Warning: Permanently added '[localhost]:8768' (ECDSA) to the list of known hosts.
2022/10/03 09:26:39 fuzzer started
2022/10/03 09:26:40 dialing manager at localhost:35095
syzkaller login: [   40.651039] cgroup: Unknown subsys name 'net'
[   40.731067] cgroup: Unknown subsys name 'rlimit'
2022/10/03 09:26:54 syscalls: 2215
2022/10/03 09:26:54 code coverage: enabled
2022/10/03 09:26:54 comparison tracing: enabled
2022/10/03 09:26:54 extra coverage: enabled
2022/10/03 09:26:54 setuid sandbox: enabled
2022/10/03 09:26:54 namespace sandbox: enabled
2022/10/03 09:26:54 Android sandbox: enabled
2022/10/03 09:26:54 fault injection: enabled
2022/10/03 09:26:54 leak checking: enabled
2022/10/03 09:26:54 net packet injection: enabled
2022/10/03 09:26:54 net device setup: enabled
2022/10/03 09:26:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/03 09:26:54 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/03 09:26:54 USB emulation: enabled
2022/10/03 09:26:54 hci packet injection: enabled
2022/10/03 09:26:54 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/03 09:26:54 802.15.4 emulation: enabled
2022/10/03 09:26:54 fetching corpus: 50, signal 23750/25586 (executing program)
2022/10/03 09:26:54 fetching corpus: 100, signal 31797/35397 (executing program)
2022/10/03 09:26:55 fetching corpus: 150, signal 40862/46067 (executing program)
2022/10/03 09:26:55 fetching corpus: 200, signal 47319/54049 (executing program)
2022/10/03 09:26:55 fetching corpus: 250, signal 54640/62802 (executing program)
2022/10/03 09:26:55 fetching corpus: 300, signal 63755/73138 (executing program)
2022/10/03 09:26:55 fetching corpus: 350, signal 67922/78663 (executing program)
2022/10/03 09:26:55 fetching corpus: 400, signal 73813/85783 (executing program)
2022/10/03 09:26:55 fetching corpus: 450, signal 77387/90651 (executing program)
2022/10/03 09:26:56 fetching corpus: 500, signal 80968/95484 (executing program)
2022/10/03 09:26:56 fetching corpus: 550, signal 84900/100566 (executing program)
2022/10/03 09:26:56 fetching corpus: 600, signal 86781/103754 (executing program)
2022/10/03 09:26:56 fetching corpus: 650, signal 88816/107036 (executing program)
2022/10/03 09:26:56 fetching corpus: 700, signal 91527/110927 (executing program)
2022/10/03 09:26:56 fetching corpus: 750, signal 93892/114473 (executing program)
2022/10/03 09:26:56 fetching corpus: 800, signal 95885/117672 (executing program)
2022/10/03 09:26:56 fetching corpus: 850, signal 97900/120810 (executing program)
2022/10/03 09:26:57 fetching corpus: 900, signal 99663/123731 (executing program)
2022/10/03 09:26:57 fetching corpus: 950, signal 102005/127139 (executing program)
2022/10/03 09:26:57 fetching corpus: 1000, signal 104223/130366 (executing program)
2022/10/03 09:26:57 fetching corpus: 1050, signal 107034/134087 (executing program)
2022/10/03 09:26:57 fetching corpus: 1100, signal 109399/137425 (executing program)
2022/10/03 09:26:57 fetching corpus: 1150, signal 111672/140621 (executing program)
2022/10/03 09:26:57 fetching corpus: 1200, signal 114551/144296 (executing program)
2022/10/03 09:26:57 fetching corpus: 1250, signal 116811/147442 (executing program)
2022/10/03 09:26:58 fetching corpus: 1300, signal 117787/149410 (executing program)
2022/10/03 09:26:58 fetching corpus: 1350, signal 119884/152353 (executing program)
2022/10/03 09:26:58 fetching corpus: 1400, signal 121797/155031 (executing program)
2022/10/03 09:26:58 fetching corpus: 1450, signal 123518/157633 (executing program)
2022/10/03 09:26:58 fetching corpus: 1500, signal 128161/162496 (executing program)
2022/10/03 09:26:58 fetching corpus: 1550, signal 129397/164626 (executing program)
2022/10/03 09:26:58 fetching corpus: 1600, signal 130353/166507 (executing program)
2022/10/03 09:26:58 fetching corpus: 1650, signal 132083/168978 (executing program)
2022/10/03 09:26:58 fetching corpus: 1700, signal 133928/171534 (executing program)
2022/10/03 09:26:59 fetching corpus: 1750, signal 136291/174548 (executing program)
2022/10/03 09:26:59 fetching corpus: 1800, signal 137313/176427 (executing program)
2022/10/03 09:26:59 fetching corpus: 1850, signal 138467/178392 (executing program)
2022/10/03 09:26:59 fetching corpus: 1900, signal 140031/180644 (executing program)
2022/10/03 09:26:59 fetching corpus: 1950, signal 141462/182769 (executing program)
2022/10/03 09:26:59 fetching corpus: 2000, signal 142943/184996 (executing program)
2022/10/03 09:26:59 fetching corpus: 2050, signal 144089/186874 (executing program)
2022/10/03 09:26:59 fetching corpus: 2100, signal 145921/189245 (executing program)
2022/10/03 09:27:00 fetching corpus: 2150, signal 146751/190858 (executing program)
2022/10/03 09:27:00 fetching corpus: 2200, signal 148231/192928 (executing program)
2022/10/03 09:27:00 fetching corpus: 2250, signal 149161/194598 (executing program)
2022/10/03 09:27:00 fetching corpus: 2300, signal 149852/196094 (executing program)
2022/10/03 09:27:00 fetching corpus: 2350, signal 151060/197898 (executing program)
2022/10/03 09:27:00 fetching corpus: 2400, signal 152124/199658 (executing program)
2022/10/03 09:27:00 fetching corpus: 2450, signal 153372/201480 (executing program)
2022/10/03 09:27:00 fetching corpus: 2500, signal 153951/202826 (executing program)
2022/10/03 09:27:01 fetching corpus: 2550, signal 156150/205282 (executing program)
2022/10/03 09:27:01 fetching corpus: 2600, signal 158165/207549 (executing program)
2022/10/03 09:27:01 fetching corpus: 2650, signal 159001/209061 (executing program)
2022/10/03 09:27:01 fetching corpus: 2700, signal 159862/210560 (executing program)
2022/10/03 09:27:01 fetching corpus: 2750, signal 160550/211936 (executing program)
2022/10/03 09:27:01 fetching corpus: 2800, signal 161377/213400 (executing program)
2022/10/03 09:27:01 fetching corpus: 2850, signal 162042/214729 (executing program)
2022/10/03 09:27:01 fetching corpus: 2900, signal 162704/216059 (executing program)
2022/10/03 09:27:02 fetching corpus: 2950, signal 163990/217818 (executing program)
2022/10/03 09:27:02 fetching corpus: 3000, signal 165294/219476 (executing program)
2022/10/03 09:27:02 fetching corpus: 3050, signal 166240/220929 (executing program)
2022/10/03 09:27:02 fetching corpus: 3100, signal 166778/222095 (executing program)
2022/10/03 09:27:02 fetching corpus: 3150, signal 167530/223434 (executing program)
2022/10/03 09:27:02 fetching corpus: 3200, signal 168602/224917 (executing program)
2022/10/03 09:27:02 fetching corpus: 3250, signal 169615/226418 (executing program)
2022/10/03 09:27:02 fetching corpus: 3300, signal 170286/227695 (executing program)
2022/10/03 09:27:03 fetching corpus: 3350, signal 171159/228991 (executing program)
2022/10/03 09:27:03 fetching corpus: 3400, signal 172021/230325 (executing program)
2022/10/03 09:27:03 fetching corpus: 3450, signal 173077/231742 (executing program)
2022/10/03 09:27:03 fetching corpus: 3500, signal 173721/232912 (executing program)
2022/10/03 09:27:03 fetching corpus: 3550, signal 174404/234125 (executing program)
2022/10/03 09:27:03 fetching corpus: 3600, signal 174968/235222 (executing program)
2022/10/03 09:27:03 fetching corpus: 3650, signal 175877/236524 (executing program)
2022/10/03 09:27:03 fetching corpus: 3700, signal 176615/237722 (executing program)
2022/10/03 09:27:03 fetching corpus: 3750, signal 176921/238698 (executing program)
2022/10/03 09:27:04 fetching corpus: 3800, signal 177611/239874 (executing program)
2022/10/03 09:27:04 fetching corpus: 3850, signal 178607/241175 (executing program)
2022/10/03 09:27:04 fetching corpus: 3900, signal 179152/242274 (executing program)
2022/10/03 09:27:04 fetching corpus: 3950, signal 179626/243343 (executing program)
2022/10/03 09:27:04 fetching corpus: 4000, signal 180410/244532 (executing program)
2022/10/03 09:27:04 fetching corpus: 4050, signal 181641/245917 (executing program)
2022/10/03 09:27:04 fetching corpus: 4100, signal 182522/247108 (executing program)
2022/10/03 09:27:04 fetching corpus: 4150, signal 184469/248792 (executing program)
2022/10/03 09:27:04 fetching corpus: 4200, signal 185026/249776 (executing program)
2022/10/03 09:27:05 fetching corpus: 4250, signal 185527/250749 (executing program)
2022/10/03 09:27:05 fetching corpus: 4300, signal 185957/251638 (executing program)
2022/10/03 09:27:05 fetching corpus: 4350, signal 186481/252581 (executing program)
2022/10/03 09:27:05 fetching corpus: 4400, signal 187385/253682 (executing program)
2022/10/03 09:27:05 fetching corpus: 4450, signal 188021/254729 (executing program)
2022/10/03 09:27:05 fetching corpus: 4500, signal 188448/255623 (executing program)
2022/10/03 09:27:05 fetching corpus: 4550, signal 189011/256613 (executing program)
2022/10/03 09:27:05 fetching corpus: 4600, signal 189716/257686 (executing program)
2022/10/03 09:27:05 fetching corpus: 4650, signal 190064/258542 (executing program)
2022/10/03 09:27:06 fetching corpus: 4700, signal 190565/259447 (executing program)
2022/10/03 09:27:06 fetching corpus: 4750, signal 191079/260377 (executing program)
2022/10/03 09:27:06 fetching corpus: 4800, signal 192299/261548 (executing program)
2022/10/03 09:27:06 fetching corpus: 4850, signal 192748/262457 (executing program)
2022/10/03 09:27:06 fetching corpus: 4900, signal 193841/263520 (executing program)
2022/10/03 09:27:06 fetching corpus: 4950, signal 194254/264370 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/265297 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/266024 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/266715 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/267431 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/268161 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/268889 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/269556 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/270235 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/270916 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/271602 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/272357 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/273090 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/273771 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/274501 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/275220 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/275892 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/276603 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/277312 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/278013 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/278745 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/279464 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/280154 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/280866 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/281585 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/282293 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/283000 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/283695 (executing program)
2022/10/03 09:27:06 fetching corpus: 4998, signal 194783/284378 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/285108 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/285831 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/286546 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/287265 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/287976 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/288628 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/289330 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/290069 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/290778 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/291481 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/292210 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/292916 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/293621 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/294294 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/295013 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/295734 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/296416 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/297097 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/297804 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/298515 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/299183 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/299215 (executing program)
2022/10/03 09:27:07 fetching corpus: 4998, signal 194783/299215 (executing program)
2022/10/03 09:27:09 starting 8 fuzzer processes
09:27:09 executing program 0:
ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(0xffffffffffffffff, 0xf505, 0x0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10010280}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x800}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20008004}, 0x4000)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x21}}}}, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x61c}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x11ff}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_CRIT_PROT_ID={0x6}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xc9f}]}, 0x50}, 0x1, 0x0, 0x0, 0x40001}, 0x1)
sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x9}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0xffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x48010)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f00000004c0)={&(0x7f0000000380), 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0xa4, 0x453, 0x100, 0x70bd26, 0x25dfdbfd, "5821f64480fde6a39e71597d6926e586ef9b85eaac9a79eec7fb2bb3843c509903f9d4683670cd72345398bfcf949f60d0be309eee032b7677ab136cba96c1f084587e60e07f72255edabc165c9ebece28b8c664524feb18b1d50d81a8b27327204db59e04021419928f26fec5b857b286a9d0fc2d6803cf4551926e08159bb0c78ba99447eef2a5aa24a24f3304b05e620c2b", ["", "", "", "", "", "", "", ""]}, 0xa4}, 0x1, 0x0, 0x0, 0x40c0}, 0x4010)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000500)={{0x1, 0x1, 0x18, <r1=>r0, {0x9}}, './file0\x00'})
sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x100)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000640)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd, 0x8, {0x0, r0}, 0x0, 0x0, 0x0, {0x0, 0x0, r1}}, 0x8)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(0xffffffffffffffff, 0xf507, 0x0)
r2 = open_tree(r1, &(0x7f0000000680)='./file0\x00', 0x8001)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000700), r1)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x34, r3, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008880}, 0x10)
r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000800), 0x440000, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000940)={'syztnl1\x00', &(0x7f00000008c0)={'ip_vti0\x00', <r5=>0x0, 0x20, 0x1, 0x7, 0x1, {{0x17, 0x4, 0x2, 0x8, 0x5c, 0x68, 0x0, 0x2a, 0x4, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010102, {[@timestamp={0x44, 0xc, 0x98, 0x0, 0x3, [0x3ff, 0x3f]}, @timestamp_prespec={0x44, 0x3c, 0x98, 0x3, 0xa, [{@private=0xa010100, 0x9}, {@dev={0xac, 0x14, 0x14, 0x20}, 0xfff}, {@dev={0xac, 0x14, 0x14, 0x29}, 0xb52}, {@multicast1, 0x3}, {@local, 0x5}, {@multicast2}, {@loopback, 0x6bdf}]}]}}}}})
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r4, &(0x7f0000000a40)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4c4ea2943cc1456f}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x6c, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r2, &(0x7f0000000cc0)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x4b918544b7cd7fb1}, 0xc, &(0x7f0000000c80)={&(0x7f0000000ac0)={0x190, 0x0, 0x2, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x400}, {0x6, 0x11, 0xfff9}, {0x8, 0x13, 0x6}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xffffffff}, {0x6, 0x11, 0xff}, {0x8, 0x13, 0x6}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x6}, {0x8, 0x13, 0xf0b}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xffffff77}, {0x6, 0x11, 0x9ce}, {0x8, 0x13, 0xfd10}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x7}, {0x8, 0x13, 0x2}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x10000}, {0x6, 0x11, 0x5}, {0x8, 0x13, 0x10000}, {0x5}}]}, 0x190}, 0x1, 0x0, 0x0, 0x14000080}, 0x80)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d40), r1)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r1, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x38, r6, 0x20, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x8, 0x4}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}]}, 0x38}, 0x1, 0x0, 0x0, 0x801}, 0x40)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000e40), 0xffffffffffffffff)

09:27:09 executing program 1:
r0 = syz_usb_connect(0x2, 0x45c, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0xf7, 0xe9, 0xbe, 0x20, 0x1bbb, 0xb6, 0xe195, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x44a, 0x3, 0x81, 0x3, 0xa0, 0x44, [{{0x9, 0x4, 0x6c, 0x1, 0x6, 0x98, 0xff, 0x8f, 0x0, [], [{{0x9, 0x5, 0x2, 0x10, 0x40, 0x3, 0x1, 0x54, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0x2}, @generic={0x47, 0x21, "0535d0389abad2090070100d4abc1a959b06683d02c2696de0fe08c69119cfe1ec64a124818fef9f6f38e0e70f3c55f6a363e120d6f6e82a8e13489e54297ae4a64978235b"}]}}, {{0x9, 0x5, 0xf, 0x10, 0x210, 0x6, 0x40, 0x3, [@generic={0x7f, 0x30, "cc5db3bd064a78045fbe393ae7ea9ef923983c8d0ab5ec1ad85817c20f17b0ad0bc28f700c984daccac7260b6ef02dfdfe558534cc5ca39beec2a22f628fc45c4444ae8b433d97238a5f290d391f0ecbb280dd9e1ac10b044c84f9a22b451c671e5b4d4c51a68b92e70ec5f012dddd0a1c2efd2808e980794d9659564f"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x3ff, 0x1f, 0xd1, 0x6}}, {{0x9, 0x5, 0xb, 0x1, 0x3ff, 0x0, 0x1, 0x80, [@generic={0xd7, 0xf, "3a66cc1eb70c6569f8e27c00c9c43c24737d5491bb3bbbef420b488504625510d01027da239b04ab02769ab74bf8fd402c3c9cb6d380a406790624cb255fc1ca7b66946538b1f3460559a86e4cf6409de356d31a861b9f52368165acad6d93677d3fcab2576ea12828f6d35112d194351b10874eaef98a1e27e14ed19bbbb1851173375c254b70be904fc1140a4d3fa073640f93cfd9a9040f7bf234344a7293818d953b505831bbb5394e81480e2798f00899c700c3027132a4b874ff67fad2300dfdc6e7283f12dd99a80d6c44f6d0bb33621978"}, @generic={0x6, 0xe, "94cb2ea9"}]}}, {{0x9, 0x5, 0xa, 0x8, 0x400, 0x8, 0x22, 0xff}}, {{0x9, 0x5, 0x6, 0x0, 0x200, 0x81, 0x4, 0x5a}}]}}, {{0x9, 0x4, 0x48, 0x9, 0x4, 0xff, 0xff, 0xff, 0x46, [@generic={0x60, 0x1, "bf7e0b770bc75943ba5ac2d7a31f1183666fe7e723d3ebf1db995c52f9065d338235a5c9e14f34067df3daf937fca7f1953a601079f54bc2bde162e6132b7aca6bd968a8dd0aa2642a621b2dd862c69686aae798c3e0128983e4858e7746"}], [{{0x9, 0x5, 0x5, 0x3, 0x10, 0xd0, 0x4, 0x20, [@generic={0x3, 0x21, '`'}]}}, {{0x9, 0x5, 0xc, 0x1, 0x0, 0x5b, 0x9, 0x9d, [@generic={0x17, 0x11, "ed5db545cba3c587aa1ef4a397e1299b9e37c562a0"}, @generic={0x45, 0xb, "2e2cbb4eac27bd456bc44450e6a6fd6e2878e451211ce3ea8405c6de59670c999d5370a7e9c0ecaed20c855272618d9290e8792b8a467891de84cbec13fe65e3f69d82"}]}}, {{0x9, 0x5, 0x0, 0x10, 0x3ff, 0x3f, 0xfe, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x2, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x6, 0x6}]}}, {{0x9, 0x5, 0x0, 0x1, 0x400, 0xff, 0x1, 0x7}}]}}, {{0x9, 0x4, 0x7, 0x9, 0x5, 0x20, 0x43, 0x7b, 0x7, [], [{{0x9, 0x5, 0x1, 0x10, 0x20, 0x9, 0x2, 0x80, [@generic={0x8e, 0x10, "9475a66b09e2b87c04025b2ac2b44625af9c7db72593b1c706ba544795fabbf4908724247765ebf7698118d9623cadcbe8e2f086c8f3bc11ae99efe9243843b8e0792e7b253ecb79602fc0832c1232234f38c8cd006ce95691d9510c6ff15ae63d90365091057c82250daffcf819cfcf2a0e3652f9f802969fb4e80e91726c66c6fb23cf37bec7c596a590f6"}, @generic={0x9a, 0x8, "a5c87db7b579efe2e50758bb8e27cc3a8c08465b660a39cc137b6d2f5c5f73d0e365e867e4efa4d85880e64d1ac13d533ea2f112dc6d3cf674f287a9147d77623b73f0245cbc6b3cd91f455db09fa6859d77e945dacea7e83f4270ae5c6c68c89294f79b5c5308d6eb466906474ff9f61304630d99e4611f284eab7809175a2bf98029a80eba98e20775955aedfe094ecef32dcc19b31d22"}]}}, {{0x9, 0x5, 0xf, 0x2, 0x600, 0x6a, 0x4, 0xc4}}, {{0x9, 0x5, 0xd, 0x8, 0x8, 0x1, 0xc1, 0x8}}, {{0x9, 0x5, 0xc, 0x0, 0x3ff, 0x81, 0xd9, 0x3f}}, {{0x9, 0x5, 0x0, 0xc, 0x40, 0x9, 0x9, 0x3a}}]}}]}}]}}, &(0x7f0000000a40)={0xa, &(0x7f0000000480)={0xa, 0x6, 0x110, 0x0, 0xfa, 0x2, 0x8, 0x1}, 0x18f, &(0x7f00000004c0)={0x5, 0xf, 0x18f, 0x5, [@generic={0xa7, 0x10, 0xa, "0f702bcf551ebb0aef3a71059d4327c229347df6df1c71e8d8b6f8c8145d6ad9a87230d3e6714d560e00d415c0a962dea6cad6d8301fb70d98a2493b6cdc6639a1e3e69d5e5cc56143a8bf0b0e2d9421aaf87d858d55f2a465a3b2a565d4260c5aed61b31a68afa8f3435397c7d3d6129f65f215052a33ccaa59735b60b6cf59f0a41211500ea0d5aefae8c6d728a5c3fd9f84a60e81c2fbbf300556ca5953c443cf44e4"}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0x8, 0xd, 0xf4fd}, @generic={0xbe, 0x10, 0x3, "b74a7e7149ba2f3bb89a83f3e1d767cfb97acc924e0855dff1cc8183b2b5e704a8d349d208a0af665f06c45c2a14dd34d97c2db764a65afc2fd6db6a07253a2753f8826325f636ae50ac15db83a63c847a1a7dc01dd7ee04281666018dfddd2c3733262bf59bba263ad8169fe6235a9085cacd713c4706e5061f4ae2a4f51d8dcf56b31e40c024b1b735e18923290e0cb831c90b3b5402aa8ae72981e3c3ee939c419e5cb7b708726d0b6d7916b05f9371c7021e3dd4c06fe190aa"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x4, 0x4, 0xec, 0x5}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "e711d647bf9fac8e467b42cac35b2c1f"}]}, 0x7, [{0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x44d}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x81a}}, {0xaf, &(0x7f0000000700)=@string={0xaf, 0x3, "bbdf5d7af771207ebced5396b2819e62b82fa096ad8033d6ec2ed6940dfa68def6e5859180920fe1305a182b5e9b849c2779a0b25797a09322d8d2409ff46f73b13716de88c3824795d4738335a81abb708d136529069d9d37aa7c2cdfb4533903091396641a59a0e03924d6d2c8c4c689ab4e81c064d18e4168c40fbaee44f9efa10e93aac68dc6a50c597848c916a76b3a11d8982a6cb31ca677c2e05f7c74f79625cb14734c157d9e4dfd21"}}, {0x4a, &(0x7f00000007c0)=@string={0x4a, 0x3, "34fe7e234d875b80599d87626db0d31e349542ef6670665db1fe31ec8d2f46d4f8f6b106eb105356a8574d65c172243508b4ab442bd59efcdf9d95b072db552adf877282a0e6e134"}}, {0xe8, &(0x7f0000000840)=@string={0xe8, 0x3, "fb97b83ca05052ca2f43a51e55e39ee55787a4a534a29c351e1d40936217747c5d92bd856bef014576a630136d2f4586fa8f3fbf0493c0a579e68603084ff9929d2dd332725599ad9605ddc5945f563feee4fbf14619405d053a76acdb52ef23e64dbf9668441bd31f21e95f643088879d0c0ca9c2fdc4201efd0b4e010bab45f27dee51a97df03badf9498dfe370de7c75c15974541fa72a3a128b395fdc3e494678912ffdcc040d3b4aaa454ef1792a3a0ec31dff14f4c62b563c1a78da776b6f2041e3be38443986aff75772b57b920ce14df5846f92448fa8a87bf0be91e563b8128faa0"}}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x2c01}}, {0xb3, &(0x7f0000000980)=@string={0xb3, 0x3, "cedbec1126184f994eb4ac3e30077775fa92ff9ff654134a684e9c8a299e91c1f4bf1fc5cd1fd54042e37a4581cf3cfa446e2817ff07f80d41e738077e24f5fec0e194a38b6ab1e0a2295d133717575c424edf6b92da3be743aae23027a136d77e6c6db5e3943940a30ab2c3a408e3fbcd4175e8b83abf19f38e0d5e5cf151db15ee5544e978f2bf4df77e6c5e99667e82919d29550ca550791636ad9d8f486c6c1ea0a8401e835d85cb892cf3a68198fe"}}]})
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x12, &(0x7f0000000ac0)=@conn_svc_rsp={0x0, 0x0, 0xa, "087715ac", {0x3, 0x107, 0x0, 0x0, 0xef, 0x9, 0x2}})
syz_usb_disconnect(r0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x12, &(0x7f0000000b00)=@conn_svc_rsp={0x0, 0x0, 0xa, "002e0f30", {0x3, 0x106, 0x0, 0xf6, 0x1, 0x1, 0xf8}})
r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000b40)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_control_io(r1, &(0x7f0000000e40)={0x2c, &(0x7f0000000bc0)={0x7dfb536ef6082a5c, 0xe, 0xbb, {0xbb, 0x22, "b434903c9ef4e2ac320efe82ce3c65d91eea184b64ea3f856d40961933c8953fe8b73f4fdc82c7f2c3aaf2ac8721d552ed33c01c1b23736890129ccd90bb0dbe07aec37ce6c1609562895f6b9f72761885ed58dc5a87f025d2d94ee4999b5a44452eee98ef6164aeb2e494f5be419631eafa868bd77d1e86a6302d75409f91f642eeb4883a4b5fe88332946694f0ba0e6166ca7b7e23f1ffd862fecc13b9e33456d99a7e61dc95070c90e05da35576805a1b6aed38eadb453f"}}, &(0x7f0000000cc0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44c}}, &(0x7f0000000d00)={0x0, 0xf, 0x95, {0x5, 0xf, 0x95, 0x2, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0xc, 0x1, 0x7f, 0x1}, @generic={0x86, 0x10, 0xb, "0bfe8b27d49850d1d4e330f9433f7662d07a446a6a740206dc466e4138167aa6b71e79bf819b5bd87c8bc626b3ee9551653a04f63706150d00a9827d812b6e149f65f520d9bb5837508e0489c1f7fa3b1fec3f86c1cca6017d296bb8ad9c0721d4908daf80dbddddef06606106e1659e83a3dac78a761f7dfb9ac4928e6f49c7d80fc5"}]}}, &(0x7f0000000dc0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x2f, 0x0, 0xc0, 0xfb, "ad4527dc", "ae54758a"}}, &(0x7f0000000e00)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x0, 0x80, 0x5, 0x0, 0x0, 0x2, 0x7}}}, &(0x7f0000001340)={0x84, &(0x7f0000000e80)={0x0, 0x16, 0xe5, "63ef407fcb8dff6ce3036f9779d58822b10a8f5c2a215338e7d856bb20edbfe53620b37b2caec699ee789ff1281910c2d97403df52b0dfdd5ed68be4662b6320b7b10fbdcee440fe70bd6a8db491e46332baca4a0929158adc757e719e86cb5079fb2149a06f1ca2d1dfcaf53c1027dcf6875db75c130517bcb27c787893ccb395599c215e2e8703882ab658ac11827b6c1bd0048411826f49ea56db9b325686b4b9e111340f6e198dfb430d39ef642152df3fa1a96137c95f840318fcafe0e10bd75b6d279cee47eb1388403846b8b6c9f81aef9a5ccd42fdeca8223d58c3aa9866ef6c5b"}, &(0x7f0000000f80)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000fc0)={0x0, 0x8, 0x1, 0x1f}, &(0x7f0000001000)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000001040)={0x20, 0x0, 0x8, {0x1, 0x40, [0xf00]}}, &(0x7f0000001080)={0x40, 0x7, 0x2, 0x400}, &(0x7f00000010c0)={0x40, 0x9, 0x1, 0x2}, &(0x7f0000001100)={0x40, 0xb, 0x2, '%y'}, &(0x7f0000001140)={0x40, 0xf, 0x2, 0x56a2}, &(0x7f0000001180)={0x40, 0x13, 0x6, @link_local}, &(0x7f00000011c0)={0x40, 0x17, 0x6, @remote}, &(0x7f0000001200)={0x40, 0x19, 0x2, '^?'}, &(0x7f0000001240)={0x40, 0x1a, 0x2, 0x9}, &(0x7f0000001280)={0x40, 0x1c, 0x1, 0x4}, &(0x7f00000012c0)={0x40, 0x1e, 0x1, 0x4}, &(0x7f0000001300)={0x40, 0x21, 0x1, 0x1}})
syz_usb_control_io(r1, &(0x7f0000001600)={0x2c, &(0x7f0000001400)={0x40, 0x5, 0x5d, {0x5d, 0x10, "e77e95dac8cb88a9c720f09ad39438c1f4aacc1c106589029fcb3fbd2d34722f026a34826ef5cf0fe2fcbfd68544068bedc9de8a236d5641e975ff743a7d6c0d8cf9e0b3ae31a38a559e25481745b6b661e14cdd062f86114f45d6"}}, &(0x7f0000001480)={0x0, 0x3, 0xb4, @string={0xb4, 0x3, "ed7c4b75d5803a7466a5f54fb9e6959bdaf6adb69a452a5f2d543747e7cb4a39125558761fd5e70f11f4ac945f9441dc5c3ac16ed369fc1cff4ed405effa5c3b0a2ca2d5be7754061b0aab6a51af7e8fa8ddc0fd0e671d1ab2aee010a511101a482d6f5f413c30a681e3cd83004e09fd13364ba593b88ef4c82c973f9024e47ec433d41f85603262056faf048df41d17563231a5f31286558c87dae142cfef6c1c73fbaf26c3b16fd0f499c34e4bb993ccd5"}}, &(0x7f0000001540)={0x0, 0xf, 0x21, {0x5, 0xf, 0x21, 0x1, [@ssp_cap={0x1c, 0x10, 0xa, 0xff, 0x4, 0x1485, 0x0, 0xd4, [0x3f0f, 0xff00, 0x3f0f, 0x0]}]}}, &(0x7f0000001580)={0x20, 0x29, 0xf, {0xf, 0x29, 0x81, 0x60, 0x80, 0x3, "c5533ef7", "e1049135"}}, &(0x7f00000015c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x9, 0x8, 0x0, 0x7f, 0x0, 0x100, 0x2ac6}}}, &(0x7f0000001ac0)={0x84, &(0x7f0000001640)={0x20, 0x7, 0x9d, "d2a6ca691f4cc0e1c54b14cf7d01345e125e4664e1b3ca81794eb7eca65fafaafaef7b4657e7e0cd039fdbadecd4207f604c7cb0ad813966cad1143677f7ba31a29993539b31bc8853efd87667e1e8c5488fa633ef651733944a1b74842bde32d5e4e760d2957bfb764233ec2cb0528f76de8eeceaf16d9dade665a5de92e667e064cfc14fdd8c5d83c4fb5c573a74f93e6e35e121abadb29aa137902c"}, &(0x7f0000001700)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000001740)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000001780)={0x20, 0x0, 0x4, {0x2}}, &(0x7f00000017c0)={0x20, 0x0, 0x4, {0x0, 0x1}}, &(0x7f0000001800)={0x40, 0x7, 0x2, 0x4}, &(0x7f0000001840)={0x40, 0x9, 0x1, 0x4}, &(0x7f0000001880)={0x40, 0xb, 0x2, 'F\t'}, &(0x7f00000018c0)={0x40, 0xf, 0x2, 0x3}, &(0x7f0000001900)={0x40, 0x13, 0x6, @broadcast}, &(0x7f0000001940)={0x40, 0x17, 0x6, @random="554896c52967"}, &(0x7f0000001980)={0x40, 0x19, 0x2, "cd27"}, &(0x7f00000019c0)={0x40, 0x1a, 0x2, 0xa17d}, &(0x7f0000001a00)={0x40, 0x1c, 0x1, 0x7f}, &(0x7f0000001a40)={0x40, 0x1e, 0x1, 0x3}, &(0x7f0000001a80)={0x40, 0x21, 0x1, 0x3}})
r2 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000001b80)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x10, &(0x7f0000001c00)=@ready={0x0, 0x0, 0x8, "653ac9c2", {0x1, 0x5, 0x8, 0x73, 0x9}})
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000001d80)={0x14, &(0x7f0000001c40)={0x40, 0xe, 0xdb, {0xdb, 0xc, "96a2bbb84c6f3633ff7d8778fb31f3b8eee86f200b981662ce1cc28e28f268218a7a18618a43270e81c411112f17c24bfd144c1c53720d5debf299fbaa3c99110ac2d4d63318e55ea63d2b46a7916d3a1d5ba5d31a7da6336485dce61fd9aafd7a049259ca01ab804b61205c51d4a1e7f33a1bbecca3b99b521cc9c0726dbbdf3608387e5103897039cad67776dfaf2047a9c7650909c467061323834ed9c58adefdea10f14a6610daac5e8ba88d74efbaf043b861a64cc14786e78b86d8f96fd03b973e0d5af6737687faa408940a2384ee9a26cb91cf4315"}}, &(0x7f0000001d40)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000002000)={0x44, &(0x7f0000001dc0)={0x40, 0x14, 0x4d, "4912191f7661e3c8a482e31fc93001eb410618e13e949322ec2e3831e60e4338743b9552f1425a09d9cdb6ee7b9a11ba4b037d7ebcd60d8f391ccf9b3aa185e7ce4e747c723923e2e467e262f8"}, &(0x7f0000001e40)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000001e80)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000001ec0)={0x20, 0x80, 0x1c, {0x4, 0x83, 0xdc6, 0x0, 0x2, 0x3ff, 0x4, 0xc2, 0x3, 0x1, 0xf24, 0x6}}, &(0x7f0000001f00)={0x20, 0x85, 0x4, 0xeac}, &(0x7f0000001f40)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000001f80)={0x20, 0x87, 0x2, 0x2}, &(0x7f0000001fc0)={0x20, 0x89, 0x2, 0x1}})
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x8, &(0x7f0000002080)={[{0x1, 0x4e00, 'i'}]})
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000002200)={0x2c, &(0x7f00000020c0)={0x40, 0xd, 0x18, {0x18, 0x24, "f2e693d80f29ae94e8d0c41a7faaee8eef4627d23e70"}}, &(0x7f0000002100)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x4c33}}, &(0x7f0000002140)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000002180)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x10, 0x3, 0x77, "bcd56269", "3152d623"}}, &(0x7f00000021c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x81, 0x10, 0x8, 0x80, 0x8, 0xe20, 0x20}}}, &(0x7f0000002640)={0x84, &(0x7f0000002240)={0x40, 0xe, 0x1d, "b87e1edf3f34173566d84a6488ce63b7a95e3c92867a23ac1ddaf4937f"}, &(0x7f0000002280)={0x0, 0xa, 0x1, 0x7}, &(0x7f00000022c0)={0x0, 0x8, 0x1, 0x82}, &(0x7f0000002300)={0x20, 0x0, 0x4, {0x1, 0x3}}, &(0x7f0000002340)={0x20, 0x0, 0x8, {0x1126, 0x80, [0xff0]}}, &(0x7f0000002380)={0x40, 0x7, 0x2, 0x4}, &(0x7f00000023c0)={0x40, 0x9, 0x1, 0x9}, &(0x7f0000002400)={0x40, 0xb, 0x2, "80c6"}, &(0x7f0000002440)={0x40, 0xf, 0x2, 0x6}, &(0x7f0000002480)={0x40, 0x13, 0x6}, &(0x7f00000024c0)={0x40, 0x17, 0x6, @broadcast}, &(0x7f0000002500)={0x40, 0x19, 0x2, "d41b"}, &(0x7f0000002540)={0x40, 0x1a, 0x2, 0x1}, &(0x7f0000002580)={0x40, 0x1c, 0x1}, &(0x7f00000025c0)={0x40, 0x1e, 0x1, 0x1}, &(0x7f0000002600)={0x40, 0x21, 0x1, 0x88}})
r3 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000002700)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_control_io$printer(r0, &(0x7f00000028c0)={0x14, &(0x7f0000002780)={0x0, 0x3, 0x9e, {0x9e, 0x6, "1895f700336bf32b8d8c6fe2a75f54d9a2cc2b391323385f14c445eb8f7fbf5e56ae535560bde40545be9c46c2612354e06668c48c6ba0afa14c3d8028c0beab0abb611368cf15da6a9acdc1147e23bd9bf851bae1be84ba195c28d538c5de9817ce513dec5f0a5adcb1fd90667e2a6f6edcb135810b323cb119cfeeee0f5cdaa77d9d408a6ad8fc2f59a5c3edc9814006bb9fe580077be10ce39bfc"}}, &(0x7f0000002840)={0x0, 0x3, 0x52, @string={0x52, 0x3, "431fba807ff8338e32b3c894b1e59ccc033bc3a6cb65c09e3b001baacbfa15390317f2f35c2db908d80c6519bf2cdf8223fef2c104d46eda690df11f0c2eb6637384c74820b1d7df885539a1e8f2676d"}}}, &(0x7f0000002b00)={0x34, &(0x7f0000002900)={0x20, 0x17, 0x64, "78237249d2516ca20ef028ab16a0ae50fba2c0cb5b01a0edebd5ef1776ee9acf552beb2a8da25f9fcfe9a0f1f606279354400171ae9f419501eae4137b71a92cd9145512b83ee8a6b8f10663a8a00f2a9b4647147c567f98b899b5431ea82753fa245705"}, &(0x7f0000002980)={0x0, 0xa, 0x1, 0x7}, &(0x7f00000029c0)={0x0, 0x8, 0x1}, &(0x7f0000002a00)={0x20, 0x0, 0x4a, {0x48, "e5fd08d22f67135acfddcf9a9660d5472716bd4f6eeae610566275693309f8827131c012e3316fe6955630bbe9df8006515aedbc6301fb52e3440bef3aa5cfb96130505fe9700d3c"}}, &(0x7f0000002a80)={0x20, 0x1, 0x1, 0xb4}, &(0x7f0000002ac0)={0x20, 0x0, 0x1, 0x2}})
syz_usb_ep_write(r0, 0x5, 0x58, &(0x7f0000002b40)="05375a12f5997141663589f85fe5316083fcab1ab648fd5c60b36b2655325cd6caf4cb96e98ba9d1a3a6a062edc7ae7c7e4769b68e22b6b3d9f01fc0db1eed4e77fabea9bc393547a80d42ccec0892440a7de32d935181b4")
r4 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000002bc0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r4, 0x82, 0xe0, &(0x7f0000002c40)={[{0xd9, 0x4e00, "0866fc90cc5c92a791c9372074d4d9c2b4dc3e15b0c273c446262525c6077c2c9df1833fdd824089728db9097820f93673254a8346bbecd77525afa1923ef3ee77c63e0bb4825dff0f3624907f2333143dc45995d901d5ec4ecb3ca8a9d4547885d8d2c1321972777d5e24271c09e988527321f64e905bbac6220acd1a483b10967071520396ba86fd08d017da2328c994713376f759400267b3b8b9873ac2a73b4497456638dc65098fb5b23b5ad56317af4510b3dbcffd83fd49b11f5ab74072a49db16d7ae23ee5a5b6aacc81adef2922d7cd114a7c3103"}]})
syz_usb_control_io(r1, &(0x7f0000003200)={0x2c, &(0x7f0000002d40)={0x20, 0x9, 0xfd, {0xfd, 0x2, "cfc0d7d1702d883ff3369b97c7ef3a037dc1dcdf584f7958e745677a204c52384efd6e6a82d03ce0d7cec5d07c837f3740b59dad49b35d9d13c0955da817c87e259e7c522a296483bf300b743a37e4d4e9c4dbbcd7bc88a1214abe170844897f7cf35a3b4f0673dfc5a0a9be7a5c5240b01572ba6fa291eae4d0fdce79d08aa231c95c763beb9a46c462f426617f80591efe20bfc3cd21f1e79cb4df9ce6dd9888105204a56d0d5f338c435631c116e26537093d71714d490fea4324a2284195f233239cdd615b72fabd2b947a32d011766112c5400ac0b114c2c1824b0090262839b7c5d13f0e90ca76bb6ea1845f8ec6361782d644f9312764b9"}}, &(0x7f0000002e80)={0x0, 0x3, 0xc2, @string={0xc2, 0x3, "fd3f4d94c4930e9438e1d1404ed97758eca68acb9c061613e9c5da42382add02b2fa3f23480fde9b0e9a1f5799e02770269c7569292c8c76151e77d212486f88ca84c01b907646ae1ec8bd540fb4203f354536ca5214e4f93664908dafed26d795ae9e048e700ddec8234798206e411a4bd88501cc183d935499796c72579b67f07389360096c8b7b1ec4c296c6a53ca7fb40ae5e8c9a4a4bee55c2b9987c9039fd9ebf834e97dc2842690a3566324e84c0a6d5214db919edf56c05794f61bac"}}, &(0x7f0000002f80)={0x0, 0xf, 0x1e5, {0x5, 0xf, 0x1e5, 0x5, [@ptm_cap={0x3}, @generic={0xb9, 0x10, 0x1, "bba97bfa03c80ba59a1a3c85838e04a7b3e7ee53c76007bdcd8c63148dcb5dfed118bc72e329bff43ec3da0f256bed9f850213b7d6851f7719e98afcb2b862266065411835b1361bb29d5449c1cf92b63458fe1f880bc876874e9950c832447d1ab5ddc78e702cdd7e08edc6886890480e81bcb7f5827119a66cc1e2afc90a92ff6278144f51629d3973dcb1cb1facab70763545efff0c17a6f8da54d830d2fc587de9f0a399718ef75407c9f523309e67e472a78f18"}, @generic={0xfe, 0x10, 0x4, "196af5f0f28edb1d8e20d2ea5d33dc78464af54134e97968fb06350f4c4d63d4ca5a96637d5bb2c77b96c2b4bd8a9e0d423e98e7e0e2a1dca645bc5887bb573e88143bb4e636cbc12f217c981d2892c6f0b2b78c341d2bcc2482e185b5834ae5832a0832674871c680c7809aad55fc2a7f3c9bb8f555faf37cc399acd03943b2ae44d14618f61d0e8f5de98b37d30b9cfb86c989a7d70b68d4d2f914f9c7437ffa273166291096e91e8db7920e4b648bf3c6c91b4603f0c828f2aebd177e91ff24feea92e14b7d2b99f3efea65f20a1382348f8052c3118e9ff662cd8271eaacf0edf94aee8e31968ad7b3ad0fee3d9e0a1434825aeca29ed995d6"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xc, 0x2d, 0x3f, 0x5}, @ssp_cap={0x1c, 0x10, 0xa, 0x0, 0x4, 0x6, 0xf, 0x1, [0x3f3f, 0x0, 0xff3f00, 0xf]}]}}, &(0x7f0000003180)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x60, 0x7, 0xff, 'YA/A', "fb6be84b"}}, &(0x7f00000031c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x6, 0x2, 0x40, 0x2, 0x4, 0x5, 0x59}}}, &(0x7f0000003700)={0x84, &(0x7f0000003240)={0x40, 0xc, 0xd0, "9f160d6fed35997c564727ad0e20b9f0709ea6ec191aa79b16c18ac5de858d292dafbd66b589cd3ce97f9fa900fd4ab8d09da2b3dd7ae718ab6c3ae39ad199877447aa5293b71643407c632445f86a7699fa0c12264dfdd720811b25c91249e85ccf7b579ec4cdbb0b68d85109f4ff00643f4534902d180d4819c6d94ef552aecbbcfd171c8efbfb2bfe4fa6108fee50732bd645be349ecb7656c4bdd5f3732dee62ef5dd42bfcb7bf8360bcbed0afb813e8bd6a7a1bceab7d285aaee578212a6bb55f1d507f463d4e20c9085a520b58"}, &(0x7f0000003340)={0x0, 0xa, 0x1}, &(0x7f0000003380)={0x0, 0x8, 0x1, 0x9}, &(0x7f00000033c0)={0x20, 0x0, 0x4, {0x3, 0x1}}, &(0x7f0000003400)={0x20, 0x0, 0x8, {0x140, 0x40, [0xff0]}}, &(0x7f0000003440)={0x40, 0x7, 0x2, 0x2}, &(0x7f0000003480)={0x40, 0x9, 0x1, 0x8}, &(0x7f00000034c0)={0x40, 0xb, 0x2, "96fd"}, &(0x7f0000003500)={0x40, 0xf, 0x2, 0x80}, &(0x7f0000003540)={0x40, 0x13, 0x6, @random="10ef97c470ef"}, &(0x7f0000003580)={0x40, 0x17, 0x6, @broadcast}, &(0x7f00000035c0)={0x40, 0x19, 0x2, "3e14"}, &(0x7f0000003600)={0x40, 0x1a, 0x2, 0x68}, &(0x7f0000003640)={0x40, 0x1c, 0x1, 0x8}, &(0x7f0000003680)={0x40, 0x1e, 0x1, 0x7d}, &(0x7f00000036c0)={0x40, 0x21, 0x1, 0x49}})
syz_usb_ep_read(r3, 0x9, 0x85, &(0x7f00000037c0)=""/133)
syz_usb_control_io(r4, &(0x7f0000003b40)={0x2c, &(0x7f0000003880)={0x0, 0x23, 0x67, {0x67, 0xa, "cb4d555aa1b8643d6bb260e49fffe5a81beb49f1fe1d20e7fe0289f3cd22dc6a816af93f2fdf16cbc7f7c66406ced447030a9804cab37de5a00b2aa0d89bdddf5615d7ec45f27b8a485e1166818c99e184bb23b1bbc62917055e40570cfe7b569264935b9b"}}, &(0x7f0000003900)={0x0, 0x3, 0xc4, @string={0xc4, 0x3, "06a7ef564779d2f5c05a346e0ff91cf05df3be7a3f8565973441090e246cd148c8ab7fdd294b07d0c1b52362ff8e4ecf04981ffbfa14a38835bfdbe15176696a62919f3748c680b990245cb27c8d7f774bcc50f5dca9639e9d3751dfa7ece2e6e4b2774214e2905f2348f0eb48bbfdb807d80009d5a1eae8b2b5455e789f06a4a1de4bd0af23ecda276ace3942ea6eec78b3e2f22bdd5ad867c02fa2101bcfb111b0060ecb8f5bafe826f3282dabe7bd4618fae340610b4030415c75b71af31029d7"}}, &(0x7f0000003a00)={0x0, 0xf, 0x88, {0x5, 0xf, 0x88, 0x4, [@ext_cap={0x7, 0x10, 0x2, 0x5, 0x0, 0x9, 0xffff}, @ptm_cap={0x3}, @ssp_cap={0x24, 0x10, 0xa, 0x40, 0x6, 0x7, 0xf0f, 0x9, [0x3f, 0x3f00, 0x3f30, 0x0, 0xc00f, 0xff0030]}, @generic={0x55, 0x10, 0x4, "90ad29069e7a9a77ab8914b458dd971d8656b56328d4c40305db6cc4d89d9faafce5a27e5712585d357f6689927b04ec024336cb8423a287ab9f620d54ebadaa91e46aaf131ac9291e701669062d2c684def"}]}}, &(0x7f0000003ac0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x47, 0x247e2d5d7ed91396, 0x80, 0x4, "70165bf0", "c373835f"}}, &(0x7f0000003b00)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x0, 0x0, 0xbb, 0x9, 0x3f, 0x5, 0xa8}}}, &(0x7f0000004040)={0x84, &(0x7f0000003b80)={0x20, 0x12, 0xf8, "fecb82f716f161f49178db08af44fa8b0585a4312aeae9441b9f4725d3837a1ccad0c0f33857773eeb96d242f53c148f6966e5954c37c45abf0079ed18d572947f4487d22202e0264413a0484e7db800c19fdfbec239dd561ad48c9faf0437c1e6daea93cef6b5b2f5ba0b04bc6b31d5360d8898ad995e858773ced08859e82ef87114d488b535915d253c6b08158b54626c5aec37d25a2684c92b8e3d9c45d8c6e9ab2eb1dc5884cda68bf80d3849daa40a6fe77fd369bfcb9f96b517ffb236b5aec1e4d663a8924ff4529c44613f011a605c834b56fb0e676813dc53d2a6a80c141753142ecd6324dc6df69164b85710fec2fddb154396"}, &(0x7f0000003c80)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000003cc0)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000003d00)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000003d40)={0x20, 0x0, 0x8, {0x1, 0x8, [0xf0f0]}}, &(0x7f0000003d80)={0x40, 0x7, 0x2, 0x5}, &(0x7f0000003dc0)={0x40, 0x9, 0x1, 0xff}, &(0x7f0000003e00)={0x40, 0xb, 0x2, "87da"}, &(0x7f0000003e40)={0x40, 0xf, 0x2, 0x6978}, &(0x7f0000003e80)={0x40, 0x13, 0x6, @local}, &(0x7f0000003ec0)={0x40, 0x17, 0x6, @remote}, &(0x7f0000003f00)={0x40, 0x19, 0x2, "508c"}, &(0x7f0000003f40)={0x40, 0x1a, 0x2, 0xfffe}, &(0x7f0000003f80)={0x40, 0x1c, 0x1, 0x7f}, &(0x7f0000003fc0)={0x40, 0x1e, 0x1}, &(0x7f0000004000)={0x40, 0x21, 0x1, 0xff}})

09:27:09 executing program 2:
fallocate(0xffffffffffffffff, 0x35, 0x7, 0x7fffffff)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x3}}, './file0\x00'})
sendmsg$nl_netfilter(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x11, 0x5, 0x5, 0x70bd29, 0x25dfdbfc, {0xc}, [@typed={0x8, 0x8e, 0x0, 0x0, @ipv4=@empty}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000091)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000140)={0xa6, 0x3ff, 0x2, 0x3})
fallocate(r0, 0x4, 0x8, 0x7fff)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
fchdir(r1)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={@ipv4={'\x00', '\xff\xff', @local}, 0x39})
sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000201}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0x0, 0x300, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8810}, 0x40000)
write$binfmt_aout(r0, &(0x7f0000000340)={{0x0, 0x94, 0x40, 0x245, 0x20, 0x10001, 0x34a, 0x2}, "831d9af60f2a42c810e50b55f7b70478880ed484e5029ae7eee4e257574f91b3a754125c03457b9dc845274d1d12fc275125782352dd8f5741d49ca6c970a4713872d1b1754b60613836fd8482d4c6ad9284d5cc2b4d3a375df5c2da2eb1ee7b44", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x881)
r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000c00), 0x2, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000c40))
r4 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f0000000d40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x30, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x74b4, 0x7d}}}}, [@NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x2}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x4000005)
sendmsg$NFT_BATCH(r2, &(0x7f0000000e80)={&(0x7f0000000d80), 0xc, &(0x7f0000000e40)={&(0x7f0000000dc0)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x10}, 0x20040004)
recvmsg(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000ec0)=""/74, 0x4a}, {&(0x7f0000000f40)=""/234, 0xea}], 0x2}, 0x100)
fsetxattr(0xffffffffffffffff, &(0x7f00000010c0)=@random={'osx.', 'syz1\x00'}, &(0x7f0000001100)='freezer.state\x00', 0xe, 0x2)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000001240)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001200)={&(0x7f0000001180)={0x54, 0x0, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="c422e9a8b92a"}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x40}, @NL80211_ATTR_PMKID={0x14, 0x55, "5ccdf010f65acb95b40d4f708d0b9e7a"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4008000)
sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001400)={&(0x7f0000001300)={0xf8, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}]}, 0xf8}, 0x1, 0x0, 0x0, 0x41}, 0x1)

09:27:09 executing program 3:
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)

09:27:09 executing program 4:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x400200, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={0x0, 0x1, r1, 0x1})
r2 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r3 = dup3(r0, r2, 0x0)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000100))
r5 = dup(r4)
close(r5)
ioctl$EVIOCGKEYCODE_V2(0xffffffffffffffff, 0x80284504, &(0x7f0000000140)=""/138)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000200), 0x125842, 0x0)
ioctl$CDROMVOLCTRL(r6, 0x530a, &(0x7f0000000240)={0xfc, 0x3, 0x9, 0x7})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x0, '\x00', [{0x7, 0x8a, 0x2, 0x2e}, {0xffffffff, 0xfffffff8, 0x100, 0x42, 0x8000, 0x1ff}], ['\x00', '\x00', '\x00']})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendfile(r2, r7, &(0x7f0000000400)=0x3, 0x5)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r8, 0x8982, &(0x7f0000000440)={0x7, 'veth1_vlan\x00', {0x1}, 0x33e})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000480)={{0x1, 0x1, 0x18, <r9=>r4, {0xffffffffffffffff}}, './file0\x00'})
ioctl$HIDIOCSFLAG(r9, 0x4004480f, &(0x7f00000004c0)=0x3)

[   69.766226] audit: type=1400 audit(1664789229.566:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
09:27:09 executing program 5:
statx(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x100, 0x7ff, &(0x7f0000000040))
fchmodat(0xffffffffffffffff, &(0x7f0000000140)='./file0/file0\x00', 0x109)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0/file0\x00'})
r1 = perf_event_open(&(0x7f00000001c0)={0x6, 0x80, 0x7, 0x8, 0x8, 0x0, 0x0, 0x1, 0x8, 0xf, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x40000, 0x9, 0x20, 0x6, 0x80000000, 0x1000, 0x1, 0x0, 0x3ff, 0x0, 0x3ffc000}, 0x0, 0x6, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r2=>r1, {0x6}}, './file0/file0\x00'})
ioctl$FS_IOC_MEASURE_VERITY(r2, 0xc0046686, &(0x7f00000002c0)={0x0, 0x91, "14ea813e9446e50768ef7e41999e0cc239b2d64e29db542953684c0437bc89f187be67b41202602c7ab67e62061cb02ad55ce562db810e8ea44b56888d1ef372b00bf47e2079845c90f744ae5747d102b508e0ed0ffa6321e1583f243e9de525ebff9210ebc74cf00fba7593ae493652bcadd69f93d67d546446b5b8d4137e9ad618873f3876a202e2bd7f094454a5be48"})
r3 = dup2(r2, r2)
r4 = perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x7, 0x6, 0x9, 0x4, 0x0, 0x80000000, 0x1116, 0xa, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x613, 0x4, @perf_bp={&(0x7f0000000400), 0x1}, 0x2, 0xffffffffffffffff, 0x1, 0x7, 0x4, 0x5, 0x1, 0x0, 0x400, 0x0, 0x3}, 0x0, 0x9, 0xffffffffffffffff, 0x3)
r5 = perf_event_open$cgroup(&(0x7f0000000380)={0x0, 0x80, 0xc8, 0x81, 0x7, 0x5f, 0x0, 0x6, 0x8469, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x1, @perf_config_ext={0x0, 0xffffffffffff160b}, 0x0, 0x9, 0x401, 0x7, 0x4, 0x0, 0x80, 0x0, 0x0, 0x0, 0x200000000000}, r3, 0xffffffffffffffff, r4, 0x0)
r6 = syz_io_uring_complete(0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r6, 0x82307201, &(0x7f00000004c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
perf_event_open(&(0x7f0000000700)={0x3, 0x80, 0x6, 0x4, 0x4, 0x2, 0x0, 0x8, 0x4804d, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_config_ext={0x7, 0x9}, 0xc807, 0x20, 0x0, 0x3, 0x1, 0x1, 0x5, 0x0, 0x40, 0x0, 0x3}, 0xffffffffffffffff, 0x6, r5, 0x9)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000780)={{0x1, 0x1, 0x18, <r7=>r6, {0x3}}, './file0/file0\x00'})
statx(r7, &(0x7f00000007c0)='./file0/file0\x00', 0x100, 0x4, &(0x7f0000000800))
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, 0x0)
r8 = signalfd4(0xffffffffffffffff, &(0x7f0000000900)={[0x4]}, 0x8, 0x80800)
r9 = open$dir(&(0x7f0000000940)='./file0/file0\x00', 0x100000, 0x14)
r10 = dup(r8)
r11 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000ac0), 0x32b41, 0x0)
io_submit(0x0, 0x2, &(0x7f0000000b40)=[&(0x7f0000000a00)={0x0, 0x0, 0x0, 0x5, 0x8, r9, &(0x7f0000000980)="6b6c48c05d8e9e485b5b8fd3707695a15e64e537f70e83c598b21c598f4d7888b97b9b4c5b5f6cea2dd5977873881fb3045736102aaf030406ccfefef6ca2ab7ece153b9dc390c035de4fe818f1864a61ad9c33aecde009cf67bdf1698d334c04c0df0389eb6be736b8c700465448b6de2d74b03e63b", 0x76, 0x414, 0x0, 0x0, r8}, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x7, 0xe4, r10, &(0x7f0000000a40)="5a69bb7904e0d5020c4e1ad633845e86c8a6f07add17379306680885ed1b025022e4bbbff10dc9c9ac7557d473bcee8cd91b6ce88b1144fc353d53524dd817d7edfbc655dd5f20e29626640da989", 0x4e, 0x1, 0x0, 0x2, r11}])

09:27:09 executing program 6:
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'netdevsim0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x20040000}, 0x1)
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r0, 0x801, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffffffff}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x9}}, './file0\x00'})
syz_genetlink_get_family_id$smc(&(0x7f0000000240), r1)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$SMC_PNETID_FLUSH(r2, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r3, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'syzkaller1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x240080c1}, 0x4000)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000540), r2)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x2c, r4, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x1]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004001}, 0x4000800)
recvmsg$unix(r1, &(0x7f0000000880)={&(0x7f0000000640), 0x6e, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/190, 0xbe}], 0x1, &(0x7f00000007c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r5=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}], 0x98}, 0x12000)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000900), r1)
sendmsg$NL80211_CMD_SET_STATION(r5, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x24, r9, 0x400, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x5675}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000844}, 0x20088011)
r10 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000a40), r7)
sendmsg$SEG6_CMD_SETHMAC(r8, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x58, r10, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @private2}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7, 0x38e800, 0xcf29, 0xfa6, 0x1611]}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000800}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r6, 0x89f0, &(0x7f0000000c40)={'syztnl1\x00', &(0x7f0000000bc0)={'syztnl2\x00', <r11=>0x0, 0x2b, 0x5, 0x6, 0xfffffff9, 0x24, @private1, @remote, 0x7, 0x80, 0x2, 0x3}})
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000d80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000d40)={&(0x7f0000000c80)={0x98, 0x0, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
sendmsg$DEVLINK_CMD_TRAP_SET(r6, &(0x7f0000001000)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000e00)={0x1a4, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x40}, 0x5)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f00000011c0)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0xa2be6f7d8dad3eba}, 0xc, &(0x7f0000001180)={&(0x7f00000010c0)={0x9c, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xc07}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x356}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x9}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2c7}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @NL80211_ATTR_DURATION={0x8, 0x57, 0xed40}, @NL80211_ATTR_DURATION={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26b}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x38}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x3c}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xbf}]}, 0x9c}, 0x1, 0x0, 0x0, 0x600c808}, 0x0)

09:27:09 executing program 7:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0xc400, 0x0)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000040)={0x0, 0x8}, 0x2)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r0, {0xee00, 0xee01}}, './file0\x00'})
ioctl$BTRFS_IOC_DEFRAG(r3, 0x50009402, 0x0)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x40080, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x521601)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x2100, 0x0)
r7 = accept$inet6(r2, &(0x7f00000001c0)={0xa, 0x0, 0x0, @local}, &(0x7f0000000200)=0x1c)
r8 = fcntl$dupfd(r0, 0x0, r4)
pipe2(&(0x7f0000000cc0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
ppoll(&(0x7f0000000d00)=[{r3, 0x2080}, {r2, 0x20}, {r5, 0x120}, {r6, 0x440}, {r2, 0x8}, {r7, 0x108}, {r1, 0x8}, {r8, 0x1004}, {r10, 0x2041}], 0x9, &(0x7f0000000d80), &(0x7f0000000dc0)={[0x883c]}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r9, 0xc0189379, &(0x7f0000000e00)={{0x1, 0x1, 0x18, <r11=>r5}, './file0/file0\x00'})
r12 = syz_open_dev$mouse(&(0x7f0000000e40), 0x10001, 0x482100)
signalfd4(r12, &(0x7f0000000e80)={[0x6]}, 0x8, 0x0)
r13 = syz_io_uring_setup(0x2695, &(0x7f0000000ec0)={0x0, 0x624e, 0x0, 0x0, 0x3d3, 0x0, r11}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000f40), &(0x7f0000000f80))
read$hiddev(r3, &(0x7f0000000fc0)=""/4096, 0x1000)
syz_io_uring_setup(0x426c, &(0x7f0000001fc0)={0x0, 0x6b5b, 0x20, 0x3, 0x282, 0x0, r13}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000002040), &(0x7f0000002080))
mknodat$null(r4, &(0x7f00000020c0)='./file0/file0\x00', 0x1, 0x103)
read$eventfd(0xffffffffffffffff, &(0x7f0000002180), 0x8)

[   71.015971] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   71.018196] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   71.019611] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   71.022358] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.023754] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   71.025080] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.025201] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   71.028309] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   71.030055] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   71.038038] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   71.039788] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   71.056736] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.058827] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   71.061507] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   71.063161] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   71.065094] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   71.067424] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   71.072457] Bluetooth: hci1: HCI_REQ-0x0c1a
[   71.075186] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   71.079920] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   71.081273] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.081295] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   71.083724] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.087374] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   71.090550] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   71.092110] Bluetooth: hci2: HCI_REQ-0x0c1a
[   71.104177] Bluetooth: hci0: HCI_REQ-0x0c1a
[   71.114222] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   71.115588] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   71.117593] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   71.119276] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   71.119457] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   71.120989] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   71.122453] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   71.124984] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   71.126716] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   71.127033] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   71.129040] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   71.129566] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   71.130611] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   71.131841] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   71.136797] Bluetooth: hci6: HCI_REQ-0x0c1a
[   71.137253] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   71.139128] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   71.140318] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   71.142246] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   71.143542] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   71.144924] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   71.146354] Bluetooth: hci4: HCI_REQ-0x0c1a
[   71.152859] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   71.156538] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   71.158454] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   71.163298] Bluetooth: hci7: HCI_REQ-0x0c1a
[   71.166086] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   71.177771] Bluetooth: hci5: HCI_REQ-0x0c1a
[   71.192307] Bluetooth: hci3: HCI_REQ-0x0c1a
[   73.081917] Bluetooth: hci1: command 0x0409 tx timeout
[   73.144985] Bluetooth: hci0: command 0x0409 tx timeout
[   73.146105] Bluetooth: hci2: command 0x0409 tx timeout
[   73.208942] Bluetooth: hci3: command 0x0409 tx timeout
[   73.210007] Bluetooth: hci5: command 0x0409 tx timeout
[   73.211010] Bluetooth: hci7: command 0x0409 tx timeout
[   73.211961] Bluetooth: hci6: command 0x0409 tx timeout
[   73.212937] Bluetooth: hci4: command 0x0409 tx timeout
[   75.129430] Bluetooth: hci1: command 0x041b tx timeout
[   75.192925] Bluetooth: hci2: command 0x041b tx timeout
[   75.193883] Bluetooth: hci0: command 0x041b tx timeout
[   75.256834] Bluetooth: hci4: command 0x041b tx timeout
[   75.258171] Bluetooth: hci6: command 0x041b tx timeout
[   75.259076] Bluetooth: hci7: command 0x041b tx timeout
[   75.259942] Bluetooth: hci5: command 0x041b tx timeout
[   75.260823] Bluetooth: hci3: command 0x041b tx timeout
[   77.176724] Bluetooth: hci1: command 0x040f tx timeout
[   77.240739] Bluetooth: hci0: command 0x040f tx timeout
[   77.241209] Bluetooth: hci2: command 0x040f tx timeout
[   77.304823] Bluetooth: hci3: command 0x040f tx timeout
[   77.305316] Bluetooth: hci5: command 0x040f tx timeout
[   77.305754] Bluetooth: hci7: command 0x040f tx timeout
[   77.306163] Bluetooth: hci6: command 0x040f tx timeout
[   77.306559] Bluetooth: hci4: command 0x040f tx timeout
[   79.224772] Bluetooth: hci1: command 0x0419 tx timeout
[   79.288770] Bluetooth: hci2: command 0x0419 tx timeout
[   79.289244] Bluetooth: hci0: command 0x0419 tx timeout
[   79.352751] Bluetooth: hci4: command 0x0419 tx timeout
[   79.353205] Bluetooth: hci6: command 0x0419 tx timeout
[   79.353639] Bluetooth: hci7: command 0x0419 tx timeout
[   79.354100] Bluetooth: hci5: command 0x0419 tx timeout
[   79.354513] Bluetooth: hci3: command 0x0419 tx timeout
09:28:06 executing program 3:
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000001600))
syz_io_uring_setup(0x4291, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x146, 0x9, @buffer={0x0, 0xc2, &(0x7f0000000000)=""/194}, &(0x7f0000000580)="192015f156ed6609e9fb809c2dd9c7f3f288741d8d8d1689a1d8be8881b675cfaad31ae98e75c1e3355be11f62469aa589a4983d23103d89a09264eb7b76d5a7e376722c1bf827e0025a9621e7bfc12934c173277ebc996c09f7ea22d922d4e78eefbd6365ba6def36ca8eb23d820e6595b277b57666feb0ed8b249d262d37b4928a897c95c4b12d3e99ad4d445acda907898f4434595e63b99f3659814fa46a59baf55455cdd5b747c8f800cf2a1d826889acea299bd49fad80a8ba26f998880e7a61a17be9dd5997525b2dfb0dbede9704326c012a4cbdcf3aaddc5b5ed52962fb5bf5bfa89debdc124171bc4ce552e3aa6826e88a27b8626dda07b644b3bdba14b0c7aa5ed676ddbb19153e669a24a9a5e45ae4f045244ae5e602112b8484bca85226be737ea991ae1e161288339982b36daeb3cb3b56ab2f5a8b746c22b7d37598797ee6", &(0x7f0000000180)=""/206, 0xa9, 0x20, 0xffffffffffffffff, &(0x7f0000000280)})
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000380), 0x260000, 0x0)
readv(r1, &(0x7f0000000540)=[{&(0x7f00000003c0)=""/210, 0xd2}, {&(0x7f00000004c0)=""/48, 0x30}, {&(0x7f0000000500)=""/56, 0x38}], 0x3)

09:28:06 executing program 2:
fspick(0xffffffffffffffff, 0x0, 0x1)

09:28:07 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x26, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052470000620100000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e38333031383839323800"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000187916524213481db3505d4e06406e21010000000c00000000000000d0f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="01000000000005000c0000000000000000000000040000004b00000000000000", 0x20, 0x560}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000120000002200000060000f0003000400"/32, 0x20, 0x1}, {&(0x7f0000010500)="ffff0f00ff0f00000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x880, 0x1000}, {&(0x7f0000010e00)="0b0000000c0001022e00000002000000f40702022e2e00"/32, 0x20, 0x2000}, {&(0x7f0000010f00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x2800}, {&(0x7f0000011000)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x3000}, {&(0x7f0000011100)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x3800}, {&(0x7f0000011200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x4000}, {&(0x7f00000005c0)="0000000000080000010000000000000000d8fcaa30b293fbf3768ffe3fa430977c9a30471f374301aa99d0d47acabc06bd2d03eec41d8ab6cdb1ea96d777dcd6ba2bb006bdd9a5b64bd252cd832ba38f3299594bf052c0e7b2d4868411e96bf98b9fe9a6aed5f427cc360aaa211d99c22bfb0350a5af0b9db28427b1c02e8532a378c6dbc0b590d52c1513fa7d8b8882a093e1ef2c54a8bbabc557a9c03c0e4017b7b6cc80d63e01e6993eb0fb559bd31507d3ea1579b743e496671713646fe01e2d8f910824fc22d8667cb9317b1cff605ed72ddf6a5d0a3b0067771c23e67ba3eef540a1f42b3debfe2c15e134293d4fe433d0e01ff82b8d74a8fe0e9f", 0xfe, 0x4800}, {&(0x7f0000011400)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x5000}, {&(0x7f0000011500)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x5800}, {&(0x7f0000011600)="504d4d00504d4dffd2f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033320075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x6000}, {&(0x7f0000011700)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x6800}, {&(0x7f0000011800)="0200"/32, 0x20, 0x6c00}, {&(0x7f00000006c0)="030000000080000000000000000000000000000000000000000000000000000037e939a4a2c9c582291e154d09c649f44fa7ae1de7318cce36f602b27f4f9046aa98b3764ac94f7aff2ef0a420e46049da7b89010efe15af8cf103ddac21127b99ef9509447165eae12243f122ea04353c1030fc1306cd2a4c694f68fbeec05544840cc29883a0849256abd2aa195b911c2be42c30af7f604801899c10eeab56770e55734a301f8c70f3319e11f4a0fda80111e7259967cf1924a7888d82b5a3545260c200f9a98ce58e042ab71ede083f0dfb6d486025427875770b3628a65c22240c583a907d09f0864c", 0xeb, 0x7000}, {&(0x7f0000011a00)="0400"/32, 0x20, 0x7400}, {&(0x7f0000011b00)="0500"/32, 0x20, 0x7800}, {&(0x7f0000011c00)="00000000000000000100000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000009800"/96, 0x60, 0x7c00}, {&(0x7f0000011d00)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x8000}, {&(0x7f0000011e00)="0200"/32, 0x20, 0x8400}, {&(0x7f0000011f00)="0300"/32, 0x20, 0x8800}, {&(0x7f0000012000)="0400"/32, 0x20, 0x8c00}, {&(0x7f0000012100)="ffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0500"/2080, 0x820, 0x9000}, {&(0x7f0000012a00)="00000000000000000100000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000009800"/96, 0x60, 0x9c00}, {&(0x7f0000012b00)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d807050766696c653100"/64, 0x40, 0x10000}, {&(0x7f0000012c00)="000002ea0100000001000000270f240c000000000000000000000000000000000601f8070000000006000000779b539778617474723100000601f00700000000060000007498539778617474723200"/96, 0x60, 0x10800}, {&(0x7f0000012d00)="00000000000000000000000000000000786174747232000078617474723100000000000000000000d0f4655fd0f4655fd0f4655f00"/64, 0x40, 0x10fe0}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000", 0x40, 0x11080}, {&(0x7f0000012f00)="8081000000180000d0f4655fd0f4655fd0f4655f00000000000001000c00000010000800000000000af30100040000000000000000000000030000000d000000", 0x40, 0x11100}, {&(0x7f0000013000)="8081000000180000d0f4655fd0f4655fd0f4655f00000000000001000c00000010000800000000000af30200040000000000000000000000020000001000000002000000010000001300"/96, 0x60, 0x11180}, {&(0x7f0000013100)="c041000000400000d0f4655fd0f4655fd0f4655f00000000000002002000000000000800000000000af301000400000000000000000000000800000004000000", 0x40, 0x11500}, {&(0x7f0000013200)="ed41000000080000d2f4655fd2f4655fd2f4655f00000000000002000400000000000800030000000af3010004000000000000000000000001000000200000000000000000000000000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05000000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3833303138383932382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000000000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000000100000025000000000000000000000000000000000000000000000000000000000000000000000000000000a32dcc89210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f00000000000002001400000000000800010000000af3010004000000000000000000000005000000260000000000000000000000000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed81000064000000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af30100040000000000000000000000010000002b0000000000000000000000000000000000000000000000000000000000000000000000000000005598c73700"/768, 0x300, 0x11580}, {&(0x7f0000013500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x12000}, {&(0x7f0000013a00)='syzkallers\x00'/32, 0x20, 0x12800}, {&(0x7f0000013b00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x15800}], 0x0, &(0x7f00000007c0)={[{@abort}]})
readlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/48, 0x30)
truncate(&(0x7f00000000c0)='./file0\x00', 0x4)
setxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0), 0x2, 0x3)

[  127.265796] loop3: detected capacity change from 0 to 512
09:28:07 executing program 2:
pipe(&(0x7f00000000c0))
syz_io_uring_setup(0xcef, &(0x7f0000000140), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0)
pipe(&(0x7f0000000300))
syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000040)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0xd)
syz_io_uring_submit(r0, r1, &(0x7f0000002980)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000780))
setxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='system.posix_acl_default\x00', &(0x7f0000000240)={{}, {0x1, 0x4}, [{0x2, 0x6, 0xee01}], {0x4, 0x6}, [{0x8, 0x3, 0xee01}], {0x10, 0x8}, {0x20, 0x3}}, 0x34, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x2, 0x4007, @fd=r2, 0x1, &(0x7f0000000000)="fcdbb9ab63ec0a72aea0bd4a89009bf75f9e005b3acccb1d35e2f3b3893a0b7d96cc2d0a3b1aeae51c804b6232724761fbdd338502a24abd573e41c87b1f74ff6b4ea4c1ded4ce", 0x47, 0x13, 0x1}, 0x80000000)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
execveat(r3, &(0x7f0000000540)='./file0\x00', &(0x7f0000000780)=[&(0x7f0000000580)='/},[&\x00', &(0x7f00000005c0)='[^{/\x00', &(0x7f0000000600)='/proc/thread-self\x00', &(0x7f0000000640)='!/-}}:}%!]^g\x95\\]:!@\x00', &(0x7f0000000680)='.pending_reads\x00', &(0x7f00000006c0)='.pending_reads\x00', &(0x7f0000000700)='.pending_reads\x00', &(0x7f0000000740)='\x00'], &(0x7f0000000a40)=[&(0x7f00000007c0)='#\x00', &(0x7f0000000900)='.pending_reads\x00'], 0x0)

[  127.291588] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  127.292399] EXT4-fs (loop3): group descriptors corrupted!
[  127.316345] loop3: detected capacity change from 0 to 512
[  127.321074] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  127.321790] EXT4-fs (loop3): group descriptors corrupted!
09:28:07 executing program 3:
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
fallocate(r0, 0x49, 0x9, 0x882)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, 0x0)

09:28:07 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x29, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devpts\x00', 0x0, 0x0)
r0 = inotify_init()
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000400)=[{&(0x7f0000000300)=""/208, 0xd0}], 0x1, 0x101, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000780))
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000000)='/,-\x00', 0x0, r2)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x500)
lsetxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f0000000380), &(0x7f00000004c0)='system_u:object_r:shell_exec_t:s0\x00', 0x22, 0x0)

09:28:07 executing program 3:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_stack_internal={{0xfd, 0x88}, {0x2, "acb642dc6e4d54680d7f31919ca547b766a9a027965e6f5db23f62c491a0575b126787d1f7b638ca2e66ad06ba27c3bd1945e1d73df90f25caa2280438e7467d21c674889f85357d5b4773fdbd9f9dfec7340c6eb81cc34409a2977965358a1a6ace88a965440c98d90489e27b81d22ecb2c5a0a222fe0f52cfdf9037dca79d76046f185c3c8"}}}, 0x8b)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb9}, "bf4e756ffa852bf4addc8a3d0fc86aa305baff3c81a0ebd9ec1d382a08e1623db956a0b095dadb245ef91cdaf4b127aa957d4458f40aef696dc61afad92f4e32945ec7aa9d48b3dd415a711b360340037da56e91ff06a01c78d01e81648080dd3cb8035b5a14d780fcd02a1129f9e60c570d11206facc2428eff28a0e275d3662dbf652d6eb4d6a5f744f552a7cd5a7893989a0123959471c050869fdc30d0055541ae658ace18a8402020de2c0625ec30f95f6f44f2caba10"}, 0xbd)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0xff}, {0x1, [{@any, 0x84, 0xff, "c332a9", 0x7, 0x5, "67ac9b1b5169dc8af80437b2b6fe83aedb85bac530f58a6faffd445a38087d25b08703885de82923fcbf319f2c6c30204c21eda7d43bf78db8b5c7ac14fbc5fa6794522bbbebe8522553968f2b7d8e71be83916ea3885ce5f286e7bf8aab97f23fc2d05e9cd355e249428aa1dcd95f2be395ee4829b78c26dc0061c55b95eb92e071821d208d0e37bb9072f2dbf82263bbdcb39b55087acb823382c1dacb442346029ac4b5ae14e3e9d3c027c084127fd3871db7e44853f0ced7357fc4dbacf4bbf3e7ec0f8a37f6bbe12d828f8d988c8941bc1cd54b3f8827fde25c5d0bcc4ad1433d3da1a14aba6e5d799a5a437e00"}]}}}, 0x102)

[  127.577464] audit: type=1400 audit(1664789287.376:7): avc:  denied  { associate } for  pid=3865 comm="syz-executor.2" name="/" dev="devpts" ino=1 scontext=system_u:object_r:shell_exec_t:s0 tcontext=system_u:object_r:devpts_t:s0 tclass=filesystem permissive=1
09:28:07 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x46c142, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x100000)
openat(r1, &(0x7f0000000380)='./file1/file0\x00', 0x400, 0x132)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x40, 0x5, 0x32, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, 0x7, 0x7800, 0x10001}})
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2080000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x6, 0x5, 0x1, 0x3f, 0x0, 0x3ff, 0x50000, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x1, @perf_config_ext={0x1, 0x7fff}, 0xa8, 0x1, 0x20, 0x0, 0x0, 0x7fffffff, 0x9, 0x0, 0x4, 0x0, 0xdeb}, 0x0, 0x3, r3, 0x3)

[  127.700211] audit: type=1400 audit(1664789287.500:8): avc:  denied  { open } for  pid=3876 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  127.701797] audit: type=1400 audit(1664789287.500:9): avc:  denied  { kernel } for  pid=3876 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  127.722179] ------------[ cut here ]------------
[  127.722201] 
[  127.722203] ======================================================
[  127.722207] WARNING: possible circular locking dependency detected
[  127.722211] 6.0.0-rc7-next-20220930 #1 Not tainted
[  127.722217] ------------------------------------------------------
[  127.722221] syz-executor.2/3878 is trying to acquire lock:
[  127.722227] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  127.722269] 
[  127.722269] but task is already holding lock:
[  127.722272] ffff88800f43d820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  127.722299] 
[  127.722299] which lock already depends on the new lock.
[  127.722299] 
[  127.722302] 
[  127.722302] the existing dependency chain (in reverse order) is:
[  127.722305] 
[  127.722305] -> #3 (&ctx->lock){....}-{2:2}:
[  127.722319]        _raw_spin_lock+0x2a/0x40
[  127.722330]        __perf_event_task_sched_out+0x53b/0x18d0
[  127.722342]        __schedule+0xedd/0x2470
[  127.722355]        schedule+0xda/0x1b0
[  127.722369]        exit_to_user_mode_prepare+0x114/0x1a0
[  127.722381]        syscall_exit_to_user_mode+0x19/0x40
[  127.722394]        do_syscall_64+0x48/0x90
[  127.722411]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.722424] 
[  127.722424] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  127.722438]        _raw_spin_lock_nested+0x30/0x40
[  127.722448]        raw_spin_rq_lock_nested+0x1e/0x30
[  127.722462]        task_fork_fair+0x63/0x4d0
[  127.722479]        sched_cgroup_fork+0x3d0/0x540
[  127.722493]        copy_process+0x4183/0x6e20
[  127.722504]        kernel_clone+0xe7/0x890
[  127.722513]        user_mode_thread+0xad/0xf0
[  127.722523]        rest_init+0x24/0x250
[  127.722535]        arch_call_rest_init+0xf/0x14
[  127.722553]        start_kernel+0x4c6/0x4eb
[  127.722568]        secondary_startup_64_no_verify+0xe0/0xeb
[  127.722583] 
[  127.722583] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  127.722596]        _raw_spin_lock_irqsave+0x39/0x60
[  127.722607]        try_to_wake_up+0xab/0x1930
[  127.722620]        up+0x75/0xb0
[  127.722633]        __up_console_sem+0x6e/0x80
[  127.722650]        console_unlock+0x46a/0x590
[  127.722668]        do_con_write+0xc05/0x1d50
[  127.722679]        con_write+0x21/0x40
[  127.722688]        n_tty_write+0x4d4/0xfe0
[  127.722700]        file_tty_write.constprop.0+0x455/0x8a0
[  127.722712]        vfs_write+0x9c3/0xd90
[  127.722728]        ksys_write+0x127/0x250
[  127.722743]        do_syscall_64+0x3b/0x90
[  127.722760]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.722772] 
[  127.722772] -> #0 ((console_sem).lock){....}-{2:2}:
[  127.722786]        __lock_acquire+0x2a02/0x5e70
[  127.722803]        lock_acquire+0x1a2/0x530
[  127.722818]        _raw_spin_lock_irqsave+0x39/0x60
[  127.722829]        down_trylock+0xe/0x70
[  127.722843]        __down_trylock_console_sem+0x3b/0xd0
[  127.722859]        vprintk_emit+0x16b/0x560
[  127.722875]        vprintk+0x84/0xa0
[  127.722890]        _printk+0xba/0xf1
[  127.722902]        report_bug.cold+0x72/0xab
[  127.722918]        handle_bug+0x3c/0x70
[  127.722934]        exc_invalid_op+0x14/0x50
[  127.722951]        asm_exc_invalid_op+0x16/0x20
[  127.722963]        group_sched_out.part.0+0x2c7/0x460
[  127.722981]        ctx_sched_out+0x8f1/0xc10
[  127.722997]        __perf_event_task_sched_out+0x6d0/0x18d0
[  127.723008]        __schedule+0xedd/0x2470
[  127.723021]        schedule+0xda/0x1b0
[  127.723034]        exit_to_user_mode_prepare+0x114/0x1a0
[  127.723045]        syscall_exit_to_user_mode+0x19/0x40
[  127.723057]        do_syscall_64+0x48/0x90
[  127.723073]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.723086] 
[  127.723086] other info that might help us debug this:
[  127.723086] 
[  127.723088] Chain exists of:
[  127.723088]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  127.723088] 
[  127.723103]  Possible unsafe locking scenario:
[  127.723103] 
[  127.723106]        CPU0                    CPU1
[  127.723108]        ----                    ----
[  127.723110]   lock(&ctx->lock);
[  127.723116]                                lock(&rq->__lock);
[  127.723122]                                lock(&ctx->lock);
[  127.723128]   lock((console_sem).lock);
[  127.723134] 
[  127.723134]  *** DEADLOCK ***
[  127.723134] 
[  127.723136] 2 locks held by syz-executor.2/3878:
[  127.723143]  #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  127.723172]  #1: ffff88800f43d820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  127.723198] 
[  127.723198] stack backtrace:
[  127.723200] CPU: 1 PID: 3878 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1
[  127.723213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  127.723221] Call Trace:
[  127.723224]  <TASK>
[  127.723228]  dump_stack_lvl+0x8b/0xb3
[  127.723246]  check_noncircular+0x263/0x2e0
[  127.723263]  ? format_decode+0x26c/0xb50
[  127.723279]  ? print_circular_bug+0x450/0x450
[  127.723296]  ? simple_strtoul+0x30/0x30
[  127.723312]  ? format_decode+0x26c/0xb50
[  127.723329]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  127.723346]  __lock_acquire+0x2a02/0x5e70
[  127.723367]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  127.723390]  lock_acquire+0x1a2/0x530
[  127.723406]  ? down_trylock+0xe/0x70
[  127.723423]  ? lock_release+0x750/0x750
[  127.723443]  ? vprintk+0x84/0xa0
[  127.723461]  _raw_spin_lock_irqsave+0x39/0x60
[  127.723472]  ? down_trylock+0xe/0x70
[  127.723488]  down_trylock+0xe/0x70
[  127.723504]  ? vprintk+0x84/0xa0
[  127.723520]  __down_trylock_console_sem+0x3b/0xd0
[  127.723537]  vprintk_emit+0x16b/0x560
[  127.723556]  vprintk+0x84/0xa0
[  127.723573]  _printk+0xba/0xf1
[  127.723584]  ? record_print_text.cold+0x16/0x16
[  127.723600]  ? report_bug.cold+0x66/0xab
[  127.723618]  ? group_sched_out.part.0+0x2c7/0x460
[  127.723636]  report_bug.cold+0x72/0xab
[  127.723654]  handle_bug+0x3c/0x70
[  127.723671]  exc_invalid_op+0x14/0x50
[  127.723689]  asm_exc_invalid_op+0x16/0x20
[  127.723702] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  127.723722] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  127.723733] RSP: 0018:ffff88803f74fc48 EFLAGS: 00010006
[  127.723742] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  127.723750] RDX: ffff88803f715040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  127.723758] RBP: ffff88803f758000 R08: 0000000000000005 R09: 0000000000000001
[  127.723765] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f43d800
[  127.723773] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  127.723783]  ? group_sched_out.part.0+0x2c7/0x460
[  127.723803]  ? group_sched_out.part.0+0x2c7/0x460
[  127.723823]  ctx_sched_out+0x8f1/0xc10
[  127.723842]  __perf_event_task_sched_out+0x6d0/0x18d0
[  127.723856]  ? lock_is_held_type+0xd7/0x130
[  127.723870]  ? __perf_cgroup_move+0x160/0x160
[  127.723880]  ? set_next_entity+0x304/0x550
[  127.723898]  ? update_curr+0x267/0x740
[  127.723916]  ? lock_is_held_type+0xd7/0x130
[  127.723930]  __schedule+0xedd/0x2470
[  127.723947]  ? io_schedule_timeout+0x150/0x150
[  127.723963]  ? rcu_read_lock_sched_held+0x3e/0x80
[  127.723984]  schedule+0xda/0x1b0
[  127.723999]  exit_to_user_mode_prepare+0x114/0x1a0
[  127.724011]  syscall_exit_to_user_mode+0x19/0x40
[  127.724025]  do_syscall_64+0x48/0x90
[  127.724042]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.724055] RIP: 0033:0x7f1e23e98b19
[  127.724064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  127.724075] RSP: 002b:00007f1e2140e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  127.724085] RAX: 0000000000000001 RBX: 00007f1e23fabf68 RCX: 00007f1e23e98b19
[  127.724093] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1e23fabf6c
[  127.724100] RBP: 00007f1e23fabf60 R08: 000000000000000e R09: 0000000000000000
[  127.724107] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f1e23fabf6c
[  127.724115] R13: 00007ffd4e2818cf R14: 00007f1e2140e300 R15: 0000000000022000
[  127.724127]  </TASK>
[  127.781193] WARNING: CPU: 1 PID: 3878 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  127.781889] Modules linked in:
[  127.782132] CPU: 1 PID: 3878 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1
[  127.782732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  127.783575] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  127.783986] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  127.785358] RSP: 0018:ffff88803f74fc48 EFLAGS: 00010006
[  127.785773] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  127.786311] RDX: ffff88803f715040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  127.786845] RBP: ffff88803f758000 R08: 0000000000000005 R09: 0000000000000001
[  127.787380] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800f43d800
[  127.787916] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  127.788450] FS:  00007f1e2140e700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  127.789069] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  127.789508] CR2: 00007f0ab2a576f4 CR3: 000000003e726000 CR4: 0000000000350ee0
[  127.790042] Call Trace:
[  127.790235]  <TASK>
[  127.790411]  ctx_sched_out+0x8f1/0xc10
[  127.790716]  __perf_event_task_sched_out+0x6d0/0x18d0
[  127.791120]  ? lock_is_held_type+0xd7/0x130
[  127.791450]  ? __perf_cgroup_move+0x160/0x160
[  127.791798]  ? set_next_entity+0x304/0x550
[  127.792119]  ? update_curr+0x267/0x740
[  127.792419]  ? lock_is_held_type+0xd7/0x130
[  127.792744]  __schedule+0xedd/0x2470
[  127.793049]  ? io_schedule_timeout+0x150/0x150
[  127.793400]  ? rcu_read_lock_sched_held+0x3e/0x80
[  127.793775]  schedule+0xda/0x1b0
[  127.794039]  exit_to_user_mode_prepare+0x114/0x1a0
[  127.794412]  syscall_exit_to_user_mode+0x19/0x40
[  127.794776]  do_syscall_64+0x48/0x90
[  127.795066]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.795458] RIP: 0033:0x7f1e23e98b19
[  127.795740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  127.797077] RSP: 002b:00007f1e2140e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  127.797643] RAX: 0000000000000001 RBX: 00007f1e23fabf68 RCX: 00007f1e23e98b19
[  127.798173] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1e23fabf6c
[  127.798699] RBP: 00007f1e23fabf60 R08: 000000000000000e R09: 0000000000000000
[  127.799230] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f1e23fabf6c
[  127.799755] R13: 00007ffd4e2818cf R14: 00007f1e2140e300 R15: 0000000000022000
[  127.800288]  </TASK>
[  127.800466] irq event stamp: 762
[  127.800720] hardirqs last  enabled at (761): [<ffffffff8133e829>] exit_to_user_mode_prepare+0x109/0x1a0
[  127.801420] hardirqs last disabled at (762): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  127.802041] softirqs last  enabled at (262): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  127.802672] softirqs last disabled at (229): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  127.803307] ---[ end trace 0000000000000000 ]---
[  128.498885] audit: type=1107 audit(1664789288.299:10): pid=3926 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 msg='X!�D��棞qY}i&�꬚y���+��<P���h6p�r4S��ϔ�`о0��+vw�l�����X~`�r%^ڼ\���(��dRO��Ձ��s' M����&�ŸW�����-h�EQ�n��ǋ��G��$�O3�^b+'
[  128.590376] audit: type=1107 audit(1664789288.390:11): pid=3926 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 msg='X!�D��棞qY}i&�꬚y���+��<P���h6p�r4S��ϔ�`о0��+vw�l�����X~`�r%^ڼ\���(��dRO��Ձ��s' M����&�ŸW�����-h�EQ�n��ǋ��G��$�O3�^b+'
[  129.445737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.446959] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.653691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.654790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.658908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.659882] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.664831] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.666299] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.667905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.669488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.178710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.180446] misc raw-gadget: fail, usb_gadget_register_driver returned -16

VM DIAGNOSIS:
09:28:07  Registers:
info registers vcpu 0
RAX=ffffffff816c44cf RBX=ffffffff81359c40 RCX=0000000000000000 RDX=1ffff11007ee1eb6
RSI=ffffffff816c44cf RDI=ffff88803f70f620 RBP=ffff88803f70f5f0 RSP=ffff88803f70f550
R8 =ffffffff85ed086e R9 =ffffffff85ed0872 R10=ffffed1007ee1eb8 R11=ffff88803f70f598
R12=ffff88803f70f620 R13=0000000000000000 R14=ffff888009a9b580 R15=ffff888007c75000
RIP=ffffffff84603940 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f146deaa8e0 CR3=0000000017e68000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803f74f690
R8 =0000000000000001 R9 =000000000000000a R10=000000000000006f R11=0000000000000001
R12=000000000000006f R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f1e2140e700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0ab2a576f4 CR3=000000003e726000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f1e23f7f7c0 00007f1e23f7f7c8
YMM02=0000000000000000 0000000000000000 00007f1e23f7f7e0 00007f1e23f7f7c0
YMM03=0000000000000000 0000000000000000 00007f1e23f7f7c8 00007f1e23f7f7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000