Warning: Permanently added '[localhost]:30770' (ECDSA) to the list of known hosts.
2022/09/30 18:08:21 fuzzer started
2022/09/30 18:08:21 dialing manager at localhost:40535
syzkaller login: [   40.068403] cgroup: Unknown subsys name 'net'
[   40.141458] cgroup: Unknown subsys name 'rlimit'
2022/09/30 18:08:34 syscalls: 2215
2022/09/30 18:08:34 code coverage: enabled
2022/09/30 18:08:34 comparison tracing: enabled
2022/09/30 18:08:34 extra coverage: enabled
2022/09/30 18:08:34 setuid sandbox: enabled
2022/09/30 18:08:34 namespace sandbox: enabled
2022/09/30 18:08:34 Android sandbox: enabled
2022/09/30 18:08:34 fault injection: enabled
2022/09/30 18:08:34 leak checking: enabled
2022/09/30 18:08:34 net packet injection: enabled
2022/09/30 18:08:34 net device setup: enabled
2022/09/30 18:08:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/30 18:08:34 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/30 18:08:34 USB emulation: enabled
2022/09/30 18:08:34 hci packet injection: enabled
2022/09/30 18:08:34 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220929                                          )
2022/09/30 18:08:34 802.15.4 emulation: enabled
2022/09/30 18:08:35 fetching corpus: 50, signal 28285/30046 (executing program)
2022/09/30 18:08:35 fetching corpus: 100, signal 36910/40239 (executing program)
2022/09/30 18:08:35 fetching corpus: 150, signal 45758/50526 (executing program)
2022/09/30 18:08:35 fetching corpus: 200, signal 53104/59239 (executing program)
2022/09/30 18:08:35 fetching corpus: 250, signal 56451/63990 (executing program)
2022/09/30 18:08:35 fetching corpus: 300, signal 61254/70093 (executing program)
2022/09/30 18:08:36 fetching corpus: 350, signal 66464/76524 (executing program)
2022/09/30 18:08:36 fetching corpus: 400, signal 70695/81900 (executing program)
2022/09/30 18:08:36 fetching corpus: 450, signal 76302/88524 (executing program)
2022/09/30 18:08:36 fetching corpus: 500, signal 80203/93502 (executing program)
2022/09/30 18:08:36 fetching corpus: 550, signal 82215/96685 (executing program)
2022/09/30 18:08:36 fetching corpus: 600, signal 84663/100215 (executing program)
2022/09/30 18:08:36 fetching corpus: 650, signal 86788/103356 (executing program)
2022/09/30 18:08:36 fetching corpus: 700, signal 89213/106780 (executing program)
2022/09/30 18:08:36 fetching corpus: 750, signal 92277/110751 (executing program)
2022/09/30 18:08:37 fetching corpus: 800, signal 95252/114524 (executing program)
2022/09/30 18:08:37 fetching corpus: 850, signal 96729/116994 (executing program)
2022/09/30 18:08:37 fetching corpus: 900, signal 98234/119389 (executing program)
2022/09/30 18:08:37 fetching corpus: 950, signal 101920/123721 (executing program)
2022/09/30 18:08:37 fetching corpus: 1000, signal 104777/127369 (executing program)
2022/09/30 18:08:37 fetching corpus: 1050, signal 106520/129962 (executing program)
2022/09/30 18:08:37 fetching corpus: 1100, signal 107309/131701 (executing program)
2022/09/30 18:08:37 fetching corpus: 1150, signal 109800/134847 (executing program)
2022/09/30 18:08:37 fetching corpus: 1200, signal 111971/137651 (executing program)
2022/09/30 18:08:38 fetching corpus: 1250, signal 113488/139899 (executing program)
2022/09/30 18:08:38 fetching corpus: 1300, signal 115257/142395 (executing program)
2022/09/30 18:08:38 fetching corpus: 1350, signal 117133/144883 (executing program)
2022/09/30 18:08:38 fetching corpus: 1400, signal 119452/147732 (executing program)
2022/09/30 18:08:38 fetching corpus: 1450, signal 121359/150194 (executing program)
2022/09/30 18:08:38 fetching corpus: 1500, signal 122908/152395 (executing program)
2022/09/30 18:08:38 fetching corpus: 1550, signal 124188/154293 (executing program)
2022/09/30 18:08:38 fetching corpus: 1600, signal 126856/157241 (executing program)
2022/09/30 18:08:39 fetching corpus: 1650, signal 128493/159406 (executing program)
2022/09/30 18:08:39 fetching corpus: 1700, signal 130419/161851 (executing program)
2022/09/30 18:08:39 fetching corpus: 1750, signal 131234/163348 (executing program)
2022/09/30 18:08:39 fetching corpus: 1800, signal 134411/166538 (executing program)
2022/09/30 18:08:39 fetching corpus: 1850, signal 137061/169290 (executing program)
2022/09/30 18:08:39 fetching corpus: 1900, signal 138755/171386 (executing program)
2022/09/30 18:08:39 fetching corpus: 1950, signal 139790/173002 (executing program)
2022/09/30 18:08:40 fetching corpus: 2000, signal 141373/174912 (executing program)
2022/09/30 18:08:40 fetching corpus: 2050, signal 143039/176879 (executing program)
2022/09/30 18:08:40 fetching corpus: 2100, signal 144097/178403 (executing program)
2022/09/30 18:08:40 fetching corpus: 2150, signal 145334/180024 (executing program)
2022/09/30 18:08:40 fetching corpus: 2200, signal 146569/181587 (executing program)
2022/09/30 18:08:40 fetching corpus: 2250, signal 147451/182909 (executing program)
2022/09/30 18:08:40 fetching corpus: 2300, signal 148723/184494 (executing program)
2022/09/30 18:08:40 fetching corpus: 2350, signal 149548/185830 (executing program)
2022/09/30 18:08:41 fetching corpus: 2400, signal 150649/187297 (executing program)
2022/09/30 18:08:41 fetching corpus: 2450, signal 151891/188804 (executing program)
2022/09/30 18:08:41 fetching corpus: 2500, signal 153229/190311 (executing program)
2022/09/30 18:08:41 fetching corpus: 2550, signal 154071/191530 (executing program)
2022/09/30 18:08:41 fetching corpus: 2600, signal 154891/192732 (executing program)
2022/09/30 18:08:41 fetching corpus: 2650, signal 156153/194187 (executing program)
2022/09/30 18:08:41 fetching corpus: 2700, signal 156730/195214 (executing program)
2022/09/30 18:08:41 fetching corpus: 2750, signal 157924/196649 (executing program)
2022/09/30 18:08:41 fetching corpus: 2800, signal 158838/197811 (executing program)
2022/09/30 18:08:42 fetching corpus: 2850, signal 159985/199148 (executing program)
2022/09/30 18:08:42 fetching corpus: 2900, signal 161147/200462 (executing program)
2022/09/30 18:08:42 fetching corpus: 2950, signal 162588/201858 (executing program)
2022/09/30 18:08:42 fetching corpus: 3000, signal 163188/202821 (executing program)
2022/09/30 18:08:42 fetching corpus: 3050, signal 164575/204227 (executing program)
2022/09/30 18:08:42 fetching corpus: 3100, signal 165483/205364 (executing program)
2022/09/30 18:08:42 fetching corpus: 3150, signal 166465/206503 (executing program)
2022/09/30 18:08:42 fetching corpus: 3200, signal 167243/207496 (executing program)
2022/09/30 18:08:43 fetching corpus: 3250, signal 168189/208504 (executing program)
2022/09/30 18:08:43 fetching corpus: 3300, signal 168959/209466 (executing program)
2022/09/30 18:08:43 fetching corpus: 3350, signal 169408/210269 (executing program)
2022/09/30 18:08:43 fetching corpus: 3400, signal 170365/211296 (executing program)
2022/09/30 18:08:43 fetching corpus: 3450, signal 170787/212051 (executing program)
2022/09/30 18:08:43 fetching corpus: 3500, signal 171412/212907 (executing program)
2022/09/30 18:08:43 fetching corpus: 3550, signal 172485/213963 (executing program)
2022/09/30 18:08:43 fetching corpus: 3600, signal 172940/214717 (executing program)
2022/09/30 18:08:44 fetching corpus: 3650, signal 173652/215582 (executing program)
2022/09/30 18:08:44 fetching corpus: 3700, signal 174515/216468 (executing program)
2022/09/30 18:08:44 fetching corpus: 3750, signal 175413/217414 (executing program)
2022/09/30 18:08:44 fetching corpus: 3800, signal 176029/218213 (executing program)
2022/09/30 18:08:44 fetching corpus: 3850, signal 176878/219120 (executing program)
2022/09/30 18:08:44 fetching corpus: 3900, signal 177512/219921 (executing program)
2022/09/30 18:08:44 fetching corpus: 3950, signal 178252/220700 (executing program)
2022/09/30 18:08:44 fetching corpus: 4000, signal 178896/221431 (executing program)
2022/09/30 18:08:44 fetching corpus: 4050, signal 179518/222159 (executing program)
2022/09/30 18:08:45 fetching corpus: 4100, signal 180320/222952 (executing program)
2022/09/30 18:08:45 fetching corpus: 4150, signal 180829/223624 (executing program)
2022/09/30 18:08:45 fetching corpus: 4200, signal 182456/224626 (executing program)
2022/09/30 18:08:45 fetching corpus: 4250, signal 182949/225302 (executing program)
2022/09/30 18:08:45 fetching corpus: 4300, signal 183490/225945 (executing program)
2022/09/30 18:08:45 fetching corpus: 4350, signal 184118/226613 (executing program)
2022/09/30 18:08:45 fetching corpus: 4400, signal 184903/227338 (executing program)
2022/09/30 18:08:45 fetching corpus: 4450, signal 185555/227978 (executing program)
2022/09/30 18:08:45 fetching corpus: 4500, signal 186305/228634 (executing program)
2022/09/30 18:08:46 fetching corpus: 4550, signal 186941/229256 (executing program)
2022/09/30 18:08:46 fetching corpus: 4600, signal 187634/229893 (executing program)
2022/09/30 18:08:46 fetching corpus: 4650, signal 188033/230476 (executing program)
2022/09/30 18:08:46 fetching corpus: 4700, signal 188815/231064 (executing program)
2022/09/30 18:08:46 fetching corpus: 4750, signal 189452/231596 (executing program)
2022/09/30 18:08:46 fetching corpus: 4800, signal 189888/232114 (executing program)
2022/09/30 18:08:46 fetching corpus: 4850, signal 190522/232663 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/233125 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/233569 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/233990 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/234444 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/234920 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/235378 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/235800 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/236268 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/236664 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/237151 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/237615 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/238070 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/238500 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/238909 (executing program)
2022/09/30 18:08:46 fetching corpus: 4873, signal 190746/239357 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/239740 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/240182 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/240612 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/241024 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/241449 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/241883 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/242292 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/242464 (executing program)
2022/09/30 18:08:47 fetching corpus: 4873, signal 190746/242464 (executing program)
2022/09/30 18:08:49 starting 8 fuzzer processes
18:08:49 executing program 0:
getsockopt$IP_SET_OP_GET_BYINDEX(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000000)={0x7, 0x7, 0x1}, &(0x7f0000000040)=0x28)
r0 = memfd_secret(0x0)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={0x0, @multicast2, @rand_addr=0x64010100}, 0xc)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r0, 0x8983, &(0x7f00000000c0))
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x44, r1, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_TX={0x8, 0x9, 0xffff}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x1}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x80}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x7}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x4051)
getpeername$packet(r0, &(0x7f00000002c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000300)=0x14)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xe4, r1, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x24004080}, 0x20008014)
r3 = pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f00000004c0)={0x80002001})
fstat(r3, &(0x7f0000000500))
r4 = socket$inet6(0xa, 0x800, 0x80000000)
ioctl$sock_ifreq(r4, 0x8932, &(0x7f00000005c0)={'macvtap0\x00', @ifru_settings={0x0, 0x0, @sync=&(0x7f0000000580)={0xfffffffb, 0x80000000, 0x8}}})
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f0000000740)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000700)={&(0x7f0000000640)={0x94, 0x3, 0x1, 0x301, 0x0, 0x0, {0x5, 0x0, 0x5}, [@CTA_TUPLE_MASTER={0x78, 0xe, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @broadcast}}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x3002}]}, 0x94}, 0x1, 0x0, 0x0, 0x8004}, 0x40802)
r5 = open_tree(r0, &(0x7f0000000780)='./file0\x00', 0x9901)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000840)={'ip6gre0\x00', &(0x7f00000007c0)={'ip6_vti0\x00', <r6=>0x0, 0x2f, 0x9, 0xa6, 0x0, 0x8, @rand_addr=' \x01\x00', @private2, 0x10, 0x8, 0x100, 0xca}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000940)={'syztnl1\x00', &(0x7f0000000880)={'ip_vti0\x00', r6, 0x8, 0x7, 0x200, 0x109, {{0x28, 0x4, 0x0, 0x38, 0xa0, 0x66, 0x0, 0xa5, 0x29, 0x0, @private=0xa010100, @multicast2, {[@lsrr={0x83, 0xb, 0x61, [@loopback, @private=0xa010102]}, @cipso={0x86, 0x1b, 0x0, [{0x2, 0x3, '}'}, {0x7, 0x12, "20243bb05217479a82bca0751511f28e"}]}, @lsrr={0x83, 0x13, 0x3a, [@rand_addr=0x64010102, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback]}, @ssrr={0x89, 0x1b, 0xb0, [@local, @local, @private=0xa010102, @local, @empty, @local]}, @timestamp_prespec={0x44, 0xc, 0x73, 0x3, 0x9, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6}]}, @ssrr={0x89, 0x2b, 0xe6, [@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @local, @dev={0xac, 0x14, 0x14, 0x21}, @multicast2, @dev={0xac, 0x14, 0x14, 0x39}, @local, @rand_addr=0x64010101, @multicast1]}, @end]}}}}})
io_uring_enter(r3, 0x3bef, 0x53e9, 0x2, &(0x7f0000000980)={[0x20]}, 0x8)
lseek(r0, 0x0, 0x2)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000a00)={@dev={0xfe, 0x80, '\x00', 0x2a}, 0xb38f, 0x1, 0x3, 0x4, 0x100, 0x3}, 0x20)

18:08:49 executing program 1:
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)

18:08:49 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$FIONCLEX(r0, 0x5450)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6}, 0x10)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000080)={0x0, 0x0, {0x0, @struct, <r2=>0x0}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r3 = syz_io_uring_complete(0x0)
ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f0000000480)={r2, "32755db7361a6dfee629a4cdfdeb8b83"})
ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0)
r4 = dup3(r1, r3, 0x80000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f0000001480)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'})
r5 = syz_open_dev$vcsa(&(0x7f00000014c0), 0x8, 0x0)
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000001500)={0x0, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)
ioctl$FS_IOC_GETFSLABEL(r5, 0x81009431, &(0x7f0000001540))
ioctl$FS_IOC_GETVERSION(r3, 0x80087601, &(0x7f0000001640))
ioctl$F2FS_IOC_GET_PIN_FILE(r4, 0x8004f50e, &(0x7f0000001680))
pipe2(&(0x7f00000016c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0xc0000)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r6, &(0x7f00000017c0)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x14, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x10044010}, 0x40)
fcntl$dupfd(r5, 0x0, r4)
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
close_range(r7, 0xffffffffffffffff, 0x2)

18:08:50 executing program 3:
getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000040)=0x1e)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x5c, 0x10000, 0x7, 0x101, 0x9, 0x80000001}, {0x8, 0x0, 0x9, 0x8, 0x1ff, 0x9d2}], ['\x00', '\x00']})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000300)=0xe8)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x48, &(0x7f0000000340)={@multicast1, @local, r0}, 0xc)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x8000}}, './file0\x00'})
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x28200, 0x5, 0x14}, 0x18)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r2, 0x4040942c, &(0x7f0000000440)={0x0, 0x3, [0xfffffffffffffffb, 0xffff, 0x5, 0x6, 0x400000000, 0x400]})
r3 = accept(r1, &(0x7f0000000480)=@qipcrtr, &(0x7f0000000500)=0x80)
ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000540)={0xffffffffffffffff, 0x3, "dbfc4c", 0x5, 0x6a})
llistxattr(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)=""/225, 0xe1)
mount_setattr(0xffffffffffffff9c, &(0x7f00000006c0)='./file0\x00', 0x100, &(0x7f0000000700)={0x13, 0x0, 0x160000, {r1}}, 0x20)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000780), 0x105803, 0x0)
linkat(r1, &(0x7f0000000740)='./file0\x00', r4, &(0x7f00000007c0)='./file0\x00', 0x0)
renameat2(r1, &(0x7f0000000800)='./file0\x00', r1, &(0x7f0000000840)='./file0\x00', 0x1)
syz_mount_image$iso9660(&(0x7f0000000880), &(0x7f00000008c0)='./file0\x00', 0x0, 0x5, &(0x7f0000000cc0)=[{&(0x7f0000000900)="9c8d503d9b6bc8ec56d24b213e52f9958b5603205120669549c51d30719658166f6bc4cad87b208f4000d7f46cf7ea4d2908bba2eddb73371b701b6c1f5a51d0ef504926a319a4087df2089b4a443b46260961f6d92fc6dd457002dda0f886e259b3d66a7d21e1f731e3f3d15fcc9ab13c92b26b98df7cd3fa6a67038ea59fce0dce", 0x82, 0xffff}, {&(0x7f00000009c0)="370337dfd0172d2746850678eb8f0dbb7441927169ae6f5562253541ddcb06cf29155ee128f2d3bacde97dd49459e698b6d4159d42e8a68b01357c523e480accce2bdda8d6da4b0552f1de8aedf6d042344f4eab09f3b931d3f48b538b98570091c1d0ccfe00230e9005878b22b8b1a3e3e81f7c0e9d046b5b68627ac80efa9779bb5874fa775c2579183dfb349e9be2a04358d1ac053d2acf2ec865f4d91dc1d0c48abddfcf6fb58fb22d4a8898720112ab28fc5b4b64ea8ccf72ce14f8b0d03044873521bb127a05b1a3fb0043be", 0xcf, 0x1}, {&(0x7f0000000ac0)="387d5cd8e81e175a5d1b7dea93f6518c1e389c5ea4bfd5f86f6ffb86eab53db49f748e4057879778b29967d79cebfa63c52dab3dc0affbea64a67b7f60da2636d4f889218153048d88040f12b0bb59af3c9900c0ee734326ad9153dc28392301c7f5b110f00cb94191c50431e6cf1b7b5b853be21efa40d2f3cf15d5ea02fdfd172968885088979ec09950811c883d019514ab5a876d88840f043ea27e714eab956a02683fa5", 0xa6}, {&(0x7f0000000b80)="430abb04c852a5270f8fd5b227559340b2d9a2711e979c28c31638d655615d4ef932fdba8c33696518b46bc8ffff10a14b5836ae202ce6edd28cfdb2d8e51f0de36a523d21c29c203c6db119889f7b8509d1ae0b5015707a8f51d28ee0ff9f73026e04a958cf7d3e7d68dc778e8d1442aa65bc50e911187f34ffd6cf64dcf27137de456f41616ab38fa208931eb8c2296dda4aacecd1c5e2c82dedf3fff0bfbba6003098cbd1b8e85f99758f65a5089993150c85a71622a2e5a526197ef01f77da75b5b4328e918cc40623a89553a9d1b5dcea4396856e0bc62539a22ad24cb4bb192b255dae6f003b17a45934dbe2f286", 0xf1, 0x8001}, {&(0x7f0000000c80)="8e5439199c84a763216663537f3cd3fe90fe8409d4e0342cb04706fdcef866589aa28053333c178c24a8c30f762615b9e67b0ba4b00857eceb", 0x39, 0xcaee}], 0x10001, &(0x7f0000000d40)={[{@check_strict}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@mode={'mode', 0x3d, 0xffffffffffffff53}}, {}, {@map_acorn}, {@hide}, {@dmode={'dmode', 0x3d, 0xeaa}}], [{@appraise}, {@obj_role={'obj_role', 0x3d, '#'}}, {@dont_hash}, {@smackfshat}, {@subj_type={'subj_type', 0x3d, '/dev/null\x00'}}, {@hash}, {@appraise_type}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}]})
getsockopt$inet_int(r1, 0x0, 0xa, &(0x7f0000000e40), &(0x7f0000000e80)=0x4)
r5 = syz_mount_image$msdos(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x0, 0x4, &(0x7f0000001100)=[{&(0x7f0000000f40)="e20becae3f795da3684d39aef4a3b9d7ffb9f7910d4f38feea1f34452205bbe178de14961405dbd5b48e152a4272e619243cb8bc106df095cb18a217efd3461e06b18adf1daa3226dbf2ed23ae7e2fc305c99fa869478c9e4c35734657b72854df8be620a71542d5a7a82b161873448bf515905502b6f0a3fcaf883582e81cc939394b69b7553e353914a34d114b60febdb37a7fcb8cc138465982ffdae8082c4574c010aafd40402b4be1e646a765591b7559725fd8b248a5d88538103eb234a6", 0xc1, 0x1}, {&(0x7f0000001040)="f24b6b21901682e80543168c7251a31dc23862e2ecb0979e20859d58f4622a5728", 0x21, 0x1}, {&(0x7f0000001080)="7f4abc01", 0x4, 0x8001}, {&(0x7f00000010c0)="11a57aa0db783fe849c8f9333dda23190413b49accaedfec5f116df7917e71e23740dc31851e2192e264a6701d573b84f0", 0x31, 0x338b746}], 0x10001, &(0x7f0000001180)={[{@fat=@umask={'umask', 0x3d, 0x1ff}}, {@nodots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x64f000}}, {@nodots}, {@dots}], [{@pcr={'pcr', 0x3d, 0x37}}]})
openat(r5, &(0x7f0000001200)='./file0\x00', 0x1, 0x0)

[   68.371992] audit: type=1400 audit(1664561330.011:6): avc:  denied  { execmem } for  pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
18:08:50 executing program 4:
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x128, r0, 0x100, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8fb2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x93}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1ff}}]}, 0x128}, 0x1, 0x0, 0x0, 0x4044044}, 0x4080)
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x30000, 0x0)
sendmsg$AUDIT_DEL_RULE(r1, &(0x7f0000000740)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000700)={&(0x7f00000002c0)={0x440, 0x3f4, 0x400, 0x70bd2d, 0x25dfdbff, {0x6, 0x0, 0x30, [0x9, 0x638c, 0x0, 0x7, 0x1, 0x7, 0x1ff, 0x3, 0xc9c2590, 0x5, 0x7, 0x0, 0x40000, 0xfff, 0x6f, 0x2, 0x1, 0x7, 0x3252, 0xff, 0x5, 0x3, 0x7ff, 0x10001, 0x1, 0xe2, 0xffff, 0x4, 0x7, 0x1f, 0xfffffc00, 0x1, 0x0, 0x11, 0x7fffffff, 0x4, 0x6, 0x7, 0x6, 0x7f, 0x800, 0x7, 0x100, 0x4, 0x3, 0x12, 0x7f, 0x5, 0x8, 0x70, 0x5, 0x20, 0x2, 0x3, 0x7, 0x8, 0x991, 0x6, 0x8, 0x800, 0x8001, 0x0, 0x3, 0x4], [0xffffa537, 0x0, 0x4, 0xffff8001, 0x4, 0x0, 0xfffff7f3, 0x8, 0x1, 0x7ff, 0x8, 0x5, 0x9, 0x6, 0x20, 0x2, 0x6, 0x8001, 0x7, 0x5, 0x7f, 0x8, 0x3, 0x8000, 0x2, 0x9, 0x10001, 0x1, 0x9, 0x7, 0x3, 0x1c, 0x7, 0x1, 0x7fff, 0x5, 0x7, 0x200, 0xfff, 0x6, 0x8001, 0x0, 0xcc46, 0x6, 0xe0, 0x4, 0x3097, 0x8, 0x15815407, 0x9, 0xee, 0x5, 0x4ea8, 0x1, 0xfffffffa, 0x9, 0x7ff, 0x8, 0x7fff, 0x4, 0x101, 0x2, 0x7, 0xf0], [0x1, 0x8, 0xff, 0x4, 0x49, 0x8, 0xdc2, 0x8000, 0x5, 0x8, 0xff, 0x10000, 0x8, 0x4b, 0x4, 0xd28d, 0xfffffffd, 0x200, 0x1, 0x8, 0x7, 0x7fffffff, 0x5, 0xf9, 0x80000001, 0x5, 0x401, 0x9, 0x7fffffff, 0x7, 0x5, 0x200, 0x8000, 0x80000000, 0x6, 0x8, 0x1, 0xb15, 0x40, 0xfd3, 0x6, 0xffffffff, 0x6, 0x9, 0xffff, 0x1, 0x1, 0xc6f5, 0x1, 0x0, 0x7fffffff, 0xffffffe0, 0x100, 0x1, 0x6, 0x8d79, 0x1, 0x8, 0x20, 0x2, 0xffffffff, 0x0, 0x3, 0xd6], [0x9, 0x8000, 0x7, 0x5, 0x2, 0x0, 0xd84, 0x1, 0x2, 0x5b3, 0x6, 0x4, 0x63, 0x54b, 0x0, 0x6, 0x7, 0x25, 0x9, 0x401, 0x3801, 0x3, 0x533, 0x8, 0x10000, 0x2, 0x7, 0x8, 0x80, 0x0, 0x7fff, 0x4, 0x0, 0x8, 0x1, 0xfff, 0x61, 0x3, 0x6, 0x8, 0x4, 0x8001, 0x7f, 0x48, 0x2, 0x831, 0x3, 0x9, 0xfffff001, 0x5, 0x6, 0x1ff, 0x400, 0x9, 0x8, 0x3f, 0x10000, 0x9, 0xffffffff, 0xa6, 0x1f, 0x63, 0xf13b, 0x2], 0x1e, ['\\]/\x00', ')\x00', '\x00', '0000:00:10.0\x00', 'netdevsim\x00']}, ["", "", ""]}, 0x440}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
r2 = accept4$packet(r1, 0x0, &(0x7f0000000780), 0x800)
getsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f00000007c0), &(0x7f0000000800)=0x8)
fcntl$setflags(r1, 0x2, 0x0)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r1, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x14, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040812}, 0x40000c4)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000940)={0x0, @remote, @private}, &(0x7f0000000980)=0xc)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000009c0), 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000001d00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001cc0)={&(0x7f0000000a40)={0x125c, 0x0, 0x800, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x6}, @NL80211_ATTR_FRAME_MATCH={0x85, 0x5b, "509b6c8d6b6fd72e0ff6814aefe9fd54816db73fade1c2e3e49dad59774446d43214509009e4757fee8c2e1e3e08d0556b56f11e5930106e9b1c375bdc8501c33f641834e3a4f02aa832db3be8fb6818d97ad96724ec137b481cce6f499c422c42bda360772a688fb020ee924a0e174fbd0fa44a93677bd5bceb0632009cae744b"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xfff}, @NL80211_ATTR_FRAME_MATCH={0xa1, 0x5b, "2151901c42f3ac544918d74098fc3f3cda850e63ef1e67833217f9c53819b5796416016a17946d8528dab830babb13cec161244c0c9eeb8b30473b31294ac2b346ffcd67b4397b02f434b361c144ec92c8774a3df98432c63928515bff4f21eae66d84fd2d329b6b3e789ed6ec1c6ea72f83fc4d9a93744004279c5c563ad93cd3645ff4544e5185328250ef3ddf94dbf8937ffaacfd96b94d765c99d2"}, @NL80211_ATTR_FRAME_MATCH={0xe5, 0x5b, "bc72ecba0307d73bb0c6639efc592f785e1190ff26473d5f2434d825ca3dd762d248e2320651631435eec276f9bf9981983d43c6754887bd25e282145b7d01805fb255520d8934f534ff41e8a18a8db5e7d8f7e2bf01d3b69f362fab6ed76a8b47e1e492a8bc6f247af0eda3f3d4b22841f55ccab31e138387b88fec6cf4c481ab52a36de75443484f838da623e6611a74a844cff937dcb12e9475601f9b09ce87b3576864c5b38f6d47beaa50230fb273441f072f238671b0d16f2b7918b73b31f4b912e83d8829291da61162e222c5add34a95e7607b3f1271b9b5cb4d172657"}, @NL80211_ATTR_FRAME_MATCH={0x1004, 0x5b, "cd169bb185bf97aa8bfe9a51b912a82bac7890d3b47d0d047b35620e8640354b6dc0e02b705e01af761181e9ad09fda547cc8bb60515068e61d4d514489cd7c56caec5b528c036ca43d2aa76f128889b52fd324243e4b1fe47625a21276323a1ff026bb7b528ac0e0a64d53243df3ca872fd0554ac3f93a9e7e6f74792fef75caf3ba1fa6e10870b4d30380c8dc584f85720e308c61dcc3bd7145471a4e7828e5c1fc9e4d1a90f553bab14e1538ed6e78d5667d24bb5c830f482f07e01bbff6adc4edc09c048d8ebd5f206f8b833d049bd61f7ca5bcca2b42cf466f1735048fbc709ad10ab05ff271a2b4f5c3c45ff364e6143d3207578e48ddc4241d0bec118abf9ce8587772d716433f55cd9c66df9d9f7605e65ccbe651140371554ae475c8d6ebc7c657df5584275b994d4bf6987a76c0f011556cb86ada3431d55ec819c7c34e8fa5d349803dcfb674a554cc37322c2e99ff2fb2596bf9720fbfb23abd88b90ddc61d3c7731f8f35ff1da75da803bd24e56d254ee8dca7c518f354bb677583961a351056e0b07f876f66dda3b5681e414c6c4abe7e9de95126b12de28982d46e25a0185b74ed315571be7ed6e40b33fa2dd404faa8fb4ee0066efddc3cb1c8d975074d5437d17cd7ad23d028eb50a137d887797b26433b7d699a075a3f4c4ad4f9abd307ecaf6225131a59263cc827f98997da0c980d36ccebd4391884786d1efe9f606d793583521123a089a73463f6e2ea42380fbf9188a5ec09f79fc6720b50bae88dc70d8565f3e457835b80d5edde7f67e353189362fcc7c124892b0c4132064f879913381eed904b567c0afeded9dc6aa4cbf5a4d4afd6f13f3918abe746f5e8aa6b09459e9da0ea44f58501c6391442b40f2665b01e63210c048401bfdbeb5d404649f4c66fe9933f0fe43e4ef66b85894cfe0dd0cbe9345a0a705479a3c87fb762bbb880b03949b7a7a955f88263eb384ffb02e367f7e0b8e6e421ef65705ec5db4f48a2044452c8535c821e1448f077f2a630f140cd1345f3ef1ab0eec98ffa200946cc3645e256dfb14a7b515b88a6b55df4b93f6182820bfec4b646a428cf5052ce74e224c1a78169eeea33a9ebe37cc1649b322ce397377c223492e767d0e56edff11439290e9375d5fea10d7513d08653f48d28e8d73fcc1ba6e89edf5a5505cd9926b117c4996f4f3983396dddc066d76c2be97c6ce12b97d727514f31cb0f250a924c3dc0dcc88eb1cd93b1cefb7f0cc6f3d885501dcc60d99c80f3983826820efd6a59b9867b4501d1315815ab107e369bbea1ad06c332bde4c9a515b71cb4828620b57b8c26aeee78c37ac9135c2db8407274073060b7226a662b5e47df2101f11f4598bc9409074c9abf47a2831451a568ffca3de6e2ac43349fe138722da0582e70c8ae1220571d39880e88195a6d8d64287bd9a41f701b79b70d83f6a36667be38768d3fe8e28a4b9ed1caaf42d4d3e000fe595a3353e1810e13c4f99911cf0255cef7d8b40abc0c629e1420ec499b1b93585ade4acf9a741551c332ab670ed65f25af57c5a54eb29b77578bd2b96d6fd99c3d068e4dd8e3a6e71353c8f89fcc6323a155228ab179895ef15c87dae69c43dd975ed3df6cb62178dc70e500ab5b6be0d0f3aa4f58f46446b0db997ec6ce9ee2e482cc771810b8f128e32f5bc6e7151db7f5920c9a4f7e711b6be15459875ffe84280de5d4517dd5d268facb592ac7698c4226f046ad2a3a84bd8f4f65121b5a2cce53e4f2a9eaf5819749843b38980fbe7c25d907d8bdecdf3652f9999c887b48f29bd42f8cf0eaba409a1aa6c72bc0153faca1d406b1f6f896ea1b6e58671f5aaf2f5e52e9017a210341472936b8645aeb78579cd1f900ca05eae9ded25859be1289a2c43c0682975aed228f8d7263199559ac2b232acabfb7ebeac881685b14641e0c597781ebda15f0b4de3f076b062be0c1e7b4d713a877ef0b157363aa9fc399b572194a7ebdc14d9c141faad7436d4d74ecd1c9f1ff2075622994329bbcfcaa92ee384ec94c7e64c03fde83284233cc4fb085ee7958005f4b45434406495fccc96de97139703066739097583cc702e9cb8996206954df2ffe93ee7ae525ed2bb3713a45526106cc7cb9cedb91d561c025165abf8615ffddd542ece59ed2e13a1aa2bcfe64f993b8d91a5f080491f7e104979a561446e808ea9d1ace5c30dc520707ff5509c61998db2aa3f123b363b67bf91220b3fd3564f6b02900e65b3d87cb8c3cc32172e7a643184faaf66bde69a6dc4c4a8eabf1c86a86b7f94c1739156525d220aec1632e439900f7e59b0d469857e8495c9b1cfad4a4df2d60b5498fd242f5d89c1d3189ae0d7b426b7353ce45c1d4b76eaf9a1ae8b7a777f5b58e2ce7f8f2338d249a97744878b9d1f372a1e95589afa6551f27c230097ac03ed0719533576cf1dd20f8ef17b866f56b6bda8e32f7386286081b5d1fe464ef8b9ad24681ab0f0cea49dfdb4a0fdf5be8c03c74b7e570f62e0a85833b48a1c024a1e8e845df4bd879355ba4bc57fa9d9464fdc45a212e09c0dae802607a4d8c3cafddb5661570287d41a3520564745aae57cca8b43239e9c755690dfd460e1de20748a915d417b25b36c9a03f4828bf6271169f944a299267c5e14fdf90cae3e8f7a28933dd36f4df361c6f31a2881e7bc3dae97bd7d92935ab7e8c9c00104294ba6ba98159626a6fdc64141b5d43884c2da11cb44bf6a291f82b688065c4f07dfcf69281c8674eb98cbc9a662a1a819b0f3a580b13ccf33510756ff5a0d3de36017efb50e77579cc55d40601476480ec1f92695a0a6b0579bc2c1e528b5306c8f5214ca77d65f633d3a42f6cbabba84cc91fbf284b9cfe2d6fbc096f8c9b8c5883531aad06aecd7482cab561ce70f3f3f0e1996e3458a3d8c88090e8006e33ed613e5bbddb5aae4a375e88a9b8a7048f167b674b868ed5079d40474080599a37da1b4dd2f9849af083c212ccd8e7d37fa23c6ef3c56a2db2291c0c8d14e6fba0ac9bc95c92bf133610af0b9ee7a56cdbda0c4a2389e18decd810b98a000eb8eadddae2e8d0d1af32de8699208d23d3a64b3654bbb21d5fafc4d3143d2c439ec5d3e92d59777d799a484b33b82b5c30dee7a3d2eecc57033081f743526f7621caa074503a3bb28e6653541e60fd966eeb7c99c6e3aa340096b73a88e53ea819da6bf1e56f32a67847036a3989a4e6c65a873ae3215edc15804ecc6bc6d4a0712679a108b16bd8c198c4d3f482295e8efefa6ca8945cad03dc9c54fabeec8eafd4659624e0cb3625c4c1b7a8494f05c9afc7ef6142e64de0b655947e6d0e9822af616cfd025a93792ee7789a471fec326a644ed32353ffb29576170d5b7e991c75688a723e3fade3630dcdd86477a27b609e70f5ea8a9c8ffe1e230f85dc63e20cb98f626fa3b25edf803a261dfe5abd00b7768f1512ba99049bec83ef2eab05dafef44c28c36468966965025c55ebb61fdc738d777319d53f7b882ad4731f45287170d7a025b126495cf138f5da7de1f5a589e0280354f839d4eff01e81402b2947262b204604a3ecfacb55e628b6f4477b88a62165d53870627bea9f4e9554c34129bcbb88ad95a24ce93295d1663b8050c1bc2c7e6f1dd21e34d9a5660794806de5cd9009c66959a0a25632137d6acf66def02f5bc0afe1f0d01a339c45cebec11486eeb8dc81c45a74f12928a6e4ebbf208548af58b0d8daf0e816e29c34b5cd8efbd9d2116445603b88cbcc728d0d6701e8b696d376bbf3aeb5e8c2bb9fdc9eea2ec14528d6b75ca6dcb82ce0f2f88810daf8ee88b9fc1fd77ab6679892872bf55988a9adbb2cd6aeb95cc7022aa8175de80192f11681a265f21743518c52aba5c01026964ff5de87270279dffb1f34cba45181b39e0e6a067b39048368bfc08872c109b297c6b07e008d3254f6665f9bd1dd3d95a478b01f087239b77cc820a8d21daedf6f80cba63405fb7f643c67140879129bde2799903b920c0320ec04b0fbe7ef0cc561362ca5c73bd4e3112a34c967c40a6d2084298784ea3d47c6b15c3e32d5d407b34c2a69bf1a62a055e9b435e5bace6cd090b64bd5d9a9dd6e9cc7d1f11170e185acdf730175618b2f2276134886d5ee00aa5aea755a7c46f2a38bf2a3ecbca848639bf804ee8c5b57bbf02d051f35df3c4bcb13db505f8054557523358c57b79164ba1e9a9299f306d5ff28ad786c433133d40a27e5d3878332999c27bf7654245f8aca79c9beb21ac391804abca6946e28de0d03765becb4ae972b4813d0832e3880247993c19420365fad857ba2b733b3345d3f28383fe55aabc4a541a63c1dedb27b6e5defc7593bbe105527840eeb08f67ab71530a7e5bd3eb42e3a38d53b18d296161ffdf8d665e4e90f4cd7369a41363b270756fe2a3755650f7c67e757fbda1fa04bde74b34f578d94180e546a2f26c9b8547f25e17fa66fce835060b9c9c34c2d4c152a2e2048e450502f430fca7684e91909f1f914f0061d1ef03f9ea3009d0de2b53bbdc1a3bb4e749c9e99288ddf945abd3b2c7c42dee5d1a10a39a14ce44c72354b4f84eacdd28e4d2082924cc0f126d75fb085c1d90aceeca1a36cccafd69a72e0ee852b40230b262257d305638d25698b5104e262d573935de104f59629e4695464c5899019d0cddca2f5a3468c022658b0158fd8573326df9de26c91244152e0474342bd67966827de73dfd9bebfea3262fefbde36fb6779ed623008f497105fdcb1519035d1d8373f31840baa9978bdc95ee8b5e2c1d4adf71851c37d8bfdcd5dc6093292a520d09766f44c4967b896a55c21652c63778f2010533cb527b8bb9cf5781f825a61880a4a056548207cf12eef2c30d35d1590892c603db0bdfc1b1c3dde57ca277c10b3c82a95874b2a8bfd09ffd681227c4fdac3823ce9f6fb0324d0b23899a44e719aeffd22cde64f93d80756ebdf437fd2cd62155e3662b1f67226991a5fd0bced5c0e5731fa52d165947a87df2cefb37e95f3cb0a521980c1474131e7820b52cfa9ac28d0e67974cdb9e9f8bf1c61886f315d143de926052d3ebf4e3d50b386580361ec8476f7c8d622d0ef6a6cddfa9c87694e49936d720506048f468aed8fc5a2cb6f337f5073c4fe73ec99a41664f67fcf55fdaf6c2d98e4190c6e21958918513b6590fba5bbe318098abe7438d13ebe59d252aa292f01d2636c869ca0726298169b1a51e5dfae68dbb9a659cb2f9c90dce01b753629436713c82b7dba93bfe1bf67874517bc26426192edd4320ed40c8dd7dad155cfeddb448783ee9f76e67f018d4a91591cdc82cb4070bbfa14f84b6e3c1a6ed3007dc410fbb73bfe967f9d43e6fe673054bb0b623cb62940004b805cab5514bf8e8f373835c643b97e4c9713c36f550f44ad3d9a2017c923059c70f69065432bc4b442a4a7cb3d59921af18e2e1564b085c5a2f08848fc3d6529c4c011c32ef9e8b76b4e1102758300427f9cccdb6f0cf8c309e86754ca1e3b60daa8519917e8b4e89a7803f67a71e307fc1305e20fc5c4edbe73e153a1586516fabddc89d24e95f3266ab6f254ec60bfb28e339112946b9200de31a372042a5fd4d81f8fa16235bc5fba6bff7832026ede24e88aa4fde3e2a24fc9bafd52689ac84372d51342d519ec5b943582f512a64b00da113289fc7539fcb9b3f7662ea6f6d23e32624a14a9d1faeac2db2d722f4240c3843adbd43f5ce041cf04419f1fabfd81a7ac634b60e8e9c9f6eda550c403bae222a04f3b7b992"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x6}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x4}]}, 0x125c}, 0x1, 0x0, 0x0, 0x4c880}, 0x4000000)
r4 = inotify_init1(0x80000)
close_range(r4, r2, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000001d40)={'wg1\x00'})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r1, &(0x7f0000001e80)={&(0x7f0000001d80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001e40)={&(0x7f0000001dc0)={0x80, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3, 0xf}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0xa}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x16}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x53}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x53}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x17}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x40051)
setsockopt$inet_tcp_int(r3, 0x6, 0x6, &(0x7f0000001ec0)=0x5, 0x4)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000001f00)=0x80, 0x4)

18:08:50 executing program 5:
io_uring_enter(0xffffffffffffffff, 0x32a9, 0xd609, 0x2, &(0x7f0000000000)={[0x1]}, 0x8)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1, 0x5, &(0x7f0000001440)=[{&(0x7f00000000c0)="0e9b7c60cc2c4145fba2d1ec6b9b3885af1e07ca3d0d0c9fdc3448d7808326d7266f264e990e6b32214a24c1d610bccc028e893188239b3591e313e5b442d854f42e4a8de4008c50440a7b9113ab355b28182e5b555f5bc1900800c283390892fed4c3ca1410a2ecf514444d18537b113b80b4cc3d7e5bdb31266d21251e79cb92588720de66f5d7f946bfc3f58730f4", 0x90, 0x400}, {&(0x7f0000000180)="8f44a15492d75ec7eb2b872e2a68c5ec755e564805b6f744c1ec4625702744ab6b5c6cb67e378a40dcacb0f4c73c7036ba1d423521aca85e54331e6c7c6ac5a9cfcb26819f69995a159bf8f2a7231daa20cb4ba5fc22ee8c40f69d0286dc8ab19ac8c317b82d47dfe0cd6aa074abf84d64f19698db5b4aa7b56309e508381d6f3f8f17055ee71d350d1a176aa4", 0x8d, 0x5}, {&(0x7f0000000240)="5bf2158a37caeb62b04c0b44c9c36b977a4d0e0a79c0d3b96fa39026049dbedb1ccd38dfe6a3c980880253fe14626de319542f9a35add42e2d27acbce5e52b0eb0147580c7c350cdbbb1591c737a08050ce72b9cd66593ca34f33c667722e40d76732bc11ada3a431688591f1853a9d453daeaf71c344362c110db9bc20f49b1986cb771b0929e802df5f260411ed87749156f253d1029e1981ca1ff4691edaa4178cfa00a2e263a8a9b3953f808f48fb7fe03b796de8e5c5058bc199438f072eb6ad3c91331feabe0af5aa781a00650c32bdf8f5ba438573c00113842525a94d78998fb7ee643ef683444df5ce9b9fc523a460d363da798923c7cecf115", 0xfe, 0x8000}, {&(0x7f0000000340)="cf64e21e9b537d4fcab478bb0a5e27f72519c7c55fba5beea3a70a812748f4529e456fe4759dca7707f2acdbd45b4670f6c1cefdf5d000ce081b9e034ea2ffeae13bcc04e004bc66ae34873ae5a7165c5e38eed3a441355118c1d9eaba2608eeb6666a8420795cd727e6cb67590ca7be3bcf67cc639baa66550aae0203257889a2be83a1e39b849383ba2a6a8b357aa7af2319ea07a48e372cf25b51f0da0a4ea73c744dc86d68b70c240c0b27272a0c8c2f61957f12bbfd7cc0ab9481065f638e98b8e54b5e368d83494a32bef49a5f2813a59ccf06d7e80c06bb6fa17ba2c9a87e80ab7c94ae08d9cb62", 0xeb, 0x8}, {&(0x7f0000000440)="d96bfffc9e1fdba9fb989b4154aa230258e64cb71897482cf449bfe2c22592f3828c3e669e234beda205fc01fb2a7e01a3795f277e72a7d1eeea62f5b294c74a3ebc4966346353623d539137652c792edf3e3d85e7062cf039d41068b96a8fb178f22f2803bbc1a1491272af92790daa43339c67adcccb66d0e3637afac25d59f79089be3838f3f41faa4dfdd627473e2365e1c6088d7fa9394937b0f9a7b6ca6b3f86c8c793439730aa324f864762607c365e81ac9444141df827556ed5829b79dac4eb51762d7f50ce2502626d23148881aed2bc8f5156aba3b1b649c1259f7353a75ba8e725ef01bbe251931b8c1d0606ddeedf4e322176e1adb1a48362c42080f20e82594a519b02d3a3ce6864a6652c6307f12dd6d9acb22f7acfb1fb7cbf727a84a88b82b200bd5cf0e06e05424d290dde6defe677cd3260a13a53667e12dcbbb182124a3069ea684839a1fdfb8e1d19332030b58da84b8acfdffdbfb5abcc2f532daa611b99809d445389ce71d01345ad77ce6f3a5c54719aa7b792d570a3edf8555074d6e7f82b58cd9907cc3e6d2e53363f2b9fd0f305946ecce9153b1835e19411a91ead87ec379bdbe282ce4c44422e76c7cbd2155248ace4805134207893d3c5561dfed71e3043243bec1f9a5421c2785df8e7aadacdc19e3d8be1eb1c583811990058aec9293fec80a84056ef2cee2ba1505a8cf15cf9423ea6080daa6b250b418e7266bbb8ff4bbfd712e8ed5bc58e7e575cc32afeb05a97c63ce53f1f056dee826d2eb98edd5d49b3610bd0b0122bd4cde4bfb2f7500882abde1d30e5c779f5a1e66ead026be2d1e72a8f716aba5bdeacf9de92962344ced6678d1ab752fbd9b026448cde7a0300179bf78348ea75d756645962606ae57c51fe0e7ae4d0c2bc123f59556dc425b9364ecfca6c6bfc2162c14aeedeec94e3468987d362b689a268f3612b6bc0e7fbc954799e1de7c101e3f2bef0a6a12a8c5b75fe7447fdef1710de45c4e4c1ba8fc484d18725609f2b2600625219f2a07e337da8588d5ab56d7ca235a7b1f508dc60f0c2b225e6b8bbd24a905fc3d0f6b7ebe8c61eb6bf32c3d1fb8cdb77a45ca3bbdc668f5700691f5e869abc298d82e639b2d7d43ed1f30ece2582c58c6bd46f2047eab7fbae56c39a261fe4035003fcbc0609667898381bd689c7104613dc2688b1bb0b0f34f99a6c8294205186cea7f1671d9df3c305ad79aecd8260ff88ea3403ca950be529d5866356be5b90757fbf8a167c2bd36d28d714c14942ce7028ca7a0cede8d3b6398944a0fb8fc02ba3cc1209814d7eb52d8b4c29932780ea907163a2baf4936c174bb37d300b697f9da69583ccccc849dc9b6390024330709c5c6fbaabec166c2a746450df6c9c538f006772c9dd76d476131f2cba1fb2fa6dbca0acfc8ecc85543d70a8ca157ddf1e187926a4463790d6685a36c8fa9eb37886372c094c2c86fe96e74dd4885c24add7dc54fa631c56871d36a5caff4ec96f06d306f996b72eecf678004f872ba85f510c6343f00d48571c48ef4824efd0ac3d13f63554a43a8875627a24098851822f965c27311a75870dd23e4d209d46a5bada54786382415c093dd8cb32bb974e261942e99a78d3ab42b51ce59cb9d928e0ca5ac78e57a83a0d97c6b8994b501b06e7aaf1b461c85820f8f1a266729112ce5b83733ca95d61266adec0b66c4ec1f7ff7d590df06d1d3e8f3f5cab0e6997389e19ccb642a09f41f4c5f06d29adc19a6be99e7baed27e69ceb9bda491558addcf32de34da9836375d0d0aa7b49540f744740fb3186fed489f9c148afd78a9729217448c073973c8264bdc6a252b0fed84ac74063c4497dddbac319642ece832a9647a5a02487d887f88bebda0ccfdedaf2b94544b24ab8f2b20b1458f08094f14be8929a8c81ba1ada8b3191aa7bb940331acf587680c83023ef2c8652b0d5f9526b3279a3ad40ea78f67daa2847f5791ae934957900f828c036537062bb79611d13e98f13b6dd1619a1f369fb6962fe931d360c6727ec3d4a70ccc7672d9cdc1f2ba26aefc35dab51842293419837aebf977364156d610f4ec3fbf3f5782c4c294883f36c5f480944d9bec208e29224f1a459f246b78b3033e08bfdd51773ca659d27132e85cc309c9497dd035219ce6517f5de907238361f1358a914506a399ff69a31f2fbaa1c5d0a77d0a9a1f3ff65ee40cd5e4d4d659298e0cdbc1887ea82f988b7367b8fb2dbb18ceead1ec50a47241f02e795c9cb43aa870b70e899d9aabba60d9a0621b38f5362e24ae218276b905c0ba7f3075d775a251cc932df3c10c7ed97c86fff3d1d6c64eed1303e9b38f8ad07e22580ab3728fb6a4128a525e8b444a7843868882dc8a91e0657dc4fa54c14be04858b6c1aabe0f064bf3a9251f86789a4fe8e13ef8b1951df9a17029e923d49b360908190238e06fdad45dce635df9789e6013e9bf1efb568e7e9c07ac2f0013e108a99c7aea54c6496ff47d16a99c475e780f7abcd8530ff9585ee7970e333a8a0954b4ac30bb0ee2047d205a8e28ba4b2e8d6222a8a1d9533c0621f30c59103c6d49e0217bb6e7a2d3bd58c21426ac7526c99c4996b8b99d5bf46847ab475df2d086b5ea60aa2374aebc8283a71b8865b0baa9bfe15d05f805ce12a95fd2cfc7e801b84c8033a7ce20b39aba460df92d4857c0b4e0c87ddc80b19f3613bb1d1363da9f036d083bd645ac4e2dea8d18fcaad793722f2f83a1003a7ef2df906f23d2b2a834211a99e9b59182837e6a13fbea055f74c3d8b6c2e0f6dbd2150de1a7d3ea1f30c117c02b593797dd11be0f7044b19781dddb64ef31660b62adb48a8720ec164ef625260e248f6d4644213c81b36a43bcb0890b5c7859265176700fc5224db687884fc6e9c61951a1bdbc306f65bf6cf7d664d5915def769890d07f915c2279a1e1e7f85c18ff9ba932421e05bc02967b0e9b4411c422d89e61399125292a07a508730a31d9014d3ab9dd30bab5da4fff6730df4511950e02e19122ace912abdf4a73a20c9c9ecd7b4c7e018968aed15fca8bcec70d16117ec71cf2cd04a1804fc0bb89055a29e038c28722d50f9096b8d157d92726e91e8f1e180674985e123ce2e73d0d3f9ae63953b930d13f0aa7de6346c8ba6b2c4b884338e94471c17b02c6906be3b6a20359ac9193e09ba4c1e67fae2ac3150cc621ad8fe0677af823263782eeef4190f150ac25f8100fa3c8a1e0d78ba3d21fe32f91256a9537751401cbb7d5fe059e78acca11bff8a66046681ca648685af003757659f339787ec1a5d7453fa9ef2b52d491096edfa545e2989d387576f81fabcbaa452426ae597d81d0d4e4b4064138813ba9980a34a3e6e0f8186d628fc0995b6ef4673a0e6a877fba7613e3c232ef9c2b9cdc513a4b34538023c6df13bd92dad45dbb6fd349d04c16b12da18566d926a474911997a1eb17087a58e4fac2708b802079f35cc57af662f5cc88e3a86dc5aba67eb72e421ef39ae8e043db5143450b238019d3f75727120b14e86d05e691963d66329b32755bca436cec9456d91615c9a5f7bb3ba72eefba856f70633ab1afc68c8b3f0e6a5355ba23ee2ac082d1e01c48cac2b8d7eabb79c0403555a36299a521549a97ead8da817ab6f5e0708dbaabb992e2c691087fdcd1a19ff2cd143485c938eb0fff9f813c347010fb8dff881b908fccbc94d9bdc3469a056565f0ece7c6d891f2152d0bdb305d0d2c93aff14a6fba58eb2a6f2fbf02337ce16257189e64cdf97a625de4900770d339ca806caa2d3973b4ed153a787fdedeae67c51df36278726ac5dee85ac3f2c35d043a5f3699ba439f46f38b13ab32e547fd2969b0da2fcdabc4e227423add1df1aa4e56ce5368c9d92168663cf57ce2a9cd90c40dade9c7a45721b2e0d221ff7f83aead880b6bd31c8236175349c715758e9b9d379fb48752f37986c8e1ab588ef359c9b53a24e9514a4d3b93c7638810f9d68a11ee87d56a963b3083342c6d81dde69b83ea93151699b06946653059f83a1d1f4e8c5536a4ac10b7a9a0e7ae66137ba415ec44300f3536216f2c7601014b3a24802ca032955d74b0486719bae995f715567cfe4da6f4e0e5e0da36fb86d95dc1b143161b9f53461578275c247f56d8b00bd8dc4cbb2039a3233af79c260d5b89da8ad27e554c8a4eb0ef78fe8979110b411a11d1efeb95b3cc0ec934fcdf3fe4f741cd5e2a7f3f0cf8753bf27ea26b1dd1eae89a552b7f583a26fc0f0c8ed5ea331f8db3fd2da28c2d1b083a7483a1ee807c803297f16dd3e0815787d8a528223ea1a20dbe338bb16f37438a86010fbc172bfc7a0249556e5251c553c6549e00486c69670844e4361bd7a2b5cc5605f90a2ac17f2c91a846456ca2315412742402b586c68b7163f4d632fa86330f4fe6c4454890ded29bca3c18114ae917c24130a02b529b628bf1455d563684d22c576d4bef590a7f18ee70899d6e5d4c2e9d37aa1795377ece625f97cf166c1493087a4326dcaca7d223e719c74ff2948b5d7a43c3eb4b5aa176d8944af22a2596771a69568f132e0a4e954bf5de647966f9d119ab03e71cf671e32a1cf6c7acd18a53b29ab88899aeff0e2cf21c55d6bb09819ee463fcb3100f60aaf936d98cfa80176c9241a113671b0c0cfab7a139a09551f8eeeaf776d9c796d345b48c13055fbcf9e54154b2bf9e5ca11d8b87b06ac09646f9a83ee47098a82f6eb7fe14ab6d53b035438971ab212c97b94c825c1a12a6f3f266d64e448919666b21b502bffc2f6d89a248c288b73e9d487015cfac878679cc9b84575964ace771a03e42e1787c558a7c9de99d1fb8a9e666305a5c3d45f52159ef46b09c229cf61e4c44e7b287cbc02d2fe8e815c88ff1c7518933e195cf7aca89bd5e7cc4cec82d626e38a049be74d220827c10a24e954b3d644a17a3ba9cecec88de52b5ae05df735b8fbc76d06751f7c702d74b1a25a2cf246d82cd69cd390ccfae26266b5072732d86c6e15eea9f833656334957471f443515d50aeaebe88d2c61180a840a8331b344e2af62caddd58d29a6d65f084194cbf8fca189570fc093beb71498949c2ef2cd3cab7ee14ed3bd3daabea53f7b45d4ffdf8ce06433702bfed93d35d12dcf244b9a8f262689574321250a70ee44c7de25fe9ed17b47d6d373f8ee8127ce71248bc3b382f3cee4dac5abb6723b37f4dc432ae5e5bc92c1821fb9f65b5eb2bc3553676807744eeb988cf508c4ce4a30c068e9670d914c9f92dcbe47c21525d7a070f826de60589d25889b94d519b24525af694075111035ac74c26ef885191e6abcb8639213a76c05764fdc521c632ba2f9c7678d669fd0c62a616f1a3091b6622de8c5f3467ae1def39640edba4306fe8b010aa54936f924ac2ec893497145daac2f3f6179ff17987af76300636efd97ac16fc5a66b1faccfe0dd0f355d0ed65564baf3b42e0a86f93cde306b5e972e9fc4fda8fe1dd01e4cc9d55b7db18074054174c1f220647d8470ae537ec736770b99c937d111eff310bb7f94f257a58cc3ee1f88312cffa9572d09a0c0dae7edce4210aac2a32b354726edb24293a4ca04a96db1b2946036da44c51afa8e10fd747fa5b5a6d4a9c3021a55c74e6844df0bc9757f0b0da0e28491a5b90332bf48328f671f379e4b0f68a3583067558f5269e2bbecaf1aff9d2cb2c6b545eb6747ba802ad84eb03ed1da199ecd27169a71254809227bb9587b8dbf3f060e2821bea44c3b740bdd038405ab865091b1db1", 0x1000, 0x3ff}], 0x800000, &(0x7f00000014c0)={[{@dax}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@bh}], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@fowner_gt={'fowner>', 0xee00}}]})
ioctl$FIONCLEX(r0, 0x5450)
lsetxattr$security_capability(&(0x7f0000001540)='./file0\x00', &(0x7f0000001580), &(0x7f00000015c0)=@v1={0x1000000, [{0x6119, 0x7c}]}, 0xc, 0x2)
lstat(&(0x7f00000018c0)='./file0\x00', &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = syz_mount_image$nfs(&(0x7f0000001600), &(0x7f0000001640)='./file0\x00', 0x7, 0x3, &(0x7f0000001840)=[{&(0x7f0000001680)="e7ab28d8e2170191b94650c9df6b4f93d363b84c86682ea83ba14c1990a0ebfbfeeff0ff30131aa06f0e4b80d6773f4e99710246e28122dd78065a72d62182e4c48ebd552c164bb9ad6372ee5b68d23886ae8121389c825fa54f80", 0x5b, 0x80000001}, {&(0x7f0000001700)="40a7be3d6a35385083117a5cb232198cc188ca071bebc8e2100922d2d79c7912aa5dbb1da1290ffcbb8e23735b28647623b50685b9228be26ba118985bf5c0dbef8e7fbb604361a8df4ad18fac162d38a4470277fdf2924855e1fe82b96bfd45c783c2cd0a78c355bab04d037c25a45e126458884c872243ad17fbf7562da3eed7a7f3777e28a2faba83f7fb288ac086e0a93f0e1cfafa4d55c07b371e48ada05452", 0xa2, 0x5}, {&(0x7f00000017c0)="c3650f56b3aa36a8d56cd17f1e9d9c781aad2f3c43f686308c1d181b249e9cf31f81c9fce2bc8d55e8ef33a7af6362ccf599469571b90c2b196d9644e8c0f7055433a0e3f699744f7b3bc61179a153", 0x4f, 0x1}], 0xa10000, &(0x7f0000001980)={[{'staff_u'}, {'^}{'}], [{@audit}, {@permit_directio}, {@context={'context', 0x3d, 'user_u'}}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@fowner_gt={'fowner>', r1}}, {@pcr={'pcr', 0x3d, 0xf}}]})
bind(0xffffffffffffffff, &(0x7f0000001a00)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x3, 0x0, 0x2, {0xa, 0x4e22, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x57674d41}}}, 0x80)
mknodat(r0, &(0x7f0000001a80)='./file0/file0\x00', 0x100, 0x3f)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r3, 0x89fb, &(0x7f0000001b80)={'syztnl1\x00', &(0x7f0000001b00)={'syztnl2\x00', 0x0, 0x29, 0x3, 0x3, 0x9, 0x46, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7, 0x8000, 0x1, 0x7}})
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f0000001bc0)=0x4)
lsetxattr$trusted_overlay_upper(&(0x7f0000001c00)='./file0/file0\x00', &(0x7f0000001c40), &(0x7f0000001c80)={0x0, 0xfb, 0x63, 0x5, 0x4, "98064008d58c55466becd4326266b9e7", "a8b271640ae4c04f3bfb2c5ce935bad7f0a2dd80420f26e5c6ab03a4ab1a55138e81fa8427fcba2078bbbef3c19d1d336e0ce8d7659ee106efb3a20ba4e26e00c1a4b45bab9d18aca49ee9eab7f4"}, 0x63, 0x2)
io_uring_register$IORING_UNREGISTER_BUFFERS(r3, 0x1, 0x0, 0x0)
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000001d00)='./file0\x00', &(0x7f0000001d40)={0x2000, 0x0, 0x3}, 0x18)
fsetxattr(r4, &(0x7f0000001d80)=@random={'user.', 'mask'}, &(0x7f0000001dc0)='uid', 0x3, 0x3)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000020c0)={&(0x7f0000001e00)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x4e24, @multicast2}, 0x0, 0x3, 0x1}}, 0x80, &(0x7f0000002080)=[{&(0x7f0000001e80)="51f8228c14aafebb9b6c65af93fc719932d802090971c88ee4c4077f8543f30749e7ccadf06b38594be0b18246ec6f92d25496929172696a5e1760333195a1ab657081e96a443067218bc818e2cb5660f0c486f110b69cd7aea051962aeca271276e16bd7a8bb70303d9a2670f8a08e815131a16b4d7", 0x76}, {&(0x7f0000001f00)="14861bab5b0859d6382d22283b2b6d341209d84b7e6d7d", 0x17}, {&(0x7f0000001f40)="733d48b16e95a110cf8241e6d06eeda94ca93617cc50fe0d51275a3b7a5dfcbfa2fe540aea1cf937239e5a528c945533ff5a0e3183a613db4122eac401dc9f90cbefe4ce19a1ad171c7cb3ddd5921ac30541364bcac7fba4691430abdf190589e486f7c5494c90c1fa30c50324758f58a2d549865d3d5d20fb5a23eaa016bc89e8661a6b50b02b", 0x87}, {&(0x7f0000002000)="6dac30fe371f331edded124732abe3d4801676f908f74e73b62d9c5e482a2ac0a9f70cada8e05283cd9c60cd0f31ad3fff112dfc72668e4badc4ef9d94dace034b7210", 0x43}], 0x4}, 0x24040840)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f0000002100)={0x0, @aes128})
r5 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000002140)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
sendfile(r3, r5, &(0x7f0000002180)=0x2, 0x80000001)
lsetxattr$security_selinux(&(0x7f00000021c0)='./file0\x00', &(0x7f0000002200), &(0x7f0000002240)='system_u:object_r:apt_var_lib_t:s0\x00', 0x23, 0x2)

18:08:50 executing program 6:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
close(r0)
ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000))
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000040)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
r1 = socket$inet(0x2, 0x1, 0x800)
ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f00000000c0))
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'rose0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000140)={'gretap0\x00', r2, 0x80, 0x700, 0x3, 0x8, {{0x1b, 0x4, 0x3, 0x30, 0x6c, 0x67, 0x0, 0x81, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x22}, @remote, {[@cipso={0x86, 0x31, 0x1, [{0x0, 0xd, "9f38cf61adb1f7cf73bb97"}, {0x7, 0xf, "f0d9de52a6a7b9cdd1c9149a6e"}, {0x6, 0x6, "a1980ddd"}, {0x0, 0x7, "e2a15b9bbe"}, {0x6, 0x2}]}, @cipso={0x86, 0x24, 0x5e0a6c3fb5cdcbf3, [{0x7, 0x4, "8c2d"}, {0x0, 0x12, "c0219729d3c1ecf2a64da7bf3ebdd581"}, {0x7, 0x8, "682dd332529f"}]}]}}}}})
ioctl$HIDIOCGFEATURE(0xffffffffffffffff, 0xc0404807, &(0x7f0000000240)={0xff, "fbe94ce7e5a8fcb8e47ad64248d054207baf688fec5f2ce983cb08c45ab933c1175813c872195d7ae45fa6d7eeaf93fa698f380ea1d286df82d74ee852983a67"})
ioctl$FIGETBSZ(r0, 0x2, &(0x7f00000002c0))
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r3=>r0, {0x1}}, './file0\x00'})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs2/custom0\x00', 0x2, 0x0)
kcmp(0xffffffffffffffff, 0xffffffffffffffff, 0x6, r3, r4)
r5 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, r5)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = syz_open_dev$vcsa(&(0x7f0000000380), 0x5, 0x4aa202)
setsockopt$IP_VS_SO_SET_ZERO(r6, 0x0, 0x48f, &(0x7f00000003c0)={0x87, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x4, 'wrr\x00', 0x1, 0x3ff, 0x35}, 0x2c)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
syncfs(r7)

18:08:50 executing program 7:
recvmsg$unix(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000000), 0x6e, &(0x7f0000000580)=[{&(0x7f0000000080)=""/118, 0x76}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f0000000180)=""/23, 0x17}, {&(0x7f00000001c0)=""/202, 0xca}, {&(0x7f00000002c0)=""/8, 0x8}, {&(0x7f0000000300)=""/143, 0x8f}, {&(0x7f00000003c0)=""/188, 0xbc}, {&(0x7f0000000480)=""/234, 0xea}], 0x8, &(0x7f0000000600)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [<r0=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc0}, 0x10160)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000700)={{0x1, 0x1, 0x18, <r6=>r3, {<r7=>r0}}, './file0\x00'})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r2, &(0x7f0000000740))
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r2, &(0x7f0000000780)={0x40000004})
readv(r1, &(0x7f00000019c0)=[{&(0x7f00000007c0)=""/54, 0x36}, {&(0x7f0000000800)=""/27, 0x1b}, {&(0x7f0000000840)=""/71, 0x47}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/194, 0xc2}], 0x5)
flistxattr(r5, &(0x7f0000001a40)=""/59, 0x3b)
syz_mount_image$vfat(&(0x7f0000001a80), &(0x7f0000001ac0)='./file0\x00', 0x100000000, 0x1, &(0x7f0000001b80)=[{&(0x7f0000001b00)="29a7190106201eb93904a017c8e0464eee5357a892a4cf4b6b6aeaf57d0544d204b7ba9ff6d034f350a1855cdb73ce178566bf778c2a9a03cfc1253441fbcc61ba291e632656ed1ba3b2a0c7a2895ceb", 0x50, 0x5}], 0x1007, &(0x7f0000001bc0)={[{@utf8}, {@shortname_winnt}, {@shortname_mixed}, {@numtail}], [{@appraise_type}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@fsname={'fsname', 0x3d, '\x01$,'}}, {@obj_user={'obj_user', 0x3d, '/.'}}, {@smackfsroot={'smackfsroot', 0x3d, '-\xc3,)6&*.-\\.%#%'}}, {@measure}, {@appraise}, {@smackfstransmute={'smackfstransmute', 0x3d, ':*.'}}]})
syncfs(r2)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000001c80)={{0x1, 0x1, 0x18, <r8=>r5, {0x1}}, './file0\x00'})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000001cc0)={<r9=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r8, 0x40182103, &(0x7f0000001d40)={r9, 0x4, r6, 0x100})
preadv(r3, &(0x7f0000003080)=[{&(0x7f0000001d80)=""/196, 0xc4}, {&(0x7f0000001e80)=""/165, 0xa5}, {&(0x7f0000001f40)=""/4096, 0x1000}, {&(0x7f0000002f40)=""/96, 0x60}, {&(0x7f0000002fc0)=""/182, 0xb6}], 0x5, 0x7ff, 0x6)
r10 = fsmount(r6, 0x1, 0xfe)
r11 = syz_open_dev$usbmon(&(0x7f0000006140), 0xcc15, 0x4cc501)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r11, &(0x7f0000006180)={0xb0000016})
r12 = openat$sr(0xffffffffffffff9c, &(0x7f00000061c0), 0x2000, 0x0)
fsetxattr$security_ima(r12, &(0x7f0000006200), &(0x7f0000006240)=@md5={0x1, "b648b34d796b85106678d46c13d8ff7b"}, 0x11, 0x1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$HCIINQUIRY(r8, 0x800448f0, &(0x7f0000006280)={0x3, 0x3f, "4e95b8", 0x3f, 0x8})
ioctl$RTC_EPOCH_READ(0xffffffffffffffff, 0x8008700d, &(0x7f0000006300))

[   69.718290] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.720140] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.721968] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.723710] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.725049] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.726340] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.727603] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.728945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.730176] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.734449] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.735747] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.737017] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.748909] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   69.750566] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   69.751819] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   69.753030] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.754373] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.756022] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.760633] Bluetooth: hci2: HCI_REQ-0x0c1a
[   69.764544] Bluetooth: hci1: HCI_REQ-0x0c1a
[   69.765380] Bluetooth: hci0: HCI_REQ-0x0c1a
[   69.776455] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   69.777720] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   69.795931] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   69.795994] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   69.799212] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   69.799448] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   69.807238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   69.811740] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   69.815747] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   69.821717] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   69.835375] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   69.836380] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   69.840168] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   69.842064] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   69.845893] Bluetooth: hci3: HCI_REQ-0x0c1a
[   69.846838] Bluetooth: hci4: HCI_REQ-0x0c1a
[   69.847969] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   69.850548] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   69.852208] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   69.885762] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   69.898511] Bluetooth: hci5: HCI_REQ-0x0c1a
[   71.786799] Bluetooth: hci1: command 0x0409 tx timeout
[   71.786908] Bluetooth: hci2: command 0x0409 tx timeout
[   71.787511] Bluetooth: hci0: command 0x0409 tx timeout
[   71.851413] Bluetooth: hci7: Opcode 0x c03 failed: -110
[   71.852686] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   71.914386] Bluetooth: hci3: command 0x0409 tx timeout
[   71.915111] Bluetooth: hci4: command 0x0409 tx timeout
[   71.915753] Bluetooth: hci5: command 0x0409 tx timeout
[   73.835106] Bluetooth: hci2: command 0x041b tx timeout
[   73.835880] Bluetooth: hci0: command 0x041b tx timeout
[   73.836534] Bluetooth: hci1: command 0x041b tx timeout
[   73.962437] Bluetooth: hci5: command 0x041b tx timeout
[   73.963093] Bluetooth: hci4: command 0x041b tx timeout
[   73.964011] Bluetooth: hci3: command 0x041b tx timeout
[   75.024797] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   75.033801] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   75.040058] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   75.042982] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   75.046570] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   75.056098] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   75.071415] Bluetooth: hci7: HCI_REQ-0x0c1a
[   75.883372] Bluetooth: hci1: command 0x040f tx timeout
[   75.883399] Bluetooth: hci0: command 0x040f tx timeout
[   75.884241] Bluetooth: hci2: command 0x040f tx timeout
[   76.011445] Bluetooth: hci3: command 0x040f tx timeout
[   76.011471] Bluetooth: hci4: command 0x040f tx timeout
[   76.012379] Bluetooth: hci5: command 0x040f tx timeout
[   76.843359] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   77.099435] Bluetooth: hci7: command 0x0409 tx timeout
[   77.930361] Bluetooth: hci2: command 0x0419 tx timeout
[   77.932153] Bluetooth: hci0: command 0x0419 tx timeout
[   77.932187] Bluetooth: hci1: command 0x0419 tx timeout
[   78.058360] Bluetooth: hci5: command 0x0419 tx timeout
[   78.059380] Bluetooth: hci4: command 0x0419 tx timeout
[   78.059755] Bluetooth: hci3: command 0x0419 tx timeout
[   79.147359] Bluetooth: hci7: command 0x041b tx timeout
[   79.406130] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   79.408117] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   79.409482] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   79.411258] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   79.412479] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   79.413339] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   79.416008] Bluetooth: hci6: HCI_REQ-0x0c1a
[   81.194357] Bluetooth: hci7: command 0x040f tx timeout
[   81.450415] Bluetooth: hci6: command 0x0409 tx timeout
[   83.242398] Bluetooth: hci7: command 0x0419 tx timeout
[   83.498467] Bluetooth: hci6: command 0x041b tx timeout
[   85.547498] Bluetooth: hci6: command 0x040f tx timeout
[   87.595348] Bluetooth: hci6: command 0x0419 tx timeout
[  122.593185] loop5: detected capacity change from 0 to 128
[  122.604285] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  122.636253] loop5: detected capacity change from 0 to 264192
[  122.638223] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
18:09:44 executing program 5:
syz_emit_ethernet(0x46, &(0x7f0000000040)=ANY=[@ANYBLOB="bbbbbbbbbbbbbbbbbbbbbbbb86dd602ddc2000103afffe800000000000000000000000000000fe8000000000000000000000000000aa86009078ff0002000000000000000000edc1f432ff1ee85dbd63565a00a803c99dd60d8812477a4ceb"], 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0)
ioctl$SG_EMULATED_HOST(r0, 0x80081270, &(0x7f0000000000))

18:09:44 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=<r4=>0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x5, 0xcd, 0x1f, 0x7, 0x0, 0x3ff, 0x4, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x80, 0x8, 0x3, 0x1, 0xc22b, 0x6, 0x7ff, 0x0, 0x5, 0x0, 0xd9}, r4, 0xb, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r3}, 0x68)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x400)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0x1000, 0x3, 0xfffffff8})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0)

[  123.210036] audit: type=1400 audit(1664561384.848:7): avc:  denied  { open } for  pid=3636 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.212783] audit: type=1400 audit(1664561384.849:8): avc:  denied  { kernel } for  pid=3636 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.239376] ------------[ cut here ]------------
[  123.239409] 
[  123.239415] ======================================================
[  123.239422] WARNING: possible circular locking dependency detected
[  123.239429] 6.0.0-rc7-next-20220929 #1 Not tainted
[  123.239440] ------------------------------------------------------
[  123.239446] syz-executor.5/3637 is trying to acquire lock:
[  123.239457] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  123.239522] 
[  123.239522] but task is already holding lock:
[  123.239527] ffff88800e9b7020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.239574] 
[  123.239574] which lock already depends on the new lock.
[  123.239574] 
[  123.239579] 
[  123.239579] the existing dependency chain (in reverse order) is:
[  123.239585] 
[  123.239585] -> #3 (&ctx->lock){....}-{2:2}:
[  123.239610]        _raw_spin_lock+0x2a/0x40
[  123.239630]        __perf_event_task_sched_out+0x53b/0x18d0
[  123.239650]        __schedule+0xedd/0x2470
[  123.239676]        schedule+0xda/0x1b0
[  123.239700]        exit_to_user_mode_prepare+0x114/0x1a0
[  123.239721]        syscall_exit_to_user_mode+0x19/0x40
[  123.239744]        do_syscall_64+0x48/0x90
[  123.239775]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.239799] 
[  123.239799] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  123.239824]        _raw_spin_lock_nested+0x30/0x40
[  123.239843]        raw_spin_rq_lock_nested+0x1e/0x30
[  123.239866]        task_fork_fair+0x63/0x4d0
[  123.239896]        sched_cgroup_fork+0x3d0/0x540
[  123.239921]        copy_process+0x4183/0x6e20
[  123.239940]        kernel_clone+0xe7/0x890
[  123.239957]        user_mode_thread+0xad/0xf0
[  123.239976]        rest_init+0x24/0x250
[  123.239998]        arch_call_rest_init+0xf/0x14
[  123.240026]        start_kernel+0x4c6/0x4eb
[  123.240053]        secondary_startup_64_no_verify+0xe0/0xeb
[  123.240078] 
[  123.240078] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  123.240103]        _raw_spin_lock_irqsave+0x39/0x60
[  123.240123]        try_to_wake_up+0xab/0x1930
[  123.240147]        up+0x75/0xb0
[  123.240173]        __up_console_sem+0x6e/0x80
[  123.240205]        console_unlock+0x46a/0x590
[  123.240234]        vt_ioctl+0x2822/0x2ca0
[  123.240254]        tty_ioctl+0x785/0x16b0
[  123.240273]        __x64_sys_ioctl+0x19a/0x210
[  123.240297]        do_syscall_64+0x3b/0x90
[  123.240327]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.240350] 
[  123.240350] -> #0 ((console_sem).lock){....}-{2:2}:
[  123.240376]        __lock_acquire+0x2a02/0x5e70
[  123.240406]        lock_acquire+0x1a2/0x530
[  123.240435]        _raw_spin_lock_irqsave+0x39/0x60
[  123.240478]        down_trylock+0xe/0x70
[  123.240506]        __down_trylock_console_sem+0x3b/0xd0
[  123.240535]        vprintk_emit+0x16b/0x560
[  123.240565]        vprintk+0x84/0xa0
[  123.240594]        _printk+0xba/0xf1
[  123.240613]        report_bug.cold+0x72/0xab
[  123.240643]        handle_bug+0x3c/0x70
[  123.240673]        exc_invalid_op+0x14/0x50
[  123.240704]        asm_exc_invalid_op+0x16/0x20
[  123.240725]        group_sched_out.part.0+0x2c7/0x460
[  123.240758]        ctx_sched_out+0x8f1/0xc10
[  123.240789]        __perf_event_task_sched_out+0x6d0/0x18d0
[  123.240809]        __schedule+0xedd/0x2470
[  123.240834]        schedule+0xda/0x1b0
[  123.240858]        exit_to_user_mode_prepare+0x114/0x1a0
[  123.240878]        syscall_exit_to_user_mode+0x19/0x40
[  123.240901]        do_syscall_64+0x48/0x90
[  123.240932]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.240955] 
[  123.240955] other info that might help us debug this:
[  123.240955] 
[  123.240959] Chain exists of:
[  123.240959]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  123.240959] 
[  123.240987]  Possible unsafe locking scenario:
[  123.240987] 
[  123.240991]        CPU0                    CPU1
[  123.240995]        ----                    ----
[  123.240999]   lock(&ctx->lock);
[  123.241009]                                lock(&rq->__lock);
[  123.241021]                                lock(&ctx->lock);
[  123.241032]   lock((console_sem).lock);
[  123.241043] 
[  123.241043]  *** DEADLOCK ***
[  123.241043] 
[  123.241046] 2 locks held by syz-executor.5/3637:
[  123.241058]  #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  123.241113]  #1: ffff88800e9b7020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.241161] 
[  123.241161] stack backtrace:
[  123.241166] CPU: 0 PID: 3637 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220929 #1
[  123.241189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.241203] Call Trace:
[  123.241209]  <TASK>
[  123.241216]  dump_stack_lvl+0x8b/0xb3
[  123.241249]  check_noncircular+0x263/0x2e0
[  123.241280]  ? format_decode+0x26c/0xb50
[  123.241308]  ? print_circular_bug+0x450/0x450
[  123.241340]  ? enable_ptr_key_workfn+0x20/0x20
[  123.241369]  ? mark_lock.part.0+0xef/0x2f70
[  123.241401]  ? format_decode+0x26c/0xb50
[  123.241433]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  123.241465]  __lock_acquire+0x2a02/0x5e70
[  123.241505]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  123.241547]  lock_acquire+0x1a2/0x530
[  123.241578]  ? down_trylock+0xe/0x70
[  123.241609]  ? lock_release+0x750/0x750
[  123.241647]  ? vprintk+0x84/0xa0
[  123.241680]  _raw_spin_lock_irqsave+0x39/0x60
[  123.241701]  ? down_trylock+0xe/0x70
[  123.241731]  down_trylock+0xe/0x70
[  123.241760]  ? vprintk+0x84/0xa0
[  123.241791]  __down_trylock_console_sem+0x3b/0xd0
[  123.241823]  vprintk_emit+0x16b/0x560
[  123.241858]  vprintk+0x84/0xa0
[  123.241890]  _printk+0xba/0xf1
[  123.241911]  ? record_print_text.cold+0x16/0x16
[  123.241940]  ? report_bug.cold+0x66/0xab
[  123.241973]  ? group_sched_out.part.0+0x2c7/0x460
[  123.242007]  report_bug.cold+0x72/0xab
[  123.242042]  handle_bug+0x3c/0x70
[  123.242074]  exc_invalid_op+0x14/0x50
[  123.242107]  asm_exc_invalid_op+0x16/0x20
[  123.242131] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.242168] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.242188] RSP: 0018:ffff88803ef6fc48 EFLAGS: 00010006
[  123.242205] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.242219] RDX: ffff888018855040 RSI: ffffffff81565e67 RDI: 0000000000000005
[  123.242233] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  123.242246] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800e9b7000
[  123.242260] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002
[  123.242281]  ? group_sched_out.part.0+0x2c7/0x460
[  123.242318]  ? group_sched_out.part.0+0x2c7/0x460
[  123.242354]  ctx_sched_out+0x8f1/0xc10
[  123.242390]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.242417]  ? lock_is_held_type+0xd7/0x130
[  123.242442]  ? __perf_cgroup_move+0x160/0x160
[  123.242462]  ? set_next_entity+0x304/0x550
[  123.242494]  ? update_curr+0x267/0x740
[  123.242528]  ? lock_is_held_type+0xd7/0x130
[  123.242554]  __schedule+0xedd/0x2470
[  123.242585]  ? io_schedule_timeout+0x150/0x150
[  123.242616]  ? rcu_read_lock_sched_held+0x3e/0x80
[  123.242653]  schedule+0xda/0x1b0
[  123.242680]  exit_to_user_mode_prepare+0x114/0x1a0
[  123.242703]  syscall_exit_to_user_mode+0x19/0x40
[  123.242728]  do_syscall_64+0x48/0x90
[  123.242761]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.242785] RIP: 0033:0x7fcbf0dddb19
[  123.242800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.242820] RSP: 002b:00007fcbee353218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.242840] RAX: 0000000000000001 RBX: 00007fcbf0ef0f68 RCX: 00007fcbf0dddb19
[  123.242853] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcbf0ef0f6c
[  123.242867] RBP: 00007fcbf0ef0f60 R08: 000000000000000e R09: 0000000000000000
[  123.242880] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fcbf0ef0f6c
[  123.242894] R13: 00007ffc48fb999f R14: 00007fcbee353300 R15: 0000000000022000
[  123.242917]  </TASK>
[  123.343297] WARNING: CPU: 0 PID: 3637 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  123.344501] Modules linked in:
[  123.344922] CPU: 0 PID: 3637 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220929 #1
[  123.345946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.347375] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.348090] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.350396] RSP: 0018:ffff88803ef6fc48 EFLAGS: 00010006
[  123.351077] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.351986] RDX: ffff888018855040 RSI: ffffffff81565e67 RDI: 0000000000000005
[  123.352899] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  123.353805] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800e9b7000
[  123.354711] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002
[  123.355618] FS:  00007fcbee353700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  123.356650] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.357391] CR2: 00007fd1535a36c0 CR3: 0000000020640000 CR4: 0000000000350ef0
[  123.358300] Call Trace:
[  123.358636]  <TASK>
[  123.358939]  ctx_sched_out+0x8f1/0xc10
[  123.359468]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.360142]  ? lock_is_held_type+0xd7/0x130
[  123.360743]  ? __perf_cgroup_move+0x160/0x160
[  123.361332]  ? set_next_entity+0x304/0x550
[  123.361893]  ? update_curr+0x267/0x740
[  123.362416]  ? lock_is_held_type+0xd7/0x130
[  123.362985]  __schedule+0xedd/0x2470
[  123.363488]  ? io_schedule_timeout+0x150/0x150
[  123.364096]  ? rcu_read_lock_sched_held+0x3e/0x80
[  123.364757]  schedule+0xda/0x1b0
[  123.365216]  exit_to_user_mode_prepare+0x114/0x1a0
[  123.365858]  syscall_exit_to_user_mode+0x19/0x40
[  123.366484]  do_syscall_64+0x48/0x90
[  123.367009]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.367716] RIP: 0033:0x7fcbf0dddb19
[  123.368228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.370682] RSP: 002b:00007fcbee353218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.371719] RAX: 0000000000000001 RBX: 00007fcbf0ef0f68 RCX: 00007fcbf0dddb19
[  123.372692] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcbf0ef0f6c
[  123.373647] RBP: 00007fcbf0ef0f60 R08: 000000000000000e R09: 0000000000000000
[  123.374613] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fcbf0ef0f6c
[  123.375585] R13: 00007ffc48fb999f R14: 00007fcbee353300 R15: 0000000000022000
[  123.376555]  </TASK>
[  123.376875] irq event stamp: 674
[  123.377329] hardirqs last  enabled at (673): [<ffffffff8133e8c9>] exit_to_user_mode_prepare+0x109/0x1a0
[  123.378568] hardirqs last disabled at (674): [<ffffffff8425a985>] __schedule+0x1225/0x2470
[  123.379674] softirqs last  enabled at (538): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  123.380814] softirqs last disabled at (511): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  123.381942] ---[ end trace 0000000000000000 ]---
[  124.016364] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
[  124.016364]    program syz-executor.5 not setting count and/or reply_len properly
[  124.112194] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
[  124.112194]    program syz-executor.5 not setting count and/or reply_len properly
[  124.130304] hrtimer: interrupt took 13645 ns
18:09:45 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=<r4=>0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x5, 0xcd, 0x1f, 0x7, 0x0, 0x3ff, 0x4, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x80, 0x8, 0x3, 0x1, 0xc22b, 0x6, 0x7ff, 0x0, 0x5, 0x0, 0xd9}, r4, 0xb, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r3}, 0x68)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x400)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0x1000, 0x3, 0xfffffff8})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0)

18:09:45 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=<r4=>0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x5, 0xcd, 0x1f, 0x7, 0x0, 0x3ff, 0x4, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x80, 0x8, 0x3, 0x1, 0xc22b, 0x6, 0x7ff, 0x0, 0x5, 0x0, 0xd9}, r4, 0xb, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r3}, 0x68)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x400)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0x1000, 0x3, 0xfffffff8})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0)

[  124.429086] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
[  124.429086]    program syz-executor.5 not setting count and/or reply_len properly
18:09:46 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=<r4=>0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x5, 0xcd, 0x1f, 0x7, 0x0, 0x3ff, 0x4, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x80, 0x8, 0x3, 0x1, 0xc22b, 0x6, 0x7ff, 0x0, 0x5, 0x0, 0xd9}, r4, 0xb, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r3}, 0x68)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x400)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0x1000, 0x3, 0xfffffff8})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0)

[  124.668816] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
[  124.668816]    program syz-executor.5 not setting count and/or reply_len properly
18:09:46 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=<r4=>0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x5, 0xcd, 0x1f, 0x7, 0x0, 0x3ff, 0x4, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x80, 0x8, 0x3, 0x1, 0xc22b, 0x6, 0x7ff, 0x0, 0x5, 0x0, 0xd9}, r4, 0xb, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r3}, 0x68)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x400)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0x1000, 0x3, 0xfffffff8})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0)

[  124.827469] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
[  124.827469]    program syz-executor.2 not setting count and/or reply_len properly
18:09:46 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=<r4=>0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x5, 0xcd, 0x1f, 0x7, 0x0, 0x3ff, 0x4, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x80, 0x8, 0x3, 0x1, 0xc22b, 0x6, 0x7ff, 0x0, 0x5, 0x0, 0xd9}, r4, 0xb, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r3}, 0x68)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x400)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0x1000, 0x3, 0xfffffff8})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0)

[  124.886980] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
[  124.886980]    program syz-executor.5 not setting count and/or reply_len properly
18:09:46 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=<r4=>0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x5, 0xcd, 0x1f, 0x7, 0x0, 0x3ff, 0x4, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x80, 0x8, 0x3, 0x1, 0xc22b, 0x6, 0x7ff, 0x0, 0x5, 0x0, 0xd9}, r4, 0xb, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r3}, 0x68)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x401, 0x400)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0x1000, 0x3, 0xfffffff8})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0)

[  125.024254] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
[  125.024254]    program syz-executor.2 not setting count and/or reply_len properly
[  125.937054] audit: type=1326 audit(1664561387.576:9): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3825 comm="syz-executor.1" exe="/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e095bfb19 code=0x0
[  125.987679] audit: type=1326 audit(1664561387.627:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3825 comm="syz-executor.1" exe="/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e095bfb19 code=0x0
[  126.038655] audit: type=1326 audit(1664561387.678:11): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3825 comm="syz-executor.1" exe="/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e095bfb19 code=0x0
[  126.089717] audit: type=1326 audit(1664561387.729:12): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3825 comm="syz-executor.1" exe="/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e095bfb19 code=0x0
[  126.140717] audit: type=1326 audit(1664561387.780:13): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3825 comm="syz-executor.1" exe="/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e095bfb19 code=0x0
[  126.191643] audit: type=1326 audit(1664561387.831:14): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3825 comm="syz-executor.1" exe="/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e095bfb19 code=0x0
[  126.242779] audit: type=1326 audit(1664561387.882:15): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3825 comm="syz-executor.1" exe="/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e095bfb19 code=0x0
[  129.149831] loop3: detected capacity change from 0 to 255
[  129.976559] loop7: detected capacity change from 0 to 264192
[  129.985429] I/O error, dev loop7, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  130.046014] loop7: detected capacity change from 0 to 264192

VM DIAGNOSIS:
18:09:45  Registers:
info registers vcpu 0
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823ba3c1 RDI=ffffffff8765a9c0 RBP=ffffffff8765a980 RSP=ffff88803ef6f690
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000031 R11=0000000000000001
R12=0000000000000031 R13=ffffffff8765a980 R14=0000000000000010 R15=ffffffff823ba3b0
RIP=ffffffff823ba419 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fcbee353700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fd1535a36c0 CR3=0000000020640000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fcbf0ec47c0 00007fcbf0ec47c8
YMM02=0000000000000000 0000000000000000 00007fcbf0ec47e0 00007fcbf0ec47c0
YMM03=0000000000000000 0000000000000000 00007fcbf0ec47c8 00007fcbf0ec47c0
YMM04=0000000000000000 0000000000000000 ffffffffffffff00 ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff84272467 RDX=ffffed100d9c6fd1
RSI=0000000000000004 RDI=ffff88806ce37e80 RBP=ffff88806ce37e80 RSP=ffff88800861f868
R8 =0000000000000000 R9 =ffff88806ce37e83 R10=ffffed100d9c6fd0 R11=0000000000000001
R12=0000000000000003 R13=ffffed100d9c6fd0 R14=0000000000000001 R15=1ffff110010c3f0e
RIP=ffffffff842724e4 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fc4407108b0 CR3=0000000035a62000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 0000000000000000 ff00000000000000
YMM02=0000000000000000 0000000000000000 0000000000000000 0000ff0000000000
YMM03=0000000000000000 0000000000000000 000000ff00000000 00000000ff000000
YMM04=0000000000000000 0000000000000000 ff00000000000000 ff00000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000