Warning: Permanently added '[localhost]:46048' (ECDSA) to the list of known hosts.
2022/10/01 16:13:42 fuzzer started
2022/10/01 16:13:43 dialing manager at localhost:35095
syzkaller login: [   40.363478] cgroup: Unknown subsys name 'net'
[   40.488045] cgroup: Unknown subsys name 'rlimit'
[   42.161318] systemd-udevd (131) used greatest stack depth: 24664 bytes left
2022/10/01 16:13:56 syscalls: 2215
2022/10/01 16:13:56 code coverage: enabled
2022/10/01 16:13:56 comparison tracing: enabled
2022/10/01 16:13:56 extra coverage: enabled
2022/10/01 16:13:56 setuid sandbox: enabled
2022/10/01 16:13:56 namespace sandbox: enabled
2022/10/01 16:13:56 Android sandbox: enabled
2022/10/01 16:13:56 fault injection: enabled
2022/10/01 16:13:56 leak checking: enabled
2022/10/01 16:13:56 net packet injection: enabled
2022/10/01 16:13:56 net device setup: enabled
2022/10/01 16:13:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/01 16:13:56 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/01 16:13:56 USB emulation: enabled
2022/10/01 16:13:56 hci packet injection: enabled
2022/10/01 16:13:56 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/01 16:13:56 802.15.4 emulation: enabled
2022/10/01 16:13:56 fetching corpus: 50, signal 24050/25853 (executing program)
2022/10/01 16:13:56 fetching corpus: 100, signal 39676/43051 (executing program)
2022/10/01 16:13:57 fetching corpus: 150, signal 52231/56963 (executing program)
2022/10/01 16:13:57 fetching corpus: 200, signal 57234/63356 (executing program)
2022/10/01 16:13:57 fetching corpus: 250, signal 63222/70610 (executing program)
2022/10/01 16:13:57 fetching corpus: 300, signal 67621/76267 (executing program)
2022/10/01 16:13:57 fetching corpus: 350, signal 71294/81074 (executing program)
2022/10/01 16:13:57 fetching corpus: 400, signal 74482/85412 (executing program)
2022/10/01 16:13:57 fetching corpus: 450, signal 76926/89047 (executing program)
2022/10/01 16:13:57 fetching corpus: 500, signal 80177/93408 (executing program)
2022/10/01 16:13:58 fetching corpus: 550, signal 85501/99546 (executing program)
2022/10/01 16:13:58 fetching corpus: 600, signal 89715/104632 (executing program)
2022/10/01 16:13:58 fetching corpus: 650, signal 92720/108544 (executing program)
2022/10/01 16:13:58 fetching corpus: 700, signal 95821/112518 (executing program)
2022/10/01 16:13:58 fetching corpus: 750, signal 98134/115745 (executing program)
2022/10/01 16:13:58 fetching corpus: 800, signal 101073/119489 (executing program)
2022/10/01 16:13:58 fetching corpus: 850, signal 104856/123831 (executing program)
2022/10/01 16:13:58 fetching corpus: 900, signal 106259/126143 (executing program)
2022/10/01 16:13:59 fetching corpus: 950, signal 109073/129665 (executing program)
2022/10/01 16:13:59 fetching corpus: 1000, signal 111509/132750 (executing program)
2022/10/01 16:13:59 fetching corpus: 1050, signal 113495/135487 (executing program)
2022/10/01 16:13:59 fetching corpus: 1100, signal 115889/138471 (executing program)
2022/10/01 16:13:59 fetching corpus: 1150, signal 118325/141465 (executing program)
2022/10/01 16:13:59 fetching corpus: 1200, signal 119559/143458 (executing program)
2022/10/01 16:13:59 fetching corpus: 1250, signal 121464/145988 (executing program)
2022/10/01 16:14:00 fetching corpus: 1300, signal 122762/147951 (executing program)
2022/10/01 16:14:00 fetching corpus: 1350, signal 124055/149933 (executing program)
2022/10/01 16:14:00 fetching corpus: 1400, signal 125886/152296 (executing program)
2022/10/01 16:14:00 fetching corpus: 1450, signal 127234/154307 (executing program)
2022/10/01 16:14:00 fetching corpus: 1500, signal 129451/156914 (executing program)
2022/10/01 16:14:00 fetching corpus: 1550, signal 130892/158906 (executing program)
2022/10/01 16:14:00 fetching corpus: 1600, signal 133727/161972 (executing program)
2022/10/01 16:14:00 fetching corpus: 1650, signal 136431/164815 (executing program)
2022/10/01 16:14:00 fetching corpus: 1700, signal 137680/166596 (executing program)
2022/10/01 16:14:01 fetching corpus: 1750, signal 138907/168325 (executing program)
2022/10/01 16:14:01 fetching corpus: 1800, signal 140234/170076 (executing program)
2022/10/01 16:14:01 fetching corpus: 1850, signal 141344/171664 (executing program)
2022/10/01 16:14:01 fetching corpus: 1900, signal 142501/173301 (executing program)
2022/10/01 16:14:01 fetching corpus: 1950, signal 144006/175217 (executing program)
2022/10/01 16:14:01 fetching corpus: 2000, signal 145245/176820 (executing program)
2022/10/01 16:14:01 fetching corpus: 2050, signal 147123/178808 (executing program)
2022/10/01 16:14:01 fetching corpus: 2100, signal 147721/179992 (executing program)
2022/10/01 16:14:01 fetching corpus: 2150, signal 148547/181291 (executing program)
2022/10/01 16:14:02 fetching corpus: 2200, signal 149605/182721 (executing program)
2022/10/01 16:14:02 fetching corpus: 2250, signal 150876/184269 (executing program)
2022/10/01 16:14:02 fetching corpus: 2300, signal 152455/186098 (executing program)
2022/10/01 16:14:02 fetching corpus: 2350, signal 153317/187339 (executing program)
2022/10/01 16:14:02 fetching corpus: 2400, signal 154208/188579 (executing program)
2022/10/01 16:14:02 fetching corpus: 2450, signal 155727/190200 (executing program)
2022/10/01 16:14:02 fetching corpus: 2500, signal 156461/191321 (executing program)
2022/10/01 16:14:02 fetching corpus: 2550, signal 157429/192523 (executing program)
2022/10/01 16:14:02 fetching corpus: 2600, signal 158020/193525 (executing program)
2022/10/01 16:14:03 fetching corpus: 2650, signal 159237/194859 (executing program)
2022/10/01 16:14:03 fetching corpus: 2700, signal 160172/196007 (executing program)
2022/10/01 16:14:03 fetching corpus: 2750, signal 160716/197001 (executing program)
2022/10/01 16:14:03 fetching corpus: 2800, signal 161540/198099 (executing program)
2022/10/01 16:14:03 fetching corpus: 2850, signal 162663/199276 (executing program)
2022/10/01 16:14:03 fetching corpus: 2900, signal 163400/200268 (executing program)
2022/10/01 16:14:03 fetching corpus: 2950, signal 164082/201296 (executing program)
2022/10/01 16:14:03 fetching corpus: 3000, signal 164981/202346 (executing program)
2022/10/01 16:14:03 fetching corpus: 3050, signal 166595/203762 (executing program)
2022/10/01 16:14:03 fetching corpus: 3100, signal 167604/204859 (executing program)
2022/10/01 16:14:04 fetching corpus: 3150, signal 169788/206439 (executing program)
2022/10/01 16:14:04 fetching corpus: 3200, signal 170537/207342 (executing program)
2022/10/01 16:14:04 fetching corpus: 3250, signal 171089/208138 (executing program)
2022/10/01 16:14:04 fetching corpus: 3300, signal 171605/208947 (executing program)
2022/10/01 16:14:04 fetching corpus: 3350, signal 172231/209792 (executing program)
2022/10/01 16:14:04 fetching corpus: 3400, signal 173227/210764 (executing program)
2022/10/01 16:14:04 fetching corpus: 3450, signal 173979/211640 (executing program)
2022/10/01 16:14:04 fetching corpus: 3500, signal 174455/212338 (executing program)
2022/10/01 16:14:05 fetching corpus: 3550, signal 175218/213180 (executing program)
2022/10/01 16:14:05 fetching corpus: 3600, signal 176107/214067 (executing program)
2022/10/01 16:14:05 fetching corpus: 3650, signal 176651/214804 (executing program)
2022/10/01 16:14:05 fetching corpus: 3700, signal 177282/215627 (executing program)
2022/10/01 16:14:05 fetching corpus: 3750, signal 177850/216365 (executing program)
2022/10/01 16:14:05 fetching corpus: 3800, signal 179150/217373 (executing program)
2022/10/01 16:14:05 fetching corpus: 3850, signal 179847/218107 (executing program)
2022/10/01 16:14:05 fetching corpus: 3900, signal 181038/219020 (executing program)
2022/10/01 16:14:06 fetching corpus: 3950, signal 181717/219688 (executing program)
2022/10/01 16:14:06 fetching corpus: 4000, signal 182362/220412 (executing program)
2022/10/01 16:14:06 fetching corpus: 4050, signal 182918/221057 (executing program)
2022/10/01 16:14:06 fetching corpus: 4100, signal 183404/221706 (executing program)
2022/10/01 16:14:06 fetching corpus: 4150, signal 183944/222335 (executing program)
2022/10/01 16:14:06 fetching corpus: 4200, signal 185045/223146 (executing program)
2022/10/01 16:14:06 fetching corpus: 4250, signal 186150/223883 (executing program)
2022/10/01 16:14:07 fetching corpus: 4300, signal 187702/224785 (executing program)
2022/10/01 16:14:07 fetching corpus: 4350, signal 188494/225437 (executing program)
2022/10/01 16:14:07 fetching corpus: 4400, signal 189046/226004 (executing program)
2022/10/01 16:14:07 fetching corpus: 4450, signal 190261/226751 (executing program)
2022/10/01 16:14:07 fetching corpus: 4500, signal 190528/227208 (executing program)
2022/10/01 16:14:07 fetching corpus: 4550, signal 191263/227767 (executing program)
2022/10/01 16:14:07 fetching corpus: 4600, signal 191573/228267 (executing program)
2022/10/01 16:14:07 fetching corpus: 4650, signal 192000/228821 (executing program)
2022/10/01 16:14:07 fetching corpus: 4700, signal 192593/229517 (executing program)
2022/10/01 16:14:08 fetching corpus: 4750, signal 193395/230175 (executing program)
2022/10/01 16:14:08 fetching corpus: 4800, signal 193866/230637 (executing program)
2022/10/01 16:14:08 fetching corpus: 4850, signal 194313/231076 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/231508 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/231882 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/232262 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/232630 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/233029 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/233430 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/233807 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/234182 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/234569 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/234941 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/235302 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/235675 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/236076 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/236437 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/236801 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/237157 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/237512 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/237888 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/238271 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/238655 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/238917 (executing program)
2022/10/01 16:14:08 fetching corpus: 4871, signal 194680/238917 (executing program)
2022/10/01 16:14:10 starting 8 fuzzer processes
16:14:10 executing program 0:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x90840, 0x0)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f00000000c0)={&(0x7f0000000040)=""/68, 0x44})
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x100000, 0x0)
ioctl$RTC_VL_READ(r1, 0x80047013, &(0x7f0000000140))
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000002c0)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000b08000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000f80000/0x4000)=nil, &(0x7f0000be1000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000943000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)="1f0f5195aa707750b2c7bf355cab147d95317adb8e7ee8e7895a82c8cd320bcc9416d18b2a755c0e1966e1d7de76db3a31db115cdcc8eb16bedf1ff8adbde78f29b20afe1a75e5f9240c17243531317cdc1225a107c9aacb387f6b8c82c02633bf7c1c844bfc063579331d68fa3a9aeb9dfce22754c1edd238b7c715a2cd8a2d07b49de9806aace915c419e6250f7a4f4b937fcf4ede1995179b4e5cb0322107bd8d6ff8a7aa641b38c2616a986fd24c079dcaba8f5fb5956870046c8f2fee04312c2055948fe17c943436b51496af0b8453b6484b0a", 0xd6, r2}, 0x68)
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000340)={0x0, 0x1, {0xd, 0x1, 0x7, 0x7, 0x2, 0x80000001, 0x4, 0x30, 0x1}})
ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f0000000380)={{0x2, 0x4e20, @local}, {0x6, @local}, 0x20, {0x2, 0x4e24, @loopback}, 'vcan0\x00'})
ioctl$RTC_AIE_OFF(r1, 0x7002)
pipe2(&(0x7f0000000400)={<r3=>0xffffffffffffffff}, 0x4000)
ppoll(&(0x7f0000000440)=[{r0, 0x8}, {r3, 0x21}, {r0, 0x12}, {r2, 0x104}, {r1}, {r2, 0x8}], 0x6, &(0x7f0000000480), &(0x7f00000004c0)={[0x4]}, 0x8)
vmsplice(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f0000000500)="4b7eeb5daa5a12a85eb64f090198344fbd20bfc825371fce1d9e6c98edd622071a301381a0a6f8b3ac2135582962c7f16a2d550d6ed3ce525782b02423065025b9002b7ca82fcb54beb6b6d4551c8c5061ecfba49ef030b7b885845cc19d89082a7d14a9113bdf930f30c753daa9491cee66f012af4a45b31f9255c1eaa99784b5e32a01c0c4a8e2434a274a1cbd6ba8a2d77bccbd940c0aa451336b6ea72a15b0de109bedefe3178bdea4093b7d52a24366d69ba4218792d24a7de92670146af77711fe86c8c61180e0c86ba9272fb1203e0557178b3bdfe235b541", 0xdc}, {&(0x7f0000000600)="07fb6088c8415e54cac46be92dc9cf95ca289fb2f43858efc83bab16389efee6772597f4dc86a5a1aeaf11152efda105f3c8e97bcd84ff1cff7b966e161fa365bf7dc5d55cb2a5a2cbb83363867f13e69c5766c39251ef841149c3bc84b4d995e9f828bac406157e336d8f45118fbc752372c19df636378e81e92626bb41e54b7b5492191bf9327f11334cb9bb12d6333814aed0cbf15d45c46b66a66d39f0668eca6aebf1041a7c51536341", 0xac}, {&(0x7f00000006c0)="1a5577d3a1fb6cbfc608b54cadfe94b6136394e6fbfda404aed9e65a2a6ef5082f3a621c069f3e1cc98c670c2f52e993a4d0e8a44c48a0d8ac955172261a7078ed1f3fa720a9215445bcbeba16077ef96634c2d4bc081cafc4bb4e43012b0accc76c0844b8cd3be19980a70e7009d45695666f496944fde243b0eba209ba1afd29c9725292922d3b17671039e35de7d387121d0ea42b4078cb93d59d5cae053f109d953a08193c9770e8a8ced7fdea17bfa83c25fd14b76f5ff6a816d538a905cb6d61b92a1469ae8f16", 0xca}, {&(0x7f00000007c0)="ecdde799c1a15d1e485148e0ed38393027547534099c145b3e5318019cb09fe5a79234dd", 0x24}, {&(0x7f0000000800)="307071ea10f2e5a0becfd000e1d0bc1f785ac5d36cd3d40388658517f0d456a34f492a381384be", 0x27}], 0x5, 0x4)
writev(0xffffffffffffffff, &(0x7f0000000d80)=[{&(0x7f00000008c0)="b7ec0c7f1159b877c618da1eafd9bd2e6009fc33b09237d9b7fb93e68ccb27a73410c408fca3036aa9e16eca368906e60533c5e9a2080b3ea1799d28b9680c81af6fd235e1784a19dfa5bc1ef8255f4c18ac8627f9d9cc45e40e66847415fa688c2f2a2e682041845019", 0x6a}, {&(0x7f0000000940)="9747d9a48d841685a7512365bcb77c57adc98bdf1a9bb2460bfe1d034a779161355491fba1cd80e2e848ee1a356ca6379ba1bf4f74378f7cf1045595b0b90a5d3f272aad228ee2da61aa1d2ba3", 0x4d}, {&(0x7f00000009c0)="5b83a75050cbba35b1ce71710de3f5e4bad0132564ba78d034b42cba8160f5fc5ab5a22473a866eadaf877e47e6f4306da6219151821fb3b6395f49a8681b8bafdabe42762e8669d", 0x48}, {&(0x7f0000000a40)="ab84cb6ce5eeb41825cac23fb725088842b87520e31a3f639c99f962c17afd23cabb160f38df2f6826fadbde5e7376a56615a034d2ecd5b4e49aead84d36ef073b457d4c019fc337f0a5780170449551b81ec185ab60318e9f013f2bf8e27d188d85e61219c6872082", 0x69}, {&(0x7f0000000ac0)="4ea8c8622e716d9fb00c525ee12287eb4b487c0d2b816c7b", 0x18}, {&(0x7f0000000b00)="cab7e9e6631e4e50b6ea3e2b11110844c49bd0f863e75132b1321717af57223dab796a716059ef4397e7c2ecd1726e780b8795f515f5f86f4f486b1c12021ef9df55568fdb57caecd68aada554de8c88a811107c7a210c5ab24171f1bfeca5708bdace7873d34b93238b4d2dff5a1a598706f2ffbabdddc1b43ceccf62a6f236dc0c7cd81d6f3a7063a7fe9ccd09958e99bfb8fea08e204d38f9b4a38612c9bbfe326d9ada337e99767d908e83e20de3b8cdac12cbb3b517c5ee904eb4b99058f6b8ffbcf24d9dc67aa0281a38b4600a7b24fc24895b28bc5b69923d715f688f92979b35efbe30bb3414206c72de416dbb", 0xf1}, {&(0x7f0000000c00)="a3bb521371", 0x5}, {&(0x7f0000000c40)="a428b6f25792a60c29f457861d86c8aa26e34427a13a891ec8dc69672f5ca65c243671545c7021f8f13cb39716bf999c8cc4518bc9daa499da819b", 0x3b}, {&(0x7f0000000c80)="41b63a69ba471d990cac7bbd461bd50cffe873c0cba9d8f9f108d5e755e8ef20023e0689321d8449de915e6369fb74e7ad18285a8e64c0ff115df565d8a029d345578a3f824407a994d4da1b67faec57845a17be299a872cd7360dcf3eabe2718bf48188d9a9b4fe7a30cfd5434d07ba59aa9fe0c86bdf71dad384b52cf57df4edd4945d4526f8d0efa84d2e48a9b24c704908b164748058a066594e550771fe6c95002768783045e63bdcaf63b1ff14", 0xb0}, {&(0x7f0000000d40)="8b9ecc2b2b90fdf76abb5386f02b30a4520eaa93b60c25641731f77987e5d10e", 0x20}], 0xa)
ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f0000000e80)={0x0, {0x2, 0x4e24, @broadcast}, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000e40)='vcan0\x00', 0xfffffffffffffe01, 0x7, 0x20})
r4 = syz_open_dev$vcsu(&(0x7f0000000f00), 0xe4d3, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f0000000f40)={0x9, 0x46})
fallocate(r0, 0x41, 0xfffffffeffffffff, 0x3)
signalfd(r4, &(0x7f0000000f80)={[0x1]}, 0x8)
r5 = signalfd(r2, &(0x7f0000000fc0)={[0x5]}, 0x8)
sendmsg$NL80211_CMD_GET_MPP(r5, &(0x7f0000001140)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001100)={&(0x7f0000001080)={0x58, 0x0, 0x4, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000014}, 0x40000)

16:14:10 executing program 1:
ftruncate(0xffffffffffffffff, 0xf8)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x4}}, './file0\x00'})
sendmsg$AUDIT_ADD_RULE(r0, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)={0x444, 0x3f3, 0x4, 0x70bd2a, 0x25dfdbfd, {0x2, 0x2, 0x2d, [0xa6e3, 0x8, 0x2, 0x1, 0x1, 0x8001, 0x0, 0x4, 0x2da, 0x0, 0x0, 0x1, 0x2, 0x1, 0x8, 0x79960135, 0x2, 0xffff52e7, 0x8, 0x6, 0x7f, 0xfffff608, 0x4, 0x3f, 0x6, 0x0, 0x1000, 0x4, 0x3ff, 0x9, 0x80, 0x40, 0x7fff, 0xf31, 0x7f, 0x5, 0x7fffffff, 0x6e80, 0x5, 0x7f, 0xff, 0x95b9, 0x7fffffff, 0x0, 0xfffffffa, 0x9, 0x80000001, 0x9, 0x9, 0x3, 0x5, 0x1000, 0x1000, 0x6, 0x7, 0x9, 0x42, 0xb5, 0x72b2, 0x6, 0x4, 0x7, 0x1, 0x51b], [0x7, 0x4, 0x9, 0x9, 0x6, 0x9, 0x6, 0xf4e1, 0x20, 0x200, 0x5f, 0x3ff, 0x43ab5681, 0x3, 0x1, 0x401, 0xfffffbff, 0x2, 0xfff, 0x1, 0x2, 0x50000000, 0x2, 0x39d7, 0x2, 0x9, 0x4, 0x8, 0x5, 0x100, 0x4, 0x7, 0x80000001, 0x6, 0x8, 0x81, 0x400, 0x442, 0x81, 0x4, 0x0, 0x9, 0x5, 0x4, 0xfffeffff, 0xec50, 0x8, 0x4, 0x3, 0x2, 0x1f, 0x1, 0x6, 0x8000, 0xfff, 0x3, 0x401, 0x3, 0x8, 0x677, 0x7fffffff, 0x5, 0xfff, 0x3], [0x7ff, 0x80000000, 0x0, 0x401, 0x2, 0x0, 0x2, 0x1, 0x40, 0x3, 0x8001, 0x8, 0x1, 0x49bc, 0x2, 0x9, 0x9, 0x7, 0xd, 0x9, 0x9, 0x6, 0x6, 0x1, 0x94, 0x9, 0x80, 0x7, 0x6, 0x5, 0xffffffff, 0x1, 0x3ff, 0x7, 0x1, 0x8001, 0xc9d5, 0xdc0c, 0xfffffffa, 0x6, 0xf927, 0x7f, 0xfffffff9, 0x9, 0x3, 0x0, 0x8, 0x470, 0xffff, 0x401, 0x10001, 0x20, 0xff, 0x999, 0xed, 0xef, 0x9, 0x5, 0xff, 0xa74, 0x4, 0x401, 0x7, 0x226], [0x3, 0x2, 0x9, 0x4, 0x6, 0x9, 0x8, 0x2, 0x7, 0x4, 0x6, 0x8001, 0x86b, 0x5, 0xe22a, 0x3ff, 0x1, 0x8, 0x0, 0x3, 0x3, 0x3d75, 0x0, 0x1, 0xc70, 0x1, 0xaeb, 0x2c6, 0x1, 0xffff7fff, 0x9, 0x1, 0xfffffffa, 0x2, 0x6, 0x8c, 0xfff, 0x2, 0x7, 0xfffffffa, 0x1, 0xfffff1c3, 0x6, 0xffffffff, 0xe3, 0x1, 0x7, 0xffffffff, 0x2, 0x6, 0xb0eb, 0x2, 0x8, 0x83, 0xffff8001, 0x1, 0x80000001, 0x1, 0x9, 0x87, 0x69e, 0x4, 0x2, 0x2], 0x23, ['{@\x00', ':\x00', '\',', '+\x00', '{}/W\x00', '%-)\x00', '+D,(^\x00', '-,%#-\x00', '-+,\xa0\x00']}, ["", "", "", "", "", ""]}, 0x444}, 0x1, 0x0, 0x0, 0x1}, 0x1)
sendmsg$NL80211_CMD_SET_BEACON(r0, &(0x7f0000000940)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f0000000680)={0x26c, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9a04, 0xc}}}}, [@NL80211_ATTR_FTM_RESPONDER={0xcc, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xbf, 0x3, "f417a8ae6a5441af678c79346f4e4b46c2ce485967e084444798f74aeb3f6f725f2a74050f6f46f0ef884b316e6d8a5f8e473ff343b65d6d9ddd007d758783194edee11938350dadbf1ecc21547bd75997430df703b0c96fef173fe8b12e1985539c20bffc56ec729631e8a5fa5a0542fc54d50653b72c1161d3ad3324f3ad5fb82ec639e5c58686f2761faf790631fa9b9593291ab2a0789f4c52348eb2d7597c99bc03077a154b46ea8a9bb9b51acac117798a35858c5fe2f8f4"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_FTM_RESPONDER={0x3c, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x34, 0x2, "ddfeea2d800b8b8ff06b53bcf0459aba51957d29d7314f81d87f01ea8eab8d86ab4820fad1c2f15416125bd89ab16d40"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_BEACON_HEAD={0x13c, 0xe, {@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x1f}, @device_a, @broadcast, @initial, {0x4, 0x9}}, 0x800, @random=0x6, 0xa000, @void, @val={0x1, 0x8, [{0x6}, {0x1}, {0xb}, {0x5}, {0xb}, {0x48}, {0x48, 0x1}, {0x22}]}, @val={0x3, 0x1, 0x70}, @val={0x4, 0x6, {0x7f, 0x13, 0x0, 0x3}}, @void, @void, @val={0x25, 0x3, {0x0, 0xb9, 0x3}}, @val={0x2a, 0x1, {0x0, 0x1}}, @val={0x3c, 0x4, {0x1, 0xc9, 0x4, 0x5}}, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0xffffffffffffffff, 0x1, 0x0, 0x1, 0x6, 0x40}}, @val={0x76, 0x6, {0x1, 0x1, 0x42, 0x20}}, [{0xdd, 0xc8, "8ef5d258f54fc9988ababfdf4be9019037345bbd101c4f11f18eaa1eaf2b2e4a5766c160f346cf1ca7c342703df2e9e872f1f73f05a67a01a04dfd7f87d995cc07d7b24a9cd2fd495b2b25f82093b1e4e83ef7ea3a513b2431bd90e06125c648bbf639a8335faa0de2a343df27ecd007aeaa44e5202ed231d3793ced4744197072da2b9d2aa3331f6251da9ded42a7abfd9c86de79f010ee2390c41d6c3ddbd8141b894539f922f7ebf4f224be681f8b54daf3fdcd0e2b05fc03ae24fa6f4a406af6e14fc6925a29"}, {0xdd, 0xc, "0eec6e66af363d8be2a51abf"}]}}]}, 0x26c}, 0x1, 0x0, 0x0, 0x810}, 0x8010)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000a40)={&(0x7f0000000980), 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x28, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x48010}, 0x4c070)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000b40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x2c, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x5a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8081}, 0x4044)
r1 = open_tree(r0, &(0x7f0000000b80)='./file0\x00', 0x80800)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), r0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x60, r2, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x3}}}}, [@NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HOLDING_TIMEOUT={0x6, 0x3, 0xb3}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}, @NL80211_MESHCONF_RSSI_THRESHOLD={0x8, 0x14, 0xffffffffffffff76}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x9}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x5b}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x3, 0x67}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20008080}, 0x4c800)
r3 = fsmount(r0, 0x1, 0xd)
perf_event_open$cgroup(&(0x7f0000000d40)={0x0, 0x80, 0x0, 0x1, 0x82, 0x4, 0x0, 0x6, 0x1100, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext={0x2, 0x3ff}, 0x410, 0x11, 0x4, 0x3, 0x1, 0x1, 0xff, 0x0, 0x4, 0x0, 0x804a}, r3, 0x5, r0, 0x2)
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000e80)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x14, r2, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f00), r1)
sendmsg$NL80211_CMD_DEL_INTERFACE(r3, &(0x7f0000000fc0)={&(0x7f0000000ec0), 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x20, r4, 0x4, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x800, 0x6b}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x4008000}, 0x80)
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f00000010c0)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x24, r2, 0x8, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x2, 0x79}}}}, [@NL80211_ATTR_HANDLE_DFS={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4808}, 0x8000)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
fcntl$F_SET_RW_HINT(r5, 0x40c, &(0x7f0000001100))
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x38, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x81}, 0x880)
sendmsg$IPSET_CMD_GET_BYNAME(r3, &(0x7f0000001340)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001300)={&(0x7f0000001280)={0x58, 0xe, 0x6, 0x401, 0x0, 0x0, {0x3, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x14040004}, 0x20080060)
openat(0xffffffffffffffff, &(0x7f0000001380)='./file0\x00', 0x100b80, 0x80)

[   68.062182] audit: type=1400 audit(1664640850.948:6): avc:  denied  { execmem } for  pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
16:14:10 executing program 7:
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x74, 0x0, 0x9, 0x3, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x7}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x3}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0xfffff88e}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8}}]}, 0x74}}, 0x18)
r0 = openat2(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x10000, 0xca, 0x10}, 0x18)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, r1, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1000, 0xb}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x44884}, 0x88c1)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r2=>r0, {0x2800000}}, './file0\x00'})
r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_SET_CHANNEL(r2, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r4, 0x1, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004040}, 0x4000)
r5 = creat(&(0x7f0000000480)='./file0\x00', 0x10)
sendmsg$TIPC_NL_MEDIA_GET(r5, &(0x7f00000008c0)={&(0x7f00000004c0), 0xc, &(0x7f0000000880)={&(0x7f0000000500)={0x37c, 0x0, 0x800, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x7fff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x57e7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1f}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x40}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4a5}]}, @TIPC_NLA_LINK={0xb0, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4ee}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x94d}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x154, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xd36}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x57b36a22}]}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfb93}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8eb6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x6c4, @private0={0xfc, 0x0, '\x00', 0x1}, 0xa8c}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x437, @loopback, 0x6}}}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffff8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x7, @remote, 0x251ee6f7}}}}]}, @TIPC_NLA_LINK={0xc4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffe01}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8}]}]}, @TIPC_NLA_MEDIA={0x44, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf16}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9d9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x94f4f33}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}]}]}, 0x37c}, 0x1, 0x0, 0x0, 0x40408c1}, 0x800)
r6 = open_tree(r2, &(0x7f0000000900)='./file0\x00', 0x0)
r7 = creat(&(0x7f0000000980)='./file0\x00', 0x100)
syz_genetlink_get_family_id$batadv(&(0x7f0000000940), r7)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x28, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4040)
mknod$loop(&(0x7f0000000ac0)='./file0\x00', 0x200, 0x0)
sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x2c, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PREV_BSSID={0xa}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48085}, 0x5)
sendmsg$NL80211_CMD_SET_STATION(r5, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x38, r4, 0x20, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0xffff, 0x13}}}}, [@NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x48a}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0xe481}]}, 0x38}, 0x1, 0x0, 0x0, 0x4091}, 0x4008011)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r5, 0xf50f, 0x0)
lchown(&(0x7f0000000d00)='./file0\x00', 0xffffffffffffffff, 0x0)

16:14:10 executing program 4:
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000000)=0x2, 0x4)
getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000040), &(0x7f0000000080)=0x4)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x8c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x33}, @val={0x8}, @void}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x2e, 0x2d}}, @NL80211_ATTR_PID={0x8}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x0, 0x7}}, @NL80211_ATTR_NETNS_FD={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x7ff, 0x65}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x4, 0x3b}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x3, 0x13}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xc1d, 0x16}}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000081}, 0x4000)
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000300)={0xfffffffffffffffe, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x70, 0x0, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000000}, 0xc1)
r0 = accept(0xffffffffffffffff, &(0x7f0000000340)=@nfc, &(0x7f00000003c0)=0x80)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000400)=0x2, 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000540)={{{@in=@local, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@dev}, 0x0, @in=@empty}}, &(0x7f0000000640)=0xe8)
sendmsg$ETHTOOL_MSG_RINGS_GET(r0, &(0x7f0000000800)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000007c0)={&(0x7f0000000680)={0x12c, 0x0, 0x500, 0x70bd2a, 0x25dfdbfe, {}, [@HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000840))
kcmp(0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, r0)
r3 = syz_io_uring_setup(0x375a, &(0x7f0000000880)={0x0, 0x25b5, 0x0, 0x1, 0x2cb}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000900)=<r4=>0x0, &(0x7f0000000940)=<r5=>0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000980)=@IORING_OP_READ_FIXED={0x4, 0x3, 0x2004, @fd_index=0x6, 0x0, 0x0, 0xaa9, 0x10, 0x1, {0x3}}, 0x6)
pipe(&(0x7f00000009c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000a40)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r6, 0x0, &(0x7f0000000a00)='./file0\x00', 0x81, 0x404000, 0x23456, {0x0, r7}}, 0x8)
r8 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000a80), 0x84042, 0x0)
write(r8, &(0x7f0000000ac0)="7f8888eeef7660d774ef0fab7ec9064ba5683e3b41b52c942fb95336ad1a6efee3e89503adb5f0e16122ecea9d9174a61070ec5be0705ca711329b3cdb6eb3606b0712aa7757d4dcad740286f650b2a56bcf99f0ad65e702dbe1a9ad6502eed1cfcc1ff1cf736620745ee3ecf1d39aa933dd4166be8d11d029c424283a697c8a8075c01d0ccf373e5a3e90aac58cecd6c72bb30d12ccff271b4b52590248398a6df4573b6ae1444a9aeace5647e37263d20a9972", 0xb4)
syz_io_uring_submit(r4, r5, &(0x7f0000000bc0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0xd2, 0x3, &(0x7f0000000b80)="a1f35a3ebbc0bdd373c49e082d1cd6031ccd106f7e585c36dd410a19aa0c20f28e50d6b79bd8e313311124529daa02de", 0x8}, 0xad21)
sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, &(0x7f0000000dc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x4001808}, 0xc, &(0x7f0000000d80)={&(0x7f0000000cc0)={0xac, 0x0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_DEVICE={0x1c, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0x6b98ae8a8cc747e6}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0xb569}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVICE={0x24, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0xffff}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}, @NL802154_DEV_ATTR_KEY_MODE={0x8}]}, @NL802154_ATTR_SEC_DEVICE={0x28, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x400}, @NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0xffff}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)

16:14:10 executing program 5:
flistxattr(0xffffffffffffffff, &(0x7f0000000000)=""/34, 0x22)
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000040))
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/consoles\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x1, 0x5}}, './file0\x00'})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x4, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004000)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='environ\x00')
fcntl$getflags(r2, 0x401)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0)
ioctl$HIDIOCSUSAGE(r1, 0x4018480c, &(0x7f0000000240)={0x3, 0xffffffff, 0x4, 0x5cd, 0xf1, 0x8})
ioctl$HIDIOCSFLAG(r0, 0x4004480f, &(0x7f0000000280)=0x1)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r1, 0xc080661a, &(0x7f00000002c0)={@desc={0x1, 0x0, @desc3}})
ioctl$TIOCNXCL(r0, 0x540d)
getdents(r1, &(0x7f0000000340)=""/100, 0x64)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f00000003c0)={{0x42, 0x4}, 0x1, 0x5, 0x80000000, {0xe7, 0x9}, 0x6, 0x9})
r3 = dup(r0)
r4 = getpid()
syz_open_procfs(r4, &(0x7f0000000440)='net/udp6\x00')
close_range(r1, r3, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000480)={0x3, 0x3, 0x2, 0x0, 0x6})
process_vm_readv(r4, &(0x7f0000000540)=[{&(0x7f0000000500)}], 0x1, &(0x7f0000001680)=[{&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/86, 0x56}, {&(0x7f0000001600)=""/120, 0x78}], 0x3, 0x0)

16:14:10 executing program 6:
recvfrom(0xffffffffffffffff, &(0x7f0000000000)=""/5, 0x5, 0x1, &(0x7f0000000040)=@l2tp={0x2, 0x0, @multicast2, 0x4}, 0x80)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'})
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={0x0, @can={0x1d, <r1=>0x0}, @ethernet={0x6, @random="5df33785e07c"}, @ax25={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x5}, 0x13, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000100)='macvlan0\x00', 0xfffffffffffffffc, 0x9, 0xa1})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f00000001c0)={'ip_vti0\x00', r1, 0x17, 0x40, 0x20, 0x9, {{0x5, 0x4, 0x3, 0x6, 0x14, 0x65, 0x0, 0x1, 0x29, 0x0, @empty, @private=0xa010100}}}})
r2 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000240))
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x10000, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r4=>0xffffffffffffffff})
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000340)={0x7, 0x0, &(0x7f0000000300)=[r0, r0, r2, r0, r3, r4, r0]}, 0x7)
recvfrom(r4, &(0x7f0000000380)=""/198, 0xc6, 0xa0, &(0x7f0000000480)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x0, 0x4, 0x3}}, 0x80)
setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000500)=0x7, 0x4)
fremovexattr(r0, &(0x7f0000000540)=@known='system.posix_acl_access\x00')
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000580), 0x480000, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r5, 0x3304)
ioctl$BTRFS_IOC_SNAP_DESTROY(r2, 0x5000940f, &(0x7f00000005c0)={{}, "9dfa1467f19f7cfbbcfdb9e3da969dc7be97af4427a59ab30f72647ad7559fa3b7582876e563df9d41771e9fb1806ba1a6dd23eddf10d66e2337df3b083abfd44f763f7077c746be03919828a4246eb3cc901799d5d2ad2052f06263dfee10750cb1e3a41e89e221769d27fdae1da09796fee67d872a0bd294cf7dfed20023f6be75a3955f5e8aa145e58779ff3788596fdb5a93ed4d890532da27b456686aedc6d7ee52dc001e68f86e0034157d5c8f2fe8f04cee9fd866cd4bd85c3ed18a071ba6bd67e3e86ecf595065cd4c3f0d169355d2d4e2343203afb5d5a554b9996d120dd9d0dd568aadf7ae183b76740cf08b3a1b6db7cc68e5170be324878d0ac671d9bfa680b72c28aff10128391fd320a3670c0e9f2532a258af353fc457d41811a98106921a35e57f83274ccdbc9cabea334749e09a6ab028717bfd055e403a8c88bb90c962433c48ed0bd57c736f0279f0828af80c2c799ccae8577ff40d1cb84f29daf00197324438d403f37eb5a029a1f096675fbc9ddb0e78baf882ad6d4db497eab309061ceafd2d12ddc59c7d0408b595d63da3645f71910e618c5c6cb34943d4b4e896e899448cea10bd59c258792a9d5bb9e45baa704131ba7448895909a4c24eb2c107cea48d062a56810bb98fb5523c82c7258ebc830783be4ae5111bd2fef3cfb79ee8617b2947978ab64040cdf7c4b2fea0186c9c3507218206b1c3c00d6a01f9265cd764d50aa41ad48171a873f3edff0e68d5b447870c91ddeb874cf0129dc7575654c305df8d9ab508eea84c3693f93b49b55ceb89fd76102a164ad6f462ed9364fb7c132c3c38cde24717f25e41eb59a250370d6cef3e0cfc8e58742a7508e87655adc3ed1cbccbb36894507f8bb5a7a4a9b3ab5992216cf85218d6fa47fdfe14faad2a3a6423544a70a177fb89782953c938354d9c9aebf343792d5c1dfca7f6f7993533cf3f28fdcae219a66109e8d8fca76bd9203266733c1d49263eda5bf9d26df04f5a0cdf883f872bec5a8455d64ba360074d4c3f805d2415b0c7230c0b1635833f0b17b9c06cafc04b7dd4e9790f16d292b284518d2f93aaf7e31af60f18a1b1b363b1b1eea20faeac4367c6723533a2a795ac357a3ed88c5b61bc585ecda3018795222532be5b2f2444a1760c2cfa18be79fbacc2e2bf86a2c041f1ea62f0d26096ee014a458302a25d48059e471f03a13602a9a6a2ee98aa8b699b4aa378712c3f10e173089cf7995c176098ac94711bc135cd75356f266bb571342acbf68068f53e0ca0409bf87064f8256f90f7b3887b9eb0dc05016ada3ec6c0175e9eb5a8bd9e13dc76ce713a88969871de4e192a40ecf87726a4d31a3e934e21acff9bea8ec15c0864d385a8e3dcb669718d6673fdc859931f2a3a34f3766f52045e8025a3cb514836f2fb53542b827e9c25960f9b78ca03044063a9e2656e2d05f9268fec74ddcbb8ccef63db3ec566514a5b26fced0aba92645e606d4a356bff3c5df829a065c42f91150e23874b14e2d526bfd27b334105bc4ffedce389d7885541af492f3bed90d98438a161595e8698f8f4e29c9fc50b53ee039c83a5dc021d2aa8bb0a841a4f15e185a999d271ffeb007dbe1cfb69c0f9af9560b46eb55cb174ffb5763dbc1e81a5b964f0bbea86b7807ede066822eb16905b5ef75c20eba424efc04881f7f4f85fabc69768104e6c0ba5e7c99aa134eaf8e742710ded1fa23c35e60c9f600b77245ed0e538f7d458592e0bfbb9af203acdcca5e1f1b1179bc7ca975113ca359725c3ad1cca388b39ac1dbf8fbe94c1634e184ffc217a18d158664ec37595e51de7c4b2ca3d6ad571d247c252e719e902f32e3e373797d3419ab633db754a42be51b8e5c321810e6043ab446921c2e84441dc323092614a651432d78c3ba0f0c508ccd3c55c99ee5ae7f3349bbd6a813ad06752977072ff384b5ca5948b41d4baff316a62f5db0fa5c4c054f185c3f3dc71434202f8a0140073959fe44fbac5ef1ef337d7c19aaf746fedfa62381f7ba42466fb56da1ddb5918166ce051aea5edb9eda46396a340ef465bf269ef23e58ca3ea1561e20c89c0994bb5c93da33e2c8355fea30ab98291befd6ab381d4d032e2d9d0041004ee55c04f6c179bfa4a19ab31c4cb5182a8ca244369472e19cb9f7164896d3429d740e26abbd36b3463339dd7afe76e00c831fb9952463b9b3ab938255801ecea6a705b61081f5b4cec6eaad70bf5a0a9243ab5977e8d6f95747cf3442f541525e08f86e77795b158b5e3989608b5ae2e86e075afaaa28f40e0536fea3142f3629314ead46711667637719daba517fec1bd5a5e4749b04f1ea5331b6d7ca0cef5176d9eed61bab5b45409ea95ca8d17da763bbf4510d325557614edfad6c1af49eff024b81d3550c8f900ddc5c754b461b5d44dfab20ba55c0194f15571493f99c16b97026677843f39c7124c83e8d3e1f8893d5768b132fd9dedc2e40a6c58666af6907374a86fa05675ec47ca8bef97bb6ed49f55d5398710db75092920ec3c26cdbae58bea3f23112b4b37fbf27e8395e3e5c9345675a01f5c1bdf49bcd48ea30466e1a6f2a747135e17080b90f8c042c49e675cc2cf7c86b93a50b8fca6b745ec044ce99157a42c9a40a061f98da05f8cac4576352a73bb04fce7932a2fc600df46c3732037755dc81821b56fadc9d4665cad264f2b4f782b9fdce3ddafd20357109123bffa91dcf6eb01309e21dc565b19e256837d9ef996e61dc55dee61408a6d96d14c73151a7fe1c0c0335b9da4d7e45853dba0d102c9672f5d37c6b4990130f38f3e4d7a1701c55cb866244f3e852becf3eb3a781bab0b544f7c88e8e16b1fdc3cb86bf7edbbe1fabccb0707dadae38ad6adc8eb447adce79da5a9cbf0d3844080a783df74c9c8196cbfc42d2b6c28ad4f7b0e25b0b5166199deff07432f2e9a9271fab3cda2b219825476561f6102d19528c77779f538e70d1b95e61602130a7ef8bc1a9532ebff1b097e4f82692f6e9418aa22449dfeca0d952365e041f66819e26a8ea759dcabce022af7f7fc78980aaebc712e96ed7022a159183930c764cd829b18bd2302aad18386d40cb8ee8f1e92546f0dcf3b1a5646c4016bdc42907808db3282922ceed2738c7541b53a1838618d546989691303b496eeb28eac4c6aba51d842a0750d475bf9830ff8497aa3de5cf3ad326f42fc865c3bbddc738da6a9a08e810640d6e26756fe23a1b030b0610de20bdab6b8bb6b14f7f8fe9301c02675c1eb2140a33b52065e9f3ece374c25048573661f3962ac598598c36e8e24d3ba48ecc20299496dbff7918087974cc46f97a18f87bc86dbbae14dafd4777a04c81ded653c0373fdb25055eaa268dfb87fcdf50a3b14200846a51c3d4ebb59d33bbc4e90d5fabc8b18b948c60b2abe8e8389eac2392568a390cefc5ede1f8bb2f5cfd0469ef8011b629bdcd89724279cfe22d2f873bba7783bcbc01105d821763780094d6f9c14e4e6238e1821b9c6a37b96367f79c019013a8c548879ae3870d6eb1c81ab1f82b07d6a540e3cd29b9609ca03e27d58eaf72dfcda208a6c399e6f38e99933a0e01e62b296d6bfca1024479a2467230533d1c897899038827d23772761ec9b76eb1609b8cfdd57e7dc60f8788a53519ddb0106a060d0325e7599a01b8739c2d7a086fc980bc4b062795e4bd5f3f8175115d155a062b05dc34fb7bc5c52838943878de395bb3139ab2442f00c98c94cdaa81cc8a324da2a22106397f496bd24a8d4e435721244ea9d3667f8ec7164f16ed8bb935be877619d9cb942502c9cdbbc79defaaf2fff30734752296fc5092dac149602789eefe3161ce3b69454bdf88fc526c7be34f07f99f0cb997c1e07177d323749c76585803b9b313122f0132a48c244f93289cd21845cf5e105810af2cec0dcc8b79a1c72095537aec7ed068d4fdc70cc39b5c9afa9ff8d0d7d0825b389e6a420ce8ed96738d2eb56ca2c5156f579c0460a4cc4a871e30a78e1b1ca009e2b8105bb477b29c2a12e393b19ff6099f9d4851598a94bd63cd28c4d4df67bbf5dfdc2b9757e51570b1aeccddb33cefab86cd0784113e00d255c99c737083b45af9c84dc944e32f9d19a03dc2ed96d872cae7b67e2f312774814e90b5bb6f786552e6ace3680d20e71f0afe4af73fe3adb97b224dc6f0ead620c50e4e0b459629734bf475e0376aa780f7017d4010ca1a9c7e758634158c3ce9cb0ab9e8fd218970bcbe3fb83abd86c2c88e70cf401d4094bf1928e70b03fc91eba1ce5293893eb5212f69067ecac3652c4b24b2003f3e92378a49032409aa5535980bf61c234c7173b8c4abaa2d01f370e16cb78c1c86dcdc8aee6b0922ddc4e828d49a5116ff7b44d9b92c672e1e1baf595625cea824fa8ec5ac9834ec458aaf83d1d96584a9126d0603523168574ac0b76e781965cddc0af59903448627b53b41135fe3902cb81035a0979955e319c83fab4d27f275cb85454b9ec360f5ac9128e2f7f764889324fdb3814518810e82f70441d8d980d51c67592e6e34c6dbdc5a2ddc7c5140c313815d439335d651e69a3676af7e0f07ac97b7998ae9aed681c08e120dbb4bd716b0c328e63682766904769c238a6fccd7edd27e521e1406418fa4bfe63d9909ca6da0aef0e4df80b6fe7b9c0e5b271e60141f6c1da34ff60c189bb79cc1889ec9c179373495d7d5ce7ad3db7f1875b8ed5707cca53929cb8b32d1ee3f5f400b7942d3467eb2e5e0e7172a074edd3b3f1e6d668b44acfd6c3bf779f542baa5f176087763c8ca3fc0671e643abe634bb5d60852ae5cc15138229139b9a0a7c01fe8e3e33f76d1b4dd21ee0628bf4b3c2128b501eb2ea7968aa7d35c5b471aaa861739ccfe2aed73e93042c8e9018701c0f48e88583eb8e5a9d367d67c0ddea95d00b3bf3e43eee665a8ba0d6abc17e81dda97928b54758b9fee6a0aca2afa67c75565ec9ab918035f0454ae24ea8086338d94d004505ac7c1071ebfd61498dd5669bb45efaf493d1f049c76e4a383e7043c08349189c705a49ef4f9b12237ce7312d60456c6b53446f77968bc71a76df7144ff58eb3617f92e07863d0fcf89932672d1f428a3bfbe25a0bf211fb7ff3ff14a229ee4a6b54d192a569bd908d926c5e7773d556081219b750b97a34814ced7bcf0b9b7d632f75586314705e0ad4bf7e9ab3fccb6ec4d2199f58c5d637849caad75eec6244969cf60688673faec670fad1e179193cc345e3fe092af37c05395bb3d1f1da6068237d022c3e6daaa96ed707e0b9c08603a66131dfefd1cbbaa442a9b703c46ba421a6bc09f10ad8dff8437b3f3bd1378f53df99b732cc90c5fd1c90f4a00bbeb4a487f75ca5996323bb213126251cd1594ac81b5098bf957df9bdc2e9b424762509692268e335e4570a85895bc7d76018fc3ec57b993f313f7b1aca7f8f40758bb607858b7677bd7e84b7d778dbc545d7e8a76714976b6cc5611049ab61609e324d71fecbe84f8489ce6cb5412ac329fc0bc00e417818c79bf2807de38188a5fe1e324308464bbd1016aee50630215538ede03c4e9398d3b3c21676675935f52a5004eb7d881516330def8e1dcdaf58357db4200dc7347aedd4de516d262606a8ff3d5df35bd5a96d8b31c3279acc0a20df41d14cea91a9507f6729a64d8b21be26479afb8097a1eb939835d92dd58948c60fbce4b93c36f9f8ad55665de377c227273be4fe4d6726dd36d98f2f8d7f97f4f740d05e3c9b341849a"})
ioctl$SNAPSHOT_FREE(r3, 0x3305)
r6 = dup3(r5, r4, 0x80000)
preadv(r6, &(0x7f0000003780)=[{&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f00000025c0)=""/105, 0x69}, {&(0x7f0000002640)=""/136, 0x88}, {&(0x7f0000002700)=""/118, 0x76}, {&(0x7f0000002780)=""/4096, 0x1000}], 0x5, 0x467, 0x5)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r3, 0xf504, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000003800)={{0x1, 0x1, 0x18, <r7=>r6}, './file0\x00'})
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000003840)={0x0, 'veth1_to_batadv\x00', {0x1}, 0x7fff})

16:14:11 executing program 2:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x7, &(0x7f0000000040)={@empty}, &(0x7f0000000080)=0xc)
r1 = timerfd_create(0x2, 0x80800)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000001, 0x40010, r1, 0x75817000)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000000c0)={'vxcan1\x00', {0x2, 0x0, @local}})
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000a00)=@broute={'broute\x00', 0x20, 0x6, 0x88c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, &(0x7f0000000100), &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x2, [{0xe735ff5a8c8000d3, 0x10, 0x88e5, 'lo\x00', 'macsec0\x00', 'geneve1\x00', 'macsec0\x00', @multicast, [0xff, 0x0, 0x0, 0xff], @remote, [0xff, 0x0, 0x0, 0xff], 0xee, 0x11e, 0x196, [@nfacct={{'nfacct\x00', 0x0, 0x28}, {{'syz1\x00', 0xffffffffffffd040}}}, @connlabel={{'connlabel\x00', 0x0, 0x8}, {{0x40, 0x1}}}], [@common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffe}}}], @common=@nflog={'nflog\x00', 0x50, {{0x7, 0xffc0, 0xfffd, 0x0, 0x0, "93a1d74dd31d3eef166f260bd677fca32f48b1cdc7e9bbd18d98f3748ecf61344724cc8613fc1914ee6994ac1d71941af839171f7f828107a948211f1c7b4ba5"}}}}, {0x9, 0x1, 0x5, 'virt_wifi0\x00', 'veth0_to_bond\x00', 'veth1_to_batadv\x00', 'veth0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}, [0xff, 0x0, 0x0, 0x0, 0x0, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff, 0xff], 0xa6, 0xa6, 0xf6, [@realm={{'realm\x00', 0x0, 0x10}, {{0x9, 0x6, 0x1}}}], [], @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0xbf, 'syz0\x00', {0x101}}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff, 0x1, [{0x5, 0x10, 0x6005, 'wg2\x00', 'ip6gre0\x00', 'bridge_slave_1\x00', 'veth1_virt_wifi\x00', @remote, [0x0, 0xff, 0x0, 0x0, 0x0, 0xff], @broadcast, [0xff, 0x0, 0x27b494a98dd7e90e, 0x0, 0xff, 0xff], 0xbe, 0x15e, 0x1ae, [@ipvs={{'ipvs\x00', 0x0, 0x28}, {{@ipv4=@remote, [0x0, 0x0, 0xffffff00, 0xffffffff], 0x4e21, 0x6, 0x6, 0x4e21, 0x10, 0x4}}}], [@common=@log={'log\x00', 0x28, {{0x8, "da09d85761ea72f2e95d90803ae933f80caf4a3a91f9648e9e9bd5600c2f", 0x2}}}, @common=@log={'log\x00', 0x28, {{0x3f, "b1ee1e36544e3abd2cdffbf98ec1e46248993562b92711973367008777d7", 0xf}}}], @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x2, 'syz1\x00', {0x3}}}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe, 0x1, [{0x9, 0x47, 0x883e, 'team0\x00', 'ip6gretap0\x00', 'wlan1\x00', 'veth0_macvtap\x00', @random="713a6a9ddf22", [0xff, 0x101, 0xff], @remote, [0xff, 0x0, 0x0, 0x0, 0xff, 0xff], 0xae, 0xae, 0x126, [@owner={{'owner\x00', 0x0, 0x18}, {{0xee00, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x5}}}], [], @common=@NFLOG={'NFLOG\x00', 0x50, {{0x7f, 0x8b, 0x2, 0x0, 0x0, "30cfce700112372c66bcdf441afdfe1d33857c9ee3efa28956fd06b706dc8b99ffe18702cc620eeb1ecb72e200a15aaefee982f4feda9093de4d240d9f083083"}}}}]}, {0x0, '\x00', 0x4, 0x2, 0x2, [{0x5, 0x40, 0x10, 'batadv_slave_1\x00', 'ip6gre0\x00', 'team_slave_1\x00', 'ip6gretap0\x00', @empty, [0xff, 0x0, 0x0, 0xff, 0xff], @empty, [0xff, 0x0, 0xff, 0xff, 0xff, 0xff], 0x9e, 0xce, 0xfe, [@cgroup0={{'cgroup\x00', 0x0, 0x8}, {{0x9}}}], [@common=@NFQUEUE0={'NFQUEUE\x00', 0x8}], @common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}}, {0x0, 0x1, 0x886c, 'ip6erspan0\x00', 'rose0\x00', 'ipvlan0\x00', 'batadv_slave_0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [0xff, 0x0, 0x0, 0x0, 0x0, 0xff], @local, [0x0, 0xff], 0x6e, 0x11e, 0x16e, [], [@common=@NFLOG={'NFLOG\x00', 0x50, {{0xfef, 0x1, 0x3ff, 0x1, 0x0, "66564774c6f5977535a4d270310aecedcb3415633bb8145e56c34522c29600b739a5b6723f51ca73b8b9a1816c068cfc1203a3d6e65b10ba4db9fbe9fcccf295"}}}, @common=@mark={'mark\x00', 0x10, {{0xffffffe0, 0xffffffffffffffff}}}], @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x22f4, 'syz0\x00', {0x6}}}}}]}]}, 0x904)
getsockopt$sock_buf(r0, 0x1, 0x1f, &(0x7f0000000a80)=""/108, &(0x7f0000000b00)=0x6c)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000b40)={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x44}}, {0x306, @link_local}, 0x10, {0x2, 0x4e21, @rand_addr=0x64010101}, 'veth0_to_bond\x00'})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000bc0)={0x10000012})
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000c00)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r4 = fcntl$dupfd(r2, 0x0, r0)
r5 = openat(r0, &(0x7f0000000c40)='./file0\x00', 0x280, 0x16)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
poll(&(0x7f0000000c80)=[{r3}, {r4, 0xb042}, {r0, 0x1118}, {r0}, {r1, 0x4000}, {r2, 0x1520}, {r2, 0x35}, {r5, 0x2}, {r6}], 0x9, 0x8fc1)
preadv(r1, &(0x7f0000000dc0)=[{&(0x7f0000000d00)=""/164, 0xa4}], 0x1, 0xa85, 0x6)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000e00)='ns/ipc\x00')
preadv2(r7, &(0x7f0000000f00)=[{&(0x7f0000000e40)=""/192, 0xc0}], 0x1, 0x4, 0x5, 0x0)
pipe2$9p(&(0x7f0000000fc0)={<r8=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000f40)='./file0\x00', &(0x7f0000000f80), 0x1, &(0x7f0000001280)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {}, 0x2c, {[{@cache_mmap}], [{@euid_lt}, {@uid_gt={'uid>', 0xee00}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@euid_eq}, {@uid_eq}]}})

16:14:11 executing program 3:
r0 = request_key(&(0x7f0000000040)='blacklist\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)='\x00', 0xfffffffffffffffe)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000000)=@encrypted_new={'new ', 'ecryptfs', 0x20, 'user:', '&]', 0x20, 0x2}, 0x2a, r0)
r1 = request_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='blacklist\x00', r0)
r2 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r0)
r3 = request_key(&(0x7f00000001c0)='cifs.idmap\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)='\x00', r2)
r4 = add_key(&(0x7f0000000300)='trusted\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)="581df5603de2ce6b44614515f75ee45f4c1b383a1d40c9e9c419b5de81b5", 0x1e, 0xfffffffffffffff9)
r5 = request_key(&(0x7f00000003c0)='trusted\x00', &(0x7f0000000400)={'syz', 0x0}, &(0x7f0000000440)='\x00', r2)
keyctl$negate(0xd, r5, 0x7, r3)
keyctl$reject(0x13, r1, 0x7, 0x1a1f, r5)
add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000500)='big_key\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="f3e5bd522c814a36158017bd9573d44a21f5ea0f322be6622277056abdbae77c193a053f2453677a4933be54f20b617ff0ae31ecf649163d", 0x38, r1)
r6 = add_key$fscrypt_v1(&(0x7f0000000680), &(0x7f00000006c0)={'fscrypt:', @desc4}, &(0x7f0000000700)={0x0, "414a48879a13875f3cca310a75d786ddb15c95314573ba06e2260edf689f69bad74f654267257a82a18213104aa986685e80af7024dfc7b3d3b2f376e5d85f9c", 0x39}, 0x48, r5)
add_key(&(0x7f00000005c0)='.dead\x00', &(0x7f0000000600)={'syz', 0x0}, &(0x7f0000000640)="32f16ab614bdd787f3795b81452f7df5c077afabc1fbd7505a3892f537829aff1f8a8818e9d15716", 0x28, r6)
add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x0}, 0x0, 0x0, r4)
r7 = add_key$keyring(&(0x7f0000000880), &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000800), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, r7)
r8 = add_key(&(0x7f0000000980)='ceph\x00', &(0x7f00000009c0)={'syz', 0x3}, &(0x7f0000000a00)="09b4fb814ac0bf9c1f18dc5a3d2890509a314b2e7ce236718c52b913e78437df9e88a1840ecfb99afb7a12cdb828810fdd25928b985355224a7c8849369a60e0132bf77093b1df7e9241255ac3ed3d982536fa3bd845ea8c6d0325d04ea6c544031538401117ae9ec32029fa20bcb4e5f1a955b5acd2189f58327085af346de9cebe2390e4f8f5642f080a8adb9ea076bb92337670533e621820fba0f4a8bbc41189e7986cc130f6f028c7d7769e6f1649165a2970", 0xb5, r6)
add_key$keyring(&(0x7f0000000900), &(0x7f0000000940)={'syz', 0x2}, 0x0, 0x0, r8)
r9 = request_key(&(0x7f0000000ac0)='keyring\x00', &(0x7f0000000b00)={'syz', 0x2}, &(0x7f0000000b40)='ceph\x00', 0xfffffffffffffffa)
keyctl$restrict_keyring(0x1d, r9, 0x0, &(0x7f0000000b80)='ecryptfs')

[   69.195662] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.197219] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.199472] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.202469] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.204392] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   69.206390] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.211772] Bluetooth: hci0: HCI_REQ-0x0c1a
[   69.254222] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.258871] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.261068] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.267294] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.271972] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   69.275291] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.291756] Bluetooth: hci1: HCI_REQ-0x0c1a
[   69.319141] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   69.327292] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   69.332774] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.334127] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   69.336024] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.339004] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.342981] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   69.344379] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.346719] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   69.347979] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   69.350198] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.357996] Bluetooth: hci2: HCI_REQ-0x0c1a
[   69.358222] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   69.372416] Bluetooth: hci3: HCI_REQ-0x0c1a
[   69.420288] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   69.423246] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   69.448929] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   69.450677] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   69.453697] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   69.454918] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   69.457308] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   69.458966] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   69.460233] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   69.464424] Bluetooth: hci7: HCI_REQ-0x0c1a
[   69.528373] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   69.544934] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   69.545944] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   69.558199] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   69.569871] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   69.582353] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   69.597334] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   69.603649] Bluetooth: hci5: HCI_REQ-0x0c1a
[   69.605110] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   69.617083] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   69.627539] Bluetooth: hci6: HCI_REQ-0x0c1a
[   71.220193] Bluetooth: hci0: command 0x0409 tx timeout
[   71.347637] Bluetooth: hci1: command 0x0409 tx timeout
[   71.411620] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   71.411665] Bluetooth: hci3: command 0x0409 tx timeout
[   71.412827] Bluetooth: hci2: command 0x0409 tx timeout
[   71.539622] Bluetooth: hci7: command 0x0409 tx timeout
[   71.667652] Bluetooth: hci6: command 0x0409 tx timeout
[   71.667664] Bluetooth: hci5: command 0x0409 tx timeout
[   73.268602] Bluetooth: hci0: command 0x041b tx timeout
[   73.396627] Bluetooth: hci1: command 0x041b tx timeout
[   73.459748] Bluetooth: hci2: command 0x041b tx timeout
[   73.460637] Bluetooth: hci3: command 0x041b tx timeout
[   73.588700] Bluetooth: hci7: command 0x041b tx timeout
[   73.715650] Bluetooth: hci5: command 0x041b tx timeout
[   73.717523] Bluetooth: hci6: command 0x041b tx timeout
[   75.315624] Bluetooth: hci0: command 0x040f tx timeout
[   75.443614] Bluetooth: hci1: command 0x040f tx timeout
[   75.507640] Bluetooth: hci3: command 0x040f tx timeout
[   75.507664] Bluetooth: hci2: command 0x040f tx timeout
[   75.635677] Bluetooth: hci7: command 0x040f tx timeout
[   75.763625] Bluetooth: hci6: command 0x040f tx timeout
[   75.764094] Bluetooth: hci5: command 0x040f tx timeout
[   76.212837] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   77.363660] Bluetooth: hci0: command 0x0419 tx timeout
[   77.491646] Bluetooth: hci1: command 0x0419 tx timeout
[   77.555635] Bluetooth: hci3: command 0x0419 tx timeout
[   77.556053] Bluetooth: hci2: command 0x0419 tx timeout
[   77.684236] Bluetooth: hci7: command 0x0419 tx timeout
[   77.811665] Bluetooth: hci5: command 0x0419 tx timeout
[   77.812093] Bluetooth: hci6: command 0x0419 tx timeout
[   78.863710] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   78.871797] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   78.874778] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   78.882821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   78.884872] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   78.888375] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   78.895078] Bluetooth: hci4: HCI_REQ-0x0c1a
[   80.947635] Bluetooth: hci4: command 0x0409 tx timeout
[   82.995646] Bluetooth: hci4: command 0x041b tx timeout
[   85.043694] Bluetooth: hci4: command 0x040f tx timeout
[   87.091649] Bluetooth: hci4: command 0x0419 tx timeout
16:15:01 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x40b01, 0x0)
write(r1, 0x0, 0x0)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000080)={@remote, @remote}, 0x8)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa81000f00080045000038000000000001907800000000e000000104009078000000004500000000000000000000007f000001ac1414aa02004632ff15a4985e9552ea"], 0x0)
recvfrom(r0, &(0x7f0000000100)=""/156, 0x9c, 0x0, 0x0, 0x0)

16:15:01 executing program 5:
syz_usb_connect(0x2, 0xb3a, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1201000090e2ce00f60b01a00d01010203010902280b04803f00000904937f06bb1465800905001040000509034c3193a601976edaa08707b29974105025931112a5e6810d0a1d04d710542a20d1c2f06ec76c93e5f31c15d5f993582835dc05f2ac125678f7e301a20be09d93ed44672a5dc82464b7e47a1e090509000800040302a40d1acde2c450fb4916d84f872b2e84a089061ca7d2e6dd4d14897e8e55f917089bf789d62049a7b1c861d5fa60bde5b24859ac2a141eaa75802237f70e68de94947ee6cd8c2400946aeaa1997201338dd2bc02345a0c81bfa8ca96ff538fe4cd659d4d5e627aacc7f6adba24754a7b43cd337aaf98c0243e406a735de0d922b3815e3e686cd339d053db1a57269e1392c7bdaa578a12ce73e91fb55933281ae8712f1009050010080020068080052b1c47e6dee5edb30b4d9b8f23216bf98fd79fa650e2e9e48705b9f7c2cc6684f4104911f310188b1473d9d8d4ef7b3a4458059f7fdd66dc22bdd006ffb5ede3a92966dfea47bede09a9c7983505b4bd3ed56772e23c8a1fff6923edc9c3cbf639332e69ff5fca6313a87dea998ce16b56b6c3a0afd4413b43e5d0093ec10725018205af00090502040004023f0409050300400008085709050f0810007f040307250103600800cf08f64750e08ab89eca5d7a3414d89400f81b86045c0092bd7c8a889d28d162546e378d855a6118a4299dba595be5df0c801254ad30c050a0564aea2964ebf3d102b9a2bcbf082023c4d0b5bc1e102de9b56049b50406d080f14a5c32475181a745152920e6ea46d17457ebc7b0cf703b42ef0c82ecb4eaf74291e443a43b8a0aac9c5980b21bd3c844b25e6cd09663b801e5616c259f8b6e071551748e9260383c8664cbbaa3f5a63fcb99e47fec2184381a3ce30151caf30a56ea9fa470b063eb862a77287b9ca858f00fdc5e2f090442060d5e662a4009050b0000044803032b010c0d266fd604c1a5c22a247f4a236a37b056b25c2538df6b63a6ce6c04a6bab533bbd865fcb8aefc920905080810000007000725018080943d09058010000205ff8009050600f707f77f0568223e3d515e57726fb4cdcb1a6d59bae749847d0ccd8cdbeededc92d5930536f027f4dd65fc8faf799c3c518e1112c3abf3c27cc73571ed4764712ba522da1ea5aa4b3423bc543ea6dff8558c26bd019c202aecf1013cef5b2bdba1970d1219d859fdb9d5d1b4e209050d015000fa06002e1026ce0d2aaf29c961fe7c886e24c17d1c6b01b7f19bf68dcfa501acd697fbbb9a567c43ec6199dca1456fe01309050010080002fe03850b6ea0428ca87baccabdd348256c526a72110429c7d6362b2c265691c1418b1c9d8286ab9707cfbfff82408c51db20e21cf6caa38090bef9a46c9c8f9bb812ece2b0a6affa53ee47107be771ca917dcdd6971a34cb2f6770a82c09f94e57255656c42218c459df8036564fb38a10b71329ef701938de955cf8dba3719a9b4a3265899a80be022c2d6b8a18690377fd6d6939bd3a0ca60ebfd7fa24589761476820e10b4b73d1a8f17c1672934443fdac15afb2e9c66c9302473330bb7e12857efd2a03c9e436dd6fdd9c54ded38a924896d4d0838f5312fee2a5212b715b3de8ae8cbe5beb68da17c4a9f41d56e225ec801b0de146a64c1225537cd23b494328b82bddfc029fd363fc5f1b17458664cc7fca0d2e757eac1c6b981a6c179b337504e1294a26df2c66375e4caeeecb8bd684f6388c82309238cad5ea13fa1e979449c40905010c08004004080905030cff03727f02090507032000a57f1909050210035e7f0201090508090004061901d830416ba6c49e3d7f9a52208d9149a5dbe63ac7fdc5964af37b93b6bda2a04973f252828ddb798a0df7247a7c8718fd7800c30c9ab22f21554418273371e85b87950fe1836eba07f37fa9f890f5f46fe9ff16f938381ede222bdc37157ba92644eefd6f01bfd68473cf2ee752730c6d12c74668579af49700c5fe1f56ebffc0dbad5185fc7b0ff083ef65ce59aff0d51f8a5ba284b79af6ff23ce57594b3ea83f1683e1586af62b294fa1ec5593fdce71ecf4f4163999009a4ecf9608db3c5d27bdd31225f23026a01df327aee0e910b3bd8fd5e81e053a072501023f020009050b1f1000fb050309050d1010001f408007250102800300ce0ecd3d6fd7941eb7299e16e6d8195b6a1a23db7fde6bf1477e580951c5ec4ffc1ada6c045ea9e8702f49ff98f9713a91925496cd19a1b46c5d198b6e873336df8f7bd0225b3b57bb4eb17c487b7baca481932f06e82d2ecaf8b96a5369d53d88db19db23419abde53374b636fd49680f85bca087cc0c954792b66c02e0b3828092f78f5434946ed1f41b6cecf8a4ac57be06e38c4308273018e3d96e548900abfa4cc7d502071864b140db62ed4b29a4a63ee2c74e6d22adb4c09deab1fb98a8a78a0f5d0d9e13644f1cbfef210904668110ff017320062406000144052400ff070d240f0101000000070002000106241a0100120c241b1f00070000ff070003072414080009001524120300a317a88b045e4f01a607c0ffcb7e392a112402017f01400570b7647bc29db9cc4e0c2402018102f7fb11af771e0d24020101030901182fbe7d830c24020108047f9a7cc8e9bc0d2402016d06c01f49f60f67d1090509104000fe008109050500280408016d09050a101000800509e030560c070ea8d006e63558990d45ea13fe81c11f4806e49fc9c57f8a13ce96e67938aab9d652d7640b5ff900caa9de1565e0375c91259935cb1de235dfa1a3030daa7037d2392faef157299ff99bf04fd6b1cedb9c73d2841c9545d86ebcb09b2949a7abb20d24aff1c598ec551b7a9d6877f858be11892e073dd122996ebdd93a4445885e304ea8b0bf7d8dca594a634b21b1d4f17fb022f8ebf54dac2b610169cf8facc82261d95a09df98677c5731e2771816f542b1dcde319f2af34a67c8e505ccbf82cce18daa1eb3485e09aa3e463c5dd982f44821981600cd2d1296e20cc5137ceb530e97021cc75d600fe58a4c78dabd5e646dac5635ac094cb10a00317e2ed41d37d53adad3242653a0aef82be9e64c83cc3b92e6b2a6da2e184eb9de9bcf2950338aa800aecfeb027ca05b4f1360b5fb32df6c2885cb4b6fa3fd9e104506e3b254a7dc3fd00ad399e01d9ecdbf39642038683e5d023961db1c969d26b12b8d4daa53315a6a67772fb204bd0f32e3054045b0901457751a20adc2aadd0f17cbe1e03449e59a30d063125af296374b1c8239ee9f5fd9d6ea676958c41efeed55ad0d7cb325a4c0e752d2d8beaad30871207237eb09aae7a178446caf9309050600080004000207250180f846000905802740000809070905800800021f8000090503000004d77a1f09050a102000010204072501002f0080090500082000eff93f0725010004000109050b0000040852090d23758eb2887121e0f93755f60c05eb1e6986ea2ce6ca1dc009050800400003022009050d10000001800207250102fa490064213cf7a06ad4fd718cb52712f401e61128dec5db3df241ecfb6ca2d4ae7e7cea75f30b331212fbec4594f82bb053295f1f7bc7afc1929379b68aa0b3d68b00785e39bf6404f837b212cfdc01160b1ac7dea2097a99e7bfa48dd16155ee82d08d0fe677090523040004ae7901072501010302002d02a209fe8c428ebce13306f566d7620f4553b91beecc99441e7d0268dde1e000d0462403fa01d4b375a8449809050a10200008060409050003bf0773041f072501839507000905000000000708060904091f02e1f8a10309050d01080006fa3f072501020708000725010200090009050610000203d809750d232072e509c12ea7e4d69cac1b41ab03f36119c1dd33ef6698e3e79246febdf502e5cebf0691dd985eb5dfbf7cafa8bf04b1dfbfe4d8ccfcfbec38c57563527b00bd96543ad431c8e030a4bfb4d3ed2fcce450bfb06f90feab376377511c88e0941d047d09bd344d1ba710f15cf5ed9a6515134c09c9ba9302279f11ceb25febb6839164094af71fd5ef06a04be2987657c96143efaf35d2579e"], 0x0)

[  119.061281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.065929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
16:15:02 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000040), 0x8, 0x20000)
ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f0000000080))
pwritev(r0, &(0x7f0000000240)=[{&(0x7f0000000200)="e6", 0x1}], 0x1, 0x7fefffa, 0x0)
fallocate(r0, 0x3, 0x0, 0x7)
sendfile(r0, r0, &(0x7f0000000000)=0x4, 0x100000000)

[  119.568773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.570630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  119.703393] audit: type=1400 audit(1664640902.589:7): avc:  denied  { open } for  pid=3884 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  120.063952] syz-executor.4 (3856) used greatest stack depth: 23800 bytes left
16:15:19 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x4e20, @local}, {0x2, 0x0, @local}, {0x2, 0x4e20, @broadcast}, 0x186, 0x0, 0x0, 0x0, 0x100, 0x0, 0x80000000, 0x9, 0xfffe})
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xd1, &(0x7f0000000000)=0x5e, 0xfffffffffffffe2e)
sendto(r0, &(0x7f0000000280)="ee3bc48c71ffa43c048897aef8d277337f04332ffb70654305187a1a01f94cf6a3218494667c7b5693e61b624e4a6a2de76244610545c7daa91f32b2550409e9e430359ba094da74e03f64690a8cb3ac93f1e81a26c00a8796b42d46a77d17267a923f700d2c4f69bae83624692d7cd3f5c8df9cf0cfa2873de584b66c4840b22c2365d9208c98d91c668a2862d689d0cb8cb39e", 0x94, 0xc010, &(0x7f0000000340)=@caif=@rfm={0x25, 0x5, "01770911920fa6b0cf9a6f6b2b34fce1"}, 0x80)
ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'sit0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f00000000c0)={@dev, 0x0, r3})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'tunl0\x00', &(0x7f00000003c0)={'ip_vti0\x00', r3, 0x40, 0x1, 0xc0, 0x1, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xa8, 0x0, 0x0, @local, @multicast1, {[@timestamp={0x44, 0x20, 0x7a, 0x0, 0x2, [0x9, 0x2, 0xffff, 0x1, 0x700c, 0xa3, 0x4]}, @lsrr={0x83, 0xf, 0x6f, [@loopback, @multicast2, @multicast1]}, @timestamp={0x44, 0x8, 0xfb, 0x0, 0x1, [0x7fe3]}, @rr={0x7, 0x23, 0xab, [@local, @private=0xa010101, @loopback, @remote, @private=0xa010102, @multicast2, @remote, @multicast1]}, @generic={0x44, 0x6, "f3c17746"}, @cipso={0x86, 0x29, 0x3, [{0x5, 0xa, "1acb73331855b78c"}, {0x5, 0x11, "bf404a099779b1f1abf2f115505a58"}, {0x1, 0x4, "2119"}, {0x1, 0x4, 'H='}]}, @end]}}}}})
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000140)=0x2, 0x4)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='/#\x00', &(0x7f0000000040)=')\x00', 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002880), 0x4000101, 0x0)

16:15:19 executing program 0:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "be52c58e23fffc8e3137f5652f08ad0fbc860ffdef5764ecc2babdf4532bd3481826cf6eef3eda8fb88f66cf58d882bd67f6b5830b6a36cb74fe0fd62f8aea60"}, 0x48, 0xfffffffffffffffd)
keyctl$chown(0x4, r0, 0xee00, 0x0)
r1 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, &(0x7f0000000380)={@desc={0x1, 0x0, @desc4}, 0x21, r0, '\x00', @c})
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x40b01, 0x0)
write(r3, 0x0, 0x0)
r4 = dup3(0xffffffffffffffff, r2, 0x80000)
r5 = openat(r4, &(0x7f0000000000)='./file1\x00', 0x525e42, 0x6)
write$binfmt_aout(r5, &(0x7f0000000c40)=ANY=[], 0x820)
r6 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x8, 0x5, 0x40, 0x0, 0x2000000000000, 0xa0600, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10a46, 0xe4, 0x7, 0x0, 0x7, 0xffff, 0x1, 0x0, 0x9, 0x0, 0x169}, r5, 0x3, 0xffffffffffffffff, 0xf)
r7 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
ioctl$BTRFS_IOC_QUOTA_RESCAN(r7, 0x4040942c, &(0x7f0000000040)={0x0, 0xf, [0x2, 0x156280000000000, 0x8001, 0x1, 0x7a]})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r8, 0x4004662b, &(0x7f0000000340))

16:15:19 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f00000002c0), 0x4)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0xffffffffffffffff, 0x9, "5c8e18", 0x5, 0x80})

16:15:19 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x40b01, 0x0)
write(r1, 0x0, 0x0)
openat(r1, &(0x7f0000000000)='./file1\x00', 0x2000, 0x100)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x101)
ioctl$FS_IOC_SETFLAGS(r0, 0xc020660b, &(0x7f0000000080))

16:15:19 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000400), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0)
pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @broadcast}, 0x10)
r4 = syz_io_uring_setup(0x35c3, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000200))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r5=>0xffffffffffffffff})
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000000)=[r5, r5], 0x2)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000700)={'ip6_vti0\x00', &(0x7f0000000680)={'ip6_vti0\x00', <r6=>0x0, 0x4, 0x1, 0x81, 0x0, 0x54, @loopback, @ipv4={'\x00', '\xff\xff', @dev}, 0x40, 0x80, 0x7ff, 0x32ee}})
sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="84000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fbdbdf25100000004400018008000300000700001400020076657468315f746f5f7465616d000000140002007465616d5f736c6176655f310000000008000100", @ANYRES32=r1, @ANYBLOB="2d46c9f01a0100", @ANYRES32=r6, @ANYBLOB="2c00018014000200766c616e30000000000000000000000014000200767863616e3100"/44], 0x84}, 0x1, 0x0, 0x0, 0x2400c011}, 0x20000015)
r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0)
ioctl$SG_EMULATED_HOST(r7, 0x5390, &(0x7f0000002340))
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r7, 0xc0189375, 0xfffffffffffffffc)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x3709, 0x0, 0x0, 0x200480c, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d752c7569643d89000a085b5c44b1a406d5725cb2a0798656ce71622baf8409e2b800d617b6cf04768af2839c77ad60e7ad01853108413b", @ANYRESDEC=0x0, @ANYBLOB=',fscontext=sysadm_u,\x00'])
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, 0x0)

16:15:19 executing program 5:
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000180)={'team_slave_1\x00', {0x2, 0x0, @empty}})
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x2, &(0x7f0000000380)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x73}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)=ANY=[])
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x40b01, 0x0)
write(r1, 0x0, 0x0)
preadv(r1, &(0x7f00000006c0)=[{&(0x7f00000005c0)=""/91, 0x5b}, {&(0x7f0000000640)=""/40, 0x28}, {&(0x7f0000000680)=""/59, 0x3b}], 0x3, 0x59a41bcb, 0x3)
chdir(&(0x7f00000000c0)='./file0\x00')
io_setup(0x6, &(0x7f0000000040))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0)
io_setup(0x6265, &(0x7f0000000140)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000004c0)=[&(0x7f0000000080)={0xeffdffff, 0x8008, 0x10, 0x1, 0x0, r2, &(0x7f00000001c0)="10", 0x1}])
r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x40b01, 0x0)
write(r4, 0x0, 0x0)
r5 = openat2(r2, &(0x7f0000000340)='./file1/file0\x00', &(0x7f0000000500)={0xf00, 0x14b, 0x1}, 0x18)
io_submit(0x0, 0x3, &(0x7f0000000580)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0xf, 0x401, r4, &(0x7f0000000200)="0e573535d414e865941e8b76dfa842c558e6d6eac5f39a7066ddffc6f939c5db2431388f2ac5527cbbb4c0", 0x2b, 0x80000000, 0x0, 0x2}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x4, r0, &(0x7f00000003c0)="d51812a6e53ec7a9621cd9d0fbb72c8d7ccfd380a0343a89bf849297d8d56d81741819f7ddc9d4eb4455531d61dc352eed54b92659e0e9c2edcefcb5e57e49ad86a555b7b10c240fe193e0641d8292b3ceaa4bdd1a82b6cb90a9e6a725160eb6c9b42d824852eaa72f61faa73021b7c48870047ee1a6863d362cd5a965de16b0337ad5026ac72ea75a2e1ba1c5b4d215354597b68d7a21128573aa5147bbc9d8fbb3140fa71470dd0a5d3953a25bf49013a7c2f2043918c8347b12cb58e313f5a0fb6fd8ae3d75", 0xc7, 0x1c000000, 0x0, 0x0, r2}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x4, r2, &(0x7f0000000300)="8d3d8f01da18e17ce50fe238e2ff4fbec15fa5f223900c2953ff380423f9fe68301c07", 0x23, 0x1, 0x0, 0x2, r5}])

16:15:19 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000080)={0x0, 0x10000, 0x7ff})
socket(0x15, 0xa, 0x20)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x1ff}}, './file0\x00'})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r1)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x40b01, 0x0)
write(r2, 0x0, 0x0)
r3 = fsopen(&(0x7f0000001580)='binfmt_misc\x00', 0x0)
close(r3)
accept(r2, &(0x7f00000000c0)=@ieee802154={0x24, @short}, &(0x7f0000000140)=0x80)

16:15:19 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000040), 0x8, 0x20000)
ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f0000000080))
pwritev(r0, &(0x7f0000000240)=[{&(0x7f0000000200)="e6", 0x1}], 0x1, 0x7fefffa, 0x0)
fallocate(r0, 0x3, 0x0, 0x7)
sendfile(r0, r0, &(0x7f0000000000)=0x4, 0x100000000)

[  136.287099] audit: type=1400 audit(1664640919.172:8): avc:  denied  { kernel } for  pid=3973 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  136.297605] loop5: detected capacity change from 0 to 256
[  136.301165] ------------[ cut here ]------------
[  136.301182] 
[  136.301185] ======================================================
[  136.301189] WARNING: possible circular locking dependency detected
[  136.301193] 6.0.0-rc7-next-20220930 #1 Not tainted
[  136.301200] ------------------------------------------------------
[  136.301203] syz-executor.3/3978 is trying to acquire lock:
[  136.301209] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  136.301250] 
[  136.301250] but task is already holding lock:
[  136.301253] ffff88800f585420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  136.301283] 
[  136.301283] which lock already depends on the new lock.
[  136.301283] 
[  136.301286] 
[  136.301286] the existing dependency chain (in reverse order) is:
[  136.301289] 
[  136.301289] -> #3 (&ctx->lock){....}-{2:2}:
[  136.301303]        _raw_spin_lock+0x2a/0x40
[  136.301314]        __perf_event_task_sched_out+0x53b/0x18d0
[  136.301325]        __schedule+0xedd/0x2470
[  136.301339]        schedule+0xda/0x1b0
[  136.301352]        futex_wait_queue+0xf5/0x1e0
[  136.301365]        futex_wait+0x28e/0x690
[  136.301375]        do_futex+0x2ff/0x380
[  136.301385]        __x64_sys_futex+0x1c6/0x4d0
[  136.301395]        do_syscall_64+0x3b/0x90
[  136.301412]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  136.301425] 
[  136.301425] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  136.301439]        _raw_spin_lock_nested+0x30/0x40
[  136.301449]        raw_spin_rq_lock_nested+0x1e/0x30
[  136.301463]        task_fork_fair+0x63/0x4d0
[  136.301479]        sched_cgroup_fork+0x3d0/0x540
[  136.301493]        copy_process+0x4183/0x6e20
[  136.301504]        kernel_clone+0xe7/0x890
[  136.301514]        user_mode_thread+0xad/0xf0
[  136.301524]        rest_init+0x24/0x250
[  136.301536]        arch_call_rest_init+0xf/0x14
[  136.301554]        start_kernel+0x4c6/0x4eb
[  136.301569]        secondary_startup_64_no_verify+0xe0/0xeb
[  136.301585] 
[  136.301585] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  136.301598]        _raw_spin_lock_irqsave+0x39/0x60
[  136.301610]        try_to_wake_up+0xab/0x1930
[  136.301623]        up+0x75/0xb0
[  136.301636]        __up_console_sem+0x6e/0x80
[  136.301652]        console_unlock+0x46a/0x590
[  136.301668]        do_con_write+0xc05/0x1d50
[  136.301679]        con_write+0x21/0x40
[  136.301688]        n_tty_write+0x4d4/0xfe0
[  136.301700]        file_tty_write.constprop.0+0x455/0x8a0
[  136.301712]        vfs_write+0x9c3/0xd90
[  136.301728]        ksys_write+0x127/0x250
[  136.301743]        do_syscall_64+0x3b/0x90
[  136.301760]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  136.301772] 
[  136.301772] -> #0 ((console_sem).lock){....}-{2:2}:
[  136.301786]        __lock_acquire+0x2a02/0x5e70
[  136.301803]        lock_acquire+0x1a2/0x530
[  136.301819]        _raw_spin_lock_irqsave+0x39/0x60
[  136.301829]        down_trylock+0xe/0x70
[  136.301844]        __down_trylock_console_sem+0x3b/0xd0
[  136.301860]        vprintk_emit+0x16b/0x560
[  136.301876]        vprintk+0x84/0xa0
[  136.301891]        _printk+0xba/0xf1
[  136.301903]        report_bug.cold+0x72/0xab
[  136.301919]        handle_bug+0x3c/0x70
[  136.301935]        exc_invalid_op+0x14/0x50
[  136.301952]        asm_exc_invalid_op+0x16/0x20
[  136.301964]        group_sched_out.part.0+0x2c7/0x460
[  136.301982]        ctx_sched_out+0x8f1/0xc10
[  136.301998]        __perf_event_task_sched_out+0x6d0/0x18d0
[  136.302009]        __schedule+0xedd/0x2470
[  136.302023]        schedule+0xda/0x1b0
[  136.302036]        futex_wait_queue+0xf5/0x1e0
[  136.302046]        futex_wait+0x28e/0x690
[  136.302056]        do_futex+0x2ff/0x380
[  136.302066]        __x64_sys_futex+0x1c6/0x4d0
[  136.302076]        do_syscall_64+0x3b/0x90
[  136.302092]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  136.302104] 
[  136.302104] other info that might help us debug this:
[  136.302104] 
[  136.302107] Chain exists of:
[  136.302107]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  136.302107] 
[  136.302122]  Possible unsafe locking scenario:
[  136.302122] 
[  136.302124]        CPU0                    CPU1
[  136.302127]        ----                    ----
[  136.302129]   lock(&ctx->lock);
[  136.302135]                                lock(&rq->__lock);
[  136.302142]                                lock(&ctx->lock);
[  136.302148]   lock((console_sem).lock);
[  136.302153] 
[  136.302153]  *** DEADLOCK ***
[  136.302153] 
[  136.302155] 2 locks held by syz-executor.3/3978:
[  136.302162]  #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  136.302191]  #1: ffff88800f585420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  136.302217] 
[  136.302217] stack backtrace:
[  136.302220] CPU: 1 PID: 3978 Comm: syz-executor.3 Not tainted 6.0.0-rc7-next-20220930 #1
[  136.302232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  136.302240] Call Trace:
[  136.302244]  <TASK>
[  136.302247]  dump_stack_lvl+0x8b/0xb3
[  136.302266]  check_noncircular+0x263/0x2e0
[  136.302282]  ? format_decode+0x26c/0xb50
[  136.302299]  ? print_circular_bug+0x450/0x450
[  136.302316]  ? simple_strtoul+0x30/0x30
[  136.302332]  ? format_decode+0x26c/0xb50
[  136.302349]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  136.302366]  __lock_acquire+0x2a02/0x5e70
[  136.302387]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  136.302409]  lock_acquire+0x1a2/0x530
[  136.302426]  ? down_trylock+0xe/0x70
[  136.302443]  ? lock_release+0x750/0x750
[  136.302463]  ? vprintk+0x84/0xa0
[  136.302480]  _raw_spin_lock_irqsave+0x39/0x60
[  136.302492]  ? down_trylock+0xe/0x70
[  136.302508]  down_trylock+0xe/0x70
[  136.302523]  ? vprintk+0x84/0xa0
[  136.302540]  __down_trylock_console_sem+0x3b/0xd0
[  136.302557]  vprintk_emit+0x16b/0x560
[  136.302576]  vprintk+0x84/0xa0
[  136.302593]  _printk+0xba/0xf1
[  136.302604]  ? record_print_text.cold+0x16/0x16
[  136.302620]  ? report_bug.cold+0x66/0xab
[  136.302638]  ? group_sched_out.part.0+0x2c7/0x460
[  136.302656]  report_bug.cold+0x72/0xab
[  136.302674]  handle_bug+0x3c/0x70
[  136.302691]  exc_invalid_op+0x14/0x50
[  136.302709]  asm_exc_invalid_op+0x16/0x20
[  136.302722] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  136.302743] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  136.302754] RSP: 0018:ffff88801d6ff8f8 EFLAGS: 00010006
[  136.302763] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  136.302771] RDX: ffff88801f743580 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  136.302778] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  136.302786] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f585400
[  136.302793] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  136.302804]  ? group_sched_out.part.0+0x2c7/0x460
[  136.302824]  ? group_sched_out.part.0+0x2c7/0x460
[  136.302844]  ctx_sched_out+0x8f1/0xc10
[  136.302863]  __perf_event_task_sched_out+0x6d0/0x18d0
[  136.302877]  ? lock_is_held_type+0xd7/0x130
[  136.302891]  ? __perf_cgroup_move+0x160/0x160
[  136.302901]  ? set_next_entity+0x304/0x550
[  136.302919]  ? update_curr+0x267/0x740
[  136.302937]  ? lock_is_held_type+0xd7/0x130
[  136.302951]  __schedule+0xedd/0x2470
[  136.302968]  ? io_schedule_timeout+0x150/0x150
[  136.302983]  ? futex_wait_setup+0x166/0x230
[  136.302997]  schedule+0xda/0x1b0
[  136.303012]  futex_wait_queue+0xf5/0x1e0
[  136.303024]  futex_wait+0x28e/0x690
[  136.303037]  ? futex_wait_setup+0x230/0x230
[  136.303050]  ? wake_up_q+0x8b/0xf0
[  136.303063]  ? do_raw_spin_unlock+0x4f/0x220
[  136.303082]  ? futex_wake+0x158/0x490
[  136.303099]  ? fd_install+0x1f9/0x640
[  136.303114]  do_futex+0x2ff/0x380
[  136.303125]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  136.303141]  __x64_sys_futex+0x1c6/0x4d0
[  136.303154]  ? __x64_sys_futex_time32+0x480/0x480
[  136.303167]  ? syscall_enter_from_user_mode+0x1d/0x50
[  136.303180]  ? syscall_enter_from_user_mode+0x1d/0x50
[  136.303196]  do_syscall_64+0x3b/0x90
[  136.303213]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  136.303227] RIP: 0033:0x7f282314bb19
[  136.303235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  136.303246] RSP: 002b:00007f28206c1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  136.303256] RAX: ffffffffffffffda RBX: 00007f282325ef68 RCX: 00007f282314bb19
[  136.303264] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f282325ef68
[  136.303271] RBP: 00007f282325ef60 R08: 0000000000000000 R09: 0000000000000000
[  136.303278] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f282325ef6c
[  136.303285] R13: 00007ffe3876ec4f R14: 00007f28206c1300 R15: 0000000000022000
[  136.303298]  </TASK>
[  136.365510] WARNING: CPU: 1 PID: 3978 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  136.366226] Modules linked in:
[  136.366480] CPU: 1 PID: 3978 Comm: syz-executor.3 Not tainted 6.0.0-rc7-next-20220930 #1
[  136.367101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  136.367969] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  136.368398] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  136.369762] RSP: 0018:ffff88801d6ff8f8 EFLAGS: 00010006
[  136.370172] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  136.370728] RDX: ffff88801f743580 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  136.371283] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  136.371838] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f585400
[  136.372423] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  136.372975] FS:  00007f28206c1700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  136.373595] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  136.374050] CR2: 00007f7f0d718ab0 CR3: 000000001da0e000 CR4: 0000000000350ee0
[  136.374586] Call Trace:
[  136.374794]  <TASK>
[  136.374974]  ctx_sched_out+0x8f1/0xc10
[  136.375291]  __perf_event_task_sched_out+0x6d0/0x18d0
[  136.375698]  ? lock_is_held_type+0xd7/0x130
[  136.376037]  ? __perf_cgroup_move+0x160/0x160
[  136.376398]  ? set_next_entity+0x304/0x550
[  136.376733]  ? update_curr+0x267/0x740
[  136.377047]  ? lock_is_held_type+0xd7/0x130
[  136.377390]  __schedule+0xedd/0x2470
[  136.377695]  ? io_schedule_timeout+0x150/0x150
[  136.378058]  ? futex_wait_setup+0x166/0x230
[  136.378398]  schedule+0xda/0x1b0
[  136.378670]  futex_wait_queue+0xf5/0x1e0
[  136.378992]  futex_wait+0x28e/0x690
[  136.379281]  ? futex_wait_setup+0x230/0x230
[  136.379616]  ? wake_up_q+0x8b/0xf0
[  136.379909]  ? do_raw_spin_unlock+0x4f/0x220
[  136.380279]  ? futex_wake+0x158/0x490
[  136.380586]  ? fd_install+0x1f9/0x640
[  136.380890]  do_futex+0x2ff/0x380
[  136.381170]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  136.381617]  __x64_sys_futex+0x1c6/0x4d0
[  136.381933]  ? __x64_sys_futex_time32+0x480/0x480
[  136.382312]  ? syscall_enter_from_user_mode+0x1d/0x50
[  136.382711]  ? syscall_enter_from_user_mode+0x1d/0x50
[  136.383115]  do_syscall_64+0x3b/0x90
[  136.383415]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  136.383828] RIP: 0033:0x7f282314bb19
[  136.384127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  136.385520] RSP: 002b:00007f28206c1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  136.386102] RAX: ffffffffffffffda RBX: 00007f282325ef68 RCX: 00007f282314bb19
[  136.386649] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f282325ef68
[  136.387205] RBP: 00007f282325ef60 R08: 0000000000000000 R09: 0000000000000000
[  136.387757] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f282325ef6c
[  136.388314] R13: 00007ffe3876ec4f R14: 00007f28206c1300 R15: 0000000000022000
[  136.388864]  </TASK>
[  136.389048] irq event stamp: 568
[  136.389312] hardirqs last  enabled at (567): [<ffffffff8425379d>] syscall_enter_from_user_mode+0x1d/0x50
[  136.390031] hardirqs last disabled at (568): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  136.390675] softirqs last  enabled at (314): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  136.391332] softirqs last disabled at (309): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  136.391980] ---[ end trace 0000000000000000 ]---
[  136.435573] hrtimer: interrupt took 21440 ns
16:15:19 executing program 6:
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0])
write$P9_RSTATu(0xffffffffffffffff, &(0x7f00000004c0)={0x59, 0x7d, 0x0, {{0x0, 0x40, 0x0, 0x0, {}, 0x0, 0x1a809ffd, 0x10001, 0x1, 0x2, '-#', 0x6, '\x02\x02\x02\x02\x02\x02', 0x5, '%}%@:'}, 0x4, ':\'@*', 0xee01, 0xffffffffffffffff, 0xee00}}, 0x59)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_open_procfs(0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x20, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
syncfs(r0)
r1 = openat2(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)={0x40, 0x52, 0x6}, 0x18)
openat(r1, &(0x7f0000000180)='./file0\x00', 0x101101, 0x156)

[  136.501881] audit: type=1400 audit(1664640919.374:9): avc:  denied  { write } for  pid=3984 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  136.617533] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
16:15:19 executing program 2:
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xffffffff}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000800}, 0x408c4)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r0, &(0x7f00000011c0), 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fcntl$dupfd(r0, 0x0, r1)
write(r1, &(0x7f0000000080)="01", 0x41030)
close(r1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[])
r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa)
openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0)

[  137.833498] loop2: detected capacity change from 0 to 256
[  137.907784] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  138.341920] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)

VM DIAGNOSIS:
16:15:19  Registers:
info registers vcpu 0
RAX=0000000000000001 RBX=0000000000000000 RCX=ffffffff812a1cb8 RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff85b06ed0 RBP=1ffff110080b2ef5 RSP=ffff888040597798
R8 =0000000000000000 R9 =ffffffff85b06ed7 R10=fffffbfff0b60dda R11=0000000000000001
R12=ffffffff85407320 R13=0000000000000c40 R14=ffffffff81b6a904 R15=ffff888008cf3180
RIP=ffffffff812a2167 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555568e9400 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb18ba87542 CR3=000000001f612000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM01=0000000000000000 0000000000000000 2525252525252525 2525252525252525
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88801d6ff340
R8 =0000000000000001 R9 =000000000000000a R10=000000000000006f R11=0000000000000001
R12=000000000000006f R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f28206c1700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7f0d718ab0 CR3=000000001da0e000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f28232327c0 00007f28232327c8
YMM02=0000000000000000 0000000000000000 00007f28232327e0 00007f28232327c0
YMM03=0000000000000000 0000000000000000 00007f28232327c8 00007f28232327c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000