fetching corpus: 2650, signal 192541/248971 (executing program)
2023/02/26 21:00:35 fetching corpus: 2700, signal 193495/250756 (executing program)
2023/02/26 21:00:36 fetching corpus: 2750, signal 194752/252705 (executing program)
2023/02/26 21:00:36 fetching corpus: 2800, signal 196028/254694 (executing program)
2023/02/26 21:00:36 fetching corpus: 2850, signal 197031/256460 (executing program)
2023/02/26 21:00:36 fetching corpus: 2900, signal 198046/258253 (executing program)
2023/02/26 21:00:36 fetching corpus: 2950, signal 199381/260248 (executing program)
2023/02/26 21:00:36 fetching corpus: 3000, signal 200829/262294 (executing program)
2023/02/26 21:00:36 fetching corpus: 3050, signal 202156/264226 (executing program)
2023/02/26 21:00:36 fetching corpus: 3100, signal 203146/265896 (executing program)
2023/02/26 21:00:37 fetching corpus: 3150, signal 203974/267449 (executing program)
2023/02/26 21:00:37 fetching corpus: 3200, signal 204806/269006 (executing program)
2023/02/26 21:00:37 fetching corpus: 3250, signal 205588/270561 (executing program)
2023/02/26 21:00:37 fetching corpus: 3300, signal 206888/272467 (executing program)
2023/02/26 21:00:37 fetching corpus: 3350, signal 207794/274079 (executing program)
2023/02/26 21:00:37 fetching corpus: 3400, signal 208766/275741 (executing program)
2023/02/26 21:00:37 fetching corpus: 3450, signal 209389/277198 (executing program)
2023/02/26 21:00:37 fetching corpus: 3500, signal 210078/278658 (executing program)
2023/02/26 21:00:38 fetching corpus: 3550, signal 210919/280191 (executing program)
2023/02/26 21:00:38 fetching corpus: 3600, signal 212344/282122 (executing program)
2023/02/26 21:00:38 fetching corpus: 3650, signal 212923/283442 (executing program)
2023/02/26 21:00:38 fetching corpus: 3700, signal 213689/284895 (executing program)
2023/02/26 21:00:38 fetching corpus: 3750, signal 214627/286448 (executing program)
2023/02/26 21:00:38 fetching corpus: 3800, signal 215349/287821 (executing program)
2023/02/26 21:00:38 fetching corpus: 3850, signal 216252/289340 (executing program)
2023/02/26 21:00:39 fetching corpus: 3900, signal 217285/290948 (executing program)
2023/02/26 21:00:39 fetching corpus: 3950, signal 217935/292270 (executing program)
2023/02/26 21:00:39 fetching corpus: 4000, signal 220366/294726 (executing program)
2023/02/26 21:00:39 fetching corpus: 4050, signal 221298/296252 (executing program)
2023/02/26 21:00:39 fetching corpus: 4100, signal 222117/297732 (executing program)
2023/02/26 21:00:39 fetching corpus: 4150, signal 222884/299123 (executing program)
2023/02/26 21:00:39 fetching corpus: 4200, signal 224030/300693 (executing program)
2023/02/26 21:00:40 fetching corpus: 4250, signal 224764/302000 (executing program)
2023/02/26 21:00:40 fetching corpus: 4300, signal 225462/303356 (executing program)
2023/02/26 21:00:40 fetching corpus: 4350, signal 226093/304612 (executing program)
2023/02/26 21:00:40 fetching corpus: 4400, signal 226777/305901 (executing program)
2023/02/26 21:00:40 fetching corpus: 4450, signal 227499/307223 (executing program)
2023/02/26 21:00:40 fetching corpus: 4500, signal 228135/308468 (executing program)
2023/02/26 21:00:40 fetching corpus: 4550, signal 229128/309913 (executing program)
2023/02/26 21:00:40 fetching corpus: 4600, signal 229788/311181 (executing program)
2023/02/26 21:00:41 fetching corpus: 4650, signal 230683/312529 (executing program)
2023/02/26 21:00:41 fetching corpus: 4700, signal 231384/313781 (executing program)
2023/02/26 21:00:41 fetching corpus: 4750, signal 231951/314938 (executing program)
2023/02/26 21:00:41 fetching corpus: 4800, signal 232596/316166 (executing program)
2023/02/26 21:00:41 fetching corpus: 4850, signal 233238/317404 (executing program)
2023/02/26 21:00:41 fetching corpus: 4900, signal 233975/318677 (executing program)
2023/02/26 21:00:41 fetching corpus: 4950, signal 234671/319959 (executing program)
2023/02/26 21:00:42 fetching corpus: 5000, signal 235234/321152 (executing program)
2023/02/26 21:00:42 fetching corpus: 5050, signal 235679/322223 (executing program)
2023/02/26 21:00:42 fetching corpus: 5100, signal 236421/323464 (executing program)
2023/02/26 21:00:42 fetching corpus: 5150, signal 237166/324700 (executing program)
2023/02/26 21:00:42 fetching corpus: 5200, signal 237613/325768 (executing program)
2023/02/26 21:00:42 fetching corpus: 5250, signal 238323/326944 (executing program)
2023/02/26 21:00:42 fetching corpus: 5300, signal 238975/328094 (executing program)
2023/02/26 21:00:42 fetching corpus: 5350, signal 239734/329311 (executing program)
2023/02/26 21:00:43 fetching corpus: 5400, signal 240679/330639 (executing program)
2023/02/26 21:00:43 fetching corpus: 5450, signal 241344/331792 (executing program)
2023/02/26 21:00:43 fetching corpus: 5500, signal 242017/332949 (executing program)
2023/02/26 21:00:43 fetching corpus: 5550, signal 242694/334126 (executing program)
2023/02/26 21:00:43 fetching corpus: 5600, signal 243253/335205 (executing program)
2023/02/26 21:00:43 fetching corpus: 5650, signal 243883/336347 (executing program)
2023/02/26 21:00:43 fetching corpus: 5700, signal 244664/337524 (executing program)
2023/02/26 21:00:43 fetching corpus: 5750, signal 245091/338517 (executing program)
2023/02/26 21:00:44 fetching corpus: 5800, signal 245911/339702 (executing program)
2023/02/26 21:00:44 fetching corpus: 5850, signal 246578/340785 (executing program)
2023/02/26 21:00:44 fetching corpus: 5900, signal 247243/341922 (executing program)
2023/02/26 21:00:44 fetching corpus: 5950, signal 247789/342935 (executing program)
2023/02/26 21:00:44 fetching corpus: 6000, signal 248308/343924 (executing program)
2023/02/26 21:00:44 fetching corpus: 6050, signal 249053/345011 (executing program)
2023/02/26 21:00:44 fetching corpus: 6100, signal 249716/346069 (executing program)
2023/02/26 21:00:45 fetching corpus: 6150, signal 250317/347087 (executing program)
2023/02/26 21:00:45 fetching corpus: 6200, signal 250882/348085 (executing program)
2023/02/26 21:00:45 fetching corpus: 6250, signal 251464/349080 (executing program)
2023/02/26 21:00:45 fetching corpus: 6300, signal 252050/350119 (executing program)
2023/02/26 21:00:45 fetching corpus: 6350, signal 252591/351064 (executing program)
2023/02/26 21:00:45 fetching corpus: 6400, signal 252983/352006 (executing program)
2023/02/26 21:00:45 fetching corpus: 6450, signal 253297/352854 (executing program)
2023/02/26 21:00:45 fetching corpus: 6500, signal 253872/353832 (executing program)
2023/02/26 21:00:46 fetching corpus: 6550, signal 254372/354829 (executing program)
2023/02/26 21:00:46 fetching corpus: 6600, signal 254993/355853 (executing program)
2023/02/26 21:00:46 fetching corpus: 6650, signal 255499/356805 (executing program)
2023/02/26 21:00:46 fetching corpus: 6700, signal 256123/357770 (executing program)
2023/02/26 21:00:46 fetching corpus: 6750, signal 256624/358675 (executing program)
2023/02/26 21:00:46 fetching corpus: 6800, signal 257056/359554 (executing program)
2023/02/26 21:00:46 fetching corpus: 6850, signal 257446/360464 (executing program)
2023/02/26 21:00:46 fetching corpus: 6900, signal 257783/361311 (executing program)
2023/02/26 21:00:47 fetching corpus: 6950, signal 258245/362206 (executing program)
2023/02/26 21:00:47 fetching corpus: 7000, signal 258735/363142 (executing program)
2023/02/26 21:00:47 fetching corpus: 7050, signal 259339/364046 (executing program)
2023/02/26 21:00:47 fetching corpus: 7100, signal 259746/364958 (executing program)
2023/02/26 21:00:47 fetching corpus: 7150, signal 260251/365850 (executing program)
2023/02/26 21:00:47 fetching corpus: 7200, signal 260652/366706 (executing program)
2023/02/26 21:00:47 fetching corpus: 7250, signal 261243/367629 (executing program)
2023/02/26 21:00:48 fetching corpus: 7300, signal 261660/368480 (executing program)
2023/02/26 21:00:48 fetching corpus: 7350, signal 261991/369311 (executing program)
2023/02/26 21:00:48 fetching corpus: 7400, signal 262449/370184 (executing program)
2023/02/26 21:00:48 fetching corpus: 7450, signal 262869/371034 (executing program)
2023/02/26 21:00:48 fetching corpus: 7500, signal 263333/371895 (executing program)
2023/02/26 21:00:48 fetching corpus: 7550, signal 263792/372715 (executing program)
2023/02/26 21:00:48 fetching corpus: 7600, signal 264305/373556 (executing program)
2023/02/26 21:00:48 fetching corpus: 7650, signal 264744/374401 (executing program)
2023/02/26 21:00:49 fetching corpus: 7700, signal 265177/375252 (executing program)
2023/02/26 21:00:49 fetching corpus: 7750, signal 265489/376046 (executing program)
2023/02/26 21:00:49 fetching corpus: 7800, signal 265796/376817 (executing program)
2023/02/26 21:00:49 fetching corpus: 7850, signal 266235/377662 (executing program)
2023/02/26 21:00:49 fetching corpus: 7900, signal 266667/378492 (executing program)
2023/02/26 21:00:49 fetching corpus: 7950, signal 267065/379250 (executing program)
2023/02/26 21:00:49 fetching corpus: 8000, signal 267501/380044 (executing program)
2023/02/26 21:00:49 fetching corpus: 8050, signal 267942/380849 (executing program)
2023/02/26 21:00:49 fetching corpus: 8100, signal 268325/381642 (executing program)
2023/02/26 21:00:50 fetching corpus: 8150, signal 268853/382453 (executing program)
2023/02/26 21:00:50 fetching corpus: 8200, signal 269244/383197 (executing program)
2023/02/26 21:00:50 fetching corpus: 8250, signal 269795/384010 (executing program)
2023/02/26 21:00:50 fetching corpus: 8300, signal 270157/384773 (executing program)
2023/02/26 21:00:50 fetching corpus: 8350, signal 270461/385470 (executing program)
2023/02/26 21:00:50 fetching corpus: 8400, signal 270910/386232 (executing program)
2023/02/26 21:00:50 fetching corpus: 8450, signal 271380/386995 (executing program)
2023/02/26 21:00:50 fetching corpus: 8500, signal 271781/387752 (executing program)
2023/02/26 21:00:51 fetching corpus: 8550, signal 272179/388496 (executing program)
2023/02/26 21:00:51 fetching corpus: 8600, signal 272670/389319 (executing program)
2023/02/26 21:00:51 fetching corpus: 8650, signal 273018/390020 (executing program)
2023/02/26 21:00:51 fetching corpus: 8700, signal 273531/390760 (executing program)
2023/02/26 21:00:51 fetching corpus: 8750, signal 273981/391524 (executing program)
2023/02/26 21:00:51 fetching corpus: 8800, signal 274528/392291 (executing program)
2023/02/26 21:00:51 fetching corpus: 8850, signal 274889/393012 (executing program)
2023/02/26 21:00:51 fetching corpus: 8900, signal 275178/393713 (executing program)
2023/02/26 21:00:52 fetching corpus: 8950, signal 275520/394431 (executing program)
2023/02/26 21:00:52 fetching corpus: 9000, signal 275947/395157 (executing program)
2023/02/26 21:00:52 fetching corpus: 9050, signal 276260/395856 (executing program)
2023/02/26 21:00:52 fetching corpus: 9100, signal 276542/396555 (executing program)
2023/02/26 21:00:52 fetching corpus: 9150, signal 276967/397283 (executing program)
2023/02/26 21:00:52 fetching corpus: 9200, signal 277429/397977 (executing program)
2023/02/26 21:00:52 fetching corpus: 9250, signal 277865/398691 (executing program)
2023/02/26 21:00:52 fetching corpus: 9300, signal 278271/399396 (executing program)
2023/02/26 21:00:53 fetching corpus: 9350, signal 278649/400108 (executing program)
2023/02/26 21:00:53 fetching corpus: 9400, signal 278997/400787 (executing program)
2023/02/26 21:00:53 fetching corpus: 9450, signal 279279/401451 (executing program)
2023/02/26 21:00:53 fetching corpus: 9500, signal 279643/402144 (executing program)
2023/02/26 21:00:53 fetching corpus: 9550, signal 279886/402777 (executing program)
2023/02/26 21:00:53 fetching corpus: 9600, signal 280087/403446 (executing program)
2023/02/26 21:00:53 fetching corpus: 9650, signal 280335/404094 (executing program)
2023/02/26 21:00:53 fetching corpus: 9700, signal 280624/404724 (executing program)
2023/02/26 21:00:53 fetching corpus: 9750, signal 281165/405412 (executing program)
2023/02/26 21:00:54 fetching corpus: 9800, signal 281463/406035 (executing program)
2023/02/26 21:00:54 fetching corpus: 9850, signal 281831/406703 (executing program)
2023/02/26 21:00:54 fetching corpus: 9900, signal 282127/407340 (executing program)
2023/02/26 21:00:54 fetching corpus: 9950, signal 282463/407964 (executing program)
2023/02/26 21:00:54 fetching corpus: 10000, signal 282804/408612 (executing program)
2023/02/26 21:00:54 fetching corpus: 10050, signal 283133/409217 (executing program)
2023/02/26 21:00:54 fetching corpus: 10100, signal 283785/409854 (executing program)
2023/02/26 21:00:54 fetching corpus: 10150, signal 284075/410423 (executing program)
2023/02/26 21:00:55 fetching corpus: 10200, signal 284381/411061 (executing program)
2023/02/26 21:00:55 fetching corpus: 10250, signal 284736/411674 (executing program)
2023/02/26 21:00:55 fetching corpus: 10300, signal 285102/412284 (executing program)
2023/02/26 21:00:55 fetching corpus: 10350, signal 285387/412395 (executing program)
2023/02/26 21:00:55 fetching corpus: 10400, signal 285709/412395 (executing program)
2023/02/26 21:00:55 fetching corpus: 10450, signal 286157/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10500, signal 286431/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10550, signal 286816/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10600, signal 287203/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10650, signal 287628/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10700, signal 288026/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10750, signal 288420/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10800, signal 288741/412395 (executing program)
2023/02/26 21:00:56 fetching corpus: 10850, signal 289010/412395 (executing program)
2023/02/26 21:00:57 fetching corpus: 10900, signal 289318/412395 (executing program)
2023/02/26 21:00:57 fetching corpus: 10950, signal 289625/412395 (executing program)
2023/02/26 21:00:57 fetching corpus: 11000, signal 289956/412395 (executing program)
2023/02/26 21:00:57 fetching corpus: 11050, signal 290222/412395 (executing program)
2023/02/26 21:00:57 fetching corpus: 11100, signal 290505/412396 (executing program)
2023/02/26 21:00:57 fetching corpus: 11150, signal 290840/412396 (executing program)
2023/02/26 21:00:57 fetching corpus: 11200, signal 291193/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11250, signal 291521/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11300, signal 291748/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11350, signal 292084/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11400, signal 292444/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11450, signal 292650/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11500, signal 293051/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11550, signal 293426/412396 (executing program)
2023/02/26 21:00:58 fetching corpus: 11600, signal 293771/412396 (executing program)
2023/02/26 21:00:59 fetching corpus: 11650, signal 294159/412396 (executing program)
2023/02/26 21:00:59 fetching corpus: 11700, signal 294537/412396 (executing program)
2023/02/26 21:00:59 fetching corpus: 11750, signal 294804/412396 (executing program)
2023/02/26 21:00:59 fetching corpus: 11800, signal 295058/412396 (executing program)
2023/02/26 21:00:59 fetching corpus: 11850, signal 295369/412396 (executing program)
2023/02/26 21:00:59 fetching corpus: 11900, signal 295809/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 11950, signal 296069/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12000, signal 296406/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12050, signal 296661/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12100, signal 296948/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12150, signal 297228/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12200, signal 297501/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12250, signal 297875/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12300, signal 298241/412396 (executing program)
2023/02/26 21:01:00 fetching corpus: 12350, signal 298482/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12400, signal 298813/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12450, signal 299116/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12500, signal 299303/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12550, signal 299561/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12600, signal 299946/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12650, signal 300228/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12700, signal 300485/412396 (executing program)
2023/02/26 21:01:01 fetching corpus: 12750, signal 300701/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 12800, signal 300994/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 12850, signal 301215/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 12900, signal 301497/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 12950, signal 301843/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 13000, signal 302107/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 13050, signal 302365/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 13100, signal 302701/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 13150, signal 302991/412396 (executing program)
2023/02/26 21:01:02 fetching corpus: 13200, signal 303269/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13250, signal 303509/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13300, signal 303809/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13350, signal 304160/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13400, signal 304396/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13450, signal 304688/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13500, signal 304981/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13550, signal 305228/412396 (executing program)
2023/02/26 21:01:03 fetching corpus: 13600, signal 305594/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 13650, signal 305880/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 13700, signal 306156/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 13750, signal 306367/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 13800, signal 306580/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 13850, signal 306898/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 13900, signal 307113/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 13950, signal 307497/412396 (executing program)
2023/02/26 21:01:04 fetching corpus: 14000, signal 307871/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14050, signal 308149/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14100, signal 308317/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14150, signal 308507/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14200, signal 308728/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14250, signal 308938/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14300, signal 309134/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14350, signal 309438/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14400, signal 309769/412396 (executing program)
2023/02/26 21:01:05 fetching corpus: 14450, signal 309992/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14500, signal 310215/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14550, signal 310536/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14600, signal 310749/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14650, signal 311079/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14700, signal 311313/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14750, signal 311512/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14800, signal 311698/412396 (executing program)
2023/02/26 21:01:06 fetching corpus: 14850, signal 311951/412396 (executing program)
2023/02/26 21:01:07 fetching corpus: 14900, signal 312237/412396 (executing program)
2023/02/26 21:01:07 fetching corpus: 14950, signal 312639/412396 (executing program)
2023/02/26 21:01:07 fetching corpus: 14970, signal 312735/412396 (executing program)
2023/02/26 21:01:07 fetching corpus: 14970, signal 312735/412396 (executing program)
2023/02/26 21:01:10 starting 8 fuzzer processes
21:01:10 executing program 0:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x105000, 0x0)
ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000000040))
ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000080))
r1 = memfd_secret(0x80000)
ioctl$SCSI_IOCTL_STOP_UNIT(r1, 0x6)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r1, {<r3=>0xee00, <r4=>0xffffffffffffffff}}, './file0\x00'})
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000100))
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1041, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000180)=0x11)
ioctl$TIOCSBRK(r2, 0x5427)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000001c0)={0x7, 0x0, 0xd9fa, 0x0, 0xda, "9d86c8396d1517f693f61b2628a9e7ba9d7a02", 0x2, 0x5})
r6 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xd8)
ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f0000000200)={0x81, 0xfffffffa, 0x5, 0x40, 0x7f, "5cd7a55be0652a5d4e9c965816e0a2d1e4834d", 0x1f, 0x9d})
r7 = getegid()
fsetxattr$system_posix_acl(r5, &(0x7f0000000240)='system.posix_acl_default\x00', &(0x7f0000000280)={{}, {0x1, 0x3}, [{0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x3, r3}], {0x4, 0x3}, [{0x8, 0x5, r7}, {0x8, 0x0, r4}, {0x8, 0x1, r4}], {0x10, 0x2}, {0x20, 0x4}}, 0x54, 0x0)
ioctl$TCSETA(r5, 0x5406, &(0x7f0000000300)={0x2, 0x6, 0x1, 0x0, 0x14, "60ab540b75138bf5"})
fchownat(r2, &(0x7f0000000340)='./file0\x00', r3, r7, 0x1000)
r8 = socket(0xf, 0x800, 0xfffffff9)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r8, 0x81f8943c, &(0x7f0000000380))
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f00000005c0))

21:01:10 executing program 3:
setitimer(0x2, &(0x7f0000000000)={{0x77359400}, {0x0, 0xea60}}, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
setitimer(0x2, &(0x7f00000000c0)={{r0, r1/1000+60000}, {0x0, 0xea60}}, &(0x7f0000000100))
getitimer(0x1, &(0x7f0000000140))
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_CLOSE, 0x101)
getitimer(0x2, &(0x7f00000001c0))
utimensat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={{0x0, 0x2710}}, 0x0)
getitimer(0x2, &(0x7f0000000280))
io_getevents(0x0, 0x10000, 0x9, &(0x7f00000002c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000400)={0x0, 0x989680})
statx(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x100, 0x0, &(0x7f0000000480))
r2 = syz_io_uring_complete(0x0)
fchmodat(r2, &(0x7f0000000780)='./file0\x00', 0x2)
clock_gettime(0x0, &(0x7f00000008c0)={<r3=>0x0, <r4=>0x0})
io_getevents(0x0, 0x800, 0x8, &(0x7f00000007c0)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000900)={r3, r4+10000000})
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x1010, r2, 0x10000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f00000009c0)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, r2, &(0x7f0000000940)={0x121000, 0x62, 0x1}, &(0x7f0000000980)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r6}}, 0x1)
utimensat(r2, &(0x7f0000000a00)='./file0\x00', &(0x7f0000000a40)={{}, {0x77359400}}, 0x0)
clock_gettime(0x5, &(0x7f0000000a80))
futimesat(0xffffffffffffffff, &(0x7f0000000b00)='./file0\x00', &(0x7f0000000b80)={{}, {0x77359400}})

21:01:10 executing program 1:
ioctl$SNAPSHOT_FREE_SWAP_PAGES(0xffffffffffffffff, 0x3309)
fcntl$getown(0xffffffffffffffff, 0x9)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004e00)=[{{&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000001640)=[{&(0x7f0000000080)=""/185, 0xb9}, {&(0x7f0000000140)=""/251, 0xfb}, {&(0x7f0000000240)=""/197, 0xc5}, {&(0x7f0000000340)=""/240, 0xf0}, {&(0x7f0000000440)=""/175, 0xaf}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/190, 0xbe}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x8}}, {{&(0x7f00000016c0)=@abs, 0x6e, &(0x7f0000002c80)=[{&(0x7f0000001740)=""/23, 0x17}, {&(0x7f0000001780)=""/176, 0xb0}, {&(0x7f0000001840)=""/151, 0x97}, {&(0x7f0000001900)=""/183, 0xb7}, {&(0x7f00000019c0)=""/7, 0x7}, {&(0x7f0000001a00)=""/195, 0xc3}, {&(0x7f0000001b00)=""/117, 0x75}, {&(0x7f0000001b80)=""/228, 0xe4}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x9, &(0x7f0000002d40)=[@rights={{0x28, 0x1, 0x1, [<r0=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, <r3=>0x0}}}], 0x48}}, {{&(0x7f0000002dc0)=@abs, 0x6e, &(0x7f0000002f00)=[{&(0x7f0000002e40)=""/160, 0xa0}], 0x1, &(0x7f0000002f40)=[@cred={{0x1c, 0x1, 0x2, {<r4=>0x0}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r6=>0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r7=>0x0, 0x0, <r8=>0x0}}}, @rights={{0x2c, 0x1, 0x1, [<r9=>0xffffffffffffffff, 0xffffffffffffffff, <r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r13=>0x0}}}], 0xc0}}, {{0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000003000)=""/179, 0xb3}], 0x1}}, {{&(0x7f0000003100), 0x6e, &(0x7f0000003300)=[{&(0x7f0000003180)=""/92, 0x5c}, {&(0x7f0000003200)}, {&(0x7f0000003240)=""/157, 0x9d}], 0x3, &(0x7f0000003340)=[@rights={{0x30, 0x1, 0x1, [<r14=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r15=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [<r16=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r17=>0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r18=>0xffffffffffffffff, <r19=>0xffffffffffffffff, <r20=>0xffffffffffffffff, <r21=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r22=>0x0, 0x0, <r23=>0x0}}}, @rights={{0x14, 0x1, 0x1, [<r24=>0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r25=>0xffffffffffffffff, <r26=>0xffffffffffffffff, 0xffffffffffffffff, <r27=>0xffffffffffffffff]}}], 0x118}}, {{0x0, 0x0, &(0x7f0000003540)=[{&(0x7f0000003480)=""/162, 0xa2}], 0x1, &(0x7f0000003580)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r28=>0xffffffffffffffff]}}], 0x20}}, {{&(0x7f00000035c0)=@abs, 0x6e, &(0x7f0000004740)=[{&(0x7f0000003640)=""/4096, 0x1000}, {&(0x7f0000004640)=""/182, 0xb6}, {&(0x7f0000004700)=""/13, 0xd}], 0x3, &(0x7f0000004780)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r29=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f00000047c0), 0x6e, &(0x7f0000004a80)=[{&(0x7f0000004840)=""/251, 0xfb}, {&(0x7f0000004940)=""/66, 0x42}, {&(0x7f00000049c0)=""/169, 0xa9}], 0x3, &(0x7f0000004ac0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r30=>0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r31=>0xffffffffffffffff]}}], 0x38}}, {{&(0x7f0000004b00), 0x6e, &(0x7f0000004c80)=[{&(0x7f0000004b80)=""/255, 0xff}], 0x1}}, {{0x0, 0x0, &(0x7f0000004d00)=[{&(0x7f0000004cc0)=""/52, 0x34}], 0x1, &(0x7f0000004d40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r32=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r33=>0x0, <r34=>0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r35=>0x0}}}], 0x88}}], 0xa, 0x20, &(0x7f0000005080)={0x77359400})
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r19, 0x4008941a, &(0x7f00000050c0)=0x2)
ioctl$BTRFS_IOC_INO_PATHS(r32, 0xc0389423, &(0x7f0000005140)={0x7ff, 0x30, [0x3, 0x9, 0x0, 0x3], &(0x7f0000005100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r36 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x7, 0x10, r30, 0x10000000)
syz_io_uring_submit(0x0, r36, &(0x7f0000005780)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r1, 0x0, &(0x7f0000005740)={0x0, 0x0, &(0x7f00000055c0)=[{&(0x7f0000005180)=""/66, 0x42}, {&(0x7f0000005200)=""/103, 0x67}, {&(0x7f0000005280)=""/145, 0x91}, {&(0x7f0000005340)=""/140, 0x8c}, {&(0x7f0000005400)=""/176, 0xb0}, {&(0x7f00000054c0)=""/224, 0xe0}], 0x6, &(0x7f0000005640)=""/218, 0xda}, 0x0, 0x10000, 0x1, {0x1}}, 0x983b)
r37 = openat$hpet(0xffffffffffffff9c, &(0x7f00000057c0), 0x204000, 0x0)
r38 = dup(r29)
r39 = syz_open_pts(r6, 0x402)
r40 = openat$cgroup_int(r31, &(0x7f0000005c00)='cpu.max.burst\x00', 0x2, 0x0)
fcntl$getownex(r16, 0x10, &(0x7f0000005c40)={0x0, <r41=>0x0})
r42 = timerfd_create(0x3, 0x80000)
r43 = mq_open(&(0x7f0000005c80)='-\x00', 0x800, 0x4, &(0x7f0000005cc0)={0x100000002, 0x0, 0x4, 0xffffffffffffffff})
r44 = openat$cgroup_subtree(r19, &(0x7f0000005d00), 0x2, 0x0)
r45 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r46 = accept4(r16, &(0x7f0000006140)=@isdn, &(0x7f00000061c0)=0x80, 0x80800)
r47 = memfd_secret(0x80000)
r48 = openat2$dir(0xffffffffffffff9c, &(0x7f0000006200)='./file0\x00', &(0x7f0000006240)={0x101440, 0x110, 0x1c}, 0x18)
sendmmsg$unix(r37, &(0x7f0000006480)=[{{&(0x7f0000005800)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000005b80)=[{&(0x7f0000005880)="39b9dfedde54b35d63081bd0fff85c", 0xf}, {&(0x7f00000058c0)="99eff34a908dcfc25529e2761c2c2efc8eecc12ca6d1ff450786b84d68fb2f3c1dfb7c9ca25f0419e35ae212fc6e885d600b952479c6ccb518fd12d9c9652fa7c05fa737f251139d4e972cf631627763505f90272c52ccf20265f933b2eb9698a653f670e0", 0x65}, {&(0x7f0000005940)="364fdfaacbcdc76e2f36c98f159a56bcca376ea1017a12783fc6be89e3ba098318440ae33934667298d4e8d08209748412583239e949f448c78397634e6690", 0x3f}, {&(0x7f0000005980)="cd6cc9284ed78aa95aa72970cebbbf8b05f8dff89f53b5802c28371a9cf1324266dca2a2db0b5cdbd0f047665923d9b038ced94fa60ea12997c52f1416cd750750a6c2650a39e1a22ffef5bfbde9e2d43dfcdbdc4a4f9a1e930442a614879028dfdcefc2e9e589b6ed40825089308b989e082060e71cd41bfbc0c2de018bb883c5b8ba8a2e7be95c2f7039d65580183851802f9228bf6e5faf125d9f7d5cd4f70dbfa307579e1ea6e7b70f1aaf30160fdc19445e", 0xb4}, {&(0x7f0000005a40)="3f8a8798c26f5c099e55e5f31f6077b36140b39c3ec0878f3ff82703e975b04fcfdecf8d114c588e1eb4396c6a2d5e6f5ce647eea83691c7ec8245c082046d226ad8e1ae02600ac08c4622b42a366877139114c2885a", 0x56}, {&(0x7f0000005ac0)="ec28110dc579b13eebc30f81f66bbc7a98a951953b6b1d1d9e74baca57284c9af3578f827bf29936c807d22005d8819682201f71c5880e6cf6460b4746f8d51f4e367f7613d0e992ab9912a03e69e149ebb59fd10b61da12fa3b8bd16535f830987adef0ea53037e8c779ec164869ffd170e4a806573429fc65b5eeaee99d79ad118ef0744a2a71b15878cab0ffe61836f008f694b08ad4db36370c1a8982cd3f06952d46df18d11f07844dedc055af986f946725a5566186b3158", 0xbb}], 0x6, &(0x7f0000005d40)=[@rights={{0x2c, 0x1, 0x1, [r38, r0, r39, r10, r21, r40, r17]}}, @cred={{0x1c, 0x1, 0x2, {r41, 0xffffffffffffffff, r8}}}, @rights={{0x1c, 0x1, 0x1, [r27, r42, r9]}}, @rights={{0x30, 0x1, 0x1, [r43, r15, r5, r2, r44, r28, 0xffffffffffffffff, r28]}}, @rights={{0x14, 0x1, 0x1, [r45]}}, @cred={{0x1c, 0x1, 0x2, {r4, r35, r34}}}], 0xd8, 0x40000}}, {{0xfffffffffffffffc, 0x0, &(0x7f00000060c0)=[{&(0x7f0000005e40)="be4cb4356bf651f713b69a5d635f9b85f6393094a4cfa3f348325c95050e27116fb23c94583a2ac7a3d7fe01c6a0b4186ec1753dfd2120b0bd6e57d0533669a16b89cac48e495c12a9bdccdf5764880451c27dd71824942a6555155cf09d3eae9063187f9f63b54e715265a476d68496a07d31a09db992ce08a7663a99cb9c242447ffdd650649", 0x87}, {&(0x7f0000005f00)="17778d909360e9a942de807bf5fdac500f326bb59bbd98ac957df7db41f3e3d065d4b9f8eb6124799d7392206f3db66d8e82ef5ec00b92ca2ab9f0702cab84b3763bbe541e1ce93b94f8217b", 0x4c}, {&(0x7f0000005f80)="b9406959868ed1168ebc7533f3ef342c54ae66b5074b28bfa0d0cf38bd3718fdf3fa5acbc069ad8cb24762f02a2ce2c96782f34b3382ebd3c6f901e8ce67129face36d4dccb270f3e7c741851c1382d04e8c551bff549a6cc51855ff8992c1ce1abac1ed8481d775ec34a53be034c0", 0x6f}, {&(0x7f0000006000)="c92248cbf5e74146aeb9e5dfb6d80e146cd7d50424163f7f946cf2bd966fea7e0a3fa3457794e531cb11a4973143d4c21f646fe4ce597d399e240fb679959902749f51c175a019f779ab6664af94c1ef", 0x50}, {&(0x7f0000006080)="b4f76e64db1f8502aab94b1cbd67b0984191b2ad73188443ed8898fb0119a42562ff1bb1854243", 0x27}], 0x5, &(0x7f0000006380)=[@cred={{0x1c, 0x1, 0x2, {r7, r13, r3}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r1, r46]}}, @rights={{0x30, 0x1, 0x1, [r11, r47, r48, r1, r10, 0xffffffffffffffff, r24, r14]}}, @cred={{0x1c, 0x1, 0x2, {r7, 0xffffffffffffffff}}}, @rights={{0x1c, 0x1, 0x1, [r18, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r22, r33, r23}}}, @rights={{0x30, 0x1, 0x1, [r20, r12, 0xffffffffffffffff, r18, r25, r26, r5, r12]}}], 0x100, 0x80}}], 0x2, 0x80)

21:01:10 executing program 2:
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_TXQ_PARAMS={0x14, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x81}, @NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x6}]}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x3}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'geneve0\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x8090)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f0000000180)={0x290, 0x0, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x32}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3ff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x81}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7fff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_SOCK={0x84, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x92}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x230}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xd7a}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xdf4a}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_BEARER={0x60, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'eth', 0x3a, 'batadv_slave_1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast1}}, {0x14, 0x2, @in={0x2, 0x1000, @multicast1}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xa67}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'team0\x00'}}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x200}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x25b3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x745}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7f}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10001}]}, @TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth0_macvtap\x00'}}]}, @TIPC_NLA_LINK={0x5c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x33c40}, @TIPC_NLA_PROP_WIN={0x8}]}]}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "8388b0949ff00c278923c323a701a5fddfa38788eb12291a93c4"}}]}]}, 0x290}, 0x1, 0x0, 0x0, 0x4008010}, 0xc801)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(0xffffffffffffffff, 0x89fa, &(0x7f0000000580)={'syztnl0\x00', &(0x7f0000000500)={'syztnl2\x00', <r0=>0x0, 0x29, 0xc0, 0x9a, 0x4, 0x4, @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x8, 0x1, 0x400}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'batadv_slave_1\x00', <r1=>0x0})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000006c0)={@dev, @rand_addr, <r2=>0x0}, &(0x7f0000000700)=0xc)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000840)={&(0x7f0000000740)={0xe0, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xe219f1d92ca89f20}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x801}, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
pipe2(&(0x7f00000008c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4000)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r3, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x50, 0x0, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x2d}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xb4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x37}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}]}, 0x50}, 0x1, 0x0, 0x0, 0x8001}, 0x20048040)
r5 = accept$inet(r4, &(0x7f0000000a40)={0x2, 0x0, @private}, &(0x7f0000000a80)=0x10)
sendmsg$NL80211_CMD_SET_WDS_PEER(r4, &(0x7f0000000b80)={&(0x7f0000000ac0), 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x38, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xb97, 0x5e}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="0237220f3ac7"}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0xc0090)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r4, 0xc018937a, &(0x7f0000000bc0)={{0x1, 0x1, 0x18, <r6=>r3, {0x1}}, './file0\x00'})
sendmsg$IPVS_CMD_NEW_SERVICE(r6, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x50)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000d00)={'veth0_macvtap\x00'})
openat(r6, &(0x7f0000000d40)='.\x00', 0x600c40, 0xa0)
r7 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000000d80)={0x0, 'hsr0\x00', {0x3}, 0x1000})
r8 = signalfd4(r6, &(0x7f0000000dc0)={[0x1]}, 0x8, 0x80800)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r8, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x68, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x3b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x5d}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2d}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x46}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x39}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1f}]}, 0x68}}, 0x20000004)
ioctl$IOC_PR_RELEASE(r8, 0x401070ca, &(0x7f0000000f40)={0x3, 0x9, 0x1})

[   91.804989] audit: type=1400 audit(1677445270.704:6): avc:  denied  { execmem } for  pid=261 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
21:01:10 executing program 6:
r0 = syz_open_dev$mouse(&(0x7f00000003c0), 0x0, 0x202)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x8c, 0x1, 0x9, 0x801, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x3b9}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1e}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x3c}}}}]}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1c}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x11}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x5f9}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x9}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), r0)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x48, r1, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x189f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xea56}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xf98}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4001}, 0x68004)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x5e)
r2 = openat$cgroup_ro(r0, &(0x7f0000000700)='memory.current\x00', 0x0, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r2, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20008031}, 0x80)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000840), 0x80400, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r3, 0xc0305302, &(0x7f0000000880)={0xfffffe00, 0x59f, 0x0, 0x0, 0x20, 0x9})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000009c0)={&(0x7f00000008c0), 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x24, r5, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x1a}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4004003)
write$P9_RREMOVE(r2, &(0x7f0000000a00)={0x7, 0x7b, 0x1}, 0x7)
write(r3, &(0x7f0000000a40)="c230a510b35e7d6f638f1bd5e961d039169121b89a4a184fc3117b9d9bce3b072a2d3b835a226217f135d9a4a5a87abf2f4395fc39da029451667b82ddb77662cde3e25293d43becf9e0fb9a447bd664a810a20e4ff4b8fba68afbdfb393c283056c6e3e7625be85f28c868b19957645f548b11133f6fcb8071996bf66ef54808eacfea7b9eb4020ffcfbd2d8a12aa901eb7c05b19c9303d30b9a361acd54c307d0741b8b3e62e65eeb2eee93550e83efcc6cd741769af47ae322658323a3d8b088ed6d5d0ae22", 0xc7)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000b40), r4)
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000c80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x4c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x1}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8}, @NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x9}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x5}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x3}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x6}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0xe}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48004}, 0x1)
close(r2)
preadv(0xffffffffffffffff, &(0x7f0000000dc0)=[{&(0x7f0000000cc0)=""/236, 0xec}], 0x1, 0x10001, 0x8)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000e40)={0x0, 0x4, 0x3, 0x4})

21:01:10 executing program 4:
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x7, 'geneve1\x00', {0x7ff}, 0x1d37})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_void(r0, 0x1, 0x0, 0x0, 0x0)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = accept4(r1, &(0x7f0000000080)=@qipcrtr, &(0x7f0000000100)=0x80, 0x0)
llistxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/71, 0x47)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x8400a, &(0x7f00000002c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@noextend}, {@access_user}, {@cache_fscache}], [{@dont_appraise}, {@appraise}, {@fowner_eq={'fowner', 0x3d, 0xee01}}]}})
r3 = accept(r2, &(0x7f0000000380)=@x25, &(0x7f0000000400)=0x80)
ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f0000000440))
ioctl$AUTOFS_IOC_ASKUMOUNT(r1, 0x80049370, &(0x7f0000000480))
statx(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x6000, 0x1, &(0x7f0000000500))
r4 = accept(r3, &(0x7f0000000600)=@can, &(0x7f0000000680)=0x80)
getsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000000840)={@remote, <r5=>0x0}, &(0x7f0000000880)=0x14)
getsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000900)={@rand_addr, @local, <r6=>0x0}, &(0x7f0000000940)=0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000980)={'team0\x00', <r7=>0x0})
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r2, 0x89fb, &(0x7f0000000a40)={'syztnl1\x00', &(0x7f00000009c0)={'ip6_vti0\x00', <r8=>0x0, 0x4, 0x6, 0x9, 0xffffff7f, 0x40, @ipv4={'\x00', '\xff\xff', @local}, @local, 0x8, 0x7800, 0x7fa4, 0x15a95185}})
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r3, 0x89f7, &(0x7f0000000b00)={'ip6gre0\x00', &(0x7f0000000a80)={'syztnl1\x00', <r9=>0x0, 0x4, 0x1, 0x87, 0x3ff, 0x10, @loopback, @rand_addr=' \x01\x00', 0x40, 0x7, 0x5cb, 0x4}})
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r4, &(0x7f0000000d00)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000b40)={0x148, 0x0, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}, @HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x2000010}, 0x20000000)

21:01:10 executing program 5:
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "b5792a5ccc"}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x75186cd47bbfe973}, 0x40)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x44, r0, 0x8, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x80, 0x12}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x44}, 0x1, 0x0, 0x0, 0x20001}, 0x200048a0)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x14, 0x17, {0x8, 0xfffffffc, @l2={'ib', 0x3a, 'sit0\x00'}}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x20044001)
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x58, r0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x1)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbff, {}, [@GTPA_FLOW={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000002740), 0x20400, 0x0)
sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f0000002840)={&(0x7f0000002780)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002800)={&(0x7f00000027c0)={0x20, r0, 0x200, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1f, 0x5f}}}}}, 0x20}}, 0xc4396b1ccbea16ac)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000028c0), r1)
sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f00000029c0)={&(0x7f0000002880)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002980)={&(0x7f0000002900)={0x58, r2, 0x8, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x101, 0x67}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80000000}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x13}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1a}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x80}, 0x40010)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r1, &(0x7f0000002ac0)={&(0x7f0000002a00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002a80)={&(0x7f0000002a40)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8048010}, 0x4000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000002b00)={{0x1, 0x1, 0x18, <r3=>r1, {<r4=>r1}}, './file0\x00'})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000002b40)={0xa0002000})
openat(r1, &(0x7f0000002b80)='./file0\x00', 0x80000, 0x0)
r5 = socket(0x18, 0x0, 0x1)
sendmsg$NL80211_CMD_GET_SCAN(r5, &(0x7f0000002c80)={&(0x7f0000002bc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000002c40)={&(0x7f0000002c00)={0x14, r0, 0x20, 0x70bd28, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040001}, 0x4048040)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002d00), r3)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000002d40)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r4, &(0x7f0000002ec0)={&(0x7f0000002cc0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002e80)={&(0x7f0000002d80)={0xd8, r6, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0xa2, 0x6e}}}}, [@NL80211_ATTR_IE={0x7c, 0x2a, [@channel_switch={0x25, 0x3, {0x3f, 0xab, 0x3}}, @supported_rates={0x1, 0x7, [{0x24}, {0x4}, {0x1b}, {0x16}, {0x48}, {0x3}, {0xb, 0x1}]}, @preq={0x82, 0x57, @ext={{0x0, 0x0, 0x1}, 0x40, 0x7f, 0x3, @device_b, 0x1, @device_b, 0x3c3d2eda, 0x4, 0x5, [{{0x0, 0x0, 0x1}, @device_a, 0x9}, {{0x1, 0x0, 0x1}, @device_a, 0xffffffff}, {{0x1}, @device_b, 0xc2}, {{0x0, 0x0, 0x1}, @device_b, 0x49d3}, {{0x1}, @device_b, 0xffff}]}}, @ssid={0x0, 0x6, @default_ibss_ssid}, @mesh_config={0x71, 0x7, {0x1, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x62, 0x21}}]}, @NL80211_ATTR_IE={0x7, 0x2a, [@erp={0x2a, 0x1, {0x1}}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_IE={0x7, 0x2a, [@challenge={0x10, 0x1, 0x3f}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0xd8}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000003000)={&(0x7f0000002f00)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002fc0)={&(0x7f0000002f40)={0x68, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x5}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "8a161973671b15596bff74a288756e664a238639c0b7939c"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "22db5cf6d61aa665d11db455865a69d9bb286382fa18a3a6"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}]]}, 0x68}, 0x1, 0x0, 0x0, 0x40011}, 0x0)

21:01:10 executing program 7:
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffb, 0xfffffffffffffff9, 0x1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000000)=@keyring)
r0 = add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)="dc01f189c397b9961ca3139b7a2283d9cc00f24dfd43a5e07a55f1f43038b4b31e0c864bfbe3b37dd2c67ed50be4120243ed008201abff7012a7cc42c3b06fb54f0b969eac3855380c2bf6a4be6f814f0683abb95b925f23b4b1f1827cf6c30098b161caa64f7d35cb6062c76c55198985e5c40133dd020aaffcae7ab4047d946c9f6d1a4bdf51f0278a0f549c1b752936b2fee1f7d2385c4ce21da33a287edeb4d554485a4adc226a24172493391ed69134cc69d919b957d7989382347785009559c88806b03a26f694b5ff3bc4adfd2d20f518c510638c8496f96c37a18fde22ba00c79e8dc1f6a257", 0xea, 0xfffffffffffffffe)
keyctl$link(0x8, r0, 0xfffffffffffffffe)
r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff9)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffa, r1, 0x1)
r2 = add_key$fscrypt_provisioning(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)={0x1, 0x0, @d}, 0x18, r1)
r3 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, r1)
keyctl$read(0xb, r3, &(0x7f0000000380)=""/12, 0xc)
request_key(&(0x7f00000003c0)='cifs.spnego\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000440)='\\u&+/}@\x00', 0xfffffffffffffffd)
r4 = request_key(&(0x7f0000000480)='logon\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000500)='key_or_keyring:', r3)
keyctl$link(0x8, r2, r4)
r5 = add_key$fscrypt_v1(&(0x7f0000000540), &(0x7f0000000580)={'fscrypt:', @desc4}, &(0x7f00000005c0)={0x0, "b1e7d3106805c567c4619195f22bf254afd3c4c4f3697ef7313e9a27f2fbaa9ddaa2ac5d5765a8af2e42ff4f939be886e8208271645be0f2959ef09b88758773", 0x29}, 0x48, r4)
r6 = add_key(&(0x7f0000000700)='rxrpc\x00', &(0x7f0000000740)={'syz', 0x0}, &(0x7f0000000780)="f6531c5c3eac5b45eae907b0b3181a450e19417837869f94f70f", 0x1a, r5)
request_key(&(0x7f0000000640)='.request_key_auth\x00', &(0x7f0000000680)={'syz', 0x1}, &(0x7f00000006c0)='logon\x00', r6)
keyctl$describe(0x6, r6, &(0x7f00000007c0)=""/219, 0xdb)
r7 = add_key$user(&(0x7f00000008c0), &(0x7f0000000900)={'syz', 0x3}, &(0x7f0000000940)="d705ae5a305990c6b288f8fd7ad7016dfdea15cadebac4d93ef35b34fa91b884d79a136fea26bb60b53178386fe1b978b73c9c8e4cedf14ec35d92703946e355d3c0990227fa44a1782971c3ccec98d4af09b62b32e71f610175f3ba0c513accdb5beff0597f78c41070109a3b9316301f9660de10c48ea0522cb5341c136d28339f64488cbcffbb68b2d9004737c245e14d8d0ac08f549edfd35b6bb0c7f4611a39eb65bbb481e438d1b0fa7c1b84b49cbb53897e9bd48f398378085e9a37fc189cefdfd5c1d6f2954d7cf920b77f59635e9212d21d203f30541ed1fb111401a49f35c6", 0xe4, r1)
keyctl$read(0xb, r7, &(0x7f0000000a40)=""/23, 0x17)
add_key(&(0x7f0000000a80)='rxrpc_s\x00', &(0x7f0000000ac0)={'syz', 0x0}, &(0x7f0000000b00)="e492ee4947a9b41468598b1d0d430463ecfbe344c2098cbcfc9d1512e6b4ef8932ea2a87db9c9202349c77d6c18012269d72293867ddda78bb855f707a5351ed6748b526fbd0519d26fd06b594", 0x4d, 0xfffffffffffffffb)
keyctl$read(0xb, r0, &(0x7f0000000b80)=""/48, 0x30)

[   93.090007] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   93.091098] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   93.093465] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   93.094087] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   93.097938] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   93.100156] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   93.102147] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   93.105252] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   93.108970] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   93.109803] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   93.111208] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   93.114035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   93.154811] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   93.157374] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   93.164652] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   93.187660] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   93.197506] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   93.198860] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   93.199974] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   93.200930] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   93.202698] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   93.206456] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   93.207696] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   93.208522] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   93.228106] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   93.233317] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   93.234625] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   93.245561] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   93.246900] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   93.255843] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   95.158760] Bluetooth: hci0: command 0x0409 tx timeout
[   95.158770] Bluetooth: hci2: Opcode 0x c03 failed: -110
[   95.160976] 
[   95.161158] ======================================================
[   95.161647] WARNING: possible circular locking dependency detected
[   95.162137] 6.2.0-next-20230224 #1 Not tainted
[   95.162500] ------------------------------------------------------
[   95.163035] syz-executor.1/275 is trying to acquire lock:
[   95.179236] ffff888016e5c880 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xd80
[   95.183655] 
[   95.183655] but task is already holding lock:
[   95.184113] ffff888016e5c920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250
[   95.184892] 
[   95.184892] which lock already depends on the new lock.
[   95.184892] 
[   95.185519] 
[   95.185519] the existing dependency chain (in reverse order) is:
[   95.186102] 
[   95.186102] -> #1 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}:
[   95.186667]        __mutex_lock+0x133/0x14a0
[   95.187071]        hci_cmd_sync_work+0x1e6/0x320
[   95.187464]        process_one_work+0xa0f/0x1790
[   95.187868]        worker_thread+0x63b/0x1260
[   95.188241]        kthread+0x2e9/0x3a0
[   95.188561]        ret_from_fork+0x2c/0x50
[   95.188912] 
[   95.188912] -> #0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}:
[   95.189569]        __lock_acquire+0x2d56/0x6380
[   95.189964]        lock_acquire.part.0+0xea/0x320
[   95.190369]        __flush_work+0x109/0xd80
[   95.190737]        __cancel_work_timer+0x39c/0x4e0
[   95.191146]        hci_cmd_sync_clear+0x52/0x250
[   95.191533]        hci_unregister_dev+0xf9/0x410
[   95.191934]        vhci_release+0x80/0x100
[   95.192287]        __fput+0x263/0xa40
[   95.192607]        task_work_run+0x174/0x280
[   95.193002]        do_exit+0xad8/0x2800
[   95.193333]        do_group_exit+0xd4/0x2a0
[   95.193682]        __x64_sys_exit_group+0x3e/0x50
[   95.194119]        do_syscall_64+0x3f/0x90
[   95.194463]        entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   95.194933] 
[   95.194933] other info that might help us debug this:
[   95.194933] 
[   95.195533]  Possible unsafe locking scenario:
[   95.195533] 
[   95.195991]        CPU0                    CPU1
[   95.196347]        ----                    ----
[   95.196708]   lock(&hdev->cmd_sync_work_lock);
[   95.197078]                                lock((work_completion)(&hdev->cmd_sync_work));
[   95.197705]                                lock(&hdev->cmd_sync_work_lock);
[   95.198247]   lock((work_completion)(&hdev->cmd_sync_work));
[   95.198698] 
[   95.198698]  *** DEADLOCK ***
[   95.198698] 
[   95.199183] 1 lock held by syz-executor.1/275:
[   95.199548]  #0: ffff888016e5c920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250
[   95.200342] 
[   95.200342] stack backtrace:
[   95.200689] CPU: 1 PID: 275 Comm: syz-executor.1 Not tainted 6.2.0-next-20230224 #1
[   95.201287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   95.201920] Call Trace:
[   95.202133]  <TASK>
[   95.202324]  dump_stack_lvl+0x91/0xf0
[   95.202643]  check_noncircular+0x263/0x2e0
[   95.203015]  ? __pfx_check_noncircular+0x10/0x10
[   95.203423]  __lock_acquire+0x2d56/0x6380
[   95.203782]  ? lock_is_held_type+0x9f/0x120
[   95.204150]  ? __pfx___lock_acquire+0x10/0x10
[   95.204525]  ? __pfx_register_lock_class+0x10/0x10
[   95.204935]  ? __wait_for_common+0x394/0x550
[   95.205312]  ? __pfx_lock_release+0x10/0x10
[   95.205677]  lock_acquire.part.0+0xea/0x320
[   95.206039]  ? __flush_work+0xdd/0xd80
[   95.206374]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   95.206784]  ? __flush_work+0xdd/0xd80
[   95.207146]  ? rcu_read_lock_sched_held+0x42/0x80
[   95.207539]  ? trace_lock_acquire+0x170/0x1e0
[   95.207932]  ? __flush_work+0xdd/0xd80
[   95.208262]  ? lock_acquire+0x32/0xc0
[   95.208584]  ? __flush_work+0xdd/0xd80
[   95.208923]  __flush_work+0x109/0xd80
[   95.209255]  ? __flush_work+0xdd/0xd80
[   95.209584]  ? _raw_spin_unlock_irq+0x23/0x40
[   95.209959]  ? __pfx_mark_lock.part.0+0x10/0x10
[   95.210354]  ? __pfx___flush_work+0x10/0x10
[   95.210718]  ? lock_acquire.part.0+0xea/0x320
[   95.211121]  ? hci_cmd_sync_clear+0x45/0x250
[   95.211496]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   95.211909]  ? hci_cmd_sync_clear+0x45/0x250
[   95.212279]  ? rcu_read_lock_sched_held+0x42/0x80
[   95.212680]  ? trace_lock_acquire+0x170/0x1e0
[   95.213068]  ? lock_is_held_type+0x9f/0x120
[   95.213447]  ? mark_held_locks+0x9e/0xe0
[   95.213795]  __cancel_work_timer+0x39c/0x4e0
[   95.214163]  ? __pfx___cancel_work_timer+0x10/0x10
[   95.214566]  ? __cancel_work_timer+0x2aa/0x4e0
[   95.214974]  ? __pfx___cancel_work_timer+0x10/0x10
[   95.215369]  ? lock_release+0x1e3/0x710
[   95.215714]  ? __pfx_lock_release+0x10/0x10
[   95.216206]  ? do_raw_write_lock+0x11e/0x3b0
[   95.216567]  ? __pfx_vhci_release+0x10/0x10
[   95.216944]  hci_cmd_sync_clear+0x52/0x250
[   95.217313]  ? __pfx_vhci_release+0x10/0x10
[   95.217671]  hci_unregister_dev+0xf9/0x410
[   95.218019]  vhci_release+0x80/0x100
[   95.218336]  __fput+0x263/0xa40
[   95.218620]  task_work_run+0x174/0x280
[   95.223027]  ? __pfx_task_work_run+0x10/0x10
[   95.223409]  ? do_raw_spin_unlock+0x53/0x220
[   95.223777]  do_exit+0xad8/0x2800
[   95.224078]  ? lock_release+0x1e3/0x710
[   95.224416]  ? __pfx_lock_release+0x10/0x10
[   95.224784]  ? do_raw_spin_lock+0x125/0x270
[   95.225143]  ? __pfx_do_exit+0x10/0x10
[   95.225373] Bluetooth: hci7: Opcode 0x c03 failed: -110
[   95.225472]  do_group_exit+0xd4/0x2a0
[   95.225994] Bluetooth: hci1: command 0x0409 tx timeout
[   95.226229]  __x64_sys_exit_group+0x3e/0x50
[   95.226708] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   95.227024]  do_syscall_64+0x3f/0x90
[   95.227782]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   95.228215] RIP: 0033:0x7f36caac2b19
[   95.228521] Code: Unable to access opcode bytes at 0x7f36caac2aef.
[   95.229011] RSP: 002b:00007fffb833c7c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   95.229623] RAX: ffffffffffffffda RBX: 00007fffb833cfa8 RCX: 00007f36caac2b19
[   95.230194] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[   95.230763] RBP: 0000000000000000 R08: 0000000000000026 R09: 00007fffb833cfa8
[   95.231353] R10: 0000000000000020 R11: 0000000000000246 R12: 00007f36cab1c233
[   95.231918] R13: 0000000000000002 R14: 0000000000000000 R15: 00000000000000f8
[   95.232497]  </TASK>
[   95.286448] Bluetooth: hci5: command 0x0409 tx timeout
[   95.286925] Bluetooth: hci3: command 0x0409 tx timeout
[   95.287569] Bluetooth: hci4: command 0x0409 tx timeout
[   97.206435] Bluetooth: hci0: command 0x041b tx timeout
[   97.271443] Bluetooth: hci1: command 0x041b tx timeout
[   97.335446] Bluetooth: hci4: command 0x041b tx timeout
[   97.335918] Bluetooth: hci3: command 0x041b tx timeout
[   97.336388] Bluetooth: hci5: command 0x041b tx timeout
[   99.254376] Bluetooth: hci0: command 0x040f tx timeout
[   99.318361] Bluetooth: hci1: command 0x040f tx timeout
[   99.382402] Bluetooth: hci5: command 0x040f tx timeout
[   99.382946] Bluetooth: hci3: command 0x040f tx timeout
[   99.383407] Bluetooth: hci4: command 0x040f tx timeout
[  100.535404] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  101.238357] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  101.238945] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  101.302373] Bluetooth: hci0: command 0x0419 tx timeout
[  101.366524] Bluetooth: hci1: command 0x0419 tx timeout
[  101.430433] Bluetooth: hci4: command 0x0419 tx timeout
[  101.430926] Bluetooth: hci3: command 0x0419 tx timeout
[  101.431407] Bluetooth: hci5: command 0x0419 tx timeout

VM DIAGNOSIS:
21:01:14  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=000000000000000e RCX=0000000000000000 RDX=ffff88801906d040
RSI=ffffffff84409337 RDI=0000000000000007 RBP=0000000000000010 RSP=ffff8880164ef458
R8 =0000000000000007 R9 =0000000000000000 R10=00007f4aca926fff R11=0000000000000001
R12=ffff8880164ef598 R13=ffff888015917a78 R14=00007f4aca926fff R15=000000000000000f
RIP=ffffffff814b75eb RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe7e68858000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe7e68856000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4aca6518e0 CR3=0000000016fd4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=756e696c2d34365f3638782f62696c2f XMM01=00362e6f732e6362696c2f756e672d78
XMM02=ffff0000000000ffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000003 RBX=000000000000001c RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff8140ee67 RDI=ffffffff85136060 RBP=ffff88804008ed40 RSP=ffff88804008eba0
R8 =0000000000000007 R9 =0000000000000000 R10=ffffffff811ed010 R11=0000000000000001
R12=1ffff11008011d7c R13=00000000000000f7 R14=ffffffff811ec36d R15=ffffffff811ec36d
RIP=ffffffff8140ee9d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe659aaf3000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe659aaf1000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8b1b59e000 CR3=000000000e8a4000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2034313a31303a313220363220626546 XMM01=5d3037373835312e35392020205b203a
XMM02=632078302065646f63704f203a326963 XMM03=373835312e35392020205b203a6c656e
XMM04=2030313a31303a313220363220626546 XMM05=65636f72703d7373616c63742030733a
XMM06=733a755f6d65747379733d747865746e XMM07=725f6d65747379733a755f6d65747379
XMM08=7475636578652d7a7973223d6d6d6f63 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000