Warning: Permanently added '[localhost]:28675' (ECDSA) to the list of known hosts.
2022/10/02 08:01:45 fuzzer started
2022/10/02 08:01:45 dialing manager at localhost:35095
syzkaller login: [   40.773056] cgroup: Unknown subsys name 'net'
[   40.872722] cgroup: Unknown subsys name 'rlimit'
2022/10/02 08:02:00 syscalls: 2215
2022/10/02 08:02:00 code coverage: enabled
2022/10/02 08:02:00 comparison tracing: enabled
2022/10/02 08:02:00 extra coverage: enabled
2022/10/02 08:02:00 setuid sandbox: enabled
2022/10/02 08:02:00 namespace sandbox: enabled
2022/10/02 08:02:00 Android sandbox: enabled
2022/10/02 08:02:00 fault injection: enabled
2022/10/02 08:02:00 leak checking: enabled
2022/10/02 08:02:00 net packet injection: enabled
2022/10/02 08:02:00 net device setup: enabled
2022/10/02 08:02:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/02 08:02:00 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/02 08:02:00 USB emulation: enabled
2022/10/02 08:02:00 hci packet injection: enabled
2022/10/02 08:02:00 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/02 08:02:00 802.15.4 emulation: enabled
2022/10/02 08:02:00 fetching corpus: 50, signal 30233/32017 (executing program)
2022/10/02 08:02:00 fetching corpus: 100, signal 38702/42137 (executing program)
2022/10/02 08:02:00 fetching corpus: 150, signal 43302/48349 (executing program)
2022/10/02 08:02:00 fetching corpus: 200, signal 51082/57587 (executing program)
2022/10/02 08:02:00 fetching corpus: 250, signal 55618/63560 (executing program)
2022/10/02 08:02:00 fetching corpus: 300, signal 59158/68518 (executing program)
2022/10/02 08:02:00 fetching corpus: 350, signal 65615/76228 (executing program)
2022/10/02 08:02:01 fetching corpus: 400, signal 72212/83959 (executing program)
2022/10/02 08:02:01 fetching corpus: 450, signal 76054/89018 (executing program)
2022/10/02 08:02:01 fetching corpus: 500, signal 82381/96360 (executing program)
2022/10/02 08:02:01 fetching corpus: 550, signal 86739/101765 (executing program)
2022/10/02 08:02:01 fetching corpus: 600, signal 88567/104734 (executing program)
2022/10/02 08:02:01 fetching corpus: 650, signal 90507/107838 (executing program)
2022/10/02 08:02:01 fetching corpus: 700, signal 92394/110920 (executing program)
2022/10/02 08:02:01 fetching corpus: 750, signal 96218/115582 (executing program)
2022/10/02 08:02:02 fetching corpus: 800, signal 98672/118969 (executing program)
2022/10/02 08:02:02 fetching corpus: 850, signal 100574/121923 (executing program)
2022/10/02 08:02:02 fetching corpus: 900, signal 102513/124818 (executing program)
2022/10/02 08:02:02 fetching corpus: 950, signal 105311/128446 (executing program)
2022/10/02 08:02:02 fetching corpus: 1000, signal 106810/130957 (executing program)
2022/10/02 08:02:02 fetching corpus: 1050, signal 108632/133687 (executing program)
2022/10/02 08:02:02 fetching corpus: 1100, signal 110224/136233 (executing program)
2022/10/02 08:02:02 fetching corpus: 1150, signal 113619/140256 (executing program)
2022/10/02 08:02:02 fetching corpus: 1200, signal 114779/142394 (executing program)
2022/10/02 08:02:03 fetching corpus: 1250, signal 117356/145655 (executing program)
2022/10/02 08:02:03 fetching corpus: 1300, signal 119873/148819 (executing program)
2022/10/02 08:02:03 fetching corpus: 1350, signal 121708/151379 (executing program)
2022/10/02 08:02:03 fetching corpus: 1400, signal 122989/153480 (executing program)
2022/10/02 08:02:03 fetching corpus: 1450, signal 123725/155146 (executing program)
2022/10/02 08:02:03 fetching corpus: 1500, signal 125187/157351 (executing program)
2022/10/02 08:02:03 fetching corpus: 1550, signal 126623/159551 (executing program)
2022/10/02 08:02:03 fetching corpus: 1600, signal 128309/161877 (executing program)
2022/10/02 08:02:04 fetching corpus: 1650, signal 132405/166036 (executing program)
2022/10/02 08:02:04 fetching corpus: 1700, signal 133514/167844 (executing program)
2022/10/02 08:02:04 fetching corpus: 1750, signal 134940/169911 (executing program)
2022/10/02 08:02:04 fetching corpus: 1800, signal 136758/172206 (executing program)
2022/10/02 08:02:04 fetching corpus: 1850, signal 137631/173876 (executing program)
2022/10/02 08:02:04 fetching corpus: 1900, signal 138881/175803 (executing program)
2022/10/02 08:02:04 fetching corpus: 1950, signal 139832/177445 (executing program)
2022/10/02 08:02:04 fetching corpus: 2000, signal 140811/179037 (executing program)
2022/10/02 08:02:04 fetching corpus: 2050, signal 141786/180649 (executing program)
2022/10/02 08:02:04 fetching corpus: 2100, signal 142751/182309 (executing program)
2022/10/02 08:02:05 fetching corpus: 2150, signal 143851/184054 (executing program)
2022/10/02 08:02:05 fetching corpus: 2200, signal 144744/185565 (executing program)
2022/10/02 08:02:05 fetching corpus: 2250, signal 146083/187362 (executing program)
2022/10/02 08:02:05 fetching corpus: 2300, signal 147188/189037 (executing program)
2022/10/02 08:02:05 fetching corpus: 2350, signal 148285/190663 (executing program)
2022/10/02 08:02:05 fetching corpus: 2400, signal 149839/192583 (executing program)
2022/10/02 08:02:05 fetching corpus: 2450, signal 150975/194189 (executing program)
2022/10/02 08:02:05 fetching corpus: 2500, signal 152225/195870 (executing program)
2022/10/02 08:02:06 fetching corpus: 2550, signal 153760/197664 (executing program)
2022/10/02 08:02:06 fetching corpus: 2600, signal 154675/199066 (executing program)
2022/10/02 08:02:06 fetching corpus: 2650, signal 156049/200745 (executing program)
2022/10/02 08:02:06 fetching corpus: 2700, signal 157508/202486 (executing program)
2022/10/02 08:02:06 fetching corpus: 2750, signal 158682/203995 (executing program)
2022/10/02 08:02:06 fetching corpus: 2800, signal 160213/205737 (executing program)
2022/10/02 08:02:06 fetching corpus: 2850, signal 161261/207185 (executing program)
2022/10/02 08:02:06 fetching corpus: 2900, signal 161996/208432 (executing program)
2022/10/02 08:02:07 fetching corpus: 2950, signal 163104/209852 (executing program)
2022/10/02 08:02:07 fetching corpus: 3000, signal 164473/211415 (executing program)
2022/10/02 08:02:07 fetching corpus: 3050, signal 166086/213154 (executing program)
2022/10/02 08:02:07 fetching corpus: 3100, signal 166642/214218 (executing program)
2022/10/02 08:02:07 fetching corpus: 3150, signal 167457/215426 (executing program)
2022/10/02 08:02:07 fetching corpus: 3200, signal 168653/216860 (executing program)
2022/10/02 08:02:07 fetching corpus: 3250, signal 169821/218243 (executing program)
2022/10/02 08:02:07 fetching corpus: 3300, signal 170760/219491 (executing program)
2022/10/02 08:02:08 fetching corpus: 3350, signal 172007/220892 (executing program)
2022/10/02 08:02:08 fetching corpus: 3400, signal 172841/222070 (executing program)
2022/10/02 08:02:08 fetching corpus: 3450, signal 173382/223040 (executing program)
2022/10/02 08:02:08 fetching corpus: 3500, signal 174431/224224 (executing program)
2022/10/02 08:02:08 fetching corpus: 3550, signal 175188/225327 (executing program)
2022/10/02 08:02:08 fetching corpus: 3600, signal 176009/226365 (executing program)
2022/10/02 08:02:08 fetching corpus: 3650, signal 176574/227294 (executing program)
2022/10/02 08:02:09 fetching corpus: 3700, signal 177415/228348 (executing program)
2022/10/02 08:02:09 fetching corpus: 3750, signal 178319/229405 (executing program)
2022/10/02 08:02:09 fetching corpus: 3800, signal 179065/230422 (executing program)
2022/10/02 08:02:09 fetching corpus: 3850, signal 180280/231617 (executing program)
2022/10/02 08:02:09 fetching corpus: 3900, signal 181812/232907 (executing program)
2022/10/02 08:02:09 fetching corpus: 3950, signal 182481/233804 (executing program)
2022/10/02 08:02:09 fetching corpus: 4000, signal 183172/234726 (executing program)
2022/10/02 08:02:09 fetching corpus: 4050, signal 183711/235594 (executing program)
2022/10/02 08:02:10 fetching corpus: 4100, signal 184245/236438 (executing program)
2022/10/02 08:02:10 fetching corpus: 4150, signal 184838/237294 (executing program)
2022/10/02 08:02:10 fetching corpus: 4200, signal 185805/238425 (executing program)
2022/10/02 08:02:10 fetching corpus: 4250, signal 186617/239349 (executing program)
2022/10/02 08:02:10 fetching corpus: 4300, signal 187614/240313 (executing program)
2022/10/02 08:02:10 fetching corpus: 4350, signal 188040/241100 (executing program)
2022/10/02 08:02:10 fetching corpus: 4400, signal 188654/241929 (executing program)
2022/10/02 08:02:10 fetching corpus: 4450, signal 189293/242766 (executing program)
2022/10/02 08:02:10 fetching corpus: 4500, signal 189988/243626 (executing program)
2022/10/02 08:02:11 fetching corpus: 4550, signal 190632/244431 (executing program)
2022/10/02 08:02:11 fetching corpus: 4600, signal 191316/245246 (executing program)
2022/10/02 08:02:11 fetching corpus: 4650, signal 191916/246013 (executing program)
2022/10/02 08:02:11 fetching corpus: 4700, signal 192765/246859 (executing program)
2022/10/02 08:02:11 fetching corpus: 4750, signal 193215/247557 (executing program)
2022/10/02 08:02:11 fetching corpus: 4800, signal 193770/248252 (executing program)
2022/10/02 08:02:11 fetching corpus: 4850, signal 194203/248955 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/249627 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/250211 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/250782 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/251322 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/251901 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/252464 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/253044 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/253597 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/254166 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/254723 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/255254 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/255854 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/256427 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/256950 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/257515 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/258050 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/258594 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/259173 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/259756 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/260354 (executing program)
2022/10/02 08:02:11 fetching corpus: 4875, signal 194680/260911 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/261491 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/262029 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/262612 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/263183 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/263764 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/264347 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/264895 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/265454 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/266042 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/266592 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/267202 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/267800 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/268410 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/269001 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/269543 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/269652 (executing program)
2022/10/02 08:02:12 fetching corpus: 4875, signal 194680/269652 (executing program)
2022/10/02 08:02:15 starting 8 fuzzer processes
08:02:15 executing program 0:
keyctl$unlink(0x9, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000000)=@secondary)
r0 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "e099acf05b88f55fe188b26f101f78754574da11dbca3d425c51598932ad31955c89e91a0b5c3fa09ae5efc953a203f6c0179a1e23943efb807a4e18af32e29a", 0x1b}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000140)={r0, 0x6b, 0xe}, &(0x7f0000000180)={'enc=', 'raw', ' hash=', {'sha3-224-generic\x00'}}, &(0x7f0000000200)="e44e02edbfbfcd95e6b53610eccb7a14db8ef61c633814548203b2015d484b2652b90062ed6b58bb410586b4c67e109c4b575f7276c9fab16b09f31a31b6f829e4fa3596bd3d1a03a6ded604c285dbadbfac81849c19e1fdfca3b1c1073d63a34bd6c4a2bcec37946d799b", &(0x7f0000000280)=""/14)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f00000002c0)={r0, 0x39, 0x1000}, 0x0, &(0x7f0000000300)="789644eb941ab270f42cc5cc51bd80cd6f54c5d182647fa54491f9c3a56a607ebc4d6d2be94777b7c7dae82a82881d4a402922c2bdbcd6e8a6", &(0x7f0000000340)=""/4096)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000001340)='rxrpc\x00', &(0x7f0000001380))
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000013c0)='rxrpc\x00', &(0x7f0000001400))
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000001440)='encrypted\x00', &(0x7f0000001480)=@keyring={'key_or_keyring:', r0})
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000014c0)='dns_resolver\x00', &(0x7f0000001500)=@secondary)
r1 = add_key$keyring(&(0x7f0000001540), &(0x7f0000001580)={'syz', 0x3}, 0x0, 0x0, r0)
perf_event_open(&(0x7f0000001600)={0x0, 0x80, 0x8, 0x2b, 0x8, 0x9, 0x0, 0x0, 0x20, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, @perf_bp={&(0x7f00000015c0), 0xa}, 0x12, 0x200, 0x100, 0x9, 0x9, 0xf4b, 0x1, 0x0, 0x3, 0x0, 0x40}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
keyctl$set_timeout(0xf, r1, 0xffff)
r2 = request_key(&(0x7f0000001680)='asymmetric\x00', &(0x7f00000016c0)={'syz', 0x3}, &(0x7f0000001700)='\x00', r1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000001740)='.request_key_auth\x00', 0x0)
r3 = add_key$fscrypt_v1(&(0x7f0000001780), &(0x7f00000017c0)={'fscrypt:', @desc1}, &(0x7f0000001800)={0x0, "862d1d15fcde4c7369468c01a650c26e38c123954dc0c688fe56e6551cedda156743deb3483ec69f05447df7db3e9e9d273929651d1a3636551837f2f8881178", 0x35}, 0x48, r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000001880)='trusted\x00', &(0x7f00000018c0)=@chain={'key_or_keyring:', r2})
r4 = add_key$keyring(&(0x7f0000001a80), &(0x7f0000001ac0)={'syz', 0x2}, 0x0, 0x0, r0)
r5 = add_key(&(0x7f0000001900)='blacklist\x00', &(0x7f0000001940)={'syz', 0x0}, &(0x7f0000001980)="b58d6af2f459ded2f22687aaa5cc16d211b26388d27eacc0625e6a9ba49c037647d7561cfd961dab88bf98c034fbecb4842919c849f5f4850fecb8e09dc91d5c62507da1c8573a15a4f4b5c4a42234cf7964155051097cdc8d34490371b595c12d4474b43063d907c811f76bdf0981b95936bafbf8f1b1334ae5223a8950a407b477b6062446e9fb8e17c9a134940daa79c7f3f751c7d969c815d60ab6399fa70c2b61ac9c8dc072ea4bb9441f84e2f2423f4dc6a98527ef783512f7f6dcc2069c034c895715a738fb463bf5fcfc759fe333e295bc305eba7ac632c55ffab29b82ad71747592fce084c3e40edda8f2047c7ab6ea38f68ff9fac4", 0xfa, r4)
keyctl$describe(0x6, r5, &(0x7f0000001b00)=""/79, 0x4f)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000001c40)='cifs.spnego\x00', &(0x7f0000001c80)=@secondary)

08:02:15 executing program 1:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x9, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="3bf703a0faef0cf468b1d32c7090888a66a3a9cd855f31d5a19e5ec1df51345684f7f05d6af7829d15dac624c86b1c1413dea7734df8d53786f9588f9a12c71534e337dde37765e8a06b3fc4d33fde98140eacd3eee45624d689ea459808648aa0359ffce283940cc4eeab4f33d261f55a62c702982994b286133e118396548d6fba2898bdf0d5a7324eca9870172ea3caf5645c684aec17c9180e34872ac2c3f26414aa67542158f54b18224c9cc780d23821ecbbc860f7303eb1643c17c1a86fe4149f48b1dc62ea3c", 0xca, 0x9e}, {&(0x7f0000000180)="427c2097bb339ebe9493ce19ad6ee0c7d93c14eb32fe5aabbb8a12bb1e143a749c71854baa9a2ab2b5911fafe932580b8d86612214bc4ff501165a34c5a68066e0824a2f7d40e163100e902690cfb700aef55d7a2c404666e2196e320da596b9df47ed4c02d819a91209f56cc0217ecfe536098e3bead4d756631ab1565d0ebc7987cef6cd1aaebfb1841d66a15f6d49ebf0bf6eecc40c37eef8c611", 0x9c, 0x8}, {&(0x7f0000000240)="77995cbd9ffb821f9f7bad57af2da8433e8100a3ae7842be8e31690375e019be3e9df96be2a958ac8eefe90286d74ab9757531b8df8e8952510153eb22f39dec1b8e99a2a69d968b26967ed6dc42dcd4a27a281d0e2c7ca75261199a5217048b4d0cb11e0b27d79b05733559a0cea9a901d19959d28b66b1e5f074afd6a9d1a72187fa75bc348ebbed85b3a9f427d29e4e9971222b9850566b7618", 0x9b, 0x7}], 0x80, &(0x7f0000000380)={[{@cruft}, {@unhide}], [{@defcontext={'defcontext', 0x3d, 'system_u'}}]})
fchownat(r0, &(0x7f00000003c0)='./file0\x00', 0xee00, 0xee00, 0x400)
r1 = signalfd(r0, &(0x7f0000000400)={[0x40b]}, 0x8)
mknodat(r1, &(0x7f0000000440)='./file0\x00', 0x1, 0x401)
setxattr$incfs_id(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), &(0x7f0000000500)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1)
r2 = creat(&(0x7f0000000540)='./file0\x00', 0x144)
statx(r2, &(0x7f0000000580)='./file1\x00', 0x2000, 0x8, &(0x7f00000005c0))
pipe2$9p(&(0x7f00000006c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0xc0000)
ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000700)={0x1, 0x0, 0x2, 0x1, 0x5, [{0x30, 0x0, 0x0, '\x00', 0x2900}, {0x2, 0xff, 0x9, '\x00', 0x2180}, {0x5, 0x7, 0x8, '\x00', 0x1004}, {0x7, 0x1af5d4d5, 0x1, '\x00', 0x108}, {0x1, 0x80, 0x80000000, '\x00', 0x2}]})
r4 = signalfd(r0, &(0x7f0000000840)={[0x1000]}, 0x8)
fallocate(r4, 0x0, 0x0, 0x41)
flistxattr(r3, &(0x7f0000000880)=""/86, 0x56)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000900)={0x0, 0x0, "53b096623c6130d2d11a68274e4cc18ec8ebb5d350d8a3104880c6332a8da258360af63fa76ab269177cdda0eecb569d1c4074f910732ed7a87381b8aaf386cc3cde725051029ec491224cce46772cec3d250f28ccf627d3ef7100c28e0bf283ca3517ac062ac9c3777cf82a19829ab979b12e94f7ecba969a17728491adbd9de64f030f01721875ad44bc3056aa03e062281dd65db78e6c898398c24ccc80603e1eca73f2f7dfa34443abf06339b1066d7f6bfb812ffcdf69d208cd6f7b04dcef11c0fbd9c86202f77ec3537b9645f593e87e9f1d11a3360bdea45ed565e5d26e22eca746f5707790727db5be1cecf70b72f212a8ac715ce9c83b06596740cc", "4b13167bca0f6b93d88e34a16511232e5c472aae91818882fbe9adcbaf69f92dc27b1c1cac4b17cbe7c83a17c4274d49235c3ddd784063fe55d97b3f797e84a8132dc3cd83a2a69900336f6ee0ff856a7d2315173fa5ea79cb762680651cf30f466d6ef4bda9632da1a0db090e8142cc0589f860bdac7cf32a23f8ffdeab5221271577e5006f0f83e30bba3b24cc7912d443c38e59a8bd4c9763d7057e97de6723142d1f2922929c2d8317b628ed98d4f3e9ca4c68fd82409ff0790bc59e7650c13641edd17519c13b62ee53276356c0d2fab4228fba9c8760a53dee463ace40c2f731fa582524299f45dcd177362f2ff3123a630a51d8b42f6c4fcd37d54b069b5ade211c9317e91d99132bb93c5fd92995fcb0a3cc730f0ec5d1047d66a04de1e7d19863d2b38b1a0deceeafad53ba9660f2a061647d4391359d9009c80fd3bb5f1e690a1d5d9ccccfeb215cae69e17c7283f5f6bfa3ac4dbb9909c19095e7a6de54e7e9590d11c81737b44950d1c65f1e117f3c3e6f97582e423340187882746f3c627839891ce1f679951b1f204c329b434f8e74f0c72ed6928777033fc964d7e1881f7bf58c920f8fc343a4a707331a3c000e9b22552b39769b805e0444db1db28ec4e5f5ac59218b328576cd0b47adf1d888e8e89d53e9208b3a766766c245122acfd477ccde0aa81d516f57a49d79869d84dbbde7766bc63c109501a322ebf1dea74dfdc918681d553bb6404688cb57be8aee9ce558989ef01acbfd5bb3f1f8ffa7228fc78ba50ac79866e4406bf38b08a3427711607ff2be5cd299fb018bd06a30d4e23202ae22959c7cba217b68d07b53d25863f53310b8dbc786b5f592ee4d0561527b3a825cfe1be5bff22fd18de56971db09fb76e3e71e427e94427c3bbeca530a575f9245075b8d619cdeb14cb4a2db38def65c35f2149fc73479f668c6f1340df1fa9e457286fc6dbcec79ef202d09f5c002b88ff5df36b4ee75a20efaaa72c8c3f50643841dc22b09ced37e6f3a40d920cf522069ded798f520bf92f247976ccba80e244558b3893ba985d36cd38d200f2fb51027b530d67bb9ca99afc01777eb6a8e21ef2aa96af48ced385adc298e9cba9274e3f4b207017dcab82834a3b0d74846ecc553718bcf55671488ba43aaf06cc993510166a6a7389ceee42dc76c16573d516af58c018c0e3befdbbc0989119e517c596ae783567c5a89ed0e6abb76fd085ecaf43ba1b04bf2439219797160400c86d964bc32a1da0069f0b81cfdf617e764929472fd14f5341c9d2247979c8cfd224fd06a611dfbfd1b56d1007704aee27e91a17e8144a7fceb5e8594e15bac93a707021ce4149a4061d87a3b1bbdd73a6dd946b1fd130c86214b39190921f1383a839c96459f780a35f7a9c45dba1648e83b89fe24cb90630f2166375e9aa23a959b48987ced138b0df3e8c819b31ebf7853cb5c380a95f5cba84ae26ca324e029a14d2eee45123e7cfc40d1d5e8be45c4f95ac2bd4fae6fa240101c4104c068d2263cbad74d146791e45d321088fb14e6e5c0590a4320be3a73c0eaaee2811e796200f62f2478001a9628b9d2a17abca7b810aa2e0b21d31913dcaa50130e9bf97995f29655a244f1ebb4a940fd064bd31f3f49fc9d9466080d322f2e5d750aa6c1642e6dfea0c59e4c71047a9a4aaf92bfcb8b8cdd85cc786e282a646d37be9a5959273476d6954af1c0d8101bdd0992c2ecc10e13e52726ca4a56451633ba218b1cc545408f4845ec9f437069b3373f9511fe322351c5bfd8d2e1a354174b3bfddb50329ec1f82a005574295938e8ad1b98b554696702ac3bfddd881b6caeb5588a7f4aadada4f0761a13a662a9676547647838bc1890aeb73c19f2a53bdeaea3d1f3b7dd0e4161e9d87de8ea12e5ad2bdac6f680d3e8d364717d41403d0b3b9b1597d5c40eba6efa8b38d51970a30da40b6aebbb12b05af6c0b7568c33ef9f9c6a18acacd5dafc4eb78c82985afb614dea21c1ebbdb6cdab2e5e99adc6999cd585e6f0343a834a35d49e45869ac7759c4e66bb7c398fa15a55fa1618ebc709fca74ee109380eb987d9e3a0617596898f95fbd87f691927636a3239512864e2f77e1f62e8144f18dee7474c5cfe984db6fd19da3a74ace5673436dffd66d6861000731c2e216d1b90d84ae6513695dddc7b5c94da9aad57af9536cfd6ede0f0af377dcaefaac8da2676189b6055d987fc0988935733cfef298f2434979ae3ea01dda918b1c74e87587b99d408ee231a37a2f5be47401e62c82137178b25a781f6c356b30a0ce0dbbb2d8a315f00b65f07f84da26bbada62b8ddf8dbfafa9a445bd3f9affdfa8eac9bc8959f14d1f8e9f95f28675b1b781b0c6bf89143012c219e07c16fd6534f9b2ade3fe694c2ad7f5d2e902911f374f60a208381c7a5142975937d8b337c5326ca14289c90d5937f1aa7d55903dd522296312af7affd6f101e812b507ac35a04dc0cab2f3f9cfb8422407bbdf74e1d5c4a0d16a4c267a459b2e46b177a0013f9576caed12aadf895519b8d50a1fa9adc44bb3db71d10d1ef3704afd36b6fe49e1888a552addf7fa2dd714591af16d193247cbc2fcf1b7765a3c14fc8239f78bb8f6c008de8cfda78fc000fcd697686275a391eedeb542920f588d5937f406b1eb83d4a905074d2c219ac17c01a0cb81bd899b5a69d0db50ee98642fa4f0faa507dcb835a84615fe1a9d40bb6c88ea945e9b4ba3bdaf2809bbaed1605769d7d61f38a53e3a328ae58fb64fe4242be27b40ca81f7f24a0fe4894f5045437cb616f8242f69df16ab2b935e07e399de3d74ae6816bb4cf807430e93254812fddd9a0d922b3c251aa5fbcfa4043170d319006333aa658f5d939d1090831aff77a985331e8539d3f89dc40a8199fe7510aa26e4f5282c7bcf1b6f53ca07d9689b0b421b6285b9f2db499618432dc2f3c859748084bc1f77a12c17621fcd32ea5fe2eaf7b6bc9192d67682d62bd9b8a3dcf85e0efc64cfdf4be55eb786f1c3defd7921700a52070248132069c521daf2e2c981ab3ee0c207d306482fa9776066ae3e7df92f13515fb7794b118721a9a2e1effd3dfa1001bf5674c61bf53edbd7d171601c18289c229fe0db73db0ab5e46940046822aa2de084aa9a41b5218094e229ae3e196d97e7fdbff0541e2976f0e112e194c7a1ef0988caf0e8c2f907c332b9072127c207f85c7696e8f1199b09da7f8e60bd2b3f6c37eccfec4bcaf196a5dccbbe572213b1aa35897ff9a3242a26b71a373b46a1a4254b352d325a4d363a5316c8377ee139c5070d09d12fa8073dbd34a52e01f0a9c9cc4b8e2b08357f3978a7355b37a00947696e4b69cb9cb7cc25b79bd92108b80d2c11b11ced4168b50c9dd4d9e9776aaed54a78605bfbe3889b3d6d33d5d3d80f570690a4b25881e13cab1a25941bafffcd341f33f28261d3b770c5c4e20043173dc3872683b3d3aa7da8f40df2fe8ead0e04962cf205734043e713bdf707417531e024012432a9fb1b3b883cdbaf253db0cc35133123315073e727c973c778c35e9e98c83dde67fb961abe5d0d5a251f86e58e397e5580bdd717927ccb7fb720563235ca617104d1a09ec705fb5571e72d6c863c2fff1d89211d86304f246db18ebed8c03ef690e04dbf3e669525b84f50de832525f42b63bef17edee2bbd9311805902f194295e4d7bac6d06a271b5fc58bff826c79189849ebdadfb0c70dacd47a0ede74cb04515158c62102f50155d126934b1b626202dbf182fd066546761e29147039c496fecaa69ff2edc8af21956f59ce77a620db65cd3fc6451bccdc173f53dc76dce254cebf27725684e6c99a03ff50ef2780dbf88ca558cdd23a740bb59b87f0d102ec61c3e165b4f94f5495aba545dc1725738cc66a790ee3823b75e065ac73a7d17fde6d063b2ad38ee21e6025ca61e0b057f8d414de6ecca0a9e5a2dacd055637021de32fcb08fe1f97fbda1d307045ea44d618c16123ebea1c817f21a7bcb4d147275f26f3c837221db1e2dcf2373fe7b3c1d286d0459eae833039917c2ce936e47ad01930e6db185fc800f6b9ca231d15733877f20fc66f081fa1c7ba84032ee553f8330cf3727133265473b1f2aee1cb6b88940cc2a71a5c8afe68fd9841acc519942901de302a4d7317fa4418410244236fd491e397927b7d239a51f3e6efa9729b1877665e53363a62991f792ea9180c5a88588b0e9202eb4b20dca247ec9d69dd568ec038810fce7425f783e4599e19def7c7499d08966b364067ae5e08622e96fc0e84bee34f7f8514683ed58b98e09421f84b6deabcb59596a97e358b3df0ecd217dced69beae7bcfdcd278968ae931a126c25a7351882fdb31732a4105706e459d105919aae8b68252dafe15552e5f289acb30fa70bc5aab1ac0af2b7dde803f942a7abe3578ce631fd1bd970dfc0d5ce4b0ae0b7e820dcb583acef4cda43a3e635781bd8c7495ddf7a9918c5ff2ea28823151340ff1ff14b2a8938f2f7aa9ff29328af67b2b1e138ee1b3b55bb698731bcdb771425313471386be35da0efa303ec90ee758076ca5f6db1c7f29955d7ad94e73fb37a039311dda7d8ffa70c28b9b4d9c5463298e964c3f045ab88efcca5ce406ae9f38e2f46fbc1ad31444b9c1e58fe8ceae05c4f4c81ddf396e2f5e6d411a518b0a8ec3619b45212a4a481816788d223774c0a4f675d0ff1173ba9635affa0761757439f3c0add554f84eda97562011af08fd2d75b758a89dddcbead7548092948f8b5e63060aac6df3c2349a436e5a2318e0e2250cfb80f71451f36e9e50db1493d8439b786608bfb4f12bc865d2d03607489f4e4bae1513dad665ab624f419e3f0b964d9abc8ae8b3af29ede0b9537ef5e2cef15be290574102017a44c7e10e36a4cc9a30681898203bdfd959f6d607495349dd0136a3c3a90276ec4005280706f9df272a0a0a01d311d86a6e4bbfb7118c23eb23cccc48fb8304df4e3267e8ef51827c2e8debc9745cb7fea89d1e5421b733270cb0ce5f0684295bb57d22643bc19016f8befd88ac0937d5d39f7d87b56d27e2dac9ee3936a4d06091871f2512cfe181a8cdcd8c7b510114f5d87b172fe99a2187a4f7737ed74691e0f328b81a4f4d852405610acc64c7e96c0373e20414afb6a1db86454e87e43cd5b14916d8ae878b934276cee7f1240b3b8bca99c31fa8206de10c83a8e692429ab04631be2723d0c165ff1a94492c02bbbb68ec76f58df91888d1e00712d7c4b921b3d43b508de9c1fb1e1e25d14195a4bf7616770517ec6bfe0f26843d88b489f7f24499471ea207d03b7177e340ea43c1b2b47b9cd7c6d0cb8669f4cd3a5a9bcf7fbfb91090e693b74bfbb395823e01c938d303fd75016dd243378"})
fadvise64(r2, 0x3, 0x7, 0x0)
stat(&(0x7f0000001940)='./file1\x00', &(0x7f0000001980)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
chown(&(0x7f0000001900)='./file1\x00', r5, 0xffffffffffffffff)
statx(r4, &(0x7f0000001a00)='./file1\x00', 0x100, 0x1, &(0x7f0000001a40))
ioctl$FIONCLEX(r2, 0x5450)
fspick(r2, &(0x7f0000001b40)='./file1\x00', 0x0)
setxattr$incfs_size(&(0x7f0000001b80)='./file0\x00', &(0x7f0000001bc0), &(0x7f0000001c00)=0x9, 0x8, 0x2)

08:02:15 executing program 2:
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvtap0\x00'})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x94, 0x0, 0x10, 0x70bd29, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x94}, 0x1, 0x0, 0x0, 0x4040000}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {<r1=>0xffffffffffffffff}}, './file0\x00'})
getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000200), 0x10)
r2 = socket$inet6(0xa, 0x80000, 0xfff)
ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000240)='geneve1\x00')
ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f00000002c0)={0x0, @qipcrtr={0x2a, 0x2}, @generic={0x27, "7ade94b6c7da5047bc35e76a5f01"}, @rc={0x1f, @any, 0x1}, 0x4b, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000280)='batadv0\x00', 0x7, 0x100, 0x8})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000340)={{{@in=@empty, @in=@private}}, {{@in=@empty}, 0x0, @in6=@ipv4={""/10, ""/2, @multicast1}}}, &(0x7f0000000440)=0xe8)
sendmmsg$inet6(r2, &(0x7f0000000740)=[{{&(0x7f0000000480)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c, &(0x7f0000000700)=[{&(0x7f00000004c0)="1a31660c92e51ef6fff15165d02185908d69fe29ad2ebf87d206c3cf604429b00e144a77527d2f4f6db3635e6330e63082f02d2649bdbd4650f74b37335f887476586af91b87e4b1cea35fa4cfc85a13036fb94cdf922584733e285d4d6277ecb834b312f669a0971aecbcc2b10ca5a3cf0ffd677441113f9001996c8f9da26d46cccde735e7e4654a21a6942948f0f976679443d4bf1487a66d8b68895c8a3b02dc066ccf6b9de2184b496e3eafbfb061c5e2c78be06ea0bbbd37e251ea8880ddb6bb749d0db91229f4ac199c81fefac9", 0xd1}, {&(0x7f00000005c0)}, {&(0x7f0000000600)="4cc49cd3f18bed3a68cd15c54bb4d410619c75a6f23469ba120a6550fa58f1ebaa1d3775739f67e94a3524b4850f7dbef2570463e3d2dac1675563a82621b1078289b3f066d9cf6ccc12d375aca8be20287ec33269c90a1fe522fc39c216b0e7d2130abad9484cf17bff3969f12dcf1f82016f817814040e8371bfcc0d73252988e7faba35a9f7f21efc26bd00b64ea8d51a8cae3541d47d60a207863f84bbe33958803e4b403af745194750feeee85a4e4d08e3f8a099a693be61ce27505489ae63abe3485adb6d", 0xc8}], 0x3}}], 0x1, 0x840)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000780), 0x16000, 0x0)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000800), r0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r3, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x2c, r4, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000a000}, 0x20000880)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000940), r0)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x30, r5, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x18}}}}, [@fils_params=[@NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x3}]]}, 0x30}, 0x1, 0x0, 0x0, 0x88c0}, 0x48010)
getsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000a40), &(0x7f0000000a80)=0x4)
pipe(&(0x7f0000000ac0)={<r6=>0xffffffffffffffff})
ioctl$BTRFS_IOC_INO_LOOKUP(r6, 0xd0009412, &(0x7f0000000b00)={0x0, 0x100})
connect$inet6(r6, &(0x7f0000001b00)={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x5}, 0x1c)
sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000001c80)={&(0x7f0000001b40)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001c40)={&(0x7f0000001b80)={0xbc, r5, 0x0, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TESTDATA={0x9f, 0x45, "f8c2e73518e0f21eb5b25a9681973e1e65e7bc52e988c39285760e117b7d6328a881c9b0414ba065097b2115efc9df75f738dfc6e65b67052c539530393c66c7ab39ea181e1fa0531113f5a060a4fabfe9229429dc0ef831e1613af8c057c3dccf8e47a01590b2fe4dce802a8c5dfeed0ffa14a5dc6a9f395ac3fb9a53fda8f9294f9d533e0e47261a9951a788aeaf9588a5861e5ba79427ee6da2"}]}, 0xbc}}, 0xafc4612e803cde0e)
socket$inet6(0xa, 0x4, 0x3ff)

08:02:15 executing program 3:
r0 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x4, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x4)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r0, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}]}, 0x1c}}, 0x20004011)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x8001}}, './file0\x00'})
sendmsg$NL80211_CMD_AUTHENTICATE(r1, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, &(0x7f0000000480)={&(0x7f00000002c0)={0x1a0, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8001, 0x43}}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @key_params=[@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x3}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "3d6fd264f36ab90e802a2f60c5"}, @NL80211_ATTR_KEY_TYPE={0x8}], @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @key_params=[@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY={0x58, 0x50, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_MODE={0x5}, @NL80211_KEY_SEQ={0xb, 0x4, "dc2735687ab1ae"}, @NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "34ed3d63996d0ce0a6368ebd73"}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "8c4ad8605a75fcec3f115ee427"}]}, @NL80211_ATTR_KEY={0x54, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_CIPHER={0x8}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "3a9672a7a0"}, @NL80211_KEY_SEQ={0x10, 0x4, "2aab287f9a4bc0ca2064ed5b"}, @NL80211_KEY_IDX={0x5, 0x2, 0x4}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "ed90e7153581dd9903c97aac44"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}], @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x40}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x14}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x615b}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x278}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16df}], @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1d}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x1a0}, 0x1, 0x0, 0x0, 0x4000}, 0x20000080)
sendmsg$NL80211_CMD_NEW_MPATH(r1, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x20, 0x0, 0x800, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x200000d4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'vxcan0\x00', <r2=>0x0})
getpeername$packet(r1, &(0x7f0000000680)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000006c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000780)={'syztnl1\x00', &(0x7f0000000700)={'ip6_vti0\x00', <r4=>0x0, 0x29, 0x2, 0x80, 0x6, 0x21, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, 0x0, 0x10, 0x9, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f0000000900)={'syztnl2\x00', &(0x7f0000000880)={'ip6gre0\x00', <r5=>0x0, 0x29, 0xff, 0x2, 0x9, 0x9, @empty, @loopback, 0x8081, 0x40, 0xf0, 0xb61bb91}})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000e40)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000e00)={&(0x7f0000000940)={0x488, 0x0, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x110, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x32, 0x4, "a2025a53abc1132906bb0cfa1f20fce69e2fb68ee3668b1e68776f7f3102e0ff0d825b0b570a58943618e0350e1d"}, @ETHTOOL_A_BITSET_MASK={0xc9, 0x5, "57b24ab8047587e794e0a806bf203e7ca4598210be0ea957fef40a207be5e56a406f03791ea43e9396cf9bc4f3688cb642e2865cfc249677bbb65c5703a4cea8f06d5dd6f47a7578b16139fa9c3f8ac01a77fc74cf9794d5ab557a53ee674efb886a056bfd07119cc07897bf74b190b9473903cc02bf4c8cc2ef14be46204bbe86ee20b8295bb99f054df77a62c7312c8201e07ed8f1d087b6b2b7345c382da4265978f4904a6aab27ff12f8eeaa427baab015e1ff52ac63ae8e65ef3f3cbe09def7006318"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @ETHTOOL_A_FEATURES_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x9c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}, @ETHTOOL_A_FEATURES_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_FEATURES_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_FEATURES_WANTED={0x1b0, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xbb, 0x4, "35ee3565e9a7cbc1350727327bdc24117ff11bfc826ef0dbe56078f88022d0de1f3cd41ad34156422f0b3311aa2280549eebf322f3005901346bfe5c3522fe6ed096630a4192476f2d171e1d48df7b7b718f3da6281a195ecaedf12613049dd531b4bcc457af6c7227758f1166bb38c098158c65a26f00e0a38bbd1244df933801e959010e15817883216ba02edf02dc911d8b403182654d53d3e6f45f7251b9c28f20bbfa23ddf36d6243bd0714b4804d96883358982a"}, @ETHTOOL_A_BITSET_BITS={0x30, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_BITS={0xc0, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7be}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, ').%#[\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\x02\x02\x02\x02\x02\x02'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\x02\x02\x02\x02\x02\x02'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '--^\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xd7e7}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\x02\x02\x02\x02\x02\x02'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\x02\x02\x02\x02\x02\x02'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x100}]}]}]}]}, 0x488}}, 0x8000144)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f0000000f00)={'syztnl2\x00', &(0x7f0000000e80)={'syztnl1\x00', <r6=>r3, 0x2f, 0x2, 0x4, 0x54218cbd, 0x10, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7800, 0x7800, 0x283, 0x8000}})
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r1, 0x89f4, &(0x7f0000000fc0)={'sit0\x00', &(0x7f0000000f40)={'ip6gre0\x00', r6, 0x29, 0x99, 0x80, 0xfffff001, 0x41, @mcast2, @private2, 0x80, 0x10, 0x0, 0x5}})
sendmsg$NL80211_CMD_SET_POWER_SAVE(r1, &(0x7f00000010c0)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x1c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_PS_STATE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000014}, 0x4000080)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000001100)={@local, 0x40, r5})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001180)={'wpan3\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001240)={&(0x7f00000011c0)={0x4c, 0x0, 0x60e, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000800)
r8 = fsmount(r1, 0x1, 0xf)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001300), r1)
sendmsg$TIPC_NL_MON_PEER_GET(r8, &(0x7f00000014c0)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001480)={&(0x7f0000001340)={0x138, r9, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x48, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xeb7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf7d3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_BEARER={0xb8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x976}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffac9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x724}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e23, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x4004854}, 0x24040000)

[   70.223599] audit: type=1400 audit(1664697735.115:6): avc:  denied  { execmem } for  pid=286 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:02:15 executing program 4:
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/92, 0x5c}, {&(0x7f0000000080)=""/111, 0x6f}, {&(0x7f0000000100)=""/159, 0x9f}, {&(0x7f00000001c0)=""/132, 0x84}, {&(0x7f0000000280)=""/125, 0x7d}, {&(0x7f0000000300)=""/29, 0x1d}, {&(0x7f0000000340)=""/156, 0x9c}], 0x7, &(0x7f0000000480)=[@rights={{0x2c, 0x1, 0x1, [<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}], 0x78}, 0x2)
ioctl$CDROM_CHANGER_NSLOTS(r4, 0x5328)
open(&(0x7f0000000540)='./file0\x00', 0x46500, 0x0)
r8 = epoll_create1(0x80000)
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f0000000580)='\x00', 0x0, r8)
epoll_pwait2(r0, &(0x7f00000005c0)=[{}, {}, {}, {}, {}], 0x5, &(0x7f0000000600), &(0x7f0000000640)={[0xa3]}, 0x8)
write$binfmt_aout(r1, &(0x7f0000000680)={{0xcc, 0xf9, 0x5, 0xa9, 0x11f, 0xfffffeff, 0xfd, 0x1}, "8191567b888deef33a8f5614088ce98d192e6e363dd0cd3d7884c3992fbed69488c0be64fd876d54cc564d02087d17fa0ef43e399cb15f3065fb4963a7b6322cabe5f7d96ef8eee5a897c30c2a384d5e9e", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa71)
setsockopt$inet_tcp_int(r3, 0x6, 0x12, &(0x7f0000001100)=0x1ff, 0x4)
syncfs(r7)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000001140))
write$binfmt_aout(r1, &(0x7f0000001340)={{0x107, 0x4, 0x8, 0x2d2, 0xd7, 0x2, 0x31d, 0x4c719060}, "bc3636d2a7595708dfc6e97e51394bde68599266fdc0e708d73870af8007d37b9b6841a39b834a394928c3baa2931abf28f64fc9c63ca70fe982f01142cb64ae5f7c99bbbc91c76133d5fb454e8eecde738f7c453ae7c3c07916a4d0b452bf218dbbe432dcf128b8594c3934edd69df746a0e491d1b16709c980", ['\x00', '\x00', '\x00', '\x00']}, 0x49a)
r9 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001800), 0x8c002, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r9, 0x8030942b, &(0x7f0000001840)={0x47, {0x32, 0xfffffffffffffffa, 0x5e62, 0x2, 0x4}})
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r9, &(0x7f0000001880)={0x2000})
r10 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000018c0), 0x600, 0x0)
ioctl$RNDGETENTCNT(r10, 0x80045200, &(0x7f0000001900))
r11 = dup3(0xffffffffffffffff, r10, 0x0)
setsockopt$inet_mreqn(r11, 0x0, 0x20, &(0x7f0000001940)={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000001980)={{0x1, 0x1, 0x18, r6, {0x1}}, './file0\x00'})

08:02:15 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xee01, 0xee00}}, './file0\x00'})
ioctl$HIDIOCGUSAGE(r0, 0xc018480b, &(0x7f0000000040)={0x2, 0x200, 0x8, 0x483, 0x1f, 0x3f})
ioctl$HIDIOCINITREPORT(r0, 0x4805, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x5, 0xfb, 0x20, 0x2, 0x0, 0x3ff, 0x10000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x25639732, 0x4, @perf_config_ext={0x0, 0x4}, 0x40, 0x8, 0x3178, 0x1, 0x8, 0x2, 0x3, 0x0, 0x5, 0x0, 0xffffffffffff40dc}, 0xffffffffffffffff, 0x1, r0, 0xb)
ioctl$HIDIOCGCOLLECTIONINDEX(r0, 0x40184810, &(0x7f0000000100)={0x2, 0x100, 0xffffffff, 0x7, 0x40, 0x8000})
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x50, r1, 0xaaaf5000)
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)
ioctl$FITHAW(r0, 0xc0045878)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioctl$FICLONE(r2, 0x40049409, r1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0x80000000})
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000180)={0x0, 0x1, 0x93, 0x8})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>r2, {0x2}}, './file0\x00'})
ioctl$LOOP_SET_CAPACITY(r3, 0x4c07)
clone3(&(0x7f0000000400)={0x20000000, &(0x7f0000000200), &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280), {0x2}, &(0x7f00000002c0)=""/10, 0xa, &(0x7f0000000300)=""/161, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x9, {r3}}, 0x58)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000480)=<r5=>0x0)
kcmp$KCMP_EPOLL_TFD(r4, r5, 0x7, r3, &(0x7f00000004c0)={0xffffffffffffffff, r2, 0x81})
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000500)={0x1, 0x7, 0x9})
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r3, 0x8008f511, &(0x7f0000000540))
ioctl$HIDIOCAPPLICATION(r0, 0x4802, 0x200)

08:02:15 executing program 6:
r0 = memfd_secret(0x80000)
ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000000)={0x13, 0x26, 0x14, 0xf, 0x2, 0x19a8, 0x5, 0x85, 0x1})
r1 = syz_open_pts(r0, 0x121080)
ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000040))
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0x8}}, './file0\x00'})
fsetxattr$trusted_overlay_opaque(r2, &(0x7f00000000c0), &(0x7f0000000100), 0x2, 0x3)
r3 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r3, 0x541c, &(0x7f0000000140))
r4 = pidfd_getfd(r0, r1, 0x0)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x12004080}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffffd}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x200000d1)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000340)={0x0, <r5=>0x0})
r6 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x40, 0x0, 0x3, 0x4, 0x0, 0xfffffffffffffff7, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000280), 0x12}, 0x48040, 0x0, 0x5, 0x2, 0x4, 0xfffffffb, 0x95b, 0x0, 0x8, 0x0, 0x1ff}, r5, 0x0, r0, 0x9)
ioctl$BTRFS_IOC_INO_LOOKUP(r6, 0xd0009412, &(0x7f00000003c0)={0x0, 0xffffffffffffcc51})
ioctl$AUTOFS_IOC_READY(r2, 0x9360, 0x6a)
setsockopt$inet6_MRT6_DEL_MFC(r4, 0x29, 0xcd, &(0x7f00000013c0)={{0xa, 0x4e22, 0x0, @mcast2, 0xffff}, {0xa, 0x4e21, 0x5441, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800}, 0xd5, [0x5, 0x200, 0x4, 0x8000, 0x8, 0x100, 0x2db, 0x3]}, 0x5c)
ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x16)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r7)
openat(r4, &(0x7f0000001440)='./file1\x00', 0x80, 0x8)
bind$802154_raw(0xffffffffffffffff, &(0x7f0000001480)={0x24, @short={0x2, 0x1}}, 0x14)

08:02:15 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan0\x00', <r1=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x74, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x40000}, 0x44)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000180), r0)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r0)
socketpair(0x27, 0x1, 0x376ca2d1, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$AUDIT_TRIM(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x3f6, 0x8, 0x70bd29, 0x25dfdbff, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20004010}, 0x4000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_KEY(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x54, 0x0, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "079137e6361fcef4ecc4645863ae8cef"}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa3}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x48, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x1}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x5fecec7edacca652}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000600), r0)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r5, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x48, r6, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000780), r5)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000000900)={&(0x7f0000000740), 0xc, &(0x7f00000008c0)={&(0x7f00000007c0)={0xe0, r7, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:auditd_log_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'dummy0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ipvlan1\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:auditd_etc_t:s0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vxcan1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0xe0}, 0x1, 0x0, 0x0, 0x10}, 0x800)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000940), r0)
sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000000b00)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000ac0)={&(0x7f00000009c0)={0xdc, 0x0, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xca4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8001}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}]}, @IPVS_CMD_ATTR_DEST={0x4c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x20}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffffffc1}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x20}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xa5}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x5}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x8010}, 0x4040800)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x38, 0xd, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x20000010)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r8, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x68, r7, 0x204, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @empty}}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:vmware_device_t:s0\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x200048c0}, 0x8000)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x40, r2, 0x2, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x10}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x18}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x41}, 0x40080)

[   71.551717] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   71.554585] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.556264] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.560500] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.562621] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   71.563966] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.569393] Bluetooth: hci0: HCI_REQ-0x0c1a
[   71.617687] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   71.619643] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   71.621859] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   71.623127] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   71.625192] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   71.625380] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   71.626635] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   71.628575] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   71.629875] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   71.629968] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   71.633204] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   71.635605] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   71.638307] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   71.638421] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   71.640938] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   71.643705] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   71.644630] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   71.646806] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   71.648004] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   71.648132] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   71.649128] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   71.651803] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.667355] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   71.671594] Bluetooth: hci2: HCI_REQ-0x0c1a
[   71.687662] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   71.694829] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   71.698693] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   71.702950] Bluetooth: hci4: HCI_REQ-0x0c1a
[   71.719958] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   71.722649] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   71.724348] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   71.725761] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   71.728726] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   71.730138] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   71.730738] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   71.731695] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   71.733871] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   71.738147] Bluetooth: hci5: HCI_REQ-0x0c1a
[   71.738621] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   71.742671] Bluetooth: hci1: HCI_REQ-0x0c1a
[   71.743969] Bluetooth: hci7: HCI_REQ-0x0c1a
[   71.756208] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   71.758072] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   71.759402] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   71.762103] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   71.763834] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   71.765314] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   71.770472] Bluetooth: hci3: HCI_REQ-0x0c1a
[   71.783669] Bluetooth: hci6: HCI_REQ-0x0c1a
[   73.633069] Bluetooth: hci0: command 0x0409 tx timeout
[   73.696709] Bluetooth: hci2: command 0x0409 tx timeout
[   73.760554] Bluetooth: hci5: command 0x0409 tx timeout
[   73.761112] Bluetooth: hci4: command 0x0409 tx timeout
[   73.761622] Bluetooth: hci7: command 0x0409 tx timeout
[   73.824493] Bluetooth: hci6: command 0x0409 tx timeout
[   73.825091] Bluetooth: hci1: command 0x0409 tx timeout
[   73.888496] Bluetooth: hci3: command 0x0409 tx timeout
[   75.680646] Bluetooth: hci0: command 0x041b tx timeout
[   75.744525] Bluetooth: hci2: command 0x041b tx timeout
[   75.808514] Bluetooth: hci7: command 0x041b tx timeout
[   75.808984] Bluetooth: hci4: command 0x041b tx timeout
[   75.809373] Bluetooth: hci5: command 0x041b tx timeout
[   75.872506] Bluetooth: hci1: command 0x041b tx timeout
[   75.872956] Bluetooth: hci6: command 0x041b tx timeout
[   75.936485] Bluetooth: hci3: command 0x041b tx timeout
[   77.728506] Bluetooth: hci0: command 0x040f tx timeout
[   77.792568] Bluetooth: hci2: command 0x040f tx timeout
[   77.856507] Bluetooth: hci5: command 0x040f tx timeout
[   77.856953] Bluetooth: hci4: command 0x040f tx timeout
[   77.857359] Bluetooth: hci7: command 0x040f tx timeout
[   77.920540] Bluetooth: hci6: command 0x040f tx timeout
[   77.920985] Bluetooth: hci1: command 0x040f tx timeout
[   77.984477] Bluetooth: hci3: command 0x040f tx timeout
[   79.776476] Bluetooth: hci0: command 0x0419 tx timeout
[   79.840480] Bluetooth: hci2: command 0x0419 tx timeout
[   79.904547] Bluetooth: hci7: command 0x0419 tx timeout
[   79.904994] Bluetooth: hci4: command 0x0419 tx timeout
[   79.905396] Bluetooth: hci5: command 0x0419 tx timeout
[   79.968488] Bluetooth: hci1: command 0x0419 tx timeout
[   79.968934] Bluetooth: hci6: command 0x0419 tx timeout
[   80.032532] Bluetooth: hci3: command 0x0419 tx timeout
08:03:08 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x880010, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x0)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000140)={0x3b, 0xfff, 0x8000, 0x2, 0x0, "d8c89f776f600972ae1bf744735d384c1471e8"})
fchmod(r2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRES16=r0, @ANYRESOCT=r2])

[  123.885485] 9pnet_fd: Insufficient options for proto=fd
08:03:08 executing program 4:
write$selinux_attr(0xffffffffffffffff, &(0x7f00000000c0)='system_u:object_r:devlog_t:s0\x00', 0x1e)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x80100, 0x0)
ioctl$RTC_VL_READ(r2, 0x80047013, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000280)=ANY=[@ANYBLOB="00000300ffffffffffffa4df11f4fad347d732a617182f54171c102ccd22fc7af4c2c672ed71af6028a238c5494efa8c1aa7fda764c3f0add0bc8faee912fa64a0a69fae0f424ce976195ff1a1906c45e9cc58c9a1fbc7fdbaa862ff4d530a2e31eebc4cee96f1c3cd6966e8f9c4a3e2a455ef42b07bc32ed5c796008c5122be0384"])
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
fchmod(r3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = accept4$unix(0xffffffffffffffff, &(0x7f00000001c0)=@abs, &(0x7f0000000240)=0x6e, 0x80800)
dup3(r4, r1, 0x0)

08:03:09 executing program 4:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = shmget(0x0, 0x4000, 0xa01, &(0x7f0000ffb000/0x4000)=nil)
shmctl$SHM_LOCK(r1, 0xb)
shmctl$IPC_STAT(r1, 0x2, &(0x7f0000000080)=""/97)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, <r2=>0x0})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)
shmctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{0x3, 0xee01, 0xee01, 0xee00, 0xee01, 0x0, 0x40}, 0x9, 0x1, 0x1, 0x0, 0xffffffffffffffff, r2, 0x8})
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x4a, 0x7, 0x8, 0x0, 0x1, 0x1, 0xb, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xffff, 0x4, @perf_bp={&(0x7f0000000040), 0x10}, 0xd08, 0x44, 0x0, 0x6, 0x140000000000, 0x0, 0x3, 0x0, 0xffff, 0x0, 0x1}, r2, 0x4, 0xffffffffffffffff, 0x2)
sync()
ioperm(0x0, 0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)

[  124.220468] audit: type=1400 audit(1664697789.112:7): avc:  denied  { open } for  pid=3717 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  124.221910] audit: type=1400 audit(1664697789.112:8): avc:  denied  { kernel } for  pid=3717 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  124.242794] ------------[ cut here ]------------
[  124.242817] 
[  124.242821] ======================================================
[  124.242824] WARNING: possible circular locking dependency detected
[  124.242828] 6.0.0-rc7-next-20220930 #1 Not tainted
[  124.242835] ------------------------------------------------------
[  124.242838] syz-executor.4/3718 is trying to acquire lock:
[  124.242845] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  124.242886] 
[  124.242886] but task is already holding lock:
[  124.242889] ffff88803f3bf420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  124.242916] 
[  124.242916] which lock already depends on the new lock.
[  124.242916] 
[  124.242918] 
[  124.242918] the existing dependency chain (in reverse order) is:
[  124.242922] 
[  124.242922] -> #3 (&ctx->lock){....}-{2:2}:
[  124.242936]        _raw_spin_lock+0x2a/0x40
[  124.242948]        __perf_event_task_sched_out+0x53b/0x18d0
[  124.242959]        __schedule+0xedd/0x2470
[  124.242972]        schedule+0xda/0x1b0
[  124.242986]        futex_wait_queue+0xf5/0x1e0
[  124.242998]        futex_wait+0x28e/0x690
[  124.243008]        do_futex+0x2ff/0x380
[  124.243017]        __x64_sys_futex+0x1c6/0x4d0
[  124.243028]        do_syscall_64+0x3b/0x90
[  124.243045]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  124.243058] 
[  124.243058] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  124.243071]        _raw_spin_lock_nested+0x30/0x40
[  124.243082]        raw_spin_rq_lock_nested+0x1e/0x30
[  124.243095]        task_fork_fair+0x63/0x4d0
[  124.243111]        sched_cgroup_fork+0x3d0/0x540
[  124.243125]        copy_process+0x4183/0x6e20
[  124.243137]        kernel_clone+0xe7/0x890
[  124.243146]        user_mode_thread+0xad/0xf0
[  124.243156]        rest_init+0x24/0x250
[  124.243168]        arch_call_rest_init+0xf/0x14
[  124.243185]        start_kernel+0x4c6/0x4eb
[  124.243200]        secondary_startup_64_no_verify+0xe0/0xeb
[  124.243214] 
[  124.243214] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  124.243227]        _raw_spin_lock_irqsave+0x39/0x60
[  124.243238]        try_to_wake_up+0xab/0x1930
[  124.243251]        up+0x75/0xb0
[  124.243265]        __up_console_sem+0x6e/0x80
[  124.243281]        console_unlock+0x46a/0x590
[  124.243296]        vprintk_emit+0x1bd/0x560
[  124.243312]        vprintk+0x84/0xa0
[  124.243328]        _printk+0xba/0xf1
[  124.243340]        kauditd_hold_skb.cold+0x3f/0x4e
[  124.243357]        kauditd_send_queue+0x233/0x290
[  124.243371]        kauditd_thread+0x5f9/0x9c0
[  124.243385]        kthread+0x2ed/0x3a0
[  124.243399]        ret_from_fork+0x22/0x30
[  124.243412] 
[  124.243412] -> #0 ((console_sem).lock){....}-{2:2}:
[  124.243427]        __lock_acquire+0x2a02/0x5e70
[  124.243444]        lock_acquire+0x1a2/0x530
[  124.243460]        _raw_spin_lock_irqsave+0x39/0x60
[  124.243470]        down_trylock+0xe/0x70
[  124.243485]        __down_trylock_console_sem+0x3b/0xd0
[  124.243501]        vprintk_emit+0x16b/0x560
[  124.243517]        vprintk+0x84/0xa0
[  124.243532]        _printk+0xba/0xf1
[  124.243542]        report_bug.cold+0x72/0xab
[  124.243558]        handle_bug+0x3c/0x70
[  124.243574]        exc_invalid_op+0x14/0x50
[  124.243591]        asm_exc_invalid_op+0x16/0x20
[  124.243603]        group_sched_out.part.0+0x2c7/0x460
[  124.243621]        ctx_sched_out+0x8f1/0xc10
[  124.243637]        __perf_event_task_sched_out+0x6d0/0x18d0
[  124.243648]        __schedule+0xedd/0x2470
[  124.243661]        preempt_schedule_common+0x45/0xc0
[  124.243676]        __cond_resched+0x17/0x30
[  124.243690]        __kmem_cache_alloc_node+0x2c7/0x3d0
[  124.243704]        kmalloc_trace+0x22/0x60
[  124.243721]        resv_map_alloc+0x3e/0x370
[  124.243734]        hugetlbfs_get_inode+0x33e/0x5f0
[  124.243752]        hugetlb_file_setup+0x2e8/0x520
[  124.243769]        newseg+0xa38/0xdb0
[  124.243786]        ipcget+0xa15/0xcc0
[  124.243797]        __x64_sys_shmget+0x139/0x1b0
[  124.243812]        do_syscall_64+0x3b/0x90
[  124.243829]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  124.243841] 
[  124.243841] other info that might help us debug this:
[  124.243841] 
[  124.243844] Chain exists of:
[  124.243844]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  124.243844] 
[  124.243858]  Possible unsafe locking scenario:
[  124.243858] 
[  124.243861]        CPU0                    CPU1
[  124.243863]        ----                    ----
[  124.243865]   lock(&ctx->lock);
[  124.243871]                                lock(&rq->__lock);
[  124.243877]                                lock(&ctx->lock);
[  124.243883]   lock((console_sem).lock);
[  124.243889] 
[  124.243889]  *** DEADLOCK ***
[  124.243889] 
[  124.243891] 3 locks held by syz-executor.4/3718:
[  124.243897]  #0: ffff88801d4c0538 (&ids->rwsem){+.+.}-{3:3}, at: ipcget+0x197/0xcc0
[  124.243924]  #1: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  124.243953]  #2: ffff88803f3bf420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  124.243978] 
[  124.243978] stack backtrace:
[  124.243981] CPU: 1 PID: 3718 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220930 #1
[  124.243994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  124.244002] Call Trace:
[  124.244006]  <TASK>
[  124.244009]  dump_stack_lvl+0x8b/0xb3
[  124.244028]  check_noncircular+0x263/0x2e0
[  124.244044]  ? format_decode+0x26c/0xb50
[  124.244060]  ? print_circular_bug+0x450/0x450
[  124.244077]  ? simple_strtoul+0x30/0x30
[  124.244092]  ? mark_lock.part.0+0xef/0x2f70
[  124.244109]  ? format_decode+0x26c/0xb50
[  124.244126]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  124.244143]  __lock_acquire+0x2a02/0x5e70
[  124.244165]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  124.244187]  lock_acquire+0x1a2/0x530
[  124.244203]  ? down_trylock+0xe/0x70
[  124.244220]  ? lock_release+0x750/0x750
[  124.244237]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  124.244258]  ? vprintk+0x84/0xa0
[  124.244275]  _raw_spin_lock_irqsave+0x39/0x60
[  124.244286]  ? down_trylock+0xe/0x70
[  124.244302]  down_trylock+0xe/0x70
[  124.244318]  ? vprintk+0x84/0xa0
[  124.244334]  __down_trylock_console_sem+0x3b/0xd0
[  124.244352]  vprintk_emit+0x16b/0x560
[  124.244370]  vprintk+0x84/0xa0
[  124.244387]  _printk+0xba/0xf1
[  124.244398]  ? record_print_text.cold+0x16/0x16
[  124.244412]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  124.244426]  ? lock_downgrade+0x6d0/0x6d0
[  124.244444]  ? report_bug.cold+0x66/0xab
[  124.244462]  ? group_sched_out.part.0+0x2c7/0x460
[  124.244480]  report_bug.cold+0x72/0xab
[  124.244498]  handle_bug+0x3c/0x70
[  124.244515]  exc_invalid_op+0x14/0x50
[  124.244533]  asm_exc_invalid_op+0x16/0x20
[  124.244546] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  124.244566] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  124.244578] RSP: 0018:ffff88803f63f8e0 EFLAGS: 00010006
[  124.244586] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  124.244594] RDX: ffff88800ffe3580 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  124.244602] RBP: ffff88802ccc85c8 R08: 0000000000000005 R09: 0000000000000001
[  124.244609] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803f3bf400
[  124.244617] R13: ffff88806cf3d2c0 R14: ffffffff8547d160 R15: 0000000000000002
[  124.244627]  ? group_sched_out.part.0+0x2c7/0x460
[  124.244649]  ctx_sched_out+0x8f1/0xc10
[  124.244668]  __perf_event_task_sched_out+0x6d0/0x18d0
[  124.244682]  ? lock_is_held_type+0xd7/0x130
[  124.244712]  ? __perf_cgroup_move+0x160/0x160
[  124.244722]  ? set_next_entity+0x304/0x550
[  124.244740]  ? update_curr+0x267/0x740
[  124.244758]  ? lock_is_held_type+0xd7/0x130
[  124.244772]  __schedule+0xedd/0x2470
[  124.244789]  ? io_schedule_timeout+0x150/0x150
[  124.244806]  ? lock_is_held_type+0xd7/0x130
[  124.244819]  ? __cond_resched+0x17/0x30
[  124.244833]  ? resv_map_alloc+0x3e/0x370
[  124.244846]  preempt_schedule_common+0x45/0xc0
[  124.244862]  __cond_resched+0x17/0x30
[  124.244877]  __kmem_cache_alloc_node+0x2c7/0x3d0
[  124.244893]  kmalloc_trace+0x22/0x60
[  124.244911]  resv_map_alloc+0x3e/0x370
[  124.244924]  hugetlbfs_get_inode+0x33e/0x5f0
[  124.244944]  hugetlb_file_setup+0x2e8/0x520
[  124.244963]  newseg+0xa38/0xdb0
[  124.244980]  ? shm_close+0x6d0/0x6d0
[  124.244996]  ? shm_close+0x6d0/0x6d0
[  124.245014]  ipcget+0xa15/0xcc0
[  124.245030]  ? ipc_obtain_object_check+0x130/0x130
[  124.245047]  __x64_sys_shmget+0x139/0x1b0
[  124.245064]  ? sysvipc_shm_proc_show+0x5c0/0x5c0
[  124.245081]  ? __secure_computing+0x199/0x2f0
[  124.245102]  do_syscall_64+0x3b/0x90
[  124.245119]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  124.245132] RIP: 0033:0x7f3485a7fb19
[  124.245141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  124.245152] RSP: 002b:00007f3482ff5188 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  124.245162] RAX: ffffffffffffffda RBX: 00007f3485b92f60 RCX: 00007f3485a7fb19
[  124.245170] RDX: 0000000000000a01 RSI: 0000000000004000 RDI: 00000000798dd823
[  124.245177] RBP: 00007f3485ad9f6d R08: 0000000000000000 R09: 0000000000000000
[  124.245184] R10: 0000000020ffb000 R11: 0000000000000246 R12: 0000000000000000
[  124.245191] R13: 00007ffebd49c9ef R14: 00007f3482ff5300 R15: 0000000000022000
[  124.245204]  </TASK>
[  124.307325] WARNING: CPU: 1 PID: 3718 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  124.308027] Modules linked in:
[  124.308274] CPU: 1 PID: 3718 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220930 #1
[  124.308872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  124.309712] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  124.310123] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  124.311454] RSP: 0018:ffff88803f63f8e0 EFLAGS: 00010006
[  124.311859] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  124.312395] RDX: ffff88800ffe3580 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  124.312945] RBP: ffff88802ccc85c8 R08: 0000000000000005 R09: 0000000000000001
[  124.313515] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803f3bf400
[  124.314083] R13: ffff88806cf3d2c0 R14: ffffffff8547d160 R15: 0000000000000002
[  124.314642] FS:  00007f3482ff5700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  124.315275] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.315730] CR2: 00007fb739b91820 CR3: 000000003f886000 CR4: 0000000000350ee0
[  124.316306] Call Trace:
[  124.316506]  <TASK>
[  124.316695]  ctx_sched_out+0x8f1/0xc10
[  124.317033]  __perf_event_task_sched_out+0x6d0/0x18d0
[  124.317424]  ? lock_is_held_type+0xd7/0x130
[  124.317761]  ? __perf_cgroup_move+0x160/0x160
[  124.318116]  ? set_next_entity+0x304/0x550
[  124.318467]  ? update_curr+0x267/0x740
[  124.318802]  ? lock_is_held_type+0xd7/0x130
[  124.319134]  __schedule+0xedd/0x2470
[  124.319449]  ? io_schedule_timeout+0x150/0x150
[  124.319825]  ? lock_is_held_type+0xd7/0x130
[  124.320194]  ? __cond_resched+0x17/0x30
[  124.320527]  ? resv_map_alloc+0x3e/0x370
[  124.320856]  preempt_schedule_common+0x45/0xc0
[  124.321226]  __cond_resched+0x17/0x30
[  124.321537]  __kmem_cache_alloc_node+0x2c7/0x3d0
[  124.321912]  kmalloc_trace+0x22/0x60
[  124.322214]  resv_map_alloc+0x3e/0x370
[  124.322514]  hugetlbfs_get_inode+0x33e/0x5f0
[  124.322872]  hugetlb_file_setup+0x2e8/0x520
[  124.323229]  newseg+0xa38/0xdb0
[  124.323498]  ? shm_close+0x6d0/0x6d0
[  124.323790]  ? shm_close+0x6d0/0x6d0
[  124.324087]  ipcget+0xa15/0xcc0
[  124.324355]  ? ipc_obtain_object_check+0x130/0x130
[  124.324751]  __x64_sys_shmget+0x139/0x1b0
[  124.325084]  ? sysvipc_shm_proc_show+0x5c0/0x5c0
[  124.325461]  ? __secure_computing+0x199/0x2f0
[  124.325827]  do_syscall_64+0x3b/0x90
[  124.326123]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  124.326520] RIP: 0033:0x7f3485a7fb19
[  124.326808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  124.328217] RSP: 002b:00007f3482ff5188 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  124.328808] RAX: ffffffffffffffda RBX: 00007f3485b92f60 RCX: 00007f3485a7fb19
[  124.329349] RDX: 0000000000000a01 RSI: 0000000000004000 RDI: 00000000798dd823
[  124.329896] RBP: 00007f3485ad9f6d R08: 0000000000000000 R09: 0000000000000000
[  124.330437] R10: 0000000020ffb000 R11: 0000000000000246 R12: 0000000000000000
[  124.330975] R13: 00007ffebd49c9ef R14: 00007f3482ff5300 R15: 0000000000022000
[  124.331524]  </TASK>
[  124.331714] irq event stamp: 2220
[  124.331977] hardirqs last  enabled at (2219): [<ffffffff84400d06>] asm_sysvec_apic_timer_interrupt+0x16/0x20
[  124.332730] hardirqs last disabled at (2220): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  124.333365] softirqs last  enabled at (1696): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  124.334029] softirqs last disabled at (1323): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  124.334692] ---[ end trace 0000000000000000 ]---
08:03:09 executing program 4:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = shmget(0x0, 0x4000, 0xa01, &(0x7f0000ffb000/0x4000)=nil)
shmctl$SHM_LOCK(r1, 0xb)
shmctl$IPC_STAT(r1, 0x2, &(0x7f0000000080)=""/97)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, <r2=>0x0})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)
shmctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{0x3, 0xee01, 0xee01, 0xee00, 0xee01, 0x0, 0x40}, 0x9, 0x1, 0x1, 0x0, 0xffffffffffffffff, r2, 0x8})
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x4a, 0x7, 0x8, 0x0, 0x1, 0x1, 0xb, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xffff, 0x4, @perf_bp={&(0x7f0000000040), 0x10}, 0xd08, 0x44, 0x0, 0x6, 0x140000000000, 0x0, 0x3, 0x0, 0xffff, 0x0, 0x1}, r2, 0x4, 0xffffffffffffffff, 0x2)
sync()
ioperm(0x0, 0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)

08:03:10 executing program 4:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = shmget(0x0, 0x4000, 0xa01, &(0x7f0000ffb000/0x4000)=nil)
shmctl$SHM_LOCK(r1, 0xb)
shmctl$IPC_STAT(r1, 0x2, &(0x7f0000000080)=""/97)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, <r2=>0x0})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)
shmctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{0x3, 0xee01, 0xee01, 0xee00, 0xee01, 0x0, 0x40}, 0x9, 0x1, 0x1, 0x0, 0xffffffffffffffff, r2, 0x8})
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x4a, 0x7, 0x8, 0x0, 0x1, 0x1, 0xb, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xffff, 0x4, @perf_bp={&(0x7f0000000040), 0x10}, 0xd08, 0x44, 0x0, 0x6, 0x140000000000, 0x0, 0x3, 0x0, 0xffff, 0x0, 0x1}, r2, 0x4, 0xffffffffffffffff, 0x2)
sync()
ioperm(0x0, 0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)

[  125.641446] hrtimer: interrupt took 19557 ns
[  129.262231] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  129.284380] SELinux: security_context_str_to_sid (system_u) failed with errno=-22

VM DIAGNOSIS:
08:03:09  Registers:
info registers vcpu 0
RAX=dffffc0000000000 RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000007bc6
RSI=0000000000007bc6 RDI=ffffffff86291f54 RBP=ffff88803fa27508 RSP=ffff88803fa27430
R8 =ffffffff852c46c0 R9 =ffffffff85e8083e R10=ffffed1007f44ea3 R11=000000000003603d
R12=ffff88803fa274f1 R13=ffff88803fa27510 R14=ffff88803fa274b0 R15=ffffffff817bc658
RIP=ffffffff8111a385 RFL=00000213 [----A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fc78e6b4368 CR3=000000000f314000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803f63f330
R8 =0000000000000001 R9 =000000000000000a R10=000000000000006f R11=0000000000000001
R12=000000000000006f R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3482ff5700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb739b91820 CR3=000000003f886000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f3485b667c0 00007f3485b667c8
YMM02=0000000000000000 0000000000000000 00007f3485b667e0 00007f3485b667c0
YMM03=0000000000000000 0000000000000000 00007f3485b667c8 00007f3485b667c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000