
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:8146' (ECDSA) to the list of known hosts.
2022/10/02 07:48:52 fuzzer started
2022/10/02 07:48:52 dialing manager at localhost:35095
syzkaller login: [   35.849668] cgroup: Unknown subsys name 'net'
[   35.945872] cgroup: Unknown subsys name 'rlimit'
2022/10/02 07:49:06 syscalls: 2215
2022/10/02 07:49:06 code coverage: enabled
2022/10/02 07:49:06 comparison tracing: enabled
2022/10/02 07:49:06 extra coverage: enabled
2022/10/02 07:49:06 setuid sandbox: enabled
2022/10/02 07:49:06 namespace sandbox: enabled
2022/10/02 07:49:06 Android sandbox: enabled
2022/10/02 07:49:06 fault injection: enabled
2022/10/02 07:49:06 leak checking: enabled
2022/10/02 07:49:06 net packet injection: enabled
2022/10/02 07:49:06 net device setup: enabled
2022/10/02 07:49:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/02 07:49:06 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/02 07:49:06 USB emulation: enabled
2022/10/02 07:49:06 hci packet injection: enabled
2022/10/02 07:49:06 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/02 07:49:06 802.15.4 emulation: enabled
2022/10/02 07:49:06 fetching corpus: 50, signal 27905/29700 (executing program)
2022/10/02 07:49:07 fetching corpus: 100, signal 38621/42044 (executing program)
2022/10/02 07:49:07 fetching corpus: 150, signal 49251/54158 (executing program)
2022/10/02 07:49:07 fetching corpus: 200, signal 54092/60494 (executing program)
2022/10/02 07:49:07 fetching corpus: 250, signal 61459/69161 (executing program)
2022/10/02 07:49:07 fetching corpus: 300, signal 66879/75850 (executing program)
2022/10/02 07:49:07 fetching corpus: 350, signal 69972/80289 (executing program)
2022/10/02 07:49:07 fetching corpus: 400, signal 75525/87011 (executing program)
2022/10/02 07:49:07 fetching corpus: 450, signal 80090/92736 (executing program)
2022/10/02 07:49:07 fetching corpus: 500, signal 82041/95943 (executing program)
2022/10/02 07:49:07 fetching corpus: 550, signal 84057/99190 (executing program)
2022/10/02 07:49:08 fetching corpus: 600, signal 86245/102585 (executing program)
2022/10/02 07:49:08 fetching corpus: 650, signal 90100/107406 (executing program)
2022/10/02 07:49:08 fetching corpus: 700, signal 93492/111815 (executing program)
2022/10/02 07:49:08 fetching corpus: 750, signal 95775/115169 (executing program)
2022/10/02 07:49:08 fetching corpus: 800, signal 97715/118118 (executing program)
2022/10/02 07:49:08 fetching corpus: 850, signal 100729/122049 (executing program)
2022/10/02 07:49:08 fetching corpus: 900, signal 102367/124707 (executing program)
2022/10/02 07:49:08 fetching corpus: 950, signal 104080/127406 (executing program)
2022/10/02 07:49:08 fetching corpus: 1000, signal 105902/130140 (executing program)
2022/10/02 07:49:09 fetching corpus: 1050, signal 108033/133150 (executing program)
2022/10/02 07:49:09 fetching corpus: 1100, signal 111011/136876 (executing program)
2022/10/02 07:49:09 fetching corpus: 1150, signal 112045/138885 (executing program)
2022/10/02 07:49:09 fetching corpus: 1200, signal 113182/140992 (executing program)
2022/10/02 07:49:09 fetching corpus: 1250, signal 115297/143879 (executing program)
2022/10/02 07:49:09 fetching corpus: 1300, signal 117026/146453 (executing program)
2022/10/02 07:49:09 fetching corpus: 1350, signal 118252/148615 (executing program)
2022/10/02 07:49:09 fetching corpus: 1400, signal 120381/151439 (executing program)
2022/10/02 07:49:10 fetching corpus: 1450, signal 123105/154675 (executing program)
2022/10/02 07:49:10 fetching corpus: 1500, signal 125197/157399 (executing program)
2022/10/02 07:49:10 fetching corpus: 1550, signal 127986/160632 (executing program)
2022/10/02 07:49:10 fetching corpus: 1600, signal 130149/163301 (executing program)
2022/10/02 07:49:10 fetching corpus: 1650, signal 130881/164886 (executing program)
2022/10/02 07:49:10 fetching corpus: 1700, signal 132055/166797 (executing program)
2022/10/02 07:49:10 fetching corpus: 1750, signal 133016/168495 (executing program)
2022/10/02 07:49:10 fetching corpus: 1800, signal 134684/170752 (executing program)
2022/10/02 07:49:10 fetching corpus: 1850, signal 136121/172809 (executing program)
2022/10/02 07:49:11 fetching corpus: 1900, signal 136824/174297 (executing program)
2022/10/02 07:49:11 fetching corpus: 1950, signal 138261/176283 (executing program)
2022/10/02 07:49:11 fetching corpus: 2000, signal 139660/178288 (executing program)
2022/10/02 07:49:11 fetching corpus: 2050, signal 140446/179804 (executing program)
2022/10/02 07:49:11 fetching corpus: 2100, signal 141312/181299 (executing program)
2022/10/02 07:49:11 fetching corpus: 2150, signal 142490/183015 (executing program)
2022/10/02 07:49:11 fetching corpus: 2200, signal 144546/185353 (executing program)
2022/10/02 07:49:11 fetching corpus: 2250, signal 145297/186790 (executing program)
2022/10/02 07:49:11 fetching corpus: 2300, signal 146991/188787 (executing program)
2022/10/02 07:49:12 fetching corpus: 2350, signal 149122/191100 (executing program)
2022/10/02 07:49:12 fetching corpus: 2400, signal 150215/192716 (executing program)
2022/10/02 07:49:12 fetching corpus: 2450, signal 151028/194189 (executing program)
2022/10/02 07:49:12 fetching corpus: 2500, signal 151611/195433 (executing program)
2022/10/02 07:49:12 fetching corpus: 2550, signal 152448/196819 (executing program)
2022/10/02 07:49:12 fetching corpus: 2600, signal 153634/198440 (executing program)
2022/10/02 07:49:12 fetching corpus: 2650, signal 155317/200322 (executing program)
2022/10/02 07:49:12 fetching corpus: 2700, signal 157473/202469 (executing program)
2022/10/02 07:49:13 fetching corpus: 2750, signal 158473/203889 (executing program)
2022/10/02 07:49:13 fetching corpus: 2800, signal 159198/205147 (executing program)
2022/10/02 07:49:13 fetching corpus: 2850, signal 160726/206830 (executing program)
2022/10/02 07:49:13 fetching corpus: 2900, signal 161295/207989 (executing program)
2022/10/02 07:49:13 fetching corpus: 2950, signal 162381/209370 (executing program)
2022/10/02 07:49:13 fetching corpus: 3000, signal 162859/210429 (executing program)
2022/10/02 07:49:13 fetching corpus: 3050, signal 163607/211608 (executing program)
2022/10/02 07:49:13 fetching corpus: 3100, signal 164471/213029 (executing program)
2022/10/02 07:49:13 fetching corpus: 3150, signal 165273/214318 (executing program)
2022/10/02 07:49:14 fetching corpus: 3200, signal 165896/215415 (executing program)
2022/10/02 07:49:14 fetching corpus: 3250, signal 166640/216577 (executing program)
2022/10/02 07:49:14 fetching corpus: 3300, signal 167618/217853 (executing program)
2022/10/02 07:49:14 fetching corpus: 3350, signal 168648/219137 (executing program)
2022/10/02 07:49:14 fetching corpus: 3400, signal 169611/220357 (executing program)
2022/10/02 07:49:14 fetching corpus: 3450, signal 170596/221642 (executing program)
2022/10/02 07:49:14 fetching corpus: 3500, signal 171707/222948 (executing program)
2022/10/02 07:49:15 fetching corpus: 3550, signal 172763/224133 (executing program)
2022/10/02 07:49:15 fetching corpus: 3600, signal 173740/225306 (executing program)
2022/10/02 07:49:15 fetching corpus: 3650, signal 174356/226337 (executing program)
2022/10/02 07:49:15 fetching corpus: 3700, signal 175407/227535 (executing program)
2022/10/02 07:49:15 fetching corpus: 3750, signal 176276/228660 (executing program)
2022/10/02 07:49:15 fetching corpus: 3800, signal 177346/229817 (executing program)
2022/10/02 07:49:15 fetching corpus: 3850, signal 178712/231075 (executing program)
2022/10/02 07:49:15 fetching corpus: 3900, signal 179510/232069 (executing program)
2022/10/02 07:49:15 fetching corpus: 3950, signal 179985/232995 (executing program)
2022/10/02 07:49:16 fetching corpus: 4000, signal 180815/234005 (executing program)
2022/10/02 07:49:16 fetching corpus: 4050, signal 182190/235190 (executing program)
2022/10/02 07:49:16 fetching corpus: 4100, signal 183357/236358 (executing program)
2022/10/02 07:49:16 fetching corpus: 4150, signal 183899/237164 (executing program)
2022/10/02 07:49:16 fetching corpus: 4200, signal 184549/238013 (executing program)
2022/10/02 07:49:16 fetching corpus: 4250, signal 185484/239038 (executing program)
2022/10/02 07:49:16 fetching corpus: 4300, signal 186430/239991 (executing program)
2022/10/02 07:49:17 fetching corpus: 4350, signal 187063/240858 (executing program)
2022/10/02 07:49:17 fetching corpus: 4400, signal 188019/241822 (executing program)
2022/10/02 07:49:17 fetching corpus: 4450, signal 188772/242672 (executing program)
2022/10/02 07:49:17 fetching corpus: 4500, signal 189209/243422 (executing program)
2022/10/02 07:49:17 fetching corpus: 4550, signal 190088/244289 (executing program)
2022/10/02 07:49:17 fetching corpus: 4600, signal 190690/245082 (executing program)
2022/10/02 07:49:17 fetching corpus: 4650, signal 191435/245862 (executing program)
2022/10/02 07:49:17 fetching corpus: 4700, signal 191844/246584 (executing program)
2022/10/02 07:49:18 fetching corpus: 4750, signal 192635/247416 (executing program)
2022/10/02 07:49:18 fetching corpus: 4800, signal 193330/248195 (executing program)
2022/10/02 07:49:18 fetching corpus: 4850, signal 193938/248945 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/249730 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/250277 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/250805 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/251349 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/251931 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/252472 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/253045 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/253578 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/254147 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/254700 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/255290 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/255838 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/256382 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/256892 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/257506 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/258050 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/258654 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/259197 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/259751 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/260287 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/260874 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/261423 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/262011 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/262533 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/263072 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/263603 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/264164 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/264719 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/265314 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/265881 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/266441 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/267038 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/267617 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/268203 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/268811 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/269354 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/269408 (executing program)
2022/10/02 07:49:18 fetching corpus: 4875, signal 194680/269408 (executing program)
2022/10/02 07:49:21 starting 8 fuzzer processes
07:49:21 executing program 0:
r0 = semget$private(0x0, 0x1, 0x2)
semtimedop(r0, &(0x7f0000000000)=[{0x7, 0x8000, 0x800}, {0x0, 0xfff, 0x1000}], 0x2, &(0x7f0000000040)={0x0, 0x3938700})
clock_gettime(0x4, &(0x7f0000000080))
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x6, 0x8010, 0xffffffffffffffff, 0x10000000)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000000c0)=@IORING_OP_FALLOCATE={0x11, 0x7, 0x0, @fd_index=0x5, 0x100, 0x0, 0x1, 0x0, 0x0, {0x0, r2}}, 0x8)
clock_gettime(0x5, &(0x7f0000000100))
pwritev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000140)="a0c963906464facce0b08b79ef1a46cd4cc05347bdbd592e05ae18292ce714a2368d8787663c2b06a75f433851d6f447adc14319f316d310f639f76b1d8813da3bdeb593bb97ebd2f51ca708c16a72fb3cf4d9d9bdab01056503fd34ab278000e01120fdffd696194644c5bd46f387a703f9d5a265994a76d179c8b7c280f7a9d75a9d6859b0df44e91bace0f5b62933c613b2e33ba0ded204eadfd330715cac2b5cf6536351aec3c68d8d2a91d1be02f140a0e6021cbbf8a075a05843d5c5514545c1e298a063b40ac757c1bc1e4158dfb71eb86b26b808f1ffe8faf2306ed0affd85d3bcb9e071815fe8538142f31e5065f433c5605d", 0xf7}, {&(0x7f0000000240)="526b47f9d6e619f742a4d817373818010f3dcc5085e1abfdede92a322ea632b4e99d7e711da65e4d14aa3842c16f4f9e836e56b1d7707bd686c4808f9fd31a6913d750a8dcc10255", 0x48}, {&(0x7f00000002c0)="46e842d8fbd22f996001e0377686c14b5b54e2747478a4e6ef389aca0f1c6b6e96bc07371ff0e675776ef9df0ec6a4c23986422e90ca960109f746d7fb6d30948417e3807a41c0ba0988b16fd6212e07f06d7f10e84beb9377ae1ea30db07cf74c0831ac43ad4ac27930c5674eb21bea7fec5f78071856a4e2", 0x79}], 0x3, 0x3a, 0x0)
r3 = syz_io_uring_setup(0x6b8, &(0x7f0000000380)={0x0, 0x3c67, 0x8, 0x1, 0x1ca}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000400)=<r4=>0x0, &(0x7f0000000440))
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000480)={<r5=>r3, 0x75, 0x5, 0xfffffffffffffffb})
fsetxattr$trusted_overlay_opaque(r5, &(0x7f00000004c0), &(0x7f0000000500), 0x2, 0xf50ece805e5d5e2e)
futex(&(0x7f0000000540)=0x1, 0xc, 0x1, &(0x7f0000000580)={0x77359400}, &(0x7f00000005c0)=0x1, 0x2)
semtimedop(0x0, &(0x7f0000000600)=[{0x3, 0x100}, {0x1, 0x3f, 0x1800}], 0x2, &(0x7f0000000640)={0x0, 0x989680})
semtimedop(r0, &(0x7f0000000680)=[{0x0, 0x6b}, {0x3, 0x3}, {0x5, 0x7fff, 0x1800}, {0x2, 0x1000, 0x1000}], 0x4, &(0x7f00000006c0)={0x77359400})
syz_io_uring_submit(r4, r1, &(0x7f0000000700)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0x2000}, 0x1}, 0xff)
semctl$GETVAL(0x0, 0x1, 0xc, &(0x7f0000000740)=""/31)
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000780)={r3, 0x7, 0x9, 0x3})
flistxattr(r5, &(0x7f00000007c0)=""/3, 0x3)
r6 = semget(0x0, 0x6, 0x185)
semctl$GETZCNT(r6, 0x3, 0xf, &(0x7f0000000800)=""/26)

07:49:21 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xfffffffb}}, './file0\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x0, 0x0, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x4}, @val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x8, 0x60}}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x5001}, 0x4008040)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xf8, 0x0, 0x20, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x0, 0x1a}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_IE={0xb3, 0x2a, [@random={0x8, 0x86, "6c8be2523ac2dad641aa626fb808489d4f4664ba7afe33c32fde22c32388318c6981c2354bcad623cb53e35dc02e9ad3a8706e5f31adbe679cde27a12489f3aab20ee6517dab4f1a203231c1e4997be7287249128ad9aa38e232c2f4ddcbaf97dfc44728f43c956cad90fb2a4a378d6180e25de09395c0ecfbd5331ecdf8e3b31da5b681a0cf"}, @dsss={0x3, 0x1, 0x38}, @gcr_ga={0xbd, 0x6, @broadcast}, @ht={0x2d, 0x1a, {0x40, 0x3, 0x5, 0x0, {0x4, 0x81, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, 0x300, 0x2, 0x5}}]}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}]}, 0xf8}, 0x1, 0x0, 0x0, 0x5}, 0x4000)
r2 = socket$netlink(0x10, 0x3, 0xe)
ioctl$AUTOFS_IOC_PROTOVER(r2, 0x80049363, &(0x7f0000000340))
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$netlink(r3, &(0x7f0000000380)={0x10, 0x0, 0x25dfdbfe}, 0xc)
r4 = syz_io_uring_complete(0x0)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0xeefadee9fd1ed630}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, 0x0, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x200}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xb94d65c}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x100}]}, 0x64}, 0x1, 0x0, 0x0, 0x50}, 0x8000)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000800), 0x400, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000900)={{0x1, 0x1, 0x18, <r7=>r3, {0x811b}}, './file0\x00'})
io_submit(0x0, 0x6, &(0x7f0000000bc0)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0xd57f, r3, &(0x7f0000000500)="ec6b4dc82acbb74dbeb29865acc01d4161b679565fc2c57c50e01baf0ef598f75ec4ceeba56c706e8875853f30", 0x2d, 0x5, 0x0, 0x1, r4}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x2, 0x1000, r5, &(0x7f0000000580)="3602a772c7fe57a412f1e5a096bdaa8d030a2c7afe884069113257496db50dcc829fb421c2dd62679f701522ab9bce3e741da7638ddf9a8331d17ac7363b171ba49d4d894bf3b4f75241b88ff1f473a8d319347df1fe5fbee3a117e7f9bf9fcbcee6fdc5db61010b4d530a703fcce1d5b6e4bd29403ccb0483516d5daada31ca4d59217de9ad049766fdbdcfdb78e8c7e838003b99145fbdac1731fe372407eaba9b24e1bca9656cefb768b5b5e16bbdacb6ee45927dbf2aade92977ad2d27dc1ab0fe79d0825b87ba097149455f272cc8bcce40578930", 0xd7, 0x3}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x8, 0xc0b, r2, &(0x7f00000006c0)="ff030a04e0fa5d37ef812deada64d61ed60048359cd52f8836928bd5008a69006f943c86f14b5cb7531207c16a5fe4cb5de0de6beba8b4492a6fb5aae97f3e852d7a292eb3c9eb504f5c336d15ee9200fe77689d384ed83826768a2b231754f79ec8d0417e40a4b1709040b28efd90fc4a5d9832734a6ac4885e2840a278d083de9e109f595fa4619712ade6b9728aacc2a809dd47050d76867a885eb1776701128cc60f8f7f61c4d06ffca83d640c2d2ab1c7bd0d4042c45214d70717839549fa0fc2180df6670e5dcf23e844c01a55c1", 0xd1, 0x800, 0x0, 0x0, r0}, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x6, 0x4, r6, &(0x7f0000000840)="bb5dc5a07af557fa2ce0bf2d07384581bd16c4990cb7b97c60a22849a23d4a58b692b294d06e65f5f6ba16903eafe9ea98c606bae08b444b7b8a42bb7b21feac2edace6d40e21f0e95f89ff4c7abca9ff71d5395b2d906a53d09271a876afdf68dbba7e7dfc6c61b9a5b86af6f281dfcf2226ff90a8fad70d83bea32b57abcbab0173efa0d7db4", 0x87, 0x5, 0x0, 0x0, r7}, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0xa57, r4, &(0x7f0000000980)="0998e9a47a9a3cc4cb11ccc9afb7ccdf0d9239129ce27984a1974d193258d9d73dc4418d4d29818c1ed812eb480bab195d2f5e37ec11116f7575abc9788ea026f765ea965f2bb0d6dfa5c9f7b49ae281270591b7344364c23190315d0db00e4c7cdabe268b143ad5ee47f5e031298ec90463533bc32838ee394fdae0af3b56e14359fb7e294222f6091f9b21e1e8437214ad2990d799755e480a5a61b3dd0f2c9b115ca2a1d9b3ef5398bcdde7a09a40169cb555d85b64da7de728fc63f0cae4bc42fbfe1e865b22de8d47169fbc35f33e45bc3c271a95e29bdbebe8a089537282a5fbd3fcc8410507b34d7d67fd37457d3f09", 0xf3, 0x9, 0x0, 0x3, r0}, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x3, 0xfbff, r0, &(0x7f0000000ac0)="686cbb79b415b3fd633fa8ed7392fc3a6e4f722846bfb32d4fc7e2f0324d18229fd7b7bde964781282013cbb59f7ef64f7676292d3c437dd01906d8705f4dca6d43bdd99ceb7d9aebd40524a6a03171ca94cfda66b4c2e8f976c3156b119bc6fce1bd37b9f2e06489c45f78c07ec6bd393d97d8c19a0641ba9d0d6fedf5b258f68a700b04b345e16d83d62558e949c3c", 0x90, 0x800, 0x0, 0x1, r3}])
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000c00)=0xc, 0x4)
write$binfmt_aout(r5, &(0x7f0000000c40)={{0x108, 0x2, 0x1, 0xf5, 0x22f, 0xfffffeff, 0xa8, 0x7}, "a7ed79d24b62ccb7a69d2b6bbca1410e99f8a75ad5946fff81d8ebde56934d4ab625458cdd8b9d655158d7907f057c34efeb20b1f3db3969bfdf102308849ce0ccc20be3e9b405b669403cc49fc9678d90d766d74692bdddebf9fde00bdd2d108803eece591c3ed1d3ea390d4e7a7b483c7a460a5a85a244db55e1ebd94bcfecd84d68a95879615d331a"}, 0xaa)
r8 = syz_open_dev$evdev(&(0x7f0000000f80), 0x1f, 0x10281)
lseek(r8, 0x1c, 0x4)
close(r7)
ioctl$BTRFS_IOC_RESIZE(r6, 0x50009403, &(0x7f0000001000)={{}, {@void, @max}})

07:49:21 executing program 2:
sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r0, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3c}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x5}, @BATADV_ATTR_VLANID={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}}, 0x40010)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x40, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x30000004)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x40, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x41}, 0x4000800)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ASSOCIATE_REQ(r3, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x40, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa1}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa3}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa3}, @IEEE802154_ATTR_CAPABILITY={0x5, 0x11, 0x3}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0002}}]}, 0x40}, 0x1, 0x0, 0x0, 0x5}, 0x800)
syz_genetlink_get_family_id$batadv(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x2c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r4, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x40, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x1f}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r5, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x44, 0x0, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0xe78ce543af92b0e7}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x44, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_KEY={0x24, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bafca167f944b4352304fa0548b423f1"}, @NL802154_KEY_ATTR_ID={0xc, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x24008080)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000b00), r2)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b80), r5)
sendmsg$NL802154_CMD_GET_SEC_KEY(r1, &(0x7f0000000c40)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x14, r6, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4040040}, 0x800)

07:49:21 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x3ff, 0x101004)
r1 = openat(r0, &(0x7f0000000040)='./file0\x00', 0x2d8580, 0x20)
ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000080))
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='maps\x00')
r3 = signalfd4(0xffffffffffffffff, &(0x7f00000004c0)={[0x1]}, 0x8, 0x0)
ioctl$SCSI_IOCTL_GET_IDLUN(r3, 0x5382, &(0x7f0000000500))
write$binfmt_script(r3, &(0x7f0000000540)={'#! ', './file0', [{0x20, '.+'}], 0xa, "790a6a2fc8705c0bfc065a3eb699b40dc2a67df4cb69869433587c74b2789bdc3f814bc42f3acac542b0252b298505d963b734efe269a40cdda6bf9130b70d8bec479eda2246b9b66af36d9d8c5751cc35f3943822d269205f225fc44f1458788972ab0f10656eb6c69328eba498d3502940f9ad93b88be06802be7ed09bb87c390c0855430a16ebdd"}, 0x97)
r4 = syz_open_dev$mouse(&(0x7f0000000600), 0x80000001, 0x200400)
write$tcp_mem(r4, &(0x7f0000000640)={0xfffffffffffffffe, 0x20, 0x6, 0x20, 0x9}, 0x48)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000006c0))
r5 = syz_io_uring_setup(0x4f01, &(0x7f0000000700)={0x0, 0x8b01, 0x4, 0x0, 0xc2, 0x0, r2}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000780), &(0x7f00000007c0))
fgetxattr(r5, &(0x7f0000000800)=@random={'security.', 'maps\x00'}, &(0x7f0000000840)=""/109, 0x6d)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000008c0)={{0x1, 0x1, 0x18, <r6=>r3, {0x5}}, './file0\x00'})
getsockopt$inet_tcp_buf(r6, 0x6, 0xe, &(0x7f0000000900)=""/93, &(0x7f0000000980)=0x5d)
r7 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000009c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
ioctl$FICLONERANGE(r7, 0x4020940d, &(0x7f0000000a00)={{r1}, 0x3, 0x100, 0xff})
r8 = syz_mount_image$nfs4(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x8, 0x4, &(0x7f0000000d00)=[{&(0x7f0000000ac0)="80b3420042928eb17e041cb25c7ffe657c1e1025a0b99fa9c42b474e5f9003c773a313907ae5a469d4f456b55c8b9db4d4d208ac8d8f3cfca8ffaf6a86a29e2f8a6f161bd4169b5d0246d8c42a72966d844e895806f4f4aef69b26c74e8ceccb9ac995490cf4a52e5594f4ec4089c9cad1ada0893fe5cd98cbab4037ee3c751fd8cd99ac51ba35e2c442a54328dc578d69f6898047102e986b207c2fbe10f42d14ab6129f609b1f57a", 0xa9, 0x20}, {&(0x7f0000000b80)="f4d94cccdc97dd69911559e3cfca5938227901fb7706f7072ae179393671da4e1ff0bf83cfc55a73b5bd9168112752aca2f820d0212bd1417bf3db1415fe945b83375dd628209673451e5d27512354fa33f7b6f075f05e86127d4044386f058caf485b814927658bc6c330514b68ec105168a1156b1744a16bc89923c03e9138e6c3b5a60f2a6ead570de94b6d0758e1b0ae6b1fc0f40933ebf60860c5e4e940d9098871a3f2aece7ccb59639569d6a4aeacb7cb4409066e2598735d9d513a", 0xbf, 0x3}, {&(0x7f0000000c40)="01a5bd34e6ed1c8255b215a248bdb6695047e44c4044808036c4ab47855f6192d510acb30fe92a2918e9da5e7240cf4cd9b63e3b80e7def0c19554295288", 0x3e, 0xf263}, {&(0x7f0000000c80)="74745d095f6d45a083ab6d181f0f8b9273d3fb1eca11591cb9aeac3dd12bae2632c3c74835fc59c27f52cddf2f05bb5fd84ad4b19e84c9f8196c5e52343d32d51e", 0x41, 0x4}], 0x1001000, &(0x7f0000000d80)={[{}, {':\xae.*'}, {'\xa6]}%1\x00'}, {'.+'}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'security.'}}, {@uid_gt={'uid>', 0xee01}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@smackfsroot={'smackfsroot', 0x3d, '/proc/sys/net/ipv4/tcp_wmem\x00'}}, {@dont_appraise}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]})
fallocate(r8, 0x52, 0x5, 0x200)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000e40)={@private=0xa010100, @local}, 0xc)
fsetxattr$security_capability(r1, &(0x7f0000000e80), &(0x7f0000000ec0)=@v2={0x2000000, [{0x3f, 0x80}, {0x1, 0xb6}]}, 0x14, 0x1)

07:49:21 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'sit0\x00', <r1=>0x0, 0x0, 0x2, 0x3f, 0x7ff, 0x20, @mcast1, @mcast1, 0x7800, 0x80, 0x7ff, 0x20}})
getpeername$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000001c0)={'syztnl1\x00', <r5=>r1, 0x29, 0x8, 0x3, 0xb2f1, 0x60, @rand_addr=' \x01\x00', @empty, 0xa0, 0x40, 0x515, 0x1f}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000340)={'tunl0\x00', &(0x7f0000000280)={'tunl0\x00', <r6=>r2, 0x8, 0x7800, 0x4, 0xffffffff, {{0x1d, 0x4, 0x3, 0x26, 0x74, 0x64, 0x0, 0xff, 0x4, 0x0, @empty, @broadcast, {[@noop, @cipso={0x86, 0x41, 0x0, [{0x2, 0x6, "c89843c0"}, {0x2, 0x12, "e074467d77e169c43e96f640173cf017"}, {0x7, 0xa, "7238c660bcf52792"}, {0x5, 0xb, "6a674166badc2b5bf4"}, {0x7, 0xe, "bb06729766abe75520c06acb"}]}, @noop, @timestamp_prespec={0x44, 0x1c, 0x8, 0x3, 0x8, [{@empty, 0x4}, {@multicast2, 0x6}, {@empty, 0x1ff}]}, @noop]}}}}})
accept4$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000003c0)=0x14, 0x800)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000600)={&(0x7f0000000400)={0x1f4, r4, 0x4, 0x70bd28, 0x25dfdbff, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x1f4}, 0x1, 0x0, 0x0, 0xc804}, 0x4000004)
r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000680), 0x628043, 0x0)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000700), r3)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x48, r9, 0x0, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0xc044)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000880)={0x0, {0x2, 0x4e20, @rand_addr=0x64010100}, {0x2, 0x4e24, @loopback}, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x28}}, 0x6f, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000840)='ip_vti0\x00', 0x10001, 0x1, 0x401})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000980)={'tunl0\x00', &(0x7f0000000900)={'erspan0\x00', r6, 0x8, 0x7800, 0xff, 0x400, {{0xe, 0x4, 0x1, 0x8, 0x38, 0x65, 0x0, 0x18, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, {[@generic={0x86, 0xe, "839e0a02367951e6daf2de83"}, @timestamp={0x44, 0x14, 0x3d, 0x0, 0x7, [0x0, 0x6, 0x6, 0x40000000]}]}}}}})
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000009c0)='net/rt_acct\x00')
sendto(r10, &(0x7f0000000a00)="c92425809d030c7780c3c0e1ccf814e7b77bef5dad425eab7025c69c9b7664a9e41cab958a37b170562971947c70c1fb825d7165e2c633bcaf25513d7fdb10ff7b59a80cd452feddaea526e69041ea89704995bf269164e5734ef4cd944eca23856b9d692b941f37efd6a0328d9f4351c0f802fa9e6942a0e461cc12605e6d9baa26f8800a2f0ba55b027caa6f229abb29d880baece4530a1acf281f4477c45fdc8fddae7063ee902da66349e7f859f03ba4855dd0fa6695f9bdf8b2fca5f281fbee390f36e2494fabc6cc4ffd86674ab6a4bf62b110bb9e94a1e345ebec22599fe7ea33b157d2bbc5b3051fdcbf962a5b2a584307089ea458", 0xf9, 0x4080, &(0x7f0000000b00)=@un=@abs={0x0, 0x0, 0x4e20}, 0x80)
r11 = creat(&(0x7f0000000b80)='./file0\x00', 0x1a0)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000c00), r8)
sendmsg$DEVLINK_CMD_TRAP_GET(r11, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c40)={0x88, r12, 0x100, 0x70bd29, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}]}, 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000)
sendmsg$TIPC_NL_MON_SET(r10, &(0x7f0000000f00)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x90, 0x0, 0x20, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x34, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1f}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth0_virt_wifi\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3d5}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x40}]}, @TIPC_NLA_LINK={0x48, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x10}, 0x4000080)

[   64.971311] audit: type=1400 audit(1664696961.729:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
07:49:21 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2940, 0x2)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00')
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080)={0x80000000})
r3 = syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x8000, 0x7, &(0x7f00000007c0)=[{&(0x7f0000000140)="30ac70da28e2464ee305a78b4e655a633acd6146bacd8b8368ccf482d1896c6d2e41cb8ba561434ec7deb141a2720dae2c8e7926e5f01b89f3ce33afe932d41a1a379e39dcf6f126f324e4dadc78982b3bff244d0455b01b79597edb4be4350825c9432c3cd3be68b0799923c309960452fa3e165508a03eeef0c659e727da07d97a0ce22faa69a42918cf813d3a629423d2f7f1c0380e953cc950d17b2230499cecf4a03af5c73cc0078a3bf59093d3aabdd7231f73eb696c1cfb66cd64c390078685ec5acb6d9d19ad025d3babdff0", 0xd0, 0x9}, {&(0x7f0000000240)="de391c9d8c69444db88eb4b023f08be2651e011b1b37fb4019d68073bb335f856ae0ce576a4b28fb2afc8b7661c1ae88f5d40453f5cbf9afd26d53da87147d6e7ae3d7ea8fe902865be0232039fa2e0453eeab28881188dc66214259e7eb35f206cfbdea45b000dfd96d276bdbee99dca81d7bc89047d77d77f172403250e7c4d501338e4bdc277b19f8acfe345672b974dfeff7c76c1eec549b01a40f2f2baae943a1776759ccf0c9f3c2bed8f65a9596fe1610c5", 0xb5, 0x8}, {&(0x7f0000000300)="5a9f6678e34f354fd3a2a3d9f1a3d00c7ab2cc0683c93eede7bb86c56cef446f09cd476e8693922f1036d811633345daa06ab4b9a3b9fbd409f0278f97b1995121f44e3c5995bc95d0bd72fffc0f3895719a2336146a19f42c443650164c8d619a8dc802f5f64d0536a44bd244019098eb64016a7a2e605411f8077b8466e7060a41d50796717823f0ffa117b53b5122a272474d3c8c1178a6c059b9039409de3e23c8cad6c140a12001b1a97b8bd70128d8ccad3e85a6ecf14cb765ec81004945f41a80f4b79a2e21d520a7ad24624d68149636a7dba8bfddb0", 0xda, 0x40}, {&(0x7f0000000400)="f52240d471c850d88c1a95678c4a70737a71c7f5e319da677b1d576ce8a4c912e4896531c6faf7915fe6b8c494b750908d6b0833102b4b3bcf15f0c81d11cf63e780dd481939ccf18eea363270acdd8baf1fff2cb5f21acddc645e715b30a90bf2a7948055bc30cb2f6812be7b80cc5df26672643ed20b1f0723ce072955a9a8b973ddbbea6f4e7480ed02412e9b8f5404c2fc8089fbc7371f7d02d8b3b85f4f6bd69729c72175bc97830aecd460d6af73214374d65f9bdf92debaf2ee209527268658299ee1ea0d1147b8452ccec9062ee9d8dd5cd91b42cb80fbfe9235885d368d", 0xe2, 0x9}, {&(0x7f0000000500)="6278f8610af37d1054f90a8ff91b85f21400ffea62e68310197fc637a8e037926bd90794ece60636e4ce685c82502d3fad5def4e787f62794a2fb13a9419ba41e844c348d73ea6ba01042ec20dd175095159f8f6e49f15668e9f967eed52c754c8c1effc748389d7c66fd40f8557b8452aebda41a0d78775f2c176940fbf0b96cf261d49528a3ea1f1bea4451200fc4b54c4ed181ae74441429bc138e176e411aaf3da82db22b02c82b2cba3a5f613e16f31724bfbe2fdda98552b90bfd3d89b52c2dc791e6c18f224d26b32b7490554481c5b0dc8ae120809ddd84594d29adca116", 0xe2, 0x3}, {&(0x7f0000000600)="9f4d56e2183b245ed419dfb996ccfc2437de140025ee86cc1194eaf636f2d864ee61ee0a3e95cc49497e02a2e0fb1481cd1dfa8f9a323a2e6623a15caa33bf9d2bf76df701993b2774b846b7b5b1ddf82470885d33faa9ca845f1726452ca1fef11ba2874b7fa7c2e88d083df2bf9b719b324f982e78232eb3a7610b7bd5bc41365e742f24dd7d3b23b3a7fe5679ab17", 0x90, 0x6}, {&(0x7f00000006c0)="db917824b11352f93ce8a4906f773a28ee3c0fc213656ec70723849e3da45fe3031958a469ab74b04976abed841c46f9027311eb523e093109cacc056f9684fe18a2a11e2887921ddac40b1eab8db03cfac41e0d222a5fc087a427276382786e670698dcd926a1787a6d1bab50b4d9bdaaa940a50d31fc3f1a4c8abda5579828269f03b56e0e9b8ff9a5c0d9db38456b88a4c44d4945a2c86f8eb58264c7d518d7351dded952541c57f6a37c966e2d11f42055433683d0ba18c7c9d9570512e0f36ca18610bee39ab5d58049a49ffe7ba4c9", 0xd2, 0x101}], 0x20, &(0x7f0000000880)={[{@nodelalloc}, {@resuid={'resuid', 0x3d, 0xee01}}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@user_xattr}], [{@fowner_lt}, {@fowner_eq}]})
r4 = openat(r3, &(0x7f0000000940)='./file0\x00', 0x2000, 0x1a2)
inotify_add_watch(r1, &(0x7f0000000980)='./file0\x00', 0x80000090)
r5 = dup2(r2, r0)
ioctl$sock_TIOCINQ(r4, 0x541b, &(0x7f00000009c0))
r6 = openat$cgroup_freezer_state(r0, &(0x7f0000000a00), 0x2, 0x0)
r7 = dup2(r6, 0xffffffffffffffff)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001e40)={{{@in=@multicast1, @in6=@ipv4={""/10, ""/2, @private}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0}}, {{@in6=@private2}, 0x0, @in6=@private1}}, &(0x7f0000001f40)=0xe8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000002000)={{0x1, 0x1, 0x18, r7, {<r10=>0xee01, 0xee00}}, './file0\x00'})
syz_mount_image$ext4(&(0x7f0000000a40)='ext4\x00', &(0x7f0000000a80)='./file0\x00', 0x8, 0x5, &(0x7f0000001dc0)=[{&(0x7f0000000ac0)="cd32541fb2c31e67e4143ba6fd2134c583b1852c1bc7be5e7ef2e5ef2fb3b838085a99eafe986ce933e4243580adb3d4972e651de3ba6238c69bdbc16ccb6a1c1e343343e58deb5a5dfa303b384e314ace284383de8603c0615a651dabf1932a71b50c4b5b1dddba08d294ea816f9226ca8c39b30dcb925ce1a90fca0d91519c762b9dbded79f8cf84e1b276bac79e574ff347cff9b57b4e291a33756508eea2debe0f8a6f553fe28583ea085596e83768168fe10637d1b68b8e4490a98429d07b0bfbbac1d9bf54910bfe847e", 0xcd, 0xfffffffffffffffe}, {&(0x7f0000000bc0), 0x0, 0x3}, {&(0x7f0000000c00)="25bd1dcaac326e986ddce9872e6b807b3ab041fab6406217955548a9386d83e1c89218df12bc72da21d60628d37402ca28df8843d1e68bf9885e38ceb15abf282a19672ec7f7c2717e5ad1ef6749beea5fc638b750aafcb813862a89c3f8f043e00d5defcf5b4d723f0d1a22bf6bc30324ef44d88325cd0f1d0b2f64d4ca16db8bec27eff57868e9910f8342daaee422c2028abc5010b9c2ba6ab86cb4ad926dc5bab4feae6f5186fd536d5bcc6f5e922fd5676973ac487c963fcd14267a852f0d28f4af4c6f488a067d853566f0e40ccd6b1bcf964b60969a2d39da985a0334acf59564db312d23818ab38b646791974d79b20af0355594b77cdbd3e90d362bef9be076fa0a02f0a5a94408775ca6b5aa8c746621f0e90e2672694702ae62e369c84dd22a811f54bcaae2e5d22690bc8bf24a3b4cc44158dbdaf676f5085a943adb8d3981cef6c83c06703b1e924f5868768a76e8b86647e15a71a18f4623104787a1e7a1438d3eaec383b06814520a219732de52e769bf09a0da6ba1eb56fd2c84bd110bd7447fd33b731378107113fcc0b1aba07ba484b04f6e0135c09d14d67b3b9316eafbb85a2653ec51d8e3131a788e4c2c138c35415f8b34f6a830cb5e99f1869ea6ef2e0982992a0e57b6bd7d3e73c3d890f32611093de78fcc0e90fe60958c84a296bbb377e842ac2c4485a33f1b60f015e53bef13e7953474329f299e1529358ef3430daf4b60b59c84f1f38df3306941d9fba520f76e23aad10cbd982f5325317a58646655eecaecb7b87a52ffb6e9ba62268b8d606d7317b73a40b4c3c546487f03319b2f8782f48dd85423b16a9e662b11815542c474cce87515864137a85751d424cae29f0c10c15ec088825827045b2393f66dbb1debf61b9c3976449bc4c28b9610c9addfa4b57edcb4c88ef896d0cdde0c09256d38399b2d64ee78a263ec23df813ed64bf3abfdda0e338c3d12a20e3e85af16e5411cc42178685da77a85cc435b824ba0b9ab55baa27274ab6bb60c3a39e76ef5253241aaa52d693c41798436944b179574efd193891ce69d3e6550256ce49cf03f9a0a3f573dcacf429be38e5d6fb30493066174910888d57e0a8982dbc472da3acb911ae73d409fb2ccdf792b555e5e07b79e77d968c59e85c815859d41ed48ce2063ae0fb6dbe716dde4b03e19c4d504ae04b3f3bfb3fb9cdc37800d6f1994b91f7d743599ab74a057d1bbc65eb9211b8192018aed6327916678478d12e44d6ff42a260e5badda475818cd75dc40e2aea7810de775c309dc1d9d658c87beb63a38f0596aee495cee5f0dd44e4727b8bd91a212b8dbd63109abcd7d5023cd1c6f03f2857cf5d4d0cb5050d2c135172b374c3e5c5356bb4511398f6c1dc62436f6b7d7d977b47d4cf0eb8a48ad4c5f7f66382f015b51cee4e1c52ad3a49681d83388c54ccf1c33d099f6bf7679593575d352b483cea369de5c77dd431a91655b355f64fa6617a62fc4ac140c1c05d3ca90f849d08dab16d093d8dde8b712e52a6d97b6ff0c66ed6834417b8c6edfee198d54c3a3ca6fa7f0cd51cdf897d34e3807a4d8a3c91cf541eedfeae6cb6d24b518aa120b686503ec4e9cfcf1b2348164f2283f2b31dd1294a2e9cadf9c7bddd004286e7d26c444673d6de3a52ee34f579ae8e836d1adbc0c88e04f39951309b243138d130ad48cb08800e1631613bcf4a032a62854ef832e82decf9860ef30deddcdc47b07d51dd82cefe4473f7d53032152e977d298f280079ccfa035cba6c8ec74938ca106ad131dbec99652d3b998b8026594efd4f431d004a4ac127be174833063d3805b5a4572a73444268f3e779298742deb2c4be36428ba38c565311f078a1a076cdbc312e6d1e64df38afbf8fdd2a2effef6e75749170f7134cfa75a193e2b401cf2032bcd8567e8710bcf2eb397941be0943fe98cb0e02a674bd8e23f68186aab52f1744c7862c5ab3e485f81aac5fa48a805b5b82e1527471193891c919f1893f77b985cb76f682089c3abf168d67d3301ac5b45211d22bff2b954069e9cdbf684a858e8bf605da8aea8c3d1c188c3adb5492d075abba7c1cf34d87532343116b7171594fa255caa443da0d208f4d3d7b5af643144bc5a237f6001aaa360d0ed96a2cf9da5025b27f381e001dccefe7aeb639b732a9218de7a8b77295a151e6fc605fddc9e82f5cfdf97517875b6dfc9542c2596c379f67a3ebb76c3d0f4c784a7715d1df394d7ffea9c27d6de6491bbea27b3fd701a9499530a61312cd4fe40ccdac81d73ebb408b5a7dbe3df8bfa5c4fc39c218dfce041a781a381681b62be4a729b6069f3fabccda60e41a3637f815281b62060847ecb7f08d958ca7a52a55f78988e9617cc392d3b0021d290ac7e8160b0d9d844de470fa35100b40ca0eddbf279ac121ab5f50e2bc0f8df4165f7ecc69638d3a62bcacd64c16ee4ccf029b0a298c9044b6edc43342700b45e650e294bb9ff5fd9c1d7881442c840851b971c1cecd215eaea3e73d7faea93da317da9a22aafedde976f31a6c5f38ff0d8d2079bec9c548ea92c9a6e2ba9d083690df3f588dcab36e2e400bd741f3df1bdb4e62d58147a0bb973cd41ddc8ad48c760762778f9ec94caa2a5b2889c6a6b059868fd4571c7066c6753ecc26497c1c4d235feabcdc21ffd2fe92a2a0c46b20b55b695364456d2236f801e133bf596078e0a2ed6c31ba2b960edecae985babd05a4464688807ae7809c67805acfab978498db6c2b09d074b9be187553f4c12ac9f82ac2e3640c1b5e9173d57e994cfec352cc47f2a8d3d8100cef06b291149edb7e960130e9b99526a132ce56b33df15992e655bc6df2b927f6fcd50b9a0cdf25d8ac1a8716fc7fa4b9b3405ab9ebeb91d4477620ef037a9ddf7c7de98866ed0b626028bea0f4a864618f577867b529d8e1c34a34657fc50796073e35edd019920250889820107e12622a0907d1310c972644b5f9cd1d52e39d4cfec80287d355d0245c51dfc48bcbe2486b4656a68e5f1fc04716f04dfe5e6f2ca151c79b5308ad833da4950b7efddc63ba3a0c2257c6082dc2bfabe4c4c612bf6e2e330bd1aaeff674bca58f3a1a3fc15c28cfced67ba81f862d8a29c48cc1328a93280f8fa452456d4359c510f0143bd6a34ca466ffc621fcdbb3220025d6abbbec004f68e36a7c725e81e87f94fa7dc310f8c90ca3f399f8173931964d172ec84b0e586847412c7f4f1ddac65c0bb70ef22494d4c73bd3b9a81b54d0f09efec34bab73fab940fbe247528a52db809b7c0bddaec66bc7dbd3a5e913b1553abd9635c526c7b4e30b4fea792c5d893ad887398bc4310c26cdf08e85bc3de693b6468d0022fa8e58f501e7486bc13a210ceb97f5b5afbde002df4b3fb94b7ed64e97a4355433aed8ce9a1c6fead0c7f541e74e6a0e3c3247f600f8680329cef9b3b5ae0917fda638ddaf0a60578c01aa208be8f2bf71d90d67861375f2296465685b22df80285d0b8c76a29df0e049bb9d68c41f344cb2f43d02396559981f92c6dc9b1e7d69c25919963248e5590827b7ef7b4560b8598647e8a408ad7e8e73b55758cba5dea0fa3a12888220c232b4978987f695ed0112ad47891f82948474711af3b35f6ecce1fec71da426b37264747d6c88aa475d7588ee8b1b2aaa6fba874e0d106c7a44f1d90ccd5f8e4a528809044973b6705aab48b7addd325454761fd411465afa19b83145077b0560f799e4110078ebc4cec5df15e0eab30990a69ee6740ed2b1022e08b1804fd82dbcfe2db6ff595f2d15721302ff9c24e266cf3387c52e83904e82c09e2108e6259bf8f2bb96ef15bf23eaeec77c17b34b194e98f89e70d60551fd69c955d801be0bacc0aea1d95def382d529376f09c4f5f766cff306f624cfa3621e1a734d45774834cf0d8bd763361e01bd932270dab7bb795d61277170ba85ffb049e3332b7be4fdfee2727921176c08057aca256ad93653f3aa197864a3f467fe0a14e3082b8b04b2457a82a4f34fededa7a4fb44c8a2e20507dbbf18da1c9e7e770639acf94dd8d9846d62d107ddef9e045fef5cb5181405402a1dc0db1871a87c588a38e500b850208b61b2225fd71e9506c5bf5ffe66d2fcc84739505caa826687b4d8e8a3c12aac412c54e88ddf1beaa93f12d686a94638c2621141020b20d8c1bf9ae2d4f566d13996f9fb70c734f23ed46ccc9523f8fcbc9d9941828fcd60fd7e8ed6c262a20ee442093f554dcb4f91f2380844a3474e3f60d0cb806b76ef351d15444a15dbb593e9b9494f0372a49aa6ea3412838fb09f0bb1c7c4f9f263989a31f45ac438ec8d1f8f0190fd60e8a805c972d169af2bda75fff2d033732f59d92906920cdf349e5d4393e7c48b9560ae640257f8cd632d501eca84e8511135fa8bc74421d9ba5de645b13f9b29be02de219335a24d663eca4de1aa7f1726266c1288ff90ad84aa89edd206ecea397581d27f2d11678c55824e80424b48f8d871fde6a6453d9b866cbc11a9eb933319315ad49018a2fbb209d0a3051eabf1e28de53a5717eddd742a68bbf58e86fdabe704e243d1367b37e837957f8518aca294e3e66ad734ff8a78ea859e74eedb0c2e189940b0c9e3fc10522b1fe165cf4c14cd08eb20133de4323227edb19b6fb28343823783922d9ecceda27558e68232fd00a9c43d3cfda1fafef076b170b4dfcd4bc6dee94d20faed74aed82c93be68c3e6843fdc54cdc1b86982c7fa6ae2381ece206d6100e62ac32ce6f605deffe3a525ad372705583a91873dcb427c738210b14740a182012bcea1cab0efe40df22e5906903384c0e060e2b9e9b0f9e24c914649dbf23bc6fc0f2de23a05f7fe1d7eac5e84df57e10efa759d6e2ff3edf41c3aa0c8ac4d185b9f46d9b027639a6dc52aa7ac6a9c0f5e8310ae93a3220be13f43fd4f5c5718fb3405802d9d0bde88e4cc059a94f1c1dce90b966c9d1b1e7162f4e14d3dd3fc47c4c9463020db758fe417bb5a6a5d0b0f50f8e00a3bcb0e0f5fea53b13159d59ff57335320d895d2e4c6517779e54cbc397c85e6aaa4b25579fca95cdbc3af89b3a3b807f43126e326ea40d2980f73162032dcafba37c25b0a0cc2b27862a932d9183e9ee3deaa0ff4e621936481793cfe40c7cea68aa79a6cdd93731c6d7a464ec584b36bea6150db4050b0c788e0f20bad031c811d78d12bca12b70405f5f35e052b3ed5ddf52bb7597d856bb26da2440a314a7c59b57ad82810456514385322dc4fa86bf4128e780e47ec1a166abffa0508675dae665798f595f4afad1dbdaab65bb2daaca4977f3c7438efde102a1e8060c6d17d781605a64f917022047432b6a4ee1b596f3906f489b278ad85a6803d67232c454f4a6eab9a7d4fd660f14e0f4feffb52cae9cf49a416a9f0fcdff08b168c3b80b3444322fa8e9ae198cb4fb2c48e38257eeba3a86356d01bcc47185c0daf46d1e1e9c4a07e4bef364f442b52e4cab6173c8397da8b74b3bc30fc560b8719a89ad9c2343d09a9cc876b55fbd8782d5d1ebdc77a6779e756dc4789f62dccefda77285e2597ae3f5599888fd9569a85e5bcf3f50f940e008c40d20179e621aad584017718a96043956a1519e5127991a85c57efcd22fb82b5caa7e16ba6b903c0233c43999c7252043a3927aa06b017559e7d994d396ea93cfbbb13bbd654f6b268c17dabd3da335cac4de12cecb40126416f4000db8e8d86ee42f41b9c9d87dd4a28a10ca0f104774a233f9afdd869a955ec2bad1916612710dc593258e", 0x1000, 0x4260}, {&(0x7f0000001c00)="b70a010588de05ce9793191038ca3dda6ff676c09198e5fea0c950ae1cd37240fe03893accf1fbcfe3ae03b405624f1cfe73443a953988776f822823d159e9a41163043995eb7e24e7dce9885b4838f1943a4c281bf12d20f6427c413c445ab0665fb2dae35c110f15a4f48667a364ec8bfb8b2a60654cda8180e01c24686733583bb29b88515798f84065d3a3cd4d50e97136aacd1202c4ff6b4cd60a607f02010e6a6e06a14ee21740783ea5d49eae53c34d4ad233124de7fa9535fe062bf32ef0", 0xc2, 0xfffffffffffff902}, {&(0x7f0000001d00)="945e5ca5e81eb5e37206adbcc37681110f3a1cf3165c06b34f97bffd8a0bf448d0b2ae1fa1d34a35526080fad7521431dc60e34ce870f8e0bb326d6b3901b42381e77fc559f30812f6f6dc50f7ee7d0a4fcc5d22b322e00e734e7cf23038984a435d4a9b66075fadfeb54fc48998bc5bda5fb62b1353383995efb5250c76c2653cf8f972106bb6a258a489592b0f193145f6527d4935", 0x96, 0x19}], 0x18204a, &(0x7f0000002040)={[{@bh}], [{@fsmagic={'fsmagic', 0x3d, 0x1}}, {@fowner_gt={'fowner>', r9}}, {@euid_eq={'euid', 0x3d, r10}}]})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r5, 0xc018937a, &(0x7f00000020c0)={{0x1, 0x1, 0x18, <r11=>r0}, './file0\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r11, 0x89f0, &(0x7f0000002180)={'ip_vti0\x00', &(0x7f0000002100)={'syztnl0\x00', r8, 0x3800, 0x40, 0x80, 0x8000, {{0xa, 0x4, 0x2, 0x1, 0x28, 0x67, 0x0, 0x3f, 0x4, 0x0, @loopback, @rand_addr=0x64010100, {[@timestamp={0x44, 0x10, 0x37, 0x0, 0x4, [0x7ac, 0x7, 0xfffffffc]}, @end, @noop]}}}}})
r12 = signalfd(r7, &(0x7f00000021c0)={[0x100000000]}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r12, 0x6, 0xd, &(0x7f0000002200)='scalable\x00', 0x9)
r13 = syz_open_dev$vcsu(&(0x7f0000002240), 0x101, 0x90080)
ioctl$PTP_SYS_OFFSET_EXTENDED(r13, 0xc4c03d09, &(0x7f0000002280)={0x3})

07:49:21 executing program 6:
semctl$SEM_INFO(0x0, 0x3, 0x13, &(0x7f0000000000)=""/182)
r0 = semget$private(0x0, 0x0, 0x200)
semtimedop(r0, &(0x7f00000000c0)=[{0x3, 0x2}, {0x0, 0x1, 0x800}, {0x1, 0x800, 0x1000}, {0x0, 0x9, 0x1000}, {0x3, 0x6892, 0x1800}, {0x4, 0xe43, 0x400}, {0x0, 0x0, 0x1800}, {0x0, 0x9}, {0x2, 0xfff, 0x1800}], 0x9, &(0x7f0000000100))
r1 = semget$private(0x0, 0x0, 0x20)
semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000000140)=""/255)
r2 = semget(0x2, 0x1, 0x252)
semctl$SEM_INFO(r2, 0x7, 0x13, &(0x7f0000000240)=""/26)
semctl$GETPID(r0, 0x1, 0xb, &(0x7f0000000280)=""/94)
r3 = semget$private(0x0, 0x3, 0x2)
semget(0x3, 0x1, 0x282)
semget(0x2, 0x1, 0x44)
r4 = semget$private(0x0, 0x4, 0x64)
semop(r4, &(0x7f0000000300)=[{0x4, 0x6c, 0x800}], 0x1)
semctl$IPC_RMID(r3, 0x0, 0x0)
semctl$SEM_INFO(r2, 0x1, 0x13, &(0x7f0000000340)=""/4096)
r5 = semget(0x0, 0x1, 0xa0)
semtimedop(r5, &(0x7f0000001340)=[{0x0, 0x9000}], 0x1, &(0x7f0000001380)={0x0, 0x3938700})
semtimedop(r2, &(0x7f00000013c0)=[{0x1, 0x9, 0x1800}, {0x3, 0x84, 0x800}], 0x2, &(0x7f0000001400))
r6 = semget(0x3, 0x3, 0x8)
semctl$GETZCNT(r6, 0x2, 0xf, &(0x7f0000001440)=""/4096)

07:49:21 executing program 7:
syz_open_dev$tty1(0xc, 0x4, 0x3)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x101101, 0x0)
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000040)=""/86)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000100)={0x7, &(0x7f00000000c0)=[{0x1f, 0xff80}, {0x3, 0x2}, {0x7, 0x57e}, {0x3, 0x9}, {0x5, 0x5}, {0x7, 0xf800}, {0x81, 0x1}]})
ioctl$KDADDIO(r0, 0x4b34, 0x80)
ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000140)=0xffffffffffffffff)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x300, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000001c0)={0x8, 0x0, 0x5341, 0x3, 0x16, "4bf680df5bd2b499"})
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000200)="c11ee7dc1d50c578c77ed1732e06")
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000240)=""/119)
fcntl$notify(0xffffffffffffffff, 0x402, 0x20)
recvmmsg$unix(r1, &(0x7f00000021c0)=[{{&(0x7f00000002c0)=@abs, 0x6e, &(0x7f0000000540)=[{&(0x7f0000000340)=""/135, 0x87}, {&(0x7f0000000400)=""/67, 0x43}, {&(0x7f0000000480)=""/163, 0xa3}], 0x3}}, {{&(0x7f0000000580), 0x6e, &(0x7f0000000880)=[{&(0x7f0000000600)=""/194, 0xc2}, {&(0x7f0000000700)=""/21, 0x15}, {&(0x7f0000000740)=""/253, 0xfd}, {&(0x7f0000000840)=""/58, 0x3a}], 0x4, &(0x7f00000008c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000940)=""/87, 0x57}], 0x1, &(0x7f0000000a00)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r6=>0xffffffffffffffff]}}], 0x120}}, {{&(0x7f0000000b40)=@abs, 0x6e, &(0x7f0000002080)=[{&(0x7f0000000bc0)=""/242, 0xf2}, {&(0x7f0000000cc0)=""/209, 0xd1}, {&(0x7f0000000dc0)=""/78, 0x4e}, {&(0x7f0000000e40)=""/122, 0x7a}, {&(0x7f0000000ec0)=""/30, 0x1e}, {&(0x7f0000000f00)=""/4096, 0x1000}, {&(0x7f0000001f00)=""/71, 0x47}, {&(0x7f0000001f80)=""/238, 0xee}], 0x8, &(0x7f0000002100)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}}], 0x4, 0x2002, &(0x7f00000022c0)={0x77359400})
ioctl$TIOCNXCL(r6, 0x540d)
ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000002300)=<r9=>0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r7, 0xc018937c, &(0x7f0000002340)={{0x1, 0x1, 0x18, <r10=>r4}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r8, 0xc018937c, &(0x7f0000002380)={{0x1, 0x1, 0x18, <r11=>r2, {0x3}}, './file0\x00'})
pipe2(&(0x7f00000023c0)={<r12=>0xffffffffffffffff}, 0x0)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, r9, 0x7, r10, &(0x7f0000002400)={r11, r12, 0xffff65c9})
ioctl$KDSKBSENT(0xffffffffffffffff, 0x4b49, &(0x7f0000002440)={0x81, "678eec4f401906a59da74dc3ee021fec2612f2e76fe83d62fa2c7cb95b48cdd0caaf6cda8636dce7105cb10914676c0672ed409a5a8dafbd45ff08ebc4b5da28ca2d31b94940c4094304457b2f9ab07cd89252b972e0c23c683c011503980eb193a16cb5e19140caa3ac14ab5c1549c7b30ed0d671db222b744427c6121159df1675f54d85389af9fe5bc15b595f3c6aa2cfe4c90aea860fde8b5214a35265e50349c02b3bfe13175718221f7580193bb85231ec6a5ecb2fa2988b1b7931db49aafea6bf97476fd389a01b4cf61f320040cd2c1112109ebce730c92255837c28e85f6c49e12517cf603127dc0bb393a0491e223cf869cf8bb4d419e6bc5eddcf3c3103bc14864082be987da3a73d43007d38cc96fd4a2a95972821314527c075a6abdf7a313c31f991d568d7bd82c9a14faa20d0f0e3a9733306dd9064e71c06ed34d29f3b08ff70cb061df0c7e2069fa191ab022c774713d362ada9305da1276caa7f268bea193a9229ecc93e45fec260cb5ef993443f578222d05b5ab59cc06ef789397ac054640051ca5d88d474dbf5275cf285a6738345fc18308d822f38ff6fa1de4f61deef7d5dd368f9f3ca4a66f53f98163d8752ea7c26b9119378eb18cea0ac89e5a63d4df84f9f4e407946d9981638e7017cee1f0d706ac1ed02cdb50ae12d3be0b6b6134a7ac4bbbaea012b90813cd8f8ab751b4dffb27a8a0e43"})
write$binfmt_elf32(r3, &(0x7f0000002680)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x80, 0x0, 0x3f, 0x7, 0x2, 0x3, 0x6, 0x12b, 0x38, 0x3cc, 0x1, 0x6, 0x20, 0x2, 0xfffb, 0x81, 0x3}, [{0x5, 0x7fffffff, 0x0, 0x101, 0x8001, 0x8, 0x3, 0x5}], "c2c7bc0fadae91e4c6297d9964083c8f1362fd3f0926e0a53349afb6878a7747ca3dfe08cb522813be129e472c7e73d70108a55eecd2ab202a57082bfffe2782ce5b5b2bf9e8a41187ac111a8274be61b0a72090bbcfe69c7181fb7b49e068c9c9fe57a49d9ad3ec17c1ef9441655f1e17209fee4aebbcbd3beb10038e3e6d743294c5c795255fecbb25a5664a675ce91c92243f2b1247e4181b2e7ca4be85cf5281f0e4fbbb3f10289a8aceddc55f41ffdc94829a77a4cbc67aed495c4971ce002d8f457ee781006ce944f4ee9e417403f33945490acb648cc1eee1b2703dbe4953d712", ['\x00', '\x00', '\x00']}, 0x43c)

[   66.340638] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.343380] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.346450] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   66.347789] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.349460] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.351598] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   66.353757] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   66.355109] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.358420] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   66.359302] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.361590] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   66.362877] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   66.365387] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.366661] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   66.386034] Bluetooth: hci0: HCI_REQ-0x0c1a
[   66.387573] Bluetooth: hci2: HCI_REQ-0x0c1a
[   66.416277] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.424615] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   66.426475] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   66.428297] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   66.430440] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   66.432947] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   66.433190] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   66.435778] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   66.437101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   66.438726] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   66.443202] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   66.444671] Bluetooth: hci3: HCI_REQ-0x0c1a
[   66.445692] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   66.447803] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   66.452627] Bluetooth: hci4: HCI_REQ-0x0c1a
[   66.472252] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.478160] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   66.480488] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   66.485190] Bluetooth: hci1: HCI_REQ-0x0c1a
[   66.486676] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   66.508268] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   66.512454] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   66.524584] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   66.531560] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   66.533122] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   66.540075] Bluetooth: hci6: HCI_REQ-0x0c1a
[   68.408360] Bluetooth: hci0: command 0x0409 tx timeout
[   68.408374] Bluetooth: hci2: command 0x0409 tx timeout
[   68.472375] Bluetooth: hci3: command 0x0409 tx timeout
[   68.473108] Bluetooth: hci4: command 0x0409 tx timeout
[   68.473371] Bluetooth: hci7: Opcode 0x c03 failed: -110
[   68.474768] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   68.536074] Bluetooth: hci1: command 0x0409 tx timeout
[   68.601114] Bluetooth: hci6: command 0x0409 tx timeout
[   70.456693] Bluetooth: hci2: command 0x041b tx timeout
[   70.457552] Bluetooth: hci0: command 0x041b tx timeout
[   70.520043] Bluetooth: hci4: command 0x041b tx timeout
[   70.520470] Bluetooth: hci3: command 0x041b tx timeout
[   70.584042] Bluetooth: hci1: command 0x041b tx timeout
[   70.647999] Bluetooth: hci6: command 0x041b tx timeout
[   71.653896] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   71.657736] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   71.662639] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   71.671301] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   71.679048] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   71.683880] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   71.699244] Bluetooth: hci5: HCI_REQ-0x0c1a
[   72.504063] Bluetooth: hci0: command 0x040f tx timeout
[   72.504858] Bluetooth: hci2: command 0x040f tx timeout
[   72.568143] Bluetooth: hci3: command 0x040f tx timeout
[   72.568856] Bluetooth: hci4: command 0x040f tx timeout
[   72.632067] Bluetooth: hci1: command 0x040f tx timeout
[   72.696029] Bluetooth: hci6: command 0x040f tx timeout
[   73.720031] Bluetooth: hci5: command 0x0409 tx timeout
[   73.721032] Bluetooth: hci7: Opcode 0x c03 failed: -110
[   74.552062] Bluetooth: hci2: command 0x0419 tx timeout
[   74.552530] Bluetooth: hci0: command 0x0419 tx timeout
[   74.616649] Bluetooth: hci4: command 0x0419 tx timeout
[   74.617166] Bluetooth: hci3: command 0x0419 tx timeout
[   74.680030] Bluetooth: hci1: command 0x0419 tx timeout
[   74.744098] Bluetooth: hci6: command 0x0419 tx timeout
[   75.768077] Bluetooth: hci5: command 0x041b tx timeout
[   76.268165] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   76.274014] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   76.281190] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   76.289270] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   76.293758] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   76.296456] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   76.301554] Bluetooth: hci7: HCI_REQ-0x0c1a
[   77.816008] Bluetooth: hci5: command 0x040f tx timeout
[   78.328040] Bluetooth: hci7: command 0x0409 tx timeout
[   79.864064] Bluetooth: hci5: command 0x0419 tx timeout
[   80.376035] Bluetooth: hci7: command 0x041b tx timeout
[   82.424023] Bluetooth: hci7: command 0x040f tx timeout
[   84.472000] Bluetooth: hci7: command 0x0419 tx timeout
07:50:14 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
write(r2, &(0x7f0000000080)="01", 0x292e9)

[  118.131778] audit: type=1400 audit(1664697014.889:7): avc:  denied  { open } for  pid=3625 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  118.133877] audit: type=1400 audit(1664697014.889:8): avc:  denied  { kernel } for  pid=3625 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  118.152056] ------------[ cut here ]------------
[  118.152077] 
[  118.152081] ======================================================
[  118.152084] WARNING: possible circular locking dependency detected
[  118.152088] 6.0.0-rc7-next-20220930 #1 Not tainted
[  118.152095] ------------------------------------------------------
[  118.152098] syz-executor.7/3626 is trying to acquire lock:
[  118.152105] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  118.152144] 
[  118.152144] but task is already holding lock:
[  118.152146] ffff88800f228020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  118.152172] 
[  118.152172] which lock already depends on the new lock.
[  118.152172] 
[  118.152175] 
[  118.152175] the existing dependency chain (in reverse order) is:
[  118.152178] 
[  118.152178] -> #3 (&ctx->lock){....}-{2:2}:
[  118.152191]        _raw_spin_lock+0x2a/0x40
[  118.152203]        __perf_event_task_sched_out+0x53b/0x18d0
[  118.152214]        __schedule+0xedd/0x2470
[  118.152228]        schedule+0xda/0x1b0
[  118.152241]        exit_to_user_mode_prepare+0x114/0x1a0
[  118.152253]        syscall_exit_to_user_mode+0x19/0x40
[  118.152265]        do_syscall_64+0x48/0x90
[  118.152282]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  118.152294] 
[  118.152294] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  118.152308]        _raw_spin_lock_nested+0x30/0x40
[  118.152318]        raw_spin_rq_lock_nested+0x1e/0x30
[  118.152331]        task_fork_fair+0x63/0x4d0
[  118.152347]        sched_cgroup_fork+0x3d0/0x540
[  118.152361]        copy_process+0x4183/0x6e20
[  118.152371]        kernel_clone+0xe7/0x890
[  118.152381]        user_mode_thread+0xad/0xf0
[  118.152391]        rest_init+0x24/0x250
[  118.152402]        arch_call_rest_init+0xf/0x14
[  118.152419]        start_kernel+0x4c6/0x4eb
[  118.152434]        secondary_startup_64_no_verify+0xe0/0xeb
[  118.152448] 
[  118.152448] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  118.152461]        _raw_spin_lock_irqsave+0x39/0x60
[  118.152471]        try_to_wake_up+0xab/0x1930
[  118.152484]        up+0x75/0xb0
[  118.152498]        __up_console_sem+0x6e/0x80
[  118.152513]        console_unlock+0x46a/0x590
[  118.152529]        do_con_write+0xc05/0x1d50
[  118.152539]        con_write+0x21/0x40
[  118.152548]        n_tty_write+0x4d4/0xfe0
[  118.152560]        file_tty_write.constprop.0+0x455/0x8a0
[  118.152571]        vfs_write+0x9c3/0xd90
[  118.152587]        ksys_write+0x127/0x250
[  118.152602]        do_syscall_64+0x3b/0x90
[  118.152619]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  118.152631] 
[  118.152631] -> #0 ((console_sem).lock){....}-{2:2}:
[  118.152644]        __lock_acquire+0x2a02/0x5e70
[  118.152661]        lock_acquire+0x1a2/0x530
[  118.152676]        _raw_spin_lock_irqsave+0x39/0x60
[  118.152687]        down_trylock+0xe/0x70
[  118.152701]        __down_trylock_console_sem+0x3b/0xd0
[  118.152717]        vprintk_emit+0x16b/0x560
[  118.152733]        vprintk+0x84/0xa0
[  118.152749]        _printk+0xba/0xf1
[  118.152760]        report_bug.cold+0x72/0xab
[  118.152775]        handle_bug+0x3c/0x70
[  118.152792]        exc_invalid_op+0x14/0x50
[  118.152808]        asm_exc_invalid_op+0x16/0x20
[  118.152820]        group_sched_out.part.0+0x2c7/0x460
[  118.152837]        ctx_sched_out+0x8f1/0xc10
[  118.152853]        __perf_event_task_sched_out+0x6d0/0x18d0
[  118.152864]        __schedule+0xedd/0x2470
[  118.152878]        schedule+0xda/0x1b0
[  118.152891]        exit_to_user_mode_prepare+0x114/0x1a0
[  118.152901]        syscall_exit_to_user_mode+0x19/0x40
[  118.152913]        do_syscall_64+0x48/0x90
[  118.152930]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  118.152942] 
[  118.152942] other info that might help us debug this:
[  118.152942] 
[  118.152945] Chain exists of:
[  118.152945]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  118.152945] 
[  118.152959]  Possible unsafe locking scenario:
[  118.152959] 
[  118.152961]        CPU0                    CPU1
[  118.152963]        ----                    ----
[  118.152966]   lock(&ctx->lock);
[  118.152971]                                lock(&rq->__lock);
[  118.152977]                                lock(&ctx->lock);
[  118.152983]   lock((console_sem).lock);
[  118.152989] 
[  118.152989]  *** DEADLOCK ***
[  118.152989] 
[  118.152991] 2 locks held by syz-executor.7/3626:
[  118.152997]  #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  118.153026]  #1: ffff88800f228020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  118.153052] 
[  118.153052] stack backtrace:
[  118.153055] CPU: 0 PID: 3626 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  118.153067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  118.153075] Call Trace:
[  118.153078]  <TASK>
[  118.153082]  dump_stack_lvl+0x8b/0xb3
[  118.153100]  check_noncircular+0x263/0x2e0
[  118.153117]  ? format_decode+0x26c/0xb50
[  118.153132]  ? print_circular_bug+0x450/0x450
[  118.153149]  ? simple_strtoul+0x30/0x30
[  118.153165]  ? format_decode+0x26c/0xb50
[  118.153182]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  118.153199]  __lock_acquire+0x2a02/0x5e70
[  118.153220]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  118.153242]  lock_acquire+0x1a2/0x530
[  118.153259]  ? down_trylock+0xe/0x70
[  118.153276]  ? lock_release+0x750/0x750
[  118.153296]  ? vprintk+0x84/0xa0
[  118.153313]  _raw_spin_lock_irqsave+0x39/0x60
[  118.153324]  ? down_trylock+0xe/0x70
[  118.153340]  down_trylock+0xe/0x70
[  118.153356]  ? vprintk+0x84/0xa0
[  118.153372]  __down_trylock_console_sem+0x3b/0xd0
[  118.153390]  vprintk_emit+0x16b/0x560
[  118.153408]  vprintk+0x84/0xa0
[  118.153425]  _printk+0xba/0xf1
[  118.153436]  ? record_print_text.cold+0x16/0x16
[  118.153452]  ? report_bug.cold+0x66/0xab
[  118.153470]  ? group_sched_out.part.0+0x2c7/0x460
[  118.153488]  report_bug.cold+0x72/0xab
[  118.153507]  handle_bug+0x3c/0x70
[  118.153524]  exc_invalid_op+0x14/0x50
[  118.153542]  asm_exc_invalid_op+0x16/0x20
[  118.153554] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  118.153575] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  118.153586] RSP: 0018:ffff88802189fc48 EFLAGS: 00010006
[  118.153595] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  118.153602] RDX: ffff88800dded040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  118.153610] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  118.153617] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800f228000
[  118.153624] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  118.153635]  ? group_sched_out.part.0+0x2c7/0x460
[  118.153655]  ? group_sched_out.part.0+0x2c7/0x460
[  118.153674]  ctx_sched_out+0x8f1/0xc10
[  118.153694]  __perf_event_task_sched_out+0x6d0/0x18d0
[  118.153708]  ? lock_is_held_type+0xd7/0x130
[  118.153721]  ? __perf_cgroup_move+0x160/0x160
[  118.153732]  ? set_next_entity+0x304/0x550
[  118.153749]  ? update_curr+0x267/0x740
[  118.153767]  ? lock_is_held_type+0xd7/0x130
[  118.153781]  __schedule+0xedd/0x2470
[  118.153798]  ? io_schedule_timeout+0x150/0x150
[  118.153815]  ? rcu_read_lock_sched_held+0x3e/0x80
[  118.153835]  schedule+0xda/0x1b0
[  118.153849]  exit_to_user_mode_prepare+0x114/0x1a0
[  118.153861]  syscall_exit_to_user_mode+0x19/0x40
[  118.153875]  do_syscall_64+0x48/0x90
[  118.153892]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  118.153905] RIP: 0033:0x7f8184319b19
[  118.153914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  118.153924] RSP: 002b:00007f818188f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  118.153935] RAX: 0000000000000001 RBX: 00007f818442cf68 RCX: 00007f8184319b19
[  118.153942] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f818442cf6c
[  118.153949] RBP: 00007f818442cf60 R08: 000000000000000e R09: 0000000000000000
[  118.153956] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f818442cf6c
[  118.153963] R13: 00007ffcc4f936bf R14: 00007f818188f300 R15: 0000000000022000
[  118.153976]  </TASK>
[  118.210073] WARNING: CPU: 0 PID: 3626 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  118.210750] Modules linked in:
[  118.211000] CPU: 0 PID: 3626 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  118.211590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  118.212420] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  118.212834] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  118.214151] RSP: 0018:ffff88802189fc48 EFLAGS: 00010006
[  118.214544] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  118.215080] RDX: ffff88800dded040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  118.215598] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  118.216138] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88800f228000
[  118.216670] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  118.217232] FS:  00007f818188f700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  118.217820] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.218246] CR2: 0000555c5cd3a608 CR3: 000000003f402000 CR4: 0000000000350ef0
[  118.218767] Call Trace:
[  118.218965]  <TASK>
[  118.219145]  ctx_sched_out+0x8f1/0xc10
[  118.219442]  __perf_event_task_sched_out+0x6d0/0x18d0
[  118.219830]  ? lock_is_held_type+0xd7/0x130
[  118.220148]  ? __perf_cgroup_move+0x160/0x160
[  118.220484]  ? set_next_entity+0x304/0x550
[  118.220807]  ? update_curr+0x267/0x740
[  118.221102]  ? lock_is_held_type+0xd7/0x130
[  118.221429]  __schedule+0xedd/0x2470
[  118.221714]  ? io_schedule_timeout+0x150/0x150
[  118.222058]  ? rcu_read_lock_sched_held+0x3e/0x80
[  118.222421]  schedule+0xda/0x1b0
[  118.222679]  exit_to_user_mode_prepare+0x114/0x1a0
[  118.223051]  syscall_exit_to_user_mode+0x19/0x40
[  118.223401]  do_syscall_64+0x48/0x90
[  118.223682]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  118.224061] RIP: 0033:0x7f8184319b19
[  118.224340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  118.225661] RSP: 002b:00007f818188f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  118.226214] RAX: 0000000000000001 RBX: 00007f818442cf68 RCX: 00007f8184319b19
[  118.226740] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f818442cf6c
[  118.227261] RBP: 00007f818442cf60 R08: 000000000000000e R09: 0000000000000000
[  118.227780] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f818442cf6c
[  118.228307] R13: 00007ffcc4f936bf R14: 00007f818188f300 R15: 0000000000022000
[  118.228838]  </TASK>
[  118.229013] irq event stamp: 718
[  118.229261] hardirqs last  enabled at (717): [<ffffffff8133e829>] exit_to_user_mode_prepare+0x109/0x1a0
[  118.229941] hardirqs last disabled at (718): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  118.230548] softirqs last  enabled at (414): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  118.231189] softirqs last disabled at (405): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  118.231807] ---[ end trace 0000000000000000 ]---
07:50:15 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
write(r2, &(0x7f0000000080)="01", 0x292e9)

07:50:15 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
write(r2, &(0x7f0000000080)="01", 0x292e9)

07:50:15 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
write(r2, &(0x7f0000000080)="01", 0x292e9)

07:50:16 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write(r2, &(0x7f0000000080)="01", 0x292e9)

07:50:16 executing program 4:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
write(r2, &(0x7f0000000080)="01", 0x292e9)

07:50:16 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write(r2, &(0x7f0000000080)="01", 0x292e9)

07:50:16 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r1=>r0, 0x8, 0x1, 0x400})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000003c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write(r2, &(0x7f0000000080)="01", 0x292e9)

[  119.613572] syz-executor.4 (3747) used greatest stack depth: 24792 bytes left
[  123.718361] loop3: detected capacity change from 0 to 242
[  123.832166] loop3: detected capacity change from 0 to 242
[  124.466367] loop5: detected capacity change from 0 to 64
[  124.473724] loop5: detected capacity change from 0 to 16383
[  124.474807] =======================================================
[  124.474807] WARNING: The mand mount option has been deprecated and
[  124.474807]          and is ignored by this kernel. Remove the mand
[  124.474807]          option from the mount to silence this warning.
[  124.474807] =======================================================
[  124.490312] loop5: detected capacity change from 0 to 64

VM DIAGNOSIS:
07:50:15  Registers:
info registers vcpu 0
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88802189f690
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000035 R11=0000000000000001
R12=0000000000000035 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f818188f700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555c5cd3a608 CR3=000000003f402000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
YMM01=0000000000000000 0000000000000000 2323232323232323 2323232323232323
YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=0000000000000020 RCX=ffffffff815ef537 RDX=ffff8880184fb580
RSI=00000000000001e9 RDI=00000000000001fe RBP=ffffea0001b79d00 RSP=ffff88801acb7ab0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=dffffc0000000000 R13=00000000000001e9 R14=ffff8880218b7f58 R15=00000000000001fe
RIP=ffffffff81460864 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9c76e7b6f4 CR3=0000000005226000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f9c76e8a470 00007f9c76e89f20
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 756e20796d6d7564 20736e6f6974706f
YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 73253d656d616e6c 6165722073253d73
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000