Warning: Permanently added '[localhost]:56017' (ECDSA) to the list of known hosts.
2022/10/02 05:36:57 fuzzer started
2022/10/02 05:36:57 dialing manager at localhost:35095
syzkaller login: [   36.065930] cgroup: Unknown subsys name 'net'
[   36.190932] cgroup: Unknown subsys name 'rlimit'
2022/10/02 05:37:12 syscalls: 2215
2022/10/02 05:37:12 code coverage: enabled
2022/10/02 05:37:12 comparison tracing: enabled
2022/10/02 05:37:12 extra coverage: enabled
2022/10/02 05:37:12 setuid sandbox: enabled
2022/10/02 05:37:12 namespace sandbox: enabled
2022/10/02 05:37:12 Android sandbox: enabled
2022/10/02 05:37:12 fault injection: enabled
2022/10/02 05:37:12 leak checking: enabled
2022/10/02 05:37:12 net packet injection: enabled
2022/10/02 05:37:12 net device setup: enabled
2022/10/02 05:37:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/02 05:37:12 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/02 05:37:12 USB emulation: enabled
2022/10/02 05:37:12 hci packet injection: enabled
2022/10/02 05:37:12 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/02 05:37:12 802.15.4 emulation: enabled
2022/10/02 05:37:12 fetching corpus: 50, signal 22600/24419 (executing program)
2022/10/02 05:37:12 fetching corpus: 100, signal 34968/38407 (executing program)
2022/10/02 05:37:12 fetching corpus: 150, signal 42812/47780 (executing program)
2022/10/02 05:37:12 fetching corpus: 200, signal 49775/56201 (executing program)
2022/10/02 05:37:12 fetching corpus: 250, signal 52913/60804 (executing program)
2022/10/02 05:37:12 fetching corpus: 300, signal 57283/66578 (executing program)
2022/10/02 05:37:12 fetching corpus: 350, signal 60746/71471 (executing program)
2022/10/02 05:37:13 fetching corpus: 400, signal 65614/77557 (executing program)
2022/10/02 05:37:13 fetching corpus: 450, signal 69462/82634 (executing program)
2022/10/02 05:37:13 fetching corpus: 500, signal 72003/86463 (executing program)
2022/10/02 05:37:13 fetching corpus: 550, signal 76653/92203 (executing program)
2022/10/02 05:37:13 fetching corpus: 600, signal 79235/95954 (executing program)
2022/10/02 05:37:13 fetching corpus: 650, signal 81821/99687 (executing program)
2022/10/02 05:37:13 fetching corpus: 700, signal 86339/105153 (executing program)
2022/10/02 05:37:13 fetching corpus: 750, signal 90238/109978 (executing program)
2022/10/02 05:37:13 fetching corpus: 800, signal 93965/114548 (executing program)
2022/10/02 05:37:14 fetching corpus: 850, signal 98760/120070 (executing program)
2022/10/02 05:37:14 fetching corpus: 900, signal 102472/124577 (executing program)
2022/10/02 05:37:14 fetching corpus: 950, signal 103632/126769 (executing program)
2022/10/02 05:37:14 fetching corpus: 1000, signal 105288/129411 (executing program)
2022/10/02 05:37:14 fetching corpus: 1050, signal 106909/131928 (executing program)
2022/10/02 05:37:14 fetching corpus: 1100, signal 109231/135015 (executing program)
2022/10/02 05:37:14 fetching corpus: 1150, signal 112132/138561 (executing program)
2022/10/02 05:37:14 fetching corpus: 1200, signal 113054/140490 (executing program)
2022/10/02 05:37:15 fetching corpus: 1250, signal 114939/143181 (executing program)
2022/10/02 05:37:15 fetching corpus: 1300, signal 117136/146097 (executing program)
2022/10/02 05:37:15 fetching corpus: 1350, signal 118383/148186 (executing program)
2022/10/02 05:37:15 fetching corpus: 1400, signal 119341/150079 (executing program)
2022/10/02 05:37:15 fetching corpus: 1450, signal 120804/152321 (executing program)
2022/10/02 05:37:15 fetching corpus: 1500, signal 123053/155143 (executing program)
2022/10/02 05:37:15 fetching corpus: 1550, signal 124762/157512 (executing program)
2022/10/02 05:37:15 fetching corpus: 1600, signal 127023/160293 (executing program)
2022/10/02 05:37:15 fetching corpus: 1650, signal 129319/163046 (executing program)
2022/10/02 05:37:16 fetching corpus: 1700, signal 130602/165053 (executing program)
2022/10/02 05:37:16 fetching corpus: 1750, signal 131993/167129 (executing program)
2022/10/02 05:37:16 fetching corpus: 1800, signal 132578/168516 (executing program)
2022/10/02 05:37:16 fetching corpus: 1850, signal 133649/170305 (executing program)
2022/10/02 05:37:16 fetching corpus: 1900, signal 134920/172199 (executing program)
2022/10/02 05:37:16 fetching corpus: 1950, signal 136752/174468 (executing program)
2022/10/02 05:37:16 fetching corpus: 2000, signal 140028/177780 (executing program)
2022/10/02 05:37:17 fetching corpus: 2050, signal 141520/179817 (executing program)
2022/10/02 05:37:17 fetching corpus: 2100, signal 142652/181557 (executing program)
2022/10/02 05:37:17 fetching corpus: 2150, signal 144441/183704 (executing program)
2022/10/02 05:37:17 fetching corpus: 2200, signal 145329/185251 (executing program)
2022/10/02 05:37:17 fetching corpus: 2250, signal 146546/186954 (executing program)
2022/10/02 05:37:17 fetching corpus: 2300, signal 147129/188231 (executing program)
2022/10/02 05:37:17 fetching corpus: 2350, signal 147980/189669 (executing program)
2022/10/02 05:37:17 fetching corpus: 2400, signal 149112/191351 (executing program)
2022/10/02 05:37:17 fetching corpus: 2450, signal 149865/192774 (executing program)
2022/10/02 05:37:18 fetching corpus: 2500, signal 151057/194480 (executing program)
2022/10/02 05:37:18 fetching corpus: 2550, signal 151733/195802 (executing program)
2022/10/02 05:37:18 fetching corpus: 2600, signal 152936/197367 (executing program)
2022/10/02 05:37:18 fetching corpus: 2650, signal 154067/198904 (executing program)
2022/10/02 05:37:18 fetching corpus: 2700, signal 154858/200255 (executing program)
2022/10/02 05:37:18 fetching corpus: 2750, signal 156666/202105 (executing program)
2022/10/02 05:37:18 fetching corpus: 2800, signal 157471/203393 (executing program)
2022/10/02 05:37:18 fetching corpus: 2850, signal 158754/204980 (executing program)
2022/10/02 05:37:19 fetching corpus: 2900, signal 159927/206425 (executing program)
2022/10/02 05:37:19 fetching corpus: 2950, signal 161076/207839 (executing program)
2022/10/02 05:37:19 fetching corpus: 3000, signal 162298/209386 (executing program)
2022/10/02 05:37:19 fetching corpus: 3050, signal 163618/210885 (executing program)
2022/10/02 05:37:19 fetching corpus: 3100, signal 164119/211911 (executing program)
2022/10/02 05:37:19 fetching corpus: 3150, signal 166255/213828 (executing program)
2022/10/02 05:37:19 fetching corpus: 3200, signal 167031/215007 (executing program)
2022/10/02 05:37:19 fetching corpus: 3250, signal 167964/216258 (executing program)
2022/10/02 05:37:20 fetching corpus: 3300, signal 168924/217473 (executing program)
2022/10/02 05:37:20 fetching corpus: 3350, signal 170357/218919 (executing program)
2022/10/02 05:37:20 fetching corpus: 3400, signal 171145/220040 (executing program)
2022/10/02 05:37:20 fetching corpus: 3450, signal 172446/221408 (executing program)
2022/10/02 05:37:20 fetching corpus: 3500, signal 173147/222456 (executing program)
2022/10/02 05:37:20 fetching corpus: 3550, signal 174211/223680 (executing program)
2022/10/02 05:37:20 fetching corpus: 3600, signal 175205/224838 (executing program)
2022/10/02 05:37:20 fetching corpus: 3650, signal 176120/225952 (executing program)
2022/10/02 05:37:21 fetching corpus: 3700, signal 176808/226940 (executing program)
2022/10/02 05:37:21 fetching corpus: 3750, signal 178000/228123 (executing program)
2022/10/02 05:37:21 fetching corpus: 3800, signal 178575/229054 (executing program)
2022/10/02 05:37:21 fetching corpus: 3850, signal 179645/230171 (executing program)
2022/10/02 05:37:21 fetching corpus: 3900, signal 180320/231119 (executing program)
2022/10/02 05:37:21 fetching corpus: 3950, signal 181036/232093 (executing program)
2022/10/02 05:37:21 fetching corpus: 4000, signal 181635/233002 (executing program)
2022/10/02 05:37:21 fetching corpus: 4050, signal 182426/233932 (executing program)
2022/10/02 05:37:22 fetching corpus: 4100, signal 183326/234952 (executing program)
2022/10/02 05:37:22 fetching corpus: 4150, signal 183930/235803 (executing program)
2022/10/02 05:37:22 fetching corpus: 4200, signal 185110/236874 (executing program)
2022/10/02 05:37:22 fetching corpus: 4250, signal 186622/238030 (executing program)
2022/10/02 05:37:22 fetching corpus: 4300, signal 187062/238807 (executing program)
2022/10/02 05:37:22 fetching corpus: 4350, signal 187715/239641 (executing program)
2022/10/02 05:37:22 fetching corpus: 4400, signal 188338/240463 (executing program)
2022/10/02 05:37:23 fetching corpus: 4450, signal 188895/241259 (executing program)
2022/10/02 05:37:23 fetching corpus: 4500, signal 189538/242065 (executing program)
2022/10/02 05:37:23 fetching corpus: 4550, signal 190484/243062 (executing program)
2022/10/02 05:37:23 fetching corpus: 4600, signal 191197/243872 (executing program)
2022/10/02 05:37:23 fetching corpus: 4650, signal 192191/244745 (executing program)
2022/10/02 05:37:23 fetching corpus: 4700, signal 192594/245457 (executing program)
2022/10/02 05:37:23 fetching corpus: 4750, signal 193037/246110 (executing program)
2022/10/02 05:37:23 fetching corpus: 4800, signal 193673/246855 (executing program)
2022/10/02 05:37:24 fetching corpus: 4850, signal 194356/247594 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/248257 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/248820 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/249366 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/249928 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/250471 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/251014 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/251564 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/252104 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/252642 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/253188 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/253768 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/254294 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/254827 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/255380 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/255931 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/256441 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/256972 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/257510 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/258042 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/258560 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/259127 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/259640 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/260190 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/260735 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/261275 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/261792 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/262355 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/262948 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/263498 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/264016 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/264549 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/265072 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/265612 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/266165 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/266542 (executing program)
2022/10/02 05:37:24 fetching corpus: 4874, signal 194680/266542 (executing program)
2022/10/02 05:37:26 starting 8 fuzzer processes
05:37:26 executing program 0:
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, @in_args={0x4}}, './file0\x00'})
sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x14000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffff8001}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x100}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x808)
io_submit(0x0, 0x0, &(0x7f0000000140))
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0xf63dd31ff7539a5b, 0x70bd28, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x44011}, 0x4c005)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0xf50f, 0x0)
fchownat(r0, &(0x7f00000002c0)='./file0\x00', 0xffffffffffffffff, 0xee00, 0x800)
io_pgetevents(0x0, 0x80000001, 0x3, &(0x7f0000000300)=[{}, {}, {}], &(0x7f0000000380), &(0x7f0000000400)={&(0x7f00000003c0)={[0xf59]}, 0x8})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xb4, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x6b27854, 0x64}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x157f9af17e4435ad}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x34c}], @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26a}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x23}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x24}], @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x9}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0xfd}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000080}, 0x24044811)
r3 = syz_open_dev$hiddev(&(0x7f0000000600), 0x4, 0x20000)
r4 = dup(0xffffffffffffffff)
io_cancel(0x0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x7, 0x1, r3, &(0x7f0000000640)="1297bb8ce589261af7c8274c", 0xc, 0x8, 0x0, 0x2, r4}, &(0x7f00000006c0))
r5 = openat$cgroup_freezer_state(r4, &(0x7f0000000700), 0x2, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r5)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r0)
signalfd4(r0, &(0x7f0000000780)={[0x49472432]}, 0x8, 0x80800)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/module/e1000e', 0x101800, 0x48)
ioctl$F2FS_IOC_RESIZE_FS(r6, 0x4008f510, &(0x7f0000000800)=0x7f)
ioctl$CDROMPLAYMSF(r6, 0x5303, &(0x7f0000000840)={0x1, 0x79, 0x40, 0x3, 0x80})

05:37:26 executing program 1:
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(0xffffffffffffffff, 0x40046210, &(0x7f0000000000))
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000040)={0xffffffffffffffff})
preadv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)=""/83, 0x53}], 0x1, 0x10001, 0xffffffff)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r1 = dup2(r0, r0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000180)={0x7, &(0x7f0000000140)=[{0x5, 0x8, 0x2, 0x21c0}, {0x936e, 0x93, 0x2, 0x7ff80}, {0x9, 0x3f, 0x1, 0x4}, {0x1000, 0x7f, 0xc2, 0x7}, {0x7e3, 0x8, 0x42, 0x8b6b}, {0x4, 0x4, 0x3f, 0x7}, {0x9, 0xf9, 0x2}]})
poll(&(0x7f00000001c0)=[{r1, 0x100}, {r2, 0x2}, {r0}, {r0, 0x100}, {r1, 0x100}], 0x5, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r4 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000240)={{0x1, 0x1, 0x18, r4, {0x4}}, './file0\x00'})
r5 = dup(r2)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f0000000280)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
umount2(&(0x7f00000002c0)='./file0\x00', 0xf)
r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000300), 0x40, 0x0)
ioctl$FS_IOC_GETFSMAP(r6, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x1, 0x0, '\x00', [{0x6, 0x6, 0x2, 0x2, 0x7fffffff, 0x6}, {0x7, 0x1, 0x9, 0x1f000, 0x27f, 0x400}], ['\x00']})
r7 = pidfd_open(0xffffffffffffffff, 0x0)
finit_module(r7, &(0x7f0000000440)='&/\x00', 0x1)
r8 = syz_mount_image$nfs(&(0x7f0000000480), &(0x7f00000004c0)='./file0\x00', 0x6, 0x7, &(0x7f0000001940)=[{&(0x7f0000000500)="4d77a5959feb6543985ddb74e75a894708827d453ee30f9db7c141e1d03e51dfd6eb492b882e1ae84e50d031a59e128b30caee8287f120859cc57069040aa46efd44a7b251cc9de26ee4efb88ef4a6225006cbe8641e6ffa9632aa7666b54562b72705eb3d533eaaf6753b8221db3e1bb496dd", 0x73, 0x2}, {&(0x7f0000000580)="16502f38de08d2a13a5e9e5d92f70510678fbda732d2ba4a3c375019c441fe921c60907f27ee7bbef0339c8066a011b36823054b90ed98d909d08ff133b63cf73e49cb75904c0421ac9735a4e5145f1d1330d2b987860c0dd287c22275981521ddd47b9d30e84c3361509db8509240960fb360d2595bdbc31dcf139a44d4b8036a5b8fd66957fac8c2522a9a6165b44a2fc32252c7daf1427eeda96caf59523c41d7d43102d64459ca4fbb15d52db7e502e483d16cede0d35beca3ff25f8d87ac560ffcfc6bb1a24e0b09283c7fc93b9dc7a47354c49a660", 0xd8, 0x5}, {&(0x7f0000000680)="534ca41b0f0e521f455aa47c1e80f5aeec15e7a27445cabb1cb992ef094c07d279a4c2ed922e3b6bbd7b2a41fdc7ab48b11e244ef87eee77f96b2f77cbc3e199e502b3be8de498e9d4109bc655436902d4d6bd38aae1a131e955e935ea46c991fb92334629003e5335a12102f5229c354f5375f0", 0x74, 0x5}, {&(0x7f0000000700)="c080a890d65e40898015afe2432c1826", 0x10, 0x9}, {&(0x7f0000000740)="33ee454264d5bc1b2c2ed1924288b6fb30738b34f4cfcbde4dabe12941a83b0411c3706356f66e94398f5fe9d94d94f7210f972aa68645ce1db0936f3c4320c14fcf5afc57c653bc3f0bc055552516edcdf128ac94bf301312cc14d6a12a5e119c8fd1aba84d65fabb1906a6086f46e0cb4caba99ac14bf6fd069ea5623c4fc834fea45716d59c8a98878cbc37b6efcde525f3531cb5054841c10af29b57a2ab4960001d5e06593f021c61826471b81b232ff2677c331fabbdfc14ad31c5889e90a864b0359fb4bc75b93550d99cac4b3c727d0c98c937d5923d73953c3e", 0xde, 0x6}, {&(0x7f0000000840)="d531606fec0f6f07754ba083aecf64ad04b4c40b6e5378ada03eeefe30b3e8692c8064693f69cb328b30c16eb21533bd23c5f0b8ac9471a3f5f0d9007c0479cdcdd99b6e3ede976639e784cf8754bd6777a205cadd757449f760c4cadb971d37b458cc903f262b855e21f43ced0042488b27a45af75b5296ec34c94e9f4a838858dc0027ac10e88fa594baa072f828a6710fb824557b6c5b539f09021e14869bdc3f399f6ab5f7f79f7e279d66007a9b709feb46ad5db9731db8d451b792e133f010f1eb41e602ca161c03aa1826bb3783e60ad286e45e161d4d3362597c3b0edd9139e51fc6f22185122cbaa0b6b7cf7bf9583993392afec6b194edb0b848c8b582cac59c8a7a67b6e28f6b463dbfb072505ca16cb4bbb7b99470ee7b2dbddca66fe43cd631341193a3f2ac8c144cd23e3d1b2abf82d3ce0761edfa1994b765a778af25a3f35d039f88241f2a7d42cc026ffa9d63617bccb58c5d752b62b737cee4b3c64b86054ba738e945df8a796163cd7e711a731e40e63c54e3812f651804a753d22b8a9dda4ce7653dd9d43e5354362aac08d65291caaaa57d11d54f1e14064847843f54b9ef4ac1199949bb0ce0ab5cea33daf23b1760cdf7f7625841ef2ddff70603b3de890a85c5796326a1640423be0018882c2827b9937bc4cf089c7da123d92dedce5cfe19800e0316fc5ad38e3f83c4282f714d472a5ef7cd8d6c0591e0c55071e1ee9497bae104d4fdcdfdc48bcf8f25d20a612bef6c639cc509b2537803ef182c6fd4b79fe0e3aaf0fb522de0508463fa9931339a113c4aeb86fbb2d55f0f5c707a529e6077252d809d7c0bed98382f9cd01d3b33a4703218fe62dee6add269f118550f0b448f10bbeb93f02119c333a689963619f9c8f4a6e1c836bedbe6a6a971a7aa07f9b5ec88def45f00679d2d93cb25e8e24152a10c2cefa4688ba03c8b784f7a2cd2ce3dc6c119d026bcf8884c19b4149cb0b7817064ad3b9c115f5f505c0c9cbaf83aaae3699387d75259999f135358250ffdec7f7e642bd0cee9a72ec1e3c82c8ca46a411854a2f79e4588406d66003895949ef33c9373f9f47bbbc7ad98eaad2bd9933e2d584b3f3d7fc38e99c3e54e4cc238c50ebee90572d1593bee0e0c4416289b1fac1484da5d61063579a337101c1cf1878134384ca643a6e80dc5ebd351c90cc5e4df34460e8a0e23210e404f18bfede3026741a87713a0e67e608982716320a4695a044b9a688a238588448b39016cb72bd0cfc7524ed5c7497c42c22e459a32e3fdf2f541aeb5ad0b5fa1c49bb01b94018d1a03f3c4a1cd1bef45135f841ea47c278d08c9066df217d5c4a58f89050cab74e01badc243308403faf4272a19e53de31e560f2f9f468cb1ef1ee95d52af8abd66b361f034e587799031f94e5140b5a81034a7217a72d86760d902dbc27f47619c2636f3fe788b2e7f9a8250a07e9e997ea6d3e7b7d3277b90e210831b826c0c4f5242f05d4c981f885fb273639cc9317de91dfafd8263a8a18809e530389d4d375d074a2f62339323451333194c5a1074bc10ce72173654f04acb1f5778cb76bffa967f6bfdb8b9c82153edbdbbe1c6f310379ce5ab47aa4ff5e50d292a57bcd2083ab395f9f73d28256fe3f2670a58b1204bb6486ef97d1654ff7930212e95d251059d1e2f00a9bf19e9c830b8100c7ab23b236072ea5722e983919c1c075a0e3bdb33f8854827e10835a044f1a09c95f9dfe168cdc6ba1cf3bc1cd0fbad74a1f93db5d911ee37b8e8d4d6e530a4eabdcd518e84ff0b705bd2839b5b7d305a109bd4e4adf3c1529432a840a283991888591fbf3f182d9fcb305203c1052bda358f05333713dfc435881cbb668416f3e3a2abdc9071a0f145985c9ef2e101f5024bd2c528bf652cd42e2c7427498c3f45d6a3908a9dc934cbb8dab22656dfce0a6837cc9620b020021b235e5d84d117b6fd79590e05c09e0715e48cb2cb79cacc65e291d8d4b954ef651e802dd63edb962f6a40e90f9c2f4e4442616a749c42a45763f29f5534e551681e0b3e150063dce1dc14c1403e40f9d7d9d7ab332052b5f1c6dc09dfd274d9934da43605760ca5a9a465567e0e8cb21a0aa1576fc17063e848b4a8b249097d4b38574fb4f89f6ae2a8f262e4708ffb5399ef6ae6bebeedb192f25b9fee5083bb56a23fd7a5be62daa241d6c5c985f823bbad4c4ef87934351b62efc41b2793f35a6be8fee94a3145bea579c3c5cee31fe56f6bf1417ca74493dfc217ea30233ee7aedfa8891229a96d4d370026c606d609eff36fab29667ccaa10915cc48cf4d097b30c5f05d74dd4fef9fbd9b4003139e3fe1c9912169f9eed7a6a72449fdba8847297cfdf6b3e960e0133b7c5bdcf84b4eb8ca2376399e799aa31ca2c07561785badc58510feb526d609d5aa242f1c877584098cc05d7260471179f906624dc596928cf91363ec8eab88518a216abfa177ce8ec24914df5c395e4ebb37b221fdfc0962c87290af9e9123a12f605d7cc468787d4acaf16f80c622638e2fa9e51cc9a87bf3397129d5f36546f71139074cf3bf4632b4fa3e0d9ac71fecaa8d2dc4009fecea8d731316842fb57e371a500f2b6695738a436efa98b667fb7db7b7f6caa00fdbff4af8d317dfcd884602a7d9432c10029aaefd8e1a41f853baf8ae16ac738c873382853b0ab936b598782150ca815c9f26ed7a1187037e82d1c920ce05c3f7bd74c315d57e48469869e25a597a292a71004286ae889f78685189096c7298450a694ddc2f04376c516e7950149eb28c938f793681bcf6baf6ad40537ae5f9562042bdd6cb6f4cd117011b46d978620c56c579457d668042a579878840ce4d0d6959797e204548fb7d097cf4826871a6a46dcaf3a13de7578780c87c88027e79e026abcd84410760a3870782bcc7fdc8cea82a3706ded237bad1a486ab83f93652d75d9ea36319d5ac9ec597cf1c70605d4d76bbc8bf3678befc8352a85ee05f35dd6deb615d7d26f7f7d151a761b15ecec8b1dceb2fb7cd1d0c01594a191bd1cf6574503f64df0a7d4bdeb45c63fa6b05bb699ee82bced55d498bd38d39c96aa6d16bab1f8a4bc84d65f0ae8f39f6057465b957f597963377bca8ca083922b23d9aaab0d4e589c63e6e2793f860e1436e71e5187e381a04b521bb82cb4464a2ea086dc926207a91fbf9c0de925caf8a778a3babad7216711b15bca48d02f460030aafd92691a2fc9d8272d2d7f8997183a3f7f319c362ebbcf36bf4502f2ef6b6a322f1c9ab13917cb79c50f10d0c0a3a3d980c1495bb016706d4cd194f54f6dc3195b9e38e2f5c59259046fe7911bc8067b7bad702b1d40d5ec0c394d97e38d3edfc144ceb6165d81c7947bb21db2a2a264dedb283c00c56a1dced1b4fdca4973ff286cf5075afde57134e4d09604d85c9a382eb0683cbb40b79a3b5fb50e4f979cf802317e04d0c78999afef4ce3df5e9406644d5f24646051de7792f49d105be5e8c6fd4651e7a7a63820d3449254deb9838ca15dedd80371d3e3f6cec6977f1f62022386ecf9c2d420c4d4ca004c9d7837e50299ffd62c4198fe456536dff3b9f112af6b8afdbfd6f151eb72d666045915e62c5090a4e278cde456f3ea3dad18026f75030b45935437f9202bcc28630daa4aec066093ebc0b1736eb632d4cf714647b6167d202834cae457c5babbc5677131f63d0d5d6e0add0144b867b15f9e6d8ff20fe2fdd8952422b067f23a59ee19e523342e8e6a1980149399abc51d6f3d12fb9e464935e2498b51818ab4dc277f864a288308083debed24640b324e36746e604dc2f6a7aa349bf255cad316f34973f59909f498fcb42f9df53041a62d5a1c3c1fcea3d1756c5482a8d179ab69a49bb27a1822a7bd3ad9b2806198ac23bd79caa1f5b295fec79a13ad7f225e190df4bf10dcc182701d04617b746d53483a2099bf1ed635372a8c9da5cc8d2b89294a9c02a2f6b83c7784e416a6a010af66544eb8b487976bb853f27b3ad14bfe9ff5f1155e5d514b70ec4f7a5a7cbf3f900c529526102ff9a9e73e576dab888a3c2d692d382e7be27dab03adc5eb66b2f9ea4c2606e5848b384c9adbc0a1f0decff9c620bba22497da2725afd36c7c78fab4965c5bea082f28a0f5644d4faeae30866eaba4b6a682b3de7090ff5dde27b5a8694fee15511c9dc38e403c01adc9d3f4998d8e98e2a3d37233d5d2f9a2e848183a1bf69bcc2d78663d5097e2a6750872583cd528b1a04711525cf25578d3d6a9a31d680da3eca20b7fc758be22d4427dd2076d467a202a174f21ed16bf461b3f62c3e1a45b2c200c41554ac30159ac878fbe237f2803aecd812ac6186304501680edfa4a9ce06d4ad9866b7559942c07b22c80c8096b4fbf12b912b9f0be00b37cde1f1131821055b64fb6e7e4e714a296426b4251c8e7ff4c75275155799cdb88f41ae7f57d44691dda03da447ca9163aeccae95e427f9f4085196db9f34e350cc1664ef65c810a52e1c8366a16b3e6bb06f047bab992875728491cc0e4e5e6acdbdbdceb71670ba43b5cb4b55f69bbe566ad5c103e1de27bf5f18b900b49c6047c7b672e06d693ea36103ce7ccdd6b5c68aa50a55c421c0fe915a541e387f4109e861b0afb3ba892dd01ce7ce85a20c22625704b8fd9c67f7af9a6f4a742b2cba50e04e0aecc1c7d09f5040a08ca10c87cc88aa10f4bbdf18196e0e06b75e8974e6204e49468216662a4717217a01280a910a207d7ca2fdb3b1f0799170df6a9b7ef26b6c0f5635c91eb60c2fea2cfd459af91914e8671c12abd0a202f07ae61b52890898c55759508f252ea8ec438ee3beac3246d02287fb47a1479aad0e7deff74625516a6620a8b56556c49f93f5a5b1eb79a7738c074ad5e7765fa23067bd11710315490d0dec4d3c196fd025f13d4fa57cf691c7aa96a16b377af39a5d1fc4c21d7588ab8ce4c97f25a60050ff6b02e900f083dfc33bd928cb5e27173c7b852a28fcdfd37704d38b4537279f6afc5552cadced9bc49822adff63290c360b03b868ce9435806ab8ca770c8abec305a3de0b8c420fff25003a7ec4221042ccf0884b81975891e99643d65e8edce257c7713a53bb5ba8e68b81d4548b1433ff8b6b48ea9e339e733f931ebeb84e00e16fe5956e0e8448539a8aab6ee2e1593b60dfabdc15ad7c70bedce53dca6976c853440a43849d6a06b2165574a955516d88687b381b7dbaedb39c3b8a5b283046fb77ddd94c5b91b1d3547136d0d761d696c5049baccff102b85435e8a9cc958d72378e92943ed460616294b33d89b432ebcffd513c23a44bd446b3010c56492ace5aa7446e7cb3dd7aa51f598a501d15d0f14fc801280edfbe3fca379c93c7ab8000d5c2245546fb959f9a9396916d27ba2409e14ca7de79646d02f5fee762a1e0c5bb4aadbcf5e08371cb2ba9ea058abb16bf78f580b26028ceb64c9ad8d6cd72fadd0fa257562244eb610fded0e6cab87821ee0d4488780373505af79837955690244587062b4e0daede93e9e40951c1beef8130d555e8a3da2b3810ef6825c40af0a098f4c695decce29d9b54dd5ce9a28e50c69b04944dc938d076d260e378a8e6f8da18306bde2d2dac6ac6c3ae3867e4ed308125b067e0835b63cd1cfbd0b0d9ec02c9e19dd35b57266390e8e7177bcf53e9ee8f6385900b80f6cc6c73df1e16cd73c31fecec1be0610f8a464070f3ac11aa8e256943d169beec7ff5ce014999c3550972e4c7359f6c680350d81d83161fcf32419338af", 0x1000, 0x5}, {&(0x7f0000001840)="371a9ba8f73e80e59ce8f6905b072764fd3a43f539a0bf5fa817cb7ca8550774bb074358b8bb8c89f32cde63d7545bf79bf7bde31a5c29ae892289ae48cc3c1d83540e89d1ddab2602d679662da33b4ebe5eb97b0871e31884ba6851ade9ac30cc4a329130fa5522229e4d4852bb59ae0f8c87f829dd5dd9b52b717a7daba5ce24f549ab6e819016221ec4e5a9d1eb4ec193852c798c6ffffdebe6fb6ba73394cdd6f27178d5c03a134f663dbc097cdb7c8cef9a7f39a079b999218fda593b2c22be54f154f54179db05b5d548", 0xcd}], 0x4000, &(0x7f0000001a00)={[{'/dev/sr0\x00'}, {'\x00'}, {'-\'\\\\)%-%'}], [{@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@smackfstransmute}, {@obj_role}]})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r8, 0x5000943f, &(0x7f0000001a80)={{r5}, 0x0, 0x4, @unused=[0x8000, 0x62c, 0x100000001, 0xffff], @subvolid})
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000002a80))

05:37:26 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000180)={0x1, 0x2, 0x1000, 0xb6, &(0x7f0000000000)="d9153432619d81e852fe2274ddb339d15016a3adca7db3282b161730cc28e267759c5c45a73e10641ce299d1bf5981e822e140675297551a79c7cd13ee94c3717be71c7e705b2a4213ea8791624857b27a856f1d386ae29bb3da168b94a6193d69338754d0f25005eca381e8e4b7ed5e7de4633ed0b889895c760a84bc708dcedd8a25cebe7b54a147d177bbf6cca30ed1e5226e894cda65b2f19517af45274cea3c8e03618a50b9f13033cbd1a527f5e4acca8b12a4", 0xa9, 0x0, &(0x7f00000000c0)="c485b8aa541ce442737457e85f189b412310f2b84f164c2c0b34a78150e81896536a56cb06439b23ed7f5eab59a816f9d14d5ce5b71350df837aa34501dabc39fd36b1f524f0d056042d29b372c7b9fa2b4cd64f3a078f31701a9f0b062ba98b02e403d3b5281a5b4a0b2f00f536e1d85ba82ec268a475ea0f69c289c25834fcd0d3fd97eaf64ea84ef39f599f6a1a9ac956297acb883ae95585a20c9bff78e23581332b8fbb1ed062"})
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000200), &(0x7f0000000240)=0x8)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000000280)={0x0, 0x0, {0x0, @struct}, {0x0, @struct}, {0x0, @struct}})
r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000680)='hugetlb.2MB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0)
fremovexattr(r2, &(0x7f00000006c0)=@random={'osx.', '%,::.^^\x00'})
fgetxattr(r0, &(0x7f0000000700)=@random={'trusted.', 'osx.'}, &(0x7f0000000740)=""/226, 0xe2)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000840), 0xc381, 0x0)
r4 = perf_event_open$cgroup(&(0x7f00000008c0)={0x2, 0x80, 0x7f, 0x20, 0x40, 0x3, 0x0, 0x0, 0x4000, 0xb, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000880)}, 0x8802, 0x0, 0x9, 0x4, 0x80, 0x6, 0x200, 0x0, 0x3}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x8)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000940)={{0x1, 0x1, 0x18, r4, {0x5}}, './file0\x00'})
ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000980))
finit_module(r3, &(0x7f00000009c0)='hugetlb.2MB.rsvd.max_usage_in_bytes\x00', 0x2)
openat(0xffffffffffffffff, &(0x7f0000000a00)='./file0\x00', 0x30800, 0x30)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000a40)={'batadv_slave_0\x00'})
finit_module(r0, &(0x7f0000000a80)=']*.+(.%\x00', 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
ftruncate(r1, 0x2)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000ac0)='./binderfs/custom1\x00', 0x2, 0x0)
ioctl$BINDER_FREEZE(r5, 0x400c620e, &(0x7f0000000b00)={0x0, 0x1, 0x9})

[   64.742726] audit: type=1400 audit(1664689046.571:6): avc:  denied  { execmem } for  pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
05:37:26 executing program 4:
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)={@multicast2, @empty, 0x1, 0x3, [@broadcast, @dev={0xac, 0x14, 0x14, 0x29}, @dev={0xac, 0x14, 0x14, 0x16}]}, 0x1c)
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000040)={{0x2, 0x4e23, @rand_addr=0x64010100}, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}}, 0x60, {0x2, 0x4e20, @private=0xa010101}, 'veth1_macvtap\x00'})
r0 = socket$netlink(0x10, 0x3, 0xe)
recvfrom(r0, &(0x7f00000000c0)=""/212, 0xd4, 0x60, &(0x7f00000001c0)=@in6={0xa, 0x4e23, 0x10000, @local, 0x8001}, 0x80)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r1=>r0, {0x6}}, './file0\x00'})
sendto$inet(r1, &(0x7f0000000280)="7481f8e95579ebfa635b3cd8ca3d8d1cf791e220bb85f102c7693db35c5a8d750b11f5e60a98609cc3705d39234f756f8ee226ed5abf569fb92c2462c4b714a65979b143905eea94baec1ddeb3c8dcbb56d0793b56310d20eaa5b99bf02e0a618447a17882b10539dd11effcf6bb2f2f7ea01aa402c68d6e66fda9e8806ced7588ebd0ecf10217ab5d9cecd842ac", 0x8e, 0x8000040, &(0x7f0000000340)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
fsetxattr(r0, &(0x7f0000000380)=@known='trusted.overlay.origin\x00', &(0x7f00000003c0)='veth1_macvtap\x00', 0xe, 0x5)
accept$inet(r1, 0x0, &(0x7f0000000400))
getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f0000000440)={'broute\x00', 0x0, 0x0, 0x0, [0x58, 0x4, 0x100, 0x800, 0x2, 0x3]}, &(0x7f00000004c0)=0x78)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000500), 0x80, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000540)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
readv(0xffffffffffffffff, &(0x7f0000001940)=[{&(0x7f0000000580)=""/93, 0x5d}, {&(0x7f0000000600)=""/118, 0x76}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/202, 0xca}, {&(0x7f0000001780)=""/222, 0xde}, {&(0x7f0000001880)=""/164, 0xa4}], 0x6)
ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f00000019c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x100}}, './file0\x00'})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000001a00)={0x0, 0x1, 0x6, @local}, 0x10)
ioctl$TIOCGICOUNT(0xffffffffffffffff, 0x545d, 0x0)
pipe(&(0x7f0000001a40)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000001b80)={'nat\x00', 0x0, 0x3, 0x4f, [0x6, 0x7, 0xfffffffffffff801, 0xffff, 0x7ff, 0x8], 0x6, &(0x7f0000001a80)=[{}, {}, {}, {}, {}, {}], &(0x7f0000001b00)=""/79}, &(0x7f0000001c00)=0x78)
ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001d40)={0x3, 0xc9, 0xe4, &(0x7f0000001c40)=""/228})
ioctl$RNDGETENTCNT(r2, 0x80045200, &(0x7f0000001d80))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001e00)={{0x1, 0x1, 0x18, r1, {0xee01, 0xffffffffffffffff}}, './file0\x00'})

05:37:26 executing program 3:
r0 = add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)={0x5, 0x0, @b}, 0x48, 0xffffffffffffffff)
keyctl$update(0x2, r0, 0x0, 0x0)
r1 = add_key(&(0x7f0000000100)='cifs.idmap\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="852cd744880287c4bbf92bff1b23cddf79eb711b3bfc4df1592d12ec1ea7a47654fb3339fb0a23eef8e95571c6854c257378fe8fe394c3ead081dba01d9da42200c37f579c90d8056eef3e51e2e4d37fd3aca4ae4fb45375963a297d22727e5f0b9762c66d989047aa", 0x69, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffb, 0xfffffffffffffffb, 0x0)
r2 = add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000240)={'fscrypt:', @auto=[0x62, 0x38, 0x34, 0x0, 0x33, 0x30, 0x33, 0x63, 0x38, 0x63, 0x66, 0x33, 0x32, 0x31, 0x38, 0x63]}, &(0x7f0000000280)={0x0, "f9c70c98c43757565533d2fef0f531babcd748ad58616d2247df73a9fcef659f7067ce94955500943c1303d1a8f4fdb6ac5f419f1ed63e10bef09409cc7909e2", 0x19}, 0x48, 0xfffffffffffffffd)
r3 = add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000340)={'fscrypt:', @desc1}, &(0x7f0000000380)={0x0, "7ca7dcfb0cd97e2962c2e853eba6f121d0322e58fd27da9b6af13514420bc77d5f497b48da63be8fafe2a0fbbd74e36f0bd8da4434256d2e3d483e1dad836b95", 0x1b}, 0x48, r1)
r4 = add_key(&(0x7f0000000400)='.request_key_auth\x00', &(0x7f0000000440)={'syz', 0x2}, &(0x7f0000000480)="1ba2f4ae4e2c0e1e4aee57cc2db4e950806384321a93f81644caf496dec0c6c2d931c8fd1435c9c7c5ee757a27f27d8850c9476db4872a76d3d08d99f7b15706bd81db8f9cd3c90874bbb146cd89c52d0e11a0d3b607af6857393aa30d0c30e903654967f3d23f07e71715dc365f5700710f25b473073a67", 0x78, r2)
keyctl$KEYCTL_MOVE(0x1e, r2, r3, r4, 0x0)
keyctl$setperm(0x5, r3, 0x8341002)
add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x0}, 0x0, 0x0, r4)
r5 = add_key$user(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x2}, &(0x7f0000000600)="d95b2d970db2c8ed3d4ec5edd1bd7d185a2d1aefdb0d7a272573c53df58c253a929c5704cb45b39c389bb113a80f3ed8de689be31d6347bbea292769475a417b62e58154145d947a2dc6483a2ea97dcb14c86e79dd57fd57ff42617114ba339a518297487d3a61f09ebad15c04a1", 0x6e, r2)
keyctl$describe(0x6, r5, &(0x7f0000000680)=""/145, 0x91)
r6 = add_key$fscrypt_provisioning(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, &(0x7f00000007c0)={0x2, 0x0, @c}, 0x29, 0xfffffffffffffffa)
r7 = add_key$keyring(&(0x7f0000000800), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, r3)
keyctl$setperm(0x5, r5, 0x2000211a)
r8 = add_key$fscrypt_v1(&(0x7f0000000880), &(0x7f00000008c0)={'fscrypt:', @auto=[0x39, 0x35, 0x34, 0x35, 0x61, 0x36, 0x38, 0x63, 0x31, 0x63, 0x32, 0x51, 0x33, 0x32, 0x30]}, &(0x7f0000000900)={0x0, "7d1a9681d2a4c5810dd080e9032118a6886dbcc64349044db37db9445f1660e65af6f08e8557db091ebbdd8c8f1c710bf4745fd950aa66d4691f8b6ddf8d5e50", 0x1c}, 0x48, r1)
keyctl$KEYCTL_MOVE(0x1e, r7, r8, r7, 0x0)
keyctl$update(0x2, r4, &(0x7f0000000980)="90589e1f804e9d7257c216b22ec2d1b50855b6", 0x13)
keyctl$describe(0x6, r6, &(0x7f00000009c0)=""/77, 0x4d)
keyctl$describe(0x6, 0x0, &(0x7f0000000a40)=""/150, 0x96)

05:37:26 executing program 5:
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000, 0x2, &(0x7f0000ffe000/0x2000)=nil)
r0 = shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffe000/0x2000)=nil)
shmat(r0, &(0x7f0000ff9000/0x7000)=nil, 0x4000)
shmctl$IPC_RMID(0x0, 0x0)
r1 = shmget$private(0x0, 0x1000, 0x400, &(0x7f0000ffa000/0x1000)=nil)
shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x0)
r2 = shmget$private(0x0, 0x3000, 0x2, &(0x7f0000ff9000/0x3000)=nil)
shmctl$IPC_STAT(r2, 0x2, &(0x7f0000000000)=""/113)
r3 = shmget$private(0x0, 0x3000, 0x20, &(0x7f0000ffc000/0x3000)=nil)
shmat(r3, &(0x7f0000ffc000/0x2000)=nil, 0x3000)
shmget$private(0x0, 0x3000, 0x800, &(0x7f0000ffb000/0x3000)=nil)
shmat(r0, &(0x7f0000ffb000/0x1000)=nil, 0x3000)
r4 = shmget(0x3, 0x4000, 0x400, &(0x7f0000ffc000/0x4000)=nil)
shmctl$SHM_UNLOCK(r4, 0xc)
shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0)
r5 = shmget(0x3, 0x2000, 0x2a000000, &(0x7f0000ffb000/0x2000)=nil)
shmat(r5, &(0x7f0000ffa000/0x3000)=nil, 0x2000)
syz_io_uring_setup(0x5513, &(0x7f0000000080)={0x0, 0x2224, 0x2a3bb97d2d13ed80, 0x1, 0x1fd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140))
clock_gettime(0x0, &(0x7f0000000180)={<r7=>0x0, <r8=>0x0})
syz_io_uring_submit(r6, 0x0, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x8, &(0x7f00000001c0)={r7, r8+60000000}, 0x1, 0x1, 0x1}, 0x2c1)

05:37:26 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x200040, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x94, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80}, @IPVS_CMD_ATTR_SERVICE={0x58, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x56}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x1a}}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x2}}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x10}, 0x20008040)
fsync(r0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@loopback, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e24, 0x0, 0x4e23, 0x9, 0x2, 0x20, 0x20}, {0x4, 0x5, 0xd44, 0x8, 0x1000, 0x0, 0x40, 0x1f}, {0xf47c, 0xffffffff, 0x6, 0xfff}, 0xfffffbff, 0x6e6bbc, 0x2, 0x1, 0x1, 0x3}, {{@in=@loopback, 0x4d4, 0x6c}, 0x2, @in=@empty, 0x3505, 0x7, 0x0, 0x7, 0xee85, 0x43, 0x7}}, 0xe8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x4010, 0xffffffffffffffff, 0x8000000)
r3 = syz_io_uring_setup(0x2cbc, &(0x7f0000000300)={0x0, 0x3729, 0x10, 0x0, 0x2c4, 0x0, r0}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000380), &(0x7f00000003c0)=<r4=>0x0)
syz_io_uring_submit(r2, r4, &(0x7f0000000400)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x1}, 0x3)
r5 = memfd_secret(0x80000)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000440)={<r6=>0x0, @private}, &(0x7f0000000480)=0xc)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x40010, 0xffffffffffffffff, 0x10000000)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r7, &(0x7f00000005c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, r0, 0x0, &(0x7f00000004c0)="31d4e691d447a6d2184aa347f66901aa32941324caaacacc6245c4559f31c8896210f6f6d53d8d5f924a8b80dcdcd06eb89abfc7b19a1f34873dbfe2cb679b2548c98db4dbf5a7093391abbd61fe39aebfd64e235ac0771b6252c67e2f0364814bcf4b9bb614fd0c4e84599d0d895ce1f1123141bc5a91a422454c95c76485fe811c9460172b10f02e72234421b6487b793418d298295570bfec49b9dcabf83947ed173a8eda755351390cd92915c194db4822a1af2554d3221091f77ab4898bf5f203", 0xc3, 0x2000, 0x0, {0x0, r8}}, 0x0)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r3, 0x40189429, &(0x7f0000000600)={0x0, 0x6, 0x3f})
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000680)={{{@in=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@loopback}, 0x0, @in6=@dev}}, &(0x7f0000000780)=0xe8)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r5, 0x89fa, &(0x7f0000000900)={'syztnl2\x00', &(0x7f0000000880)={'syztnl1\x00', <r10=>r6, 0x4, 0x5, 0x28, 0x0, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, 0x40, 0x8, 0x1ff, 0x1}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000a00)={'syztnl0\x00', &(0x7f0000000940)={'gre0\x00', <r11=>r6, 0x8, 0x1, 0xffffffe0, 0x0, {{0x1b, 0x4, 0x2, 0x5, 0x6c, 0x65, 0x0, 0x3a, 0x8, 0x0, @multicast2, @private=0xa010101, {[@end, @lsrr={0x83, 0x17, 0x24, [@private=0xa010102, @multicast1, @empty, @multicast2, @loopback]}, @ssrr={0x89, 0xb, 0x7f, [@local, @dev={0xac, 0x14, 0x14, 0x38}]}, @cipso={0x86, 0x35, 0x0, [{0x7, 0x5, "96faf1"}, {0x1, 0x10, "f3cda36c32d645a77e1f79de12e9"}, {0x0, 0x6, "2343902d"}, {0x6, 0xb, "ea965b46cba6c3436a"}, {0x7, 0x9, "17c0d8972b4db1"}]}]}}}}})
sendmsg$TEAM_CMD_OPTIONS_GET(r5, &(0x7f0000000cc0)={&(0x7f0000000640), 0xc, &(0x7f0000000c80)={&(0x7f0000000a40)={0x230, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {}, [{{0x8, 0x1, r6}, {0xcc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8, 0x1, r6}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r6}, {0xc0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r10}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r11}}}]}}]}, 0x230}, 0x1, 0x0, 0x0, 0x4008040}, 0x0)
syz_io_uring_setup(0x6f4e, &(0x7f0000000d00)={0x0, 0x209c, 0x8, 0x0, 0x25c}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000d80), &(0x7f0000000dc0))

05:37:26 executing program 7:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x28}}, 0x1000)
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x201}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x18, 0x464, 0x800, 0x70bd25, 0x25dfdbff, "c6eb2e0d2c80", ["", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x51}, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r1, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x34}, 0x1, 0x0, 0x0, 0x40040}, 0x4004)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000380), 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x94, 0x1, 0x1, 0x801, 0x0, 0x0, {0x3, 0x0, 0x8}, [@CTA_SEQ_ADJ_ORIG={0x54, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x10001}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x3}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0xfffffffd}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x200}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xfffff801}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x7}]}, @CTA_NAT_DST={0x2c, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}]}]}, 0x94}}, 0xc010)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x20, r3, 0x201, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0xc880}, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000640)={<r4=>0xffffffffffffffff, 0x7fffffff, 0x20, 0x3f})
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r4, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x3, 0x2, 0x201, 0x0, 0x0, {0x2}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), r2)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x2c, r5, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x8002)
r6 = memfd_secret(0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x34, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000a00)={'wpan3\x00', <r8=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(r7, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0xa3409810}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x38, r0, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000b00), r9)

[   66.007949] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.010895] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.012625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.016497] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.018204] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.018265] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.051644] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   66.053175] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   66.053253] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.054271] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.055320] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   66.064602] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   66.065922] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   66.076455] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   66.076746] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   66.079700] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   66.081187] Bluetooth: hci1: HCI_REQ-0x0c1a
[   66.097341] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.117822] Bluetooth: hci0: HCI_REQ-0x0c1a
[   66.128546] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   66.130152] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   66.136130] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   66.137945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   66.140191] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   66.143660] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   66.148267] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   66.149936] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   66.154744] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   66.157320] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   66.162858] Bluetooth: hci4: HCI_REQ-0x0c1a
[   66.164001] Bluetooth: hci2: HCI_REQ-0x0c1a
[   66.165625] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   66.170676] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   66.172546] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   66.178733] Bluetooth: hci3: HCI_REQ-0x0c1a
[   66.208218] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   66.212949] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   66.215382] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   66.220298] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   66.220321] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   66.224207] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   66.229187] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   66.230562] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   66.233711] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   66.234969] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   66.236451] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   66.238103] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   66.242519] Bluetooth: hci5: HCI_REQ-0x0c1a
[   66.255583] Bluetooth: hci7: HCI_REQ-0x0c1a
[   68.132347] Bluetooth: hci0: command 0x0409 tx timeout
[   68.133621] Bluetooth: hci1: command 0x0409 tx timeout
[   68.135147] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   68.195767] Bluetooth: hci3: command 0x0409 tx timeout
[   68.196671] Bluetooth: hci4: command 0x0409 tx timeout
[   68.197541] Bluetooth: hci2: command 0x0409 tx timeout
[   68.259560] Bluetooth: hci5: command 0x0409 tx timeout
[   68.323588] Bluetooth: hci7: command 0x0409 tx timeout
[   70.179580] Bluetooth: hci1: command 0x041b tx timeout
[   70.180540] Bluetooth: hci0: command 0x041b tx timeout
[   70.243519] Bluetooth: hci2: command 0x041b tx timeout
[   70.244289] Bluetooth: hci4: command 0x041b tx timeout
[   70.245067] Bluetooth: hci3: command 0x041b tx timeout
[   70.307536] Bluetooth: hci5: command 0x041b tx timeout
[   70.371541] Bluetooth: hci7: command 0x041b tx timeout
[   71.489494] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   71.497041] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   71.500686] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   71.509555] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   71.513976] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   71.515486] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   71.521706] Bluetooth: hci6: HCI_REQ-0x0c1a
[   72.227468] Bluetooth: hci0: command 0x040f tx timeout
[   72.228005] Bluetooth: hci1: command 0x040f tx timeout
[   72.291476] Bluetooth: hci3: command 0x040f tx timeout
[   72.291990] Bluetooth: hci4: command 0x040f tx timeout
[   72.292491] Bluetooth: hci2: command 0x040f tx timeout
[   72.355465] Bluetooth: hci5: command 0x040f tx timeout
[   72.419509] Bluetooth: hci7: command 0x040f tx timeout
[   73.571505] Bluetooth: hci6: command 0x0409 tx timeout
[   74.275532] Bluetooth: hci1: command 0x0419 tx timeout
[   74.276061] Bluetooth: hci0: command 0x0419 tx timeout
[   74.339467] Bluetooth: hci2: command 0x0419 tx timeout
[   74.339944] Bluetooth: hci4: command 0x0419 tx timeout
[   74.340431] Bluetooth: hci3: command 0x0419 tx timeout
[   74.403507] Bluetooth: hci5: command 0x0419 tx timeout
[   74.467482] Bluetooth: hci7: command 0x0419 tx timeout
[   75.619436] Bluetooth: hci6: command 0x041b tx timeout
[   77.667490] Bluetooth: hci6: command 0x040f tx timeout
[   79.715486] Bluetooth: hci6: command 0x0419 tx timeout
05:38:25 executing program 7:
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x0, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x800}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4090}, 0x8000)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000300), 0xa00, 0x0)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x88, r1, 0x495b79aa5141264a, 0x70bd26, 0x25dfdbfc, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x4}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x2}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0xb4}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x88}, 0x1, 0x0, 0x0, 0x40}, 0x48080)
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2090}, 0xc, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="e80000006404000425bd7000fcdbdf25957ebae1bbcfa287b6a28a7d3af530d1ba9b1e1b46879a1b03d5063dd3ccc7670391c5600acdebc07c79a1508d19718b9342bd154444c3a35db7a785eb5f280e8e4ac642ab1f03b8590f9ddc072bf5ff2b090000000a411f62e1c9596c47a0274320fe12195ce85f43809f9e44209f06ad6677d50e583127e81d3f15583786afa040262ed39df0c154c7d5f8adbe5e3c074f4b1533ad4ced90443d3e37f907f9f72a1442306df54461ad004f33fe302344cd620b0e9c315ec3e345e6d363186aad8f01f49adc394ad0ae536bee957be6545779ef7997eff700f897067b388ef219dd6bfadf7312be5a1853ec24795e84547796b2add45c64edf6f8a6ac5b8eb41f79784f55cdcde28c0cbebe8a2589090204c5bd2f31d25daa5b0c7ef6200dd5db7d9ed541d7010c738fde24fc9b27f5147f0e5ca153addd91a9d1510c107439acc14ff2778a16cdd4852c8bb0b235bd80ea87235582f80da01569bb0d1ec9d9714a6584adaebbd5e34d733e87b054884e68637d2515e6fde8d0e309e79c77aae73fd10f6af2665af2d8e35f9fde823fb0925b8a5e65ea256b2b2fd5420c8f"], 0xe8}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r0, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x44, r2, 0x400, 0x70bd25, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0x9, 0x8}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000080)='./file0\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0)
lchown(&(0x7f0000012c00)='./file0\x00', 0x0, 0xee00)

05:38:25 executing program 7:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x80010, 0xffffffffffffffff, 0x8000000)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_config_ext={0x5, 0x7}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffe, 0xfffe, 0x0, 0x46, 0x0, 0x2}, r3, 0xd, r2, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r4, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"])
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f00000000c0), 0x1, 0x73f179528b0a6b68, 0x0, {0x0, r6}}, 0x10001)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
mknodat$null(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
linkat(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file2\x00', 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r8, 0x40045431, 0x0)

[  123.928938] audit: type=1400 audit(1664689105.756:7): avc:  denied  { open } for  pid=3713 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.930462] audit: type=1400 audit(1664689105.757:8): avc:  denied  { kernel } for  pid=3713 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.963998] ------------[ cut here ]------------
[  123.964022] 
[  123.964026] ======================================================
[  123.964029] WARNING: possible circular locking dependency detected
[  123.964034] 6.0.0-rc7-next-20220930 #1 Not tainted
[  123.964041] ------------------------------------------------------
[  123.964044] syz-executor.7/3717 is trying to acquire lock:
[  123.964050] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  123.964093] 
[  123.964093] but task is already holding lock:
[  123.964096] ffff88800eb59420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.964123] 
[  123.964123] which lock already depends on the new lock.
[  123.964123] 
[  123.964126] 
[  123.964126] the existing dependency chain (in reverse order) is:
[  123.964129] 
[  123.964129] -> #3 (&ctx->lock){....}-{2:2}:
[  123.964143]        _raw_spin_lock+0x2a/0x40
[  123.964154]        __perf_event_task_sched_out+0x53b/0x18d0
[  123.964165]        __schedule+0xedd/0x2470
[  123.964179]        schedule+0xda/0x1b0
[  123.964192]        futex_wait_queue+0xf5/0x1e0
[  123.964205]        futex_wait+0x28e/0x690
[  123.964215]        do_futex+0x2ff/0x380
[  123.964224]        __x64_sys_futex+0x1c6/0x4d0
[  123.964234]        do_syscall_64+0x3b/0x90
[  123.964252]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.964265] 
[  123.964265] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  123.964278]        _raw_spin_lock_nested+0x30/0x40
[  123.964289]        raw_spin_rq_lock_nested+0x1e/0x30
[  123.964302]        task_fork_fair+0x63/0x4d0
[  123.964319]        sched_cgroup_fork+0x3d0/0x540
[  123.964333]        copy_process+0x4183/0x6e20
[  123.964344]        kernel_clone+0xe7/0x890
[  123.964354]        user_mode_thread+0xad/0xf0
[  123.964364]        rest_init+0x24/0x250
[  123.964375]        arch_call_rest_init+0xf/0x14
[  123.964396]        start_kernel+0x4c6/0x4eb
[  123.964411]        secondary_startup_64_no_verify+0xe0/0xeb
[  123.964426] 
[  123.964426] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  123.964439]        _raw_spin_lock_irqsave+0x39/0x60
[  123.964450]        try_to_wake_up+0xab/0x1930
[  123.964462]        up+0x75/0xb0
[  123.964476]        __up_console_sem+0x6e/0x80
[  123.964493]        console_unlock+0x46a/0x590
[  123.964508]        vt_ioctl+0x2822/0x2ca0
[  123.964521]        tty_ioctl+0x785/0x16b0
[  123.964532]        __x64_sys_ioctl+0x19a/0x210
[  123.964546]        do_syscall_64+0x3b/0x90
[  123.964562]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.964575] 
[  123.964575] -> #0 ((console_sem).lock){....}-{2:2}:
[  123.964588]        __lock_acquire+0x2a02/0x5e70
[  123.964605]        lock_acquire+0x1a2/0x530
[  123.964621]        _raw_spin_lock_irqsave+0x39/0x60
[  123.964631]        down_trylock+0xe/0x70
[  123.964649]        __down_trylock_console_sem+0x3b/0xd0
[  123.964665]        vprintk_emit+0x16b/0x560
[  123.964681]        vprintk+0x84/0xa0
[  123.964696]        _printk+0xba/0xf1
[  123.964708]        report_bug.cold+0x72/0xab
[  123.964724]        handle_bug+0x3c/0x70
[  123.964740]        exc_invalid_op+0x14/0x50
[  123.964757]        asm_exc_invalid_op+0x16/0x20
[  123.964769]        group_sched_out.part.0+0x2c7/0x460
[  123.964787]        ctx_sched_out+0x8f1/0xc10
[  123.964803]        __perf_event_task_sched_out+0x6d0/0x18d0
[  123.964814]        __schedule+0xedd/0x2470
[  123.964827]        schedule+0xda/0x1b0
[  123.964840]        futex_wait_queue+0xf5/0x1e0
[  123.964851]        futex_wait+0x28e/0x690
[  123.964861]        do_futex+0x2ff/0x380
[  123.964870]        __x64_sys_futex+0x1c6/0x4d0
[  123.964880]        do_syscall_64+0x3b/0x90
[  123.964896]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.964909] 
[  123.964909] other info that might help us debug this:
[  123.964909] 
[  123.964911] Chain exists of:
[  123.964911]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  123.964911] 
[  123.964926]  Possible unsafe locking scenario:
[  123.964926] 
[  123.964929]        CPU0                    CPU1
[  123.964931]        ----                    ----
[  123.964933]   lock(&ctx->lock);
[  123.964939]                                lock(&rq->__lock);
[  123.964946]                                lock(&ctx->lock);
[  123.964952]   lock((console_sem).lock);
[  123.964957] 
[  123.964957]  *** DEADLOCK ***
[  123.964957] 
[  123.964959] 2 locks held by syz-executor.7/3717:
[  123.964966]  #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  123.964995]  #1: ffff88800eb59420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.965021] 
[  123.965021] stack backtrace:
[  123.965024] CPU: 0 PID: 3717 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  123.965036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.965045] Call Trace:
[  123.965048]  <TASK>
[  123.965053]  dump_stack_lvl+0x8b/0xb3
[  123.965071]  check_noncircular+0x263/0x2e0
[  123.965087]  ? format_decode+0x26c/0xb50
[  123.965104]  ? print_circular_bug+0x450/0x450
[  123.965121]  ? simple_strtoul+0x30/0x30
[  123.965136]  ? format_decode+0x26c/0xb50
[  123.965153]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  123.965171]  __lock_acquire+0x2a02/0x5e70
[  123.965192]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  123.965214]  lock_acquire+0x1a2/0x530
[  123.965231]  ? down_trylock+0xe/0x70
[  123.965248]  ? lock_release+0x750/0x750
[  123.965268]  ? vprintk+0x84/0xa0
[  123.965285]  _raw_spin_lock_irqsave+0x39/0x60
[  123.965296]  ? down_trylock+0xe/0x70
[  123.965312]  down_trylock+0xe/0x70
[  123.965328]  ? vprintk+0x84/0xa0
[  123.965345]  __down_trylock_console_sem+0x3b/0xd0
[  123.965362]  vprintk_emit+0x16b/0x560
[  123.965380]  vprintk+0x84/0xa0
[  123.965397]  _printk+0xba/0xf1
[  123.965409]  ? record_print_text.cold+0x16/0x16
[  123.965424]  ? report_bug.cold+0x66/0xab
[  123.965442]  ? group_sched_out.part.0+0x2c7/0x460
[  123.965460]  report_bug.cold+0x72/0xab
[  123.965479]  handle_bug+0x3c/0x70
[  123.965496]  exc_invalid_op+0x14/0x50
[  123.965514]  asm_exc_invalid_op+0x16/0x20
[  123.965526] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.965547] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.965558] RSP: 0018:ffff88801ba8f8f8 EFLAGS: 00010006
[  123.965567] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.965575] RDX: ffff8880189c1ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  123.965583] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  123.965591] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800eb59400
[  123.965598] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  123.965609]  ? group_sched_out.part.0+0x2c7/0x460
[  123.965629]  ? group_sched_out.part.0+0x2c7/0x460
[  123.965648]  ctx_sched_out+0x8f1/0xc10
[  123.965668]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.965682]  ? lock_is_held_type+0xd7/0x130
[  123.965696]  ? __perf_cgroup_move+0x160/0x160
[  123.965706]  ? set_next_entity+0x304/0x550
[  123.965726]  ? lock_is_held_type+0xd7/0x130
[  123.965740]  __schedule+0xedd/0x2470
[  123.965757]  ? io_schedule_timeout+0x150/0x150
[  123.965772]  ? futex_wait_setup+0x166/0x230
[  123.965787]  schedule+0xda/0x1b0
[  123.965801]  futex_wait_queue+0xf5/0x1e0
[  123.965814]  futex_wait+0x28e/0x690
[  123.965826]  ? futex_wait_setup+0x230/0x230
[  123.965839]  ? wake_up_q+0x8b/0xf0
[  123.965852]  ? do_raw_spin_unlock+0x4f/0x220
[  123.965872]  ? futex_wake+0x158/0x490
[  123.965888]  ? fd_install+0x1f9/0x640
[  123.965903]  do_futex+0x2ff/0x380
[  123.965914]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  123.965930]  __x64_sys_futex+0x1c6/0x4d0
[  123.965943]  ? __x64_sys_futex_time32+0x480/0x480
[  123.965955]  ? lock_is_held_type+0xd7/0x130
[  123.965969]  ? rcu_read_lock_sched_held+0x3e/0x80
[  123.965989]  do_syscall_64+0x3b/0x90
[  123.966007]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.966020] RIP: 0033:0x7f0647cedb19
[  123.966028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.966039] RSP: 002b:00007f0645263218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.966050] RAX: ffffffffffffffda RBX: 00007f0647e00f68 RCX: 00007f0647cedb19
[  123.966057] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0647e00f68
[  123.966064] RBP: 00007f0647e00f60 R08: 0000000000000000 R09: 0000000000000000
[  123.966071] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0647e00f6c
[  123.966079] R13: 00007ffcbbbe704f R14: 00007f0645263300 R15: 0000000000022000
[  123.966091]  </TASK>
[  124.024186] WARNING: CPU: 0 PID: 3717 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  124.024875] Modules linked in:
[  124.025116] CPU: 0 PID: 3717 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  124.025701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  124.026516] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  124.026920] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  124.028239] RSP: 0018:ffff88801ba8f8f8 EFLAGS: 00010006
[  124.028633] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  124.029153] RDX: ffff8880189c1ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  124.029676] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  124.030201] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800eb59400
[  124.030720] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  124.031254] FS:  00007f0645263700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  124.031843] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.032276] CR2: 00007f549e4448e0 CR3: 000000003ea3e000 CR4: 0000000000350ef0
[  124.032796] Call Trace:
[  124.032989]  <TASK>
[  124.033157]  ctx_sched_out+0x8f1/0xc10
[  124.033454]  __perf_event_task_sched_out+0x6d0/0x18d0
[  124.033835]  ? lock_is_held_type+0xd7/0x130
[  124.034157]  ? __perf_cgroup_move+0x160/0x160
[  124.034490]  ? set_next_entity+0x304/0x550
[  124.034809]  ? lock_is_held_type+0xd7/0x130
[  124.035129]  __schedule+0xedd/0x2470
[  124.035412]  ? io_schedule_timeout+0x150/0x150
[  124.035753]  ? futex_wait_setup+0x166/0x230
[  124.036073]  schedule+0xda/0x1b0
[  124.036332]  futex_wait_queue+0xf5/0x1e0
[  124.036636]  futex_wait+0x28e/0x690
[  124.036914]  ? futex_wait_setup+0x230/0x230
[  124.037243]  ? wake_up_q+0x8b/0xf0
[  124.037507]  ? do_raw_spin_unlock+0x4f/0x220
[  124.037845]  ? futex_wake+0x158/0x490
[  124.038133]  ? fd_install+0x1f9/0x640
[  124.038417]  do_futex+0x2ff/0x380
[  124.038684]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  124.039126]  __x64_sys_futex+0x1c6/0x4d0
[  124.039432]  ? __x64_sys_futex_time32+0x480/0x480
[  124.039790]  ? lock_is_held_type+0xd7/0x130
[  124.040116]  ? rcu_read_lock_sched_held+0x3e/0x80
[  124.040492]  do_syscall_64+0x3b/0x90
[  124.040778]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  124.041160] RIP: 0033:0x7f0647cedb19
[  124.041434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  124.042742] RSP: 002b:00007f0645263218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  124.043296] RAX: ffffffffffffffda RBX: 00007f0647e00f68 RCX: 00007f0647cedb19
[  124.043810] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0647e00f68
[  124.044334] RBP: 00007f0647e00f60 R08: 0000000000000000 R09: 0000000000000000
[  124.044852] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0647e00f6c
[  124.045363] R13: 00007ffcbbbe704f R14: 00007f0645263300 R15: 0000000000022000
[  124.045890]  </TASK>
[  124.046066] irq event stamp: 2124
[  124.046316] hardirqs last  enabled at (2123): [<ffffffff8425379d>] syscall_enter_from_user_mode+0x1d/0x50
[  124.047007] hardirqs last disabled at (2124): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  124.047621] softirqs last  enabled at (1986): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  124.048248] softirqs last disabled at (1685): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  124.048871] ---[ end trace 0000000000000000 ]---
05:38:25 executing program 7:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x80010, 0xffffffffffffffff, 0x8000000)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_config_ext={0x5, 0x7}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffe, 0xfffe, 0x0, 0x46, 0x0, 0x2}, r3, 0xd, r2, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r4, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"])
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f00000000c0), 0x1, 0x73f179528b0a6b68, 0x0, {0x0, r6}}, 0x10001)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
mknodat$null(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
linkat(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file2\x00', 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r8, 0x40045431, 0x0)

05:38:26 executing program 7:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x80010, 0xffffffffffffffff, 0x8000000)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_config_ext={0x5, 0x7}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffe, 0xfffe, 0x0, 0x46, 0x0, 0x2}, r3, 0xd, r2, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r4, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"])
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f00000000c0), 0x1, 0x73f179528b0a6b68, 0x0, {0x0, r6}}, 0x10001)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
mknodat$null(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
linkat(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file2\x00', 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r8, 0x40045431, 0x0)

05:38:26 executing program 7:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x80010, 0xffffffffffffffff, 0x8000000)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_config_ext={0x5, 0x7}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffe, 0xfffe, 0x0, 0x46, 0x0, 0x2}, r3, 0xd, r2, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r4, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"])
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f00000000c0), 0x1, 0x73f179528b0a6b68, 0x0, {0x0, r6}}, 0x10001)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
mknodat$null(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
linkat(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file2\x00', 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r8, 0x40045431, 0x0)

05:38:26 executing program 7:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x80010, 0xffffffffffffffff, 0x8000000)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_config_ext={0x5, 0x7}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffe, 0xfffe, 0x0, 0x46, 0x0, 0x2}, r3, 0xd, r2, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r4, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"])
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f00000000c0), 0x1, 0x73f179528b0a6b68, 0x0, {0x0, r6}}, 0x10001)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
mknodat$null(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
linkat(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file2\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)

[  124.440145] loop1: detected capacity change from 0 to 8
[  124.441691] nfs: Unknown parameter '/dev/sr0'
[  124.449698] loop1: detected capacity change from 0 to 8
[  124.450205] nfs: Unknown parameter '/dev/sr0'
05:38:26 executing program 7:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x80010, 0xffffffffffffffff, 0x8000000)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_config_ext={0x5, 0x7}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffe, 0xfffe, 0x0, 0x46, 0x0, 0x2}, r3, 0xd, r2, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r4, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"])
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f00000000c0), 0x1, 0x73f179528b0a6b68, 0x0, {0x0, r6}}, 0x10001)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
mknodat$null(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
linkat(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file2\x00', 0x0)

05:38:26 executing program 1:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x80010, 0xffffffffffffffff, 0x8000000)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b00), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, 0x7fffffff, 0x80400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_config_ext={0x5, 0x7}, 0x4003, 0xb7, 0x6, 0x3, 0xb06, 0xfffffffe, 0xfffe, 0x0, 0x46, 0x0, 0x2}, r3, 0xd, r2, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r4, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c6530008425db2c4533299109c57672c2db0005f27575807af71535e79d5517102a8640232a272019654a55cca9b9a33b9d813ea9ed21a56d4824589906b4ab2c824f2a6d5c4f20c70d0a4296a1b436a87d29ea101258be5845c588749110bbb129c24ccb2d3a09b6195dc93c7eb4af0e1296a8e6a85e6f94a5c000b8b06c5bd42816ec520b8fe8c02dcc5598038982483531b88254c2bdc724f7cd0e8705791225ded0ea3e2b2b9e0041cec7f3886ece9bbc1c50413798a4ee36902a6113f3d2cec73c36823d72c71de6451749cd140aa5b36ef8093b8f11dccc033e1c43119cf9fc478f02704bc92d40ca30185227b64de8bf51abea8e47689f27c5788c914ec20a6aca85ed6b3d7fd54648a18d55908eed43665e1da9e94ec2bb38716e8bb58e79104c773f5479404ad2ce106b8e972871f2e532c1f8101d0e717c8c6d05dfeabe125571eab8e5f879acb932cb28ed0706608738b1ca66551ceecffc75068ab5381d3aa8e97c5e317c928faffc9c89dfd3ba7497d86226c148d186009b5f826fec412461e1c5874117a76a39cf657fc3530a7a4cf50864edd0ae670815b03f3d841f2d8fb4af5116d320392c1bde6080d50f4d20919fda297626cfb4d7a3cab06fc7b8f7f6a977"])
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f00000000c0), 0x1, 0x73f179528b0a6b68, 0x0, {0x0, r6}}, 0x10001)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
mknodat$null(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
linkat(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file2\x00', 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r8, 0x40045431, 0x0)

[  127.469655] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  127.471147] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  127.473313] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  127.474256] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  127.476975] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  127.477637] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  127.479377] Bluetooth: hci0: HCI_REQ-0x0c1a
[  127.527341] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  127.533307] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  127.534945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  127.536987] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  127.537912] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  127.538872] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  127.544659] Bluetooth: hci1: HCI_REQ-0x0c1a
[  129.507424] Bluetooth: hci0: command 0x0409 tx timeout
[  129.571431] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  129.571435] Bluetooth: hci1: command 0x0409 tx timeout
[  129.572346] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  129.635460] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  131.555457] Bluetooth: hci0: command 0x041b tx timeout
[  131.619508] Bluetooth: hci1: command 0x041b tx timeout
[  133.603469] Bluetooth: hci0: command 0x040f tx timeout
[  133.668436] Bluetooth: hci1: command 0x040f tx timeout
[  133.859429] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  133.923431] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  133.924283] Bluetooth: hci4: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
05:38:26  Registers:
info registers vcpu 0
RAX=0000000000000068 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88801ba8f340
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000068 R11=0000000000000001
R12=0000000000000068 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f0645263700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f549e4448e0 CR3=000000003ea3e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f0647dd47c0 00007f0647dd47c8
YMM02=0000000000000000 0000000000000000 00007f0647dd47e0 00007f0647dd47c0
YMM03=0000000000000000 0000000000000000 00007f0647dd47c8 00007f0647dd47c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=1ffffffff0b77926 RBX=ffffffff85bbc934 RCX=ffffffff81787a69 RDX=0000000000000000
RSI=ffffffff85ee0546 RDI=ffffffff85bbc91c RBP=ffffffff85bbc91c RSP=ffff88800da8f658
R8 =ffffffff85ee0546 R9 =ffffffff85edfdee R10=ffffed1001b51ef1 R11=000000000003603d
R12=ffffffff85bbc94c R13=ffffffff85bbc91c R14=ffffffff85bbc91c R15=dffffc0000000000
RIP=ffffffff81119b6f RFL=00000213 [----A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0542c336f4 CR3=000000003d9da000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000