
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:22637' (ECDSA) to the list of known hosts.
2022/10/03 10:33:08 fuzzer started
2022/10/03 10:33:08 dialing manager at localhost:35095
syzkaller login: [   36.105665] cgroup: Unknown subsys name 'net'
[   36.193946] cgroup: Unknown subsys name 'rlimit'
2022/10/03 10:33:24 syscalls: 2215
2022/10/03 10:33:24 code coverage: enabled
2022/10/03 10:33:24 comparison tracing: enabled
2022/10/03 10:33:24 extra coverage: enabled
2022/10/03 10:33:24 setuid sandbox: enabled
2022/10/03 10:33:24 namespace sandbox: enabled
2022/10/03 10:33:24 Android sandbox: enabled
2022/10/03 10:33:24 fault injection: enabled
2022/10/03 10:33:24 leak checking: enabled
2022/10/03 10:33:24 net packet injection: enabled
2022/10/03 10:33:24 net device setup: enabled
2022/10/03 10:33:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/03 10:33:24 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/03 10:33:24 USB emulation: enabled
2022/10/03 10:33:24 hci packet injection: enabled
2022/10/03 10:33:24 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/03 10:33:24 802.15.4 emulation: enabled
2022/10/03 10:33:24 fetching corpus: 50, signal 32675/34453 (executing program)
2022/10/03 10:33:24 fetching corpus: 100, signal 44188/47583 (executing program)
2022/10/03 10:33:24 fetching corpus: 150, signal 52007/56933 (executing program)
2022/10/03 10:33:24 fetching corpus: 200, signal 59557/65896 (executing program)
2022/10/03 10:33:24 fetching corpus: 250, signal 64634/72408 (executing program)
2022/10/03 10:33:25 fetching corpus: 300, signal 66969/76203 (executing program)
2022/10/03 10:33:25 fetching corpus: 350, signal 70904/81521 (executing program)
2022/10/03 10:33:25 fetching corpus: 400, signal 74596/86566 (executing program)
2022/10/03 10:33:25 fetching corpus: 450, signal 77667/90995 (executing program)
2022/10/03 10:33:25 fetching corpus: 500, signal 84204/98553 (executing program)
2022/10/03 10:33:25 fetching corpus: 550, signal 87768/103286 (executing program)
2022/10/03 10:33:25 fetching corpus: 600, signal 89548/106320 (executing program)
2022/10/03 10:33:25 fetching corpus: 650, signal 92642/110539 (executing program)
2022/10/03 10:33:26 fetching corpus: 700, signal 95275/114307 (executing program)
2022/10/03 10:33:26 fetching corpus: 750, signal 100291/120172 (executing program)
2022/10/03 10:33:26 fetching corpus: 800, signal 102101/123154 (executing program)
2022/10/03 10:33:26 fetching corpus: 850, signal 104172/126316 (executing program)
2022/10/03 10:33:26 fetching corpus: 900, signal 106795/129958 (executing program)
2022/10/03 10:33:26 fetching corpus: 950, signal 108818/133001 (executing program)
2022/10/03 10:33:26 fetching corpus: 1000, signal 110965/136141 (executing program)
2022/10/03 10:33:27 fetching corpus: 1050, signal 113421/139480 (executing program)
2022/10/03 10:33:27 fetching corpus: 1100, signal 115922/142831 (executing program)
2022/10/03 10:33:27 fetching corpus: 1150, signal 117211/145185 (executing program)
2022/10/03 10:33:27 fetching corpus: 1200, signal 119182/148076 (executing program)
2022/10/03 10:33:27 fetching corpus: 1250, signal 120441/150400 (executing program)
2022/10/03 10:33:27 fetching corpus: 1300, signal 121836/152716 (executing program)
2022/10/03 10:33:27 fetching corpus: 1350, signal 123681/155415 (executing program)
2022/10/03 10:33:27 fetching corpus: 1400, signal 125073/157727 (executing program)
2022/10/03 10:33:28 fetching corpus: 1450, signal 126993/160429 (executing program)
2022/10/03 10:33:28 fetching corpus: 1500, signal 128581/162880 (executing program)
2022/10/03 10:33:28 fetching corpus: 1550, signal 131611/166449 (executing program)
2022/10/03 10:33:28 fetching corpus: 1600, signal 134360/169720 (executing program)
2022/10/03 10:33:28 fetching corpus: 1650, signal 135683/171828 (executing program)
2022/10/03 10:33:28 fetching corpus: 1700, signal 136765/173782 (executing program)
2022/10/03 10:33:28 fetching corpus: 1750, signal 137854/175681 (executing program)
2022/10/03 10:33:28 fetching corpus: 1800, signal 139201/177781 (executing program)
2022/10/03 10:33:29 fetching corpus: 1850, signal 140204/179609 (executing program)
2022/10/03 10:33:29 fetching corpus: 1900, signal 141162/181428 (executing program)
2022/10/03 10:33:29 fetching corpus: 1950, signal 142746/183720 (executing program)
2022/10/03 10:33:29 fetching corpus: 2000, signal 144345/186002 (executing program)
2022/10/03 10:33:29 fetching corpus: 2050, signal 145559/187933 (executing program)
2022/10/03 10:33:29 fetching corpus: 2100, signal 146349/189507 (executing program)
2022/10/03 10:33:29 fetching corpus: 2150, signal 147343/191231 (executing program)
2022/10/03 10:33:29 fetching corpus: 2200, signal 148327/192905 (executing program)
2022/10/03 10:33:29 fetching corpus: 2250, signal 150074/195185 (executing program)
2022/10/03 10:33:30 fetching corpus: 2300, signal 150947/196831 (executing program)
2022/10/03 10:33:30 fetching corpus: 2350, signal 151959/198532 (executing program)
2022/10/03 10:33:30 fetching corpus: 2400, signal 152847/200136 (executing program)
2022/10/03 10:33:30 fetching corpus: 2450, signal 154323/202092 (executing program)
2022/10/03 10:33:30 fetching corpus: 2500, signal 155158/203611 (executing program)
2022/10/03 10:33:30 fetching corpus: 2550, signal 156026/205127 (executing program)
2022/10/03 10:33:30 fetching corpus: 2600, signal 156720/206519 (executing program)
2022/10/03 10:33:30 fetching corpus: 2650, signal 157820/208193 (executing program)
2022/10/03 10:33:30 fetching corpus: 2700, signal 158798/209753 (executing program)
2022/10/03 10:33:31 fetching corpus: 2750, signal 159216/210949 (executing program)
2022/10/03 10:33:31 fetching corpus: 2800, signal 160014/212419 (executing program)
2022/10/03 10:33:31 fetching corpus: 2850, signal 161302/214164 (executing program)
2022/10/03 10:33:31 fetching corpus: 2900, signal 161991/215508 (executing program)
2022/10/03 10:33:31 fetching corpus: 2950, signal 162532/216815 (executing program)
2022/10/03 10:33:31 fetching corpus: 3000, signal 163580/218398 (executing program)
2022/10/03 10:33:31 fetching corpus: 3050, signal 165227/220255 (executing program)
2022/10/03 10:33:31 fetching corpus: 3100, signal 166245/221815 (executing program)
2022/10/03 10:33:32 fetching corpus: 3150, signal 168305/223979 (executing program)
2022/10/03 10:33:32 fetching corpus: 3200, signal 169193/225361 (executing program)
2022/10/03 10:33:32 fetching corpus: 3250, signal 169740/226528 (executing program)
2022/10/03 10:33:32 fetching corpus: 3300, signal 170259/227714 (executing program)
2022/10/03 10:33:32 fetching corpus: 3350, signal 170845/228910 (executing program)
2022/10/03 10:33:32 fetching corpus: 3400, signal 171884/230265 (executing program)
2022/10/03 10:33:32 fetching corpus: 3450, signal 172618/231533 (executing program)
2022/10/03 10:33:32 fetching corpus: 3500, signal 173106/232671 (executing program)
2022/10/03 10:33:33 fetching corpus: 3550, signal 173854/233928 (executing program)
2022/10/03 10:33:33 fetching corpus: 3600, signal 174623/235231 (executing program)
2022/10/03 10:33:33 fetching corpus: 3650, signal 175205/236343 (executing program)
2022/10/03 10:33:33 fetching corpus: 3700, signal 175831/237470 (executing program)
2022/10/03 10:33:33 fetching corpus: 3750, signal 176390/238590 (executing program)
2022/10/03 10:33:33 fetching corpus: 3800, signal 177826/240131 (executing program)
2022/10/03 10:33:33 fetching corpus: 3850, signal 178331/241242 (executing program)
2022/10/03 10:33:33 fetching corpus: 3900, signal 179709/242731 (executing program)
2022/10/03 10:33:33 fetching corpus: 3950, signal 180166/243760 (executing program)
2022/10/03 10:33:33 fetching corpus: 4000, signal 180812/244882 (executing program)
2022/10/03 10:33:34 fetching corpus: 4050, signal 181464/245967 (executing program)
2022/10/03 10:33:34 fetching corpus: 4100, signal 181917/246964 (executing program)
2022/10/03 10:33:34 fetching corpus: 4150, signal 182493/248065 (executing program)
2022/10/03 10:33:34 fetching corpus: 4200, signal 183245/249133 (executing program)
2022/10/03 10:33:34 fetching corpus: 4250, signal 184070/250298 (executing program)
2022/10/03 10:33:34 fetching corpus: 4300, signal 185733/251782 (executing program)
2022/10/03 10:33:34 fetching corpus: 4350, signal 186878/253053 (executing program)
2022/10/03 10:33:35 fetching corpus: 4400, signal 187670/254181 (executing program)
2022/10/03 10:33:35 fetching corpus: 4450, signal 188298/255206 (executing program)
2022/10/03 10:33:35 fetching corpus: 4500, signal 189219/256320 (executing program)
2022/10/03 10:33:35 fetching corpus: 4550, signal 189800/257223 (executing program)
2022/10/03 10:33:35 fetching corpus: 4600, signal 190227/258175 (executing program)
2022/10/03 10:33:35 fetching corpus: 4650, signal 190554/259061 (executing program)
2022/10/03 10:33:35 fetching corpus: 4700, signal 191057/260069 (executing program)
2022/10/03 10:33:35 fetching corpus: 4750, signal 191626/261091 (executing program)
2022/10/03 10:33:35 fetching corpus: 4800, signal 192347/262174 (executing program)
2022/10/03 10:33:36 fetching corpus: 4850, signal 192782/263042 (executing program)
2022/10/03 10:33:36 fetching corpus: 4900, signal 193211/263943 (executing program)
2022/10/03 10:33:36 fetching corpus: 4950, signal 194107/265001 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/265973 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/266711 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/267402 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/268120 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/268824 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/269550 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/270290 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/270983 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/271620 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/272347 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/273047 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/273749 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/274491 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/275181 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/275865 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/276582 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/277276 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/277967 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/278677 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/279398 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/280102 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/280810 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/281477 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/282194 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/282906 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/283613 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/284308 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/285027 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/285718 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/286432 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/287154 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/287872 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/288571 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/289276 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/290022 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/290782 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/291500 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/292215 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/292888 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/293627 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/294306 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/295017 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/295697 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/296394 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/297076 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/297809 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/298548 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/299254 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/299951 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/300419 (executing program)
2022/10/03 10:33:36 fetching corpus: 4999, signal 194783/300419 (executing program)
2022/10/03 10:33:39 starting 8 fuzzer processes
10:33:39 executing program 0:
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in={{0x2, 0x4e22, @multicast1}}, 0x0, 0x0, 0x1b, 0x0, "8d06096051b232826b487d5ba8190d1a106d250b3608f3cd174d69331c14949157f304a1e3d261fc217a25f88aaf98391d2e2c1ffa8907f97ca7df6bd61b1bf5e2f2f23e5e994996ab88b079382d99d1"}, 0xd8)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x4e21, @multicast2}}, 0x0, 0x0, 0x46, 0x0, "5d637fa223e4923bd7c23cfde576c8162c6d361303c9c9d25a0bbbe2ec6bec6257a30df7208405862f02e7a76cd0e971bdce82167c111c54b9bb3ebcd99d69da7e357f9014962994cffa6a8c6bb1569d"}, 0xd8)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x8, 0x2)
r0 = syz_open_dev$mouse(&(0x7f0000000280), 0xffff, 0x4008c2)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000002c0)=0xffffffffffffffff, 0x4)
renameat2(r0, &(0x7f0000000300)='./file0\x00', r0, &(0x7f0000000340)='./file0\x00', 0x4)
syz_mount_image$msdos(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x80, 0x4, &(0x7f00000015c0)=[{&(0x7f0000000400)="2f3aa69844d65e90334b42c123bf8715b920908658fc8abde8f7b2fde0940be56d9c6f82811318f9d226c362194cf31eecb4c9e9b0865702c0d57e95e08cdcf7aa474bc181bc7ef9a93efc584d4c6eefd5bb422ba1f65f78efc2edcb9971874fef9d3ee6441bfbe5cf127fc07a459137cf354ea1475f88583c5d81775fed4c2d2f83771279aee0a0", 0x88, 0xffffffffffffff5a}, {&(0x7f00000004c0)="6f091b563e46410299b5ec0db4700b36788e50b49bc2c6b277f4d4faa89a997102b4feefa5d82a7c860416ca2863d851eb277836dfb72f6a75be024539639264cbc628843d9c4f1eaaeac6ff3f194c0acddb1aaab3e80408a642dbdae42709fc2ae571ddfd1cf04220c0e84853ecc8660d2a3a9e78de3aef1bd7390e8bea23e075b151e2dd247be6822da3b3799c70b0ba60a3731a6aab6926054a37ba4e7273a6cfd434459a641ba31f0a33590d2f5adad51fb97a25190d3eb1b2f4216e4f9d4ceca4531d7b1b2463f5e2fde4a80d04e861262bfd58f596a259a1b48c7c31e1907d45dd64929058c2f9f9a7df6324c5f68f006ac894430f6beb7424d033cf3bff89d3de8626fd1c0e4dab07089f9ce0ae6cef911e5572ae39acb9b6d786ca17f15b7bbba0fe196ac06f1558ff2fca9c59a921cfd91695f9fe9d8028e67d1c938fa700159fba3664ea05d3996ecd328ccf5732dadadbfdb7e89df775340b8893cdf5d8f357787946f26a4a12ef3cc7fa722772251435f52e702549ec012f6e95882d4bb0aa0d80393673bfaa130b75c87f946b5979bebb33697e96d0b76b01f1f63ba1a3cff5fc0ad0cd6a9aaae3bd653d9863c4b136f344322d1fa6628dbc6af2076f80a8f9d6c73db805ef7d50a8f53690c303e450c65ee687b469129ec89d8a415eb0e8e650a79383edad99fa19a16412915dd637b954badc45ecc6cb17edaea616576c8869c1a54b78511b7b7a1afc804551d83064fa745c9a1af6de5bde0b50624e090e18607ad21e4006c72409fe357677a16f10992b3ab4a68fcf65193da008a927167317715d8acc55160194a60956e0b55849e1ed0d7b365d8c40a196eaae70201cdd966dd5ababe6404101221ea973b61e2af13ac664f3ad89aec9af711717fd3fb27b3386ef714fd98059bc00642b68d978f5f838b9f80ea56f408fa818a9f5c8dc651d2f7dd6ea0476cfcd10e5558cd4fda34daba74ec2b3dfe74baf7661e0a27913041b7673932af4ca942ca5e85fe2e8f29e77c791d9a0311da68873a0275f37488b8a3b2d06824f83fd2db4791b944f76addebaa8fb0c6ec0713846d6f83b525d73c5109ffaf526f1c3ce5f907c8696a873574099bf6b19c707a0d463ccf454c8ef565a7fc304e34340317b60a7ffa5bab91c87abbd37a9b5874313db0932c8d39224e29309b4945ba83d0ad13e6a26df02e5825bff2551001e7ae7dc07b374582e991484d6fa6cef0e857ccdc693ca1743268c8332b158335c9dda4a72cf89eb604f1e642277250773d040f02e9239b018b4afd5ef6c6d0f01bc1603e69e3e62facbd128c640323f98c182f384f27fc50314a5b2e1729844c4a5043dce061bef0d98bd978a89ad520ebdd48a97d6d1ea394d0777a201bf7df8e0dd50f5df1c1e665e21da9c4f69b0b212e1ec5fe292a0c7225af399077445be9fd1846e189f1f441778648bb871ab58d4fdf80deb7f848b936b722db75f18f9334f0789534dd4607847beea67605057caa3b8b393523b4fa3c06c1d8ba16d859fe26446f7a6393da7c920a5d6d90dc718a0e912c38683b0d811a85f21a14301be957759a82ccb2a7a379ed67a3f4d8164cbc00c6cade8b5c9b40b6331d8773f71d486dbdef345ea6167924a56bb5768d3147bba8369b42615f6ae33879162a77b7a6806a2aaaa0ea28004ebf0001418579dcb5c2f7f2c6f76022fb406e2c8294632a30f6289ec9baec08bf32273ba626e19ba5cf9f856b5728b6a2038535dc326d4d2ca4951047028bf5751225b7b7d5c0b45296ed514561f562f800c90f959cbbbd7b43b48b0cf44f845f70fd64156a3f55e596cbceccbec653b176a9fbc5bce36de9a87ff839f0106ff9d2281f4459e1baeea7146ec4b270a215e1c8506d8ca6acb18eadcdec68ad1c6ef6d0f9f9b3a18fdf8966e5417f84fc42d13974a460eef99256520fa48c0780b9e85126511614f11fdf050a0226b14f609f04146ee55c798b461349d3f0f48770f467519a9bbd27b858099ad61710c25caf30c429a7cae1ead8256fcd908a90062c8e239a0b24db8d32c81ac9090fd80293df11f8e0033a47fd088aec584fad82920f5f14ea514f836da79cc132831f33c4c55d0573cb98b8ae5e458a6d4d6ade24640c62d0416036503fa6ab81ffeaec3bf325d389460f1e468d1d0e028471c70b34b28badbbf3fc934014bc575f7d9b78f539be65be1c365745bc9858983f0c5c5bdae793059cdb46b7138d0a779a8015c9f79d422ee118e0690ac4a6c02a670c8cd3818bab6caadab8ba300217d6acd63b3ce3f6dbf871597b6b36b905cda7d9ebfef1f4306fc84a4e9ab8eb433a6c2fd9d0c986069d8654ac4b1186a29fe5d69409910920e7b2c069c8341ff7c6603b1b3fab88b1f19732cbad7542b92b2fca401d35a3b66c1e1340507d4eab10821040be3f83529a761fff8ac27c72fd4fb698a72835ac040102db93e777a8f5d0a02983563222befd7291f642d7bbb7c49f8a3bea46cb8730ef39a0b6e9c83093573a8e742a76c1da50fae080d3924ea9fc4d34ab4d560bc2164944146e258fb23537b756fec7fcea253209dfa8600eafb2b4ab60aff153dbc5dcb113c11f4a428182281d44e0223170670e26190fecbcb5dd81dd6e067187f631be7cba09c83b300c12603d4916b05f65c5be8f8667579a4a40a7135cb18f3d184819fd1cb73451d5b1bbe5521a184842889ad94b3d0c844f2e3aab30f534aab360fd9228b881ae37019647b5d276608e5630e12c66bd312514f35d08917afe280d1cfa4efbfc693ef47e249d48b26012e4ec74df54f8e346a1d4547472697b29f1b183bbd38c53daf78c84af374a145caf84ec0f19fa37f1c41f0359eb17071d781d53aa0866f553a3d3a538a66f665ef7314179de6d117ad499a8f603f4a27bc3e990bba4e2790e3614be87adf8caa125ac540bb811c1945ca1a83e5b5a91c1f34c52c793d3651fca1f3c38aa023a1b671e612bfd7ea68df5085eb516727117029015f3ec18afdba11b136d24c815133fb0f13bd0d37fe297c01c2145b9f074221d0e0d21e04cd3f8a6653f9308d4f9b090b23c1903903cbd44b1723d60df5bcf931263db52d68bec60599c49d59db57807cdbc9fb50e71b89d31b450bd2f1ace5848c7d93ce87e091bcf4589fae6595ec612b7f6d5e86830e8ae946593010adbc02faf3b84d2c40027eae20ad705b63b885413a1ba205d7c00ad6c51f7b3ec90cf8ca26f450577ad4cd104e12dd2a482bac67ed9c2a70299579a0146c9afb6cc45dc520beebddfba67fc336c23f42d3e306c8dfb5b7b20366bb0c288a0c45e98ad4559ec584b44ea8ed4673bddfc9804daf80a8c335d90fa00eab369993bdac240e6a1bf44b935021f8f209f776d5197e622649de865e486ee611f2f3b016927ade670fe161b37399688091b6aec0a43ca8d1cace4a4e83498a7b90b68e5861d71b00c8eaa95b84a0224d3b3adc7dd81d892ff20812058594a76db2440174c22321195f7cfc120e1f5d65864b012e4c94deea01f638739252c6880c4b7133e734bd2d9fc58ab9a14164ac8acadd599a5b51b6cbbcfd3f0febb68d016b58a76b3cdb10c955fe131f3b3c68fe2b2861a1d71fbe36fa07a2a6afa55627fef45efc18d09c27b32f19b70cdf4e2c3a6ec94a34115315aef355fb40edc7eace74df5eeb1ec301a4f3672bcbb1ae80cacfd73e374ac6f44245a0f53fde8bf7e42eb64a55874f06171970174af399112cfe8330c03cab51ed0bf8ddebb05932531e3214b3891c74716f69c0935761f07f9ec27057ba9ae92bfaa67d8e1c4e363bd2cef46969210f011f46f0760d141cb35744ca48eadad7b25388ac0a8c74b5624c4da7da7dc8f17d05cc1736ca79b934953470d137df26967b268e0fe272c1265244501d74b00806c478fdf8a5bfb99a9a0c3cf3587fbdd8c8568dec58888298c09a52cb818e6bf824bb0615857a2b5a46af27e718a50c1a3d1a9df3578273d01dd44625649c520481e83362a3fdf5d664894a5e434f09853ab22842f525a75c4a1b854c2f050c63db345879ee0d745b29d798e32d59dfa4aaca2836a277cefc0898e3360170ba4599bf75c24f2d9dd50e77e2f6bd75eb3188420590eb0805ac286b478e865c6a3ccb069f5cafe71b7296f2161a7c69d22c2372d07b9f80ebfdc4874d45ad595f6ee0494f6ad4900c1604531ba3ea11e444db2fe7ff2143aeaf700469d8b206cf2346a4a9a4fc956b2c3865cb0900c6a677db4e3afe47bd6d694a27ae4e3946c08849eebff790742870e6f780f8ee3f7e525547c18774367547f2fce458f3206a67344cf6b03a93c35f1699b8dcfa74977dfea950ae8238bf2ccf08d349007722092c4b39fb59decd75ff6a69241065938a77143af9eab04966094bbd088be314933edbf38def80f085b6e576d702fac109a3ea200e07ef78cc02951474f4f7aedeb7ca06649ea0a3f65daa7002f5376ac2e7406f1b19762b92330b8fb392e4291b4a3f4ee5de1742737572a059e29c0b5d92c7478c2499b58f51f4de35de7d0ec6944e3d812a204abbd403bf980ba19ba50ed6882ef6cc743acd4ea8a2f3f129fdb5f379db983370ad33a1c5a58303f3da1c238f5afd2ee98a5f4c195426753715e09be1925f383c0c2cba7f69e82372bb2fc77cdc45c7affb3eda61ea1afd419d9946bdcf9c90e9cd8cbc44cf32cbd2bdefe0568224f0f60facbd7335a4ebf19d4915e01b273c6c54613fda0a28270e9d2fba5b1b6d1a0420b95087ddd4196c5702750ce0b9a34ae473463f158749bcddeacbc84c157118b12008b0f8656df2e5c5a9ffa589334abf7c2a7c2c190011ebf854bd5ee61171c0caa4d0d49e473cecaa1aa312180e4d8f1b7d69d3029c6963ce7382440a86748d8ffabfcf5feeffe692ea41359a98f4df67ead80c8ebd21b991bc84dff8f91d5354b73ac009c6e635648398d75b94a183b1af456618df22b140ba8364e39ddf98197b304b01ed40bfe1bb803e4218a07f7d756695bef9a25b87b01781124b3501937a002cc2489152047e31516c51ddb34e597e4bfbfe421ccd8045df124b405ad2f594f7d501ee196199855318901c2e7577c673fb4b62cceb841328d895a5b67c108e1451e9af588beeb1eb90958aea183a48751d536cc19ec4fd81162feb3ce0589e3236f1b0f129e07c03e0d8d02e4ad8e5aa6cfdebf08f155882de485f19c750737da43c093e37324f163cb486702a33c8e03a31d2b401e4148ec3627556dbd985f5b61730a73fc20071c4fb0c2a7206d1c2ca20f8a2d1b2f948251365f7747b5ecc033d9cd983972022809cef7bfdc4ba2ff87489cd75d39eb24e8726d48e4063d84a41fa6df08f9f627c2610540bb9d412e80c4bd2862847a5d8f7a8f2745baa4513ccbf36a9c53242a25d06090452120cce5eeda0288cac281de18caa02f7fc713d24fcf710465cdd1383f873fc979a18fbc8dc0a3cf1f38281011b7b7b8eccede933614368cd16726014a1d271fb797637c3a4df1f08caf7b33f91c8c4792462725ff105085c939a1100fc77f92527d1fe08afa0d28063a1f3d7e77debbe0d8a965e9b340670317fbe4a9dc159a15a9ca5b2d938f9924ebc3140d53fc0b1119df9a689d42a0ec5cd320d46e89c1bef0d3f73f51a73070f15e3ddad2c3322ff372fbc06bd4cd057827b70d2e222f1a778cd1529942d41f50734f15cb91fcd995976356133e818e6b7c09b174151f8136674b4a4c9e073d3aae9f0b39f4fcb893301e7f3ddbdc75ee2", 0x1000, 0x40}, {&(0x7f00000014c0)="3486", 0x2, 0x2}, {&(0x7f0000001500)="b05bc13e131cd2b4935224c16408bcbe643e5a475d145060d53db293ab3f7bf21c11ee2de39c063b88bec5bd2f359b228198f1e2238be68b8fe9f4804f29be9615354c72283cbfc915a85d5159374991f3e02242c51f61b57cbe864d3ba6e5515bce6c8e1cfcd3ec22103957d37c3110055cf4b23109d5f82a86b919980915640119d1e7b6ab85540a6527ab7ede52bc2aed7a09272ff166682799278fdbfd1d4a26413b4e25fef0641ffaf00befeeb30bf80518cd6c351aad96d3a45335cb", 0xbf, 0x9}], 0xa0, &(0x7f0000001640)={[{@nodots}, {@fat=@errors_remount}, {@nodots}, {@nodots}, {@dots}, {@fat=@debug}], [{@permit_directio}, {@subj_role={'subj_role', 0x3d, '{$\\@,.:.'}}, {@dont_hash}, {@dont_appraise}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x38, 0x37, 0x66, 0x30, 0x32, 0x33, 0x38], 0x2d, [0x64, 0x35, 0x62, 0x39], 0x2d, [0x64, 0x33, 0x0, 0x35], 0x2d, [0x0, 0x36, 0x38, 0x61], 0x2d, [0x61, 0x36, 0x65, 0x0, 0x63, 0x66, 0x37, 0x37]}}}, {@dont_appraise}]})
r1 = syz_open_dev$vcsn(&(0x7f0000001700), 0x5, 0x480)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000001740)=0x7, 0x4)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000001780)={@in={{0x2, 0x4e22, @broadcast}}, 0x0, 0x0, 0x21, 0x0, "0c4c2ead90369f5e91ffc7d531f7b613a263cad04fb30604241180689ce33b8d3213fe8d0f4df21639897291fa2239fe85a87b141d1470ddcad9b75f1e8e0e09e42d3d73bed0eb9af7c77554224d49a5"}, 0xd8)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001b80)={{{@in6=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@local}}, &(0x7f0000001c80)=0xe8)
syz_mount_image$msdos(&(0x7f0000001880), &(0x7f00000018c0)='./file0\x00', 0xb2, 0x4, &(0x7f0000001b00)=[{&(0x7f0000001900)="9f333b4bde1b851624e45a7cb9d5e442f18f6b210c7a344da624e4eb9323945cf914ae39a0fde017192b96f354f641b29c2fccd645efa0d40452f1435bd52a6bddf6b4665452feb1361f61589b7b51ab2efe8dff991335357c14973d353204621a9c5f1faf22a64145efb38549a3ad534d6ebc1c32627578fee57d630e4c86a7", 0x80, 0x6}, {&(0x7f0000001980)="8e33eb84e53d881db784d2917bc729ecc211c4a6312cbecd4f0aa0f2bebfd4a7f237c801d26865e03950bec98d73dac20fcd3225aae81d785cf45608cd9e0e397681816ecaf139b76809", 0x4a, 0x2}, {&(0x7f0000001a00)="9c7f752b602d760ee33bb73cffb9c7f7018660ca5c2ee21da292b9c0f68ae57b814c286616118ed7bef18a7ae81d04677e61b87cab7e68bdd400fbb8a310d74078abd2422a", 0x45, 0x5}, {&(0x7f0000001a80)="c8b6946a3f993ebcd95da239b9dda08f1e39a3d63240d1b880a84b3b3c60be83e6cae444994fdc2d5dc74cc879e7dec8b7791929ece53fddc6a80cad2d362450724ba218c86f94545dde875030e069b116d78732896dba76c5154cfe615c55c97f398fb88df5d9", 0x67, 0x4}], 0x2000000, &(0x7f0000001cc0)={[{@dots}, {@dots}], [{@dont_measure}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@fowner_gt={'fowner>', r2}}]})
setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000001d40)={0x81, {{0xa, 0x4e24, 0x427, @local, 0x3}}}, 0x88)
r3 = syz_io_uring_complete(0x0)
fspick(r3, &(0x7f0000001e00)='./file0\x00', 0x0)
openat$cgroup_ro(r1, &(0x7f0000001e40)='blkio.bfq.time_recursive\x00', 0x0, 0x0)
r4 = accept(r0, &(0x7f0000001e80)=@pptp, &(0x7f0000001f00)=0x80)
connect$inet6(r4, &(0x7f0000001f40)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x4}, 0x1c)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000001fc0))

10:33:39 executing program 1:
ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, &(0x7f0000000000)={0x4, {0x8, 0x100000001, 0xffffffffffffff81, 0x7, 0x99f}})
epoll_wait(0xffffffffffffffff, &(0x7f0000000040)=[{}, {}, {}, {}], 0x4, 0x6)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x63}}, './file0\x00'})
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f00000000c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000300)={{0x100}, 0x100, './file0\x00'})
r2 = perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x7, 0x6, 0x9, 0x20, 0x0, 0x10001, 0x42, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x81, 0x4, @perf_config_ext={0x100000000, 0xc2cf}, 0x8080, 0x3, 0x3, 0x6, 0x4, 0x4, 0xb6e, 0x0, 0x6, 0x0, 0x5}, 0x0, 0x5, 0xffffffffffffffff, 0x2)
r3 = openat$cgroup_int(r0, &(0x7f00000004c0)='cpu.weight\x00', 0x2, 0x0)
fcntl$setsig(r3, 0xa, 0x1a)
r4 = epoll_create1(0x80000)
dup2(r2, r4)
r5 = openat$cgroup_freezer_state(r0, &(0x7f0000000540), 0x2, 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000500)='/\x11\x00', 0x0, r5)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r7 = creat(&(0x7f0000000580)='./file0\x00', 0x40)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, r6)
ioctl$AUTOFS_DEV_IOCTL_READY(r7, 0xc0189376, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r5, {0x80}}, './file0/file0\x00'})

10:33:39 executing program 2:
write$P9_RSETATTR(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x1b, 0x1}, 0x7)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000080))
setsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, &(0x7f00000000c0)=0x6, 0x4)
write$P9_RREAD(r1, &(0x7f0000000100)={0x21, 0x75, 0x2, {0x16, "16763d91da4bec5716217eef793027c8be6f069a8e52"}}, 0x21)
r2 = signalfd4(r1, &(0x7f0000000140)={[0x7fffffff]}, 0x8, 0x80800)
sendmsg$NL80211_CMD_DEL_TX_TS(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, 0x0, 0x4, 0x70bd25, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7f, 0x4}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x0)
ioctl$BTRFS_IOC_BALANCE_CTL(r2, 0x40049421, 0x1)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x7fff}}, './file0\x00'})
ioctl$EVIOCSCLOCKID(r3, 0x400445a0, &(0x7f0000000300)=0x22b)
sendmsg$TIPC_CMD_GET_NETID(r2, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4840}, 0x4008000)
ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000500)=@get={0x1, &(0x7f0000000440)=""/144, 0x1})
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000540)='/proc/bus/input/devices\x00', 0x0, 0x0)
write$P9_RFLUSH(r4, &(0x7f0000000580)={0x7, 0x6d, 0x2}, 0x7)
openat2(0xffffffffffffffff, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x109000, 0x14}, 0x18)
r5 = accept$inet(r4, &(0x7f0000000640), &(0x7f0000000680)=0x10)
r6 = signalfd4(r0, &(0x7f0000000800)={[0x80000001]}, 0x8, 0x80800)
io_submit(0x0, 0x3, &(0x7f0000000980)=[&(0x7f0000000780)={0x0, 0x0, 0x0, 0x115799101ab667, 0xff, r5, &(0x7f00000006c0)="a27412c173bb2968604a580eddb86b6bb0f7cc19ae21760ab3634a079776115bbfcc8f5b8191ed706c1072b4e532b6824d911f4cf19355964eca48f4bedc9e0e72ca7b3c04921829fa44667fbb5b3d193544a7fc0cf1ac9b1faac429867bfb61bfdb518110e0bf4f6742f94337cf0fc9e1b9116aa009c9ed6b53e3f0a7b05da87b13c3", 0x83, 0x200, 0x0, 0x1}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r3, &(0x7f00000007c0)="b1f8efa9e808ef", 0x7, 0x8000, 0x0, 0x0, r6}, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x8, r1, &(0x7f0000000880)="256f93be9ae4afa0486a008e33d5b9acf19cc08adbe036acfd5a061397fbf66dc16f0805129367e8e2de2b9e512e1b7d8af553ca0eead3fb1f803a75daf7dc75a40bb68caec4bee4e5e6c2d87b1da8d4e2a78d11d44208734fc03116d23493ad60a4e2700765ee203311174a602e87857e126a0dc792887accc954b8d6ada04d71bf6a6e69a66f4a4c41b92f6bb07236d7a15a8f9bbd1e312bdc3de24ca5c06ad61eb88d6da3d5f5ae965f7a6b47066167239f7628e4ac83", 0xb8, 0x8, 0x0, 0x5, r3}])

10:33:39 executing program 3:
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x20, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x81, 0x57}}}}, [@NL80211_ATTR_BSS_CTS_PROT={0x5}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x7f}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
r1 = syz_io_uring_complete(0x0)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x128, 0x1, 0x9, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFCTH_TUPLE={0xa8, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x44}}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x8e}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0x38, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x128}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
r2 = fsmount(r0, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, r3, 0x4, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3, 0x5b}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x81}, @NL80211_ATTR_HANDLE_DFS={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x94}, 0x20008000)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r2, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x4c, r4, 0x10, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x3}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x9}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x1f}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x3}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}]}, 0x4c}}, 0x4000000)
r6 = openat$cgroup_type(r1, &(0x7f0000000600), 0x2, 0x0)
sendfile(r2, r6, &(0x7f0000000640)=0x1f, 0x100000000)
ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f0000000680)={0x2, 0x9, @start={0x0, 0x0, "42bd018c3040c2081cefa7377c2013a3393e0b391ccba1cf550a37d3011a6a3bfba4c3ed209481c1e777644ceea1da70e5fa4f64bf3153c33fbfd77a2918dc9074bd6b71f3aa91c11b959678feb74e3c92ec9f6c9415e03429a4f6c6f2afe77d1aa6cfefa3285f083f5a20a580a69ea4713ce1508ef8aa9b1efa80d285d840318d60d90c739054afbae7d9d814d9d020c5f50db366b7869a4f23a606cc5a1e21bb050d298b89c9e0aa9fcbc8af922b338bd3ab052214bee8653d1ae12393417f9c35996e0aafa149f58d730831e8d07fa5e94935ec5726f5535dea117cd449c2804625daec62806017d85a2d00738c94fe7ded5ccedca5f14b5e360d3e0d93bdf4325c300e4a7d2878405de0a17c15c9656b3f77d6d9ae71fad67a8cf2c29dea29e3a91d8b7dc67a4aacbcf458d4b443b4d3df277e792fdd7db9a8759c948ec39b1d5e12cbbb337bf35c9d645598220750b8ff4975c163058d855e65dc6c06ec880048724eaffd3075bc9ce5f3250a7a3a2846ed7d083a0c3dfccc2576ae1f89435c6cd1c0a38e49696e8439ce318189309883ef567186ccbb855ebbdd52868ede94548ad11df0fd1ab87394337b5bdeb20beb0bb02a9025beae4e09b788b4fe92cfd51d95e1e0ce83b17481ff3f09de3ff8fa6bd99550a82650d3fca75475e0ce2f2e4144b035c077e742d48ca6eb17853ec68cb587637dc173e2bc1d8afcb0d9ae901eca4391caf450006d49210245ba4a004e1ce7b7199dce6211aa321578eb7527bb2e2aa05bc2812035fe374becc28539554e75cf8273e670255fdd2ef5d08da5372d7ef105b4d2090fea4f23431eeaafff47e69c797c407bda5c21dc65c552442f8a38ca7ff434bdda85ef0f402b9339643eef7e523bac8f9e005e61061ffd166681fec92284a248bac7511f048392c02b021366ce0941e8ae51abc2f5469c0a7699e732a26251fe5d722c8f197a7d00e9a0b15119a2107f65441af8768482fb8e330f32d07fde53cfaf552d253b73206315407cfec90384f9594071973f18046dfc2e450a8fff29e8d578753bd6dce294f8ca4a85e31dee0f2faac8a71d936752167f670d1d8d3b914e49bd878384b3b333882bf7070e3124018aa09f7b54b80afdbe31ada611d793fa7ab1ba6134ab1413541ff3b9ad929d0947facc32e86026b7ced5e75acd137198ec712d72bde97313d26f3d63ebdf481d7e0c17757a1abe49c40f15b9da201d5671ea41d004ca1a0938a9c5566ec0af9d23da3823d4b1c4e2046ac9fff7a1e873b5a215d9fe2595e0b0dc47dc2d18e54f5514ba22e1a48ce7368f592aa6a63e4774b213ad45e67f38fcedc027c1b7dac97918171ac3f04f999de2c6d53ef6728b4f94329eca6f79976d1c70cc4c04ca7dcede7181a744e006a489e66c4e3d532bdac9a12fc2085adf83fb0190eebb063b5c0653cf", "b2e9c8653d56b2218a8a887ab3089e177ca7a425bc6b96f21a0347505659a249951356aea97b8f31640a69e09776c092a04d6758fd7a0e7fe86f5a80ea8f76efc4491496dbfc821f44f55f800af97415ad1a4c975a3c8a31fb959c4adb03dcb3b7a59d648e645829691fc4c76176c837a601ddace41bebcb4f6ce9d6b7f8c0f844a9946c4676a3bfe6e90f9dbe5d29ff3ab286ddaf6f1c01c5a1ab72a27f355214d2b5901ae53c0335729932a4d1e1ec7384af0b9aa681025f23da7765f17570b7037ce1f4e49b3dcad8b943ab53282e3e18f01e7365dcf7d1ec55b430b431f0776090a0121506cb1b9dd3620342d347f46c72932755fc8ffeeecf0f3e3939a14212255d528e4b2d33cb7681d1d014076603036a75bdbcf63b82000dfcae97d127af7724040f3a4648482883c377bcb789111120b22d75e871d5a1a8f99be3bdc1e658f7582762e4f75daa305dcd246fba0fcef8b4c90bb1c90c9c7d13724b8a951428692496cdd97ab91c20cf8fb70f3be39ca472c08859b40abf3f1c1a81c5f6d7ae84bdbcafe64501274b0a620cd34c639d4e19d914ad07e1b541851e83e1ce1099e0abc3e0b5ee37cf1d308cf34925840f197cfa2d598142890fadbf902ab0829a68e5bbc3d7744965aa7b2f0b7ea960c8d250b5943960a511dd185d180a32a9e1ef16154d50ac73022fb2564911a154a86ccd2bfa56213057f544a8cfba7d83c69d39ce934304b0017c5524b8719e2fd24d1e096915a74be29044c11fada549cad9a96c2f4745d0b59ed76b272e3f4320437008dab81527b9aa2a0857c25b13f77e6eef81a1c23b77d16a01f6c340bce7e8e5132e9e40fdb1795bc482d65883740c4f66ea963b52875085b18ac832393ae4d5bb89e8dcc20a737972d94c229291451f01f1ed641dea57b5dcad22135e30acffcb3b9855a08112da8152d11c60fa784a9bf858a26661bf3af93431fb1aa7f41c36f4dc4a8a82aa210c40aaeec2e89e7ed52397794509eb8575f7362c8e2e7e84d18612445e201ca33c2750283dcd0e49f4757b226f42d03a425c53bcb987915e331713f158e5a5aee8a85de357e5c2520a2e2fc8bb63fcc72595423e2c8f6043bad1f267de28676eca9470751b11c732ba4633ee608f8ee46cef5ec596673e3e856301339b84e653085c9f8fcfe4335977d4f555e889bdedfd4f4b2fcea61fd36a7e7f8f914bb50ba3a338d565193a7731416169b77f824a70cce8da5bedeac90b5d26193c5f83fe1c83b178a95e3ef40f02d1310545ceea3629635e34b2447395ea63c206c5e4f399996e086c5588d462af33f6ffd1dedffff00ce0eb59ae42564cc1653fe374328684c9462484cb8aea0f6e9567ab513ad91c7c8d8b665a5e072ed7a139852606063bed0edb12ec3b34b8cc146ca92a7eaf1074b4c58be7e85ea27c5cd7b0c7eebe232b63"}, [0x80, 0x4, 0x80000001, 0x0, 0xf27, 0x9509, 0x0, 0x2, 0x44a0, 0x7, 0x9, 0x3, 0x0, 0x0, 0x66fd, 0x0, 0x7, 0x5, 0x9, 0x10, 0x5, 0x0, 0x3ff, 0x6e, 0x8, 0x1b38, 0x7fff, 0x1268, 0x800, 0x6, 0x2, 0x2, 0x1, 0x0, 0x1, 0xc0ba, 0x6, 0x3, 0x40000000000, 0x35, 0x6, 0xffffffffffffc8ea, 0xab, 0x3ff, 0x2, 0x2, 0x800, 0x9, 0x5, 0x1ff, 0x7, 0x4, 0x3, 0x5, 0x3, 0xfffffffffffffffb, 0x1, 0x0, 0xfffffffffffffffb, 0x3f, 0x4, 0x80000000, 0x10000, 0xfff]})
r7 = openat$urandom(0xffffffffffffff9c, &(0x7f00000010c0), 0x402201, 0x0)
fsetxattr$trusted_overlay_upper(r7, &(0x7f0000001100), &(0x7f0000001140)={0x0, 0xfb, 0xa0, 0x5, 0x8, "9bbf5a156157f87c6b6e348b5d7a6fe5", "1435493dda2b3034c8e4079ae3731cbafa853e7bb42e404bc5d992d8cb46461bc31d0082a89c6e268d28531d75868cb274c63fe9efe3d489223240432acc6cdd6469a7b02ac39d6f4bafa57d3fc0b3725305c473708e85a96ec76061bffc6889e504f1766ec55bed768473c163451c46b3b69aba7083d59c2131bba1c75c7468a9c20d3e745e829cde6118"}, 0xa0, 0x2)
r8 = epoll_create1(0x80000)
fcntl$setflags(r8, 0x2, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001200), r2)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000001300)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001280)={0x28, r3, 0x4, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x39}, @void, @val={0xc, 0x99, {0x4, 0x52}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x404c000}, 0x804)
write$P9_RLINK(r2, &(0x7f0000001340)={0x7, 0x47, 0x2}, 0x7)

10:33:39 executing program 4:
read(0xffffffffffffffff, &(0x7f0000000000)=""/156, 0x9c)
close(0xffffffffffffffff)
r0 = socket(0xb, 0xa, 0x1)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0), 0x4)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x8001)
r3 = eventfd2(0x1, 0x80800)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, r1, 0x7, 0xffffffffffffffff, &(0x7f0000000180)={r2, r3, 0x1ff})
recvmsg$unix(r0, &(0x7f0000000540)={&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000240)=""/197, 0xc5}, {&(0x7f0000000340)=""/251, 0xfb}, {&(0x7f0000000440)}], 0x3, &(0x7f00000004c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r4=>0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}, 0x2000)
r5 = socket$inet_icmp(0x2, 0x2, 0x1)
sendfile(0xffffffffffffffff, r5, &(0x7f0000000580), 0x6)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$BTRFS_IOC_INO_PATHS(r6, 0xc0389423, &(0x7f0000000600)={0x4, 0x20, [0x2, 0x400, 0x4, 0x277], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0]})
fcntl$getown(r0, 0x9)
r7 = fsmount(0xffffffffffffffff, 0x0, 0x8)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000640), 0x10000, 0x0)
ioctl$FICLONE(r8, 0x40049409, r3)
ioctl$AUTOFS_DEV_IOCTL_READY(r7, 0xc0189376, &(0x7f0000000680)={{0x1, 0x1, 0x18, <r9=>r5, {0x3}}, './file0\x00'})
ioctl$TIOCL_SELLOADLUT(r9, 0x541c, &(0x7f00000006c0)={0x5, 0xffffffff80000001, 0x4, 0x0, 0x10001})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000700)={@ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x5, 0x1, 0x3, 0x8, 0x3ff, 0x6}, 0x20)

10:33:39 executing program 5:
r0 = dup(0xffffffffffffffff)
fdatasync(r0)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000000)=0x1)
getpeername$netlink(r0, &(0x7f0000000040), &(0x7f0000000080)=0xc)
ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f00000000c0))
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/mcfilter\x00')
getdents(r1, &(0x7f0000000140)=""/118, 0x76)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000380)={0x0, <r2=>0x0})
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000400)=<r3=>0x0)
clone3(&(0x7f0000000480)={0x8000000, &(0x7f00000001c0)=<r4=>0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000240), {0x9}, &(0x7f0000000280)=""/10, 0xa, &(0x7f00000002c0)=""/145, &(0x7f0000000440)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, r2, r3, 0x0, 0x0, 0x0, 0xffffffffffffffff], 0xa, {r0}}, 0x58)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000500)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
r6 = open(&(0x7f0000000540)='./file0\x00', 0x109c00, 0x8)
stat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r6, 0xc018937b, &(0x7f0000000640)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {<r8=>0xffffffffffffffff, <r9=>r7}}, './file0/file0\x00'})
r10 = syz_mount_image$nfs4(&(0x7f0000000680), &(0x7f00000006c0)='./file0\x00', 0x40, 0x2, &(0x7f00000007c0)=[{&(0x7f0000000700)="7cd002dd5fe470d456251843beb4f8e2258a01ec299aec48d2081ca16fc89bcab67d6fc6996c36e98a141d90065b4c6c2d206fc0f289b72790818d0b70b8de07146ee473373ae86f458018d8be1d4ad56bfce4771968c2b49d8d08008946a4dac3b442c6209426d3da58c4e2", 0x6c, 0x8}, {&(0x7f0000000780)="707cdc655e9088f5da9f8fb5b1bb77b24f883721ab86027fa85b264b55bbee47ab55914f645748a2ca358ad85d9d2bfe7480c57bf64bc5ba848cd345e164", 0x3e, 0x56}], 0x208000, &(0x7f0000000800)={[{'{'}, {'*})'}, {'net/mcfilter\x00'}, {'net/mcfilter\x00'}, {'\\\\+^)[]'}, {'@'}], [{@fowner_eq={'fowner', 0x3d, r8}}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@appraise}, {@fowner_lt={'fowner<', r8}}]})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000880)={{0x1, 0x1, 0x18, r10, {0x5}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r6, 0xc018937b, &(0x7f00000008c0)={{0x1, 0x1, 0x18, <r11=>r6, {r8, r9}}, './file0/file0\x00'})
ioctl$FIOCLEX(r11, 0x5451)
symlinkat(&(0x7f0000000900)='./file0/file0\x00', r0, &(0x7f0000000940)='./file0/file0\x00')
utimensat(r5, &(0x7f0000000980)='./file0\x00', &(0x7f0000000a00)={{}, {0x77359400}}, 0x100)

[   66.647881] audit: type=1400 audit(1664793219.094:6): avc:  denied  { execmem } for  pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
10:33:39 executing program 6:
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000000)={0xc15a, 0x318, 0xffff5f60, 0x400, 0xff, "c3422971f9fdc86b3cb42b43fa1138e5d52dc9", 0x4, 0x80})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000040)={0xe16, 0x1, 0x5, 0x9, 0x6, "d023eb50521f4529"})
r0 = syz_mount_image$nfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x6ed, 0x4, &(0x7f0000000280)=[{&(0x7f0000000100)="a76319f000353bd3b16fa3acfdf02d5f", 0x10, 0x3}, {&(0x7f0000000140)="de4650ff4aa11270c0423189748db56283db5e93351d201c854fe8b14fbc8a70fdb4bcd25d0f7f32f56137caab9d2f90b65ce67df4b725bd267dc13b9853eef4fe50e17e598609da4dbfb8cf088db04f54e6c52f68546c8b7611d7ecd2541117e4020b705aedc40db286668b77502c2838b86f2adcdb66a946b42da10fa2334ea60aebfb917479f66f5278c7b06a6d4e6cc1bcaa90c7818ccddbc42474d3107f64cc4a38538dbdd66aa2c371cc9e523a19ca0c6548b6", 0xb6, 0xf9d2}, {&(0x7f0000000200)="19f9527070e43021022b49e6ac4a21ce00e35546ce922aa1d4ec0c556db1ae84eda412ea49ada68bac066916d36d22e85a661ecd7dca183e9b3797cafbab", 0x3e, 0x9}, {&(0x7f0000000240)="f1ee92bae503e352181c1d0b9b7795954c9eef2169751c0f4c91", 0x1a, 0xfffffffffffffffe}], 0x20884, &(0x7f0000000300)={[{'^.!$'}], [{@appraise_type}, {@fowner_eq={'fowner', 0x3d, 0xee01}}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}]})
fdatasync(r0)
ioctl$FIOCLEX(r0, 0x5451)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x800448f0, &(0x7f0000000380)="311c01d1c5e856ee2140e3a6987c056f2a26c7e9e03bffbc2adff105f9e863aaba6374df5f256cf07d7a5aa36e65b51387c3c935ef429a7b3fb66b6712e2a914322b426616a14b801b3d6e41930a7e5428e02c92e1c87adf08")
mkdirat(r0, &(0x7f0000000400)='./file0\x00', 0x10)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000440)=0x8)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000480), 0x290082, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r2=>r1, @in_args={0x4}}, './file0\x00'})
pipe(&(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
open_by_handle_at(r3, &(0x7f0000000540)=@FILEID_NILFS_WITHOUT_PARENT={0x20, 0x61, {0x7, 0x9f, 0x0, 0x4, 0x5}}, 0x4c0080)
ioctl$BTRFS_IOC_QGROUP_CREATE(r4, 0x4010942a, &(0x7f0000000580)={0x1, 0x20})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f00000005c0)={{0x1, 0x1, 0x18, <r5=>r1, @out_args}, './file0\x00'})
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000600)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x6})
fcntl$getown(0xffffffffffffffff, 0x9)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000a00)={0x0, <r6=>0x0}, &(0x7f0000000a40)=0xc)
syz_mount_image$nfs4(&(0x7f0000000640), &(0x7f0000000680)='./file0\x00', 0x5, 0x4, &(0x7f0000000980)=[{&(0x7f00000006c0)="4a1706ab5a5970a862df665862e0219b5c206005446b6e59f350e40f99919e16f4a712a208f005c04dd81211689fb7b878ee8d1dd52d5452449f7bd841eceddf184854f22f35f47c819c9c4bd50fc96ea090412d9a45063b6bb876eccf2b67a479d35aad94809f54c009bc8cbc0fb8719cb8225c5875a11de3ad60559ecdb70e3da3934bc8536dcc779f74606165c4a7fa65761770ded4cbca4a5c1a7e2d28603c0dfbe6700b04e0544d7305dfe2b593108dcc9bc2771db37f5f7bc7", 0xbc, 0x4}, {&(0x7f0000000780)="d349cd803d528904480b103888b5dc599d509068563497c8e205b28bbfd1cd764ec6996eb0d2ab206eefd1b46b99b84d86cbaa06b20034b452ab273b93452619c8e950e3c128554b77f388a8b776affcce2b82f20103a1a21357197fce1b1cd8f6e12d35c7330233e71a509d45f73b78d321f7cd07b35f32432e69717ca1ceddae5db8d3edce490ea5ff08d5cd1b17047ed1213bed65e44657ae4aee28930d81bfa7f4e874a020cbfeb0986056e6134e9a63ffe7b2376a1eefb8ff76ce12e7393e9ac6b73527", 0xc6, 0x7}, {&(0x7f0000000880)="d6b8839c180c1c9a3ee5991e8089512748185c88cf053fa14625a50d8bb25382f338360d37590a51f24f42013182a2a991f81232bd7a8e80da81708ba83a1200093849c706fb7a124d6a3450919db64b1e399b9eeedc41b960dea511d944eb6e70d1913630d8edd8ce92bc6ffae00d562bde0c12f6fa3cc11bde827ecd073353ef029c79273e4805a8a4e390973ca24d794904e0cbe67e3c", 0x98, 0x8}, {&(0x7f0000000940)="674186905a4774f445700c5cb8fd96c8ec1d62f7d748026985683aa6a99568f0932a3c73885a0e992e421dad8e5057", 0x2f, 0x80000001}], 0x10001, &(0x7f0000000a80)={[{'fowner'}, {'\x00'}, {}, {'@+'}, {'.['}, {'*\''}, {'+'}, {'nfs\x00'}, {'+#/'}, {'nfs\x00'}], [{@dont_hash}, {@pcr={'pcr', 0x3d, 0x1c}}, {@fowner_gt={'fowner>', r6}}, {@pcr={'pcr', 0x3d, 0x39}}, {@smackfstransmute={'smackfstransmute', 0x3d, '**/\':$'}}, {@measure}]})

10:33:39 executing program 7:
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000000)=0x1ff)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000080)={0x6, 0x9})
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/hci\x00')
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000340))
clock_gettime(0x0, &(0x7f0000000380)={<r2=>0x0, <r3=>0x0})
clock_gettime(0x0, &(0x7f00000003c0)={<r4=>0x0, <r5=>0x0})
clock_gettime(0x0, &(0x7f0000000400)={<r6=>0x0, <r7=>0x0})
write$evdev(r1, &(0x7f0000000440)=[{{r2, r3/1000+10000}, 0x0, 0x8, 0x95}, {{0x77359400}, 0x17, 0x5, 0x3}, {{r4, r5/1000+10000}, 0x12, 0xfff}, {{r6, r7/1000+60000}, 0x1, 0x5, 0x40}, {{}, 0x11, 0x7ff, 0x6}], 0x78)
clock_gettime(0x6, &(0x7f00000004c0))
epoll_pwait2(r1, &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, &(0x7f0000000580), &(0x7f00000005c0), 0x8)
io_getevents(0x0, 0x3ff, 0x5, &(0x7f0000000600)=[{}, {}, {}, {}, {}], &(0x7f00000006c0))
clock_gettime(0x7, &(0x7f0000000700))
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000740)={{0x1, 0x1, 0x18, <r8=>r0, {<r9=>r1}}, './file0\x00'})
epoll_pwait2(r8, &(0x7f0000000780)=[{}, {}, {}, {}, {}], 0x5, &(0x7f00000007c0)={0x0, 0x989680}, &(0x7f0000000800)={[0x4af]}, 0x8)
clock_gettime(0x2, &(0x7f0000000840))
ioctl$KDADDIO(r9, 0x4b34, 0x4)
io_setup(0x3ff, &(0x7f0000000880)=<r10=>0x0)
io_getevents(r10, 0x9, 0x4, &(0x7f00000008c0)=[{}, {}, {}, {}], 0x0)

[   68.013279] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   68.016368] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   68.017738] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   68.021735] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   68.023185] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   68.026213] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   68.026290] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   68.028867] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   68.030532] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   68.034862] Bluetooth: hci0: HCI_REQ-0x0c1a
[   68.052447] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   68.059302] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   68.060631] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   68.062461] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   68.064376] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   68.067262] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   68.068302] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   68.071458] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   68.072915] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   68.084419] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   68.086146] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   68.087776] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   68.092036] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   68.094469] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   68.095607] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   68.097182] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   68.097462] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   68.099786] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   68.106550] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   68.108293] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   68.109545] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   68.113096] Bluetooth: hci5: HCI_REQ-0x0c1a
[   68.113914] Bluetooth: hci2: HCI_REQ-0x0c1a
[   68.128096] Bluetooth: hci3: HCI_REQ-0x0c1a
[   68.146105] Bluetooth: hci1: HCI_REQ-0x0c1a
[   68.209603] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   68.209735] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   68.212643] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   68.214861] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   68.217142] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   68.220910] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   68.223102] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   68.226613] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   68.227898] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   68.230746] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   68.240125] Bluetooth: hci4: HCI_REQ-0x0c1a
[   68.241624] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   68.270453] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   68.292080] Bluetooth: hci7: HCI_REQ-0x0c1a
[   70.095320] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   70.095682] Bluetooth: hci0: command 0x0409 tx timeout
[   70.159197] Bluetooth: hci1: command 0x0409 tx timeout
[   70.159218] Bluetooth: hci3: command 0x0409 tx timeout
[   70.160340] Bluetooth: hci5: command 0x0409 tx timeout
[   70.161011] Bluetooth: hci2: command 0x0409 tx timeout
[   70.287106] Bluetooth: hci4: command 0x0409 tx timeout
[   70.351162] Bluetooth: hci7: command 0x0409 tx timeout
[   72.143209] Bluetooth: hci0: command 0x041b tx timeout
[   72.207110] Bluetooth: hci2: command 0x041b tx timeout
[   72.207192] Bluetooth: hci5: command 0x041b tx timeout
[   72.207866] Bluetooth: hci3: command 0x041b tx timeout
[   72.209082] Bluetooth: hci1: command 0x041b tx timeout
[   72.335080] Bluetooth: hci4: command 0x041b tx timeout
[   72.400926] Bluetooth: hci7: command 0x041b tx timeout
[   73.492110] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   73.493696] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   73.495072] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   73.497682] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   73.499134] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   73.500278] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   73.503796] Bluetooth: hci6: HCI_REQ-0x0c1a
[   74.191221] Bluetooth: hci0: command 0x040f tx timeout
[   74.255131] Bluetooth: hci3: command 0x040f tx timeout
[   74.256040] Bluetooth: hci1: command 0x040f tx timeout
[   74.256071] Bluetooth: hci5: command 0x040f tx timeout
[   74.256647] Bluetooth: hci2: command 0x040f tx timeout
[   74.383055] Bluetooth: hci4: command 0x040f tx timeout
[   74.448074] Bluetooth: hci7: command 0x040f tx timeout
[   75.536040] Bluetooth: hci6: command 0x0409 tx timeout
[   76.239069] Bluetooth: hci0: command 0x0419 tx timeout
[   76.303160] Bluetooth: hci5: command 0x0419 tx timeout
[   76.303198] Bluetooth: hci1: command 0x0419 tx timeout
[   76.303628] Bluetooth: hci3: command 0x0419 tx timeout
[   76.304062] Bluetooth: hci2: command 0x0419 tx timeout
[   76.431021] Bluetooth: hci4: command 0x0419 tx timeout
[   76.528003] Bluetooth: hci7: command 0x0419 tx timeout
[   77.583064] Bluetooth: hci6: command 0x041b tx timeout
[   79.631041] Bluetooth: hci6: command 0x040f tx timeout
[   81.679049] Bluetooth: hci6: command 0x0419 tx timeout
10:34:35 executing program 2:
r0 = syz_mount_image$tmpfs(&(0x7f0000001600), &(0x7f0000001640)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000029c0)={[{@nr_blocks={'nr_blocks', 0x3d, [0x31, 0x33, 0x32, 0x34, 0x35, 0x70]}}]})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
mount_setattr(r0, &(0x7f0000000000)='./file0\x00', 0x1200, &(0x7f0000000080)={0x100000, 0xa, 0x120000, {r1}}, 0x20)

[  123.255798] tmpfs: Bad value for 'nr_blocks'
[  123.263381] tmpfs: Bad value for 'nr_blocks'
10:34:35 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
ioctl$KDFONTOP_GET(r2, 0x4b72, &(0x7f0000000000)={0x1, 0x1, 0x1b, 0x11, 0x7e, &(0x7f0000000300)})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1)
sync()

[  123.373620] audit: type=1400 audit(1664793275.820:7): avc:  denied  { open } for  pid=3867 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.375652] audit: type=1400 audit(1664793275.820:8): avc:  denied  { kernel } for  pid=3867 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.388228] ------------[ cut here ]------------
[  123.388250] 
[  123.388253] ======================================================
[  123.388257] WARNING: possible circular locking dependency detected
[  123.388261] 6.0.0-rc7-next-20220930 #1 Not tainted
[  123.388267] ------------------------------------------------------
[  123.388270] syz-executor.2/3868 is trying to acquire lock:
[  123.388277] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  123.388316] 
[  123.388316] but task is already holding lock:
[  123.388319] ffff888008b60020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.388346] 
[  123.388346] which lock already depends on the new lock.
[  123.388346] 
[  123.388348] 
[  123.388348] the existing dependency chain (in reverse order) is:
[  123.388351] 
[  123.388351] -> #3 (&ctx->lock){....}-{2:2}:
[  123.388365]        _raw_spin_lock+0x2a/0x40
[  123.388376]        __perf_event_task_sched_out+0x53b/0x18d0
[  123.388388]        __schedule+0xedd/0x2470
[  123.388401]        schedule+0xda/0x1b0
[  123.388414]        exit_to_user_mode_prepare+0x114/0x1a0
[  123.388427]        syscall_exit_to_user_mode+0x19/0x40
[  123.388439]        do_syscall_64+0x48/0x90
[  123.388456]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.388468] 
[  123.388468] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  123.388482]        _raw_spin_lock_nested+0x30/0x40
[  123.388492]        raw_spin_rq_lock_nested+0x1e/0x30
[  123.388505]        task_fork_fair+0x63/0x4d0
[  123.388521]        sched_cgroup_fork+0x3d0/0x540
[  123.388535]        copy_process+0x4183/0x6e20
[  123.388545]        kernel_clone+0xe7/0x890
[  123.388555]        user_mode_thread+0xad/0xf0
[  123.388565]        rest_init+0x24/0x250
[  123.388577]        arch_call_rest_init+0xf/0x14
[  123.388594]        start_kernel+0x4c6/0x4eb
[  123.388609]        secondary_startup_64_no_verify+0xe0/0xeb
[  123.388623] 
[  123.388623] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  123.388636]        _raw_spin_lock_irqsave+0x39/0x60
[  123.388647]        try_to_wake_up+0xab/0x1930
[  123.388660]        up+0x75/0xb0
[  123.388673]        __up_console_sem+0x6e/0x80
[  123.388689]        console_unlock+0x46a/0x590
[  123.388704]        vt_ioctl+0x2822/0x2ca0
[  123.388716]        tty_ioctl+0x785/0x16b0
[  123.388726]        __x64_sys_ioctl+0x19a/0x210
[  123.388739]        do_syscall_64+0x3b/0x90
[  123.388756]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.388768] 
[  123.388768] -> #0 ((console_sem).lock){....}-{2:2}:
[  123.388781]        __lock_acquire+0x2a02/0x5e70
[  123.388798]        lock_acquire+0x1a2/0x530
[  123.388813]        _raw_spin_lock_irqsave+0x39/0x60
[  123.388824]        down_trylock+0xe/0x70
[  123.388838]        __down_trylock_console_sem+0x3b/0xd0
[  123.388854]        vprintk_emit+0x16b/0x560
[  123.388870]        vprintk+0x84/0xa0
[  123.388889]        _printk+0xba/0xf1
[  123.388900]        report_bug.cold+0x72/0xab
[  123.388916]        handle_bug+0x3c/0x70
[  123.388932]        exc_invalid_op+0x14/0x50
[  123.388949]        asm_exc_invalid_op+0x16/0x20
[  123.388960]        group_sched_out.part.0+0x2c7/0x460
[  123.388978]        ctx_sched_out+0x8f1/0xc10
[  123.388997]        __perf_event_task_sched_out+0x6d0/0x18d0
[  123.389008]        __schedule+0xedd/0x2470
[  123.389021]        schedule+0xda/0x1b0
[  123.389034]        exit_to_user_mode_prepare+0x114/0x1a0
[  123.389045]        syscall_exit_to_user_mode+0x19/0x40
[  123.389058]        do_syscall_64+0x48/0x90
[  123.389079]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.389094] 
[  123.389094] other info that might help us debug this:
[  123.389094] 
[  123.389097] Chain exists of:
[  123.389097]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  123.389097] 
[  123.389115]  Possible unsafe locking scenario:
[  123.389115] 
[  123.389118]        CPU0                    CPU1
[  123.389120]        ----                    ----
[  123.389123]   lock(&ctx->lock);
[  123.389130]                                lock(&rq->__lock);
[  123.389137]                                lock(&ctx->lock);
[  123.389145]   lock((console_sem).lock);
[  123.389150] 
[  123.389150]  *** DEADLOCK ***
[  123.389150] 
[  123.389152] 2 locks held by syz-executor.2/3868:
[  123.389159]  #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  123.389188]  #1: ffff888008b60020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.389214] 
[  123.389214] stack backtrace:
[  123.389216] CPU: 0 PID: 3868 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1
[  123.389228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.389236] Call Trace:
[  123.389240]  <TASK>
[  123.389245]  dump_stack_lvl+0x8b/0xb3
[  123.389264]  check_noncircular+0x263/0x2e0
[  123.389280]  ? format_decode+0x26c/0xb50
[  123.389296]  ? print_circular_bug+0x450/0x450
[  123.389312]  ? simple_strtoul+0x30/0x30
[  123.389328]  ? format_decode+0x26c/0xb50
[  123.389345]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  123.389362]  __lock_acquire+0x2a02/0x5e70
[  123.389383]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  123.389405]  lock_acquire+0x1a2/0x530
[  123.389422]  ? down_trylock+0xe/0x70
[  123.389439]  ? lock_release+0x750/0x750
[  123.389459]  ? vprintk+0x84/0xa0
[  123.389476]  _raw_spin_lock_irqsave+0x39/0x60
[  123.389487]  ? down_trylock+0xe/0x70
[  123.389503]  down_trylock+0xe/0x70
[  123.389519]  ? vprintk+0x84/0xa0
[  123.389535]  __down_trylock_console_sem+0x3b/0xd0
[  123.389552]  vprintk_emit+0x16b/0x560
[  123.389571]  vprintk+0x84/0xa0
[  123.389588]  _printk+0xba/0xf1
[  123.389599]  ? record_print_text.cold+0x16/0x16
[  123.389615]  ? report_bug.cold+0x66/0xab
[  123.389632]  ? group_sched_out.part.0+0x2c7/0x460
[  123.389650]  report_bug.cold+0x72/0xab
[  123.389669]  handle_bug+0x3c/0x70
[  123.389686]  exc_invalid_op+0x14/0x50
[  123.389704]  asm_exc_invalid_op+0x16/0x20
[  123.389716] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.389737] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.389748] RSP: 0018:ffff8880403d7c48 EFLAGS: 00010006
[  123.389757] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.389764] RDX: ffff888018985040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  123.389771] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  123.389778] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888008b60000
[  123.389786] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  123.389796]  ? group_sched_out.part.0+0x2c7/0x460
[  123.389816]  ? group_sched_out.part.0+0x2c7/0x460
[  123.389836]  ctx_sched_out+0x8f1/0xc10
[  123.389855]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.389869]  ? lock_is_held_type+0xd7/0x130
[  123.389882]  ? __perf_cgroup_move+0x160/0x160
[  123.389893]  ? set_next_entity+0x304/0x550
[  123.389910]  ? update_curr+0x267/0x740
[  123.389928]  ? lock_is_held_type+0xd7/0x130
[  123.389942]  __schedule+0xedd/0x2470
[  123.389959]  ? io_schedule_timeout+0x150/0x150
[  123.389975]  ? rcu_read_lock_sched_held+0x3e/0x80
[  123.389996]  schedule+0xda/0x1b0
[  123.390011]  exit_to_user_mode_prepare+0x114/0x1a0
[  123.390024]  syscall_exit_to_user_mode+0x19/0x40
[  123.390038]  do_syscall_64+0x48/0x90
[  123.390057]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.390071] RIP: 0033:0x7fe3ef1d4b19
[  123.390079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.390091] RSP: 002b:00007fe3ec74a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.390102] RAX: 0000000000000001 RBX: 00007fe3ef2e7f68 RCX: 00007fe3ef1d4b19
[  123.390110] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe3ef2e7f6c
[  123.390118] RBP: 00007fe3ef2e7f60 R08: 000000000000000e R09: 0000000000000000
[  123.390126] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe3ef2e7f6c
[  123.390134] R13: 00007ffe3ee2172f R14: 00007fe3ec74a300 R15: 0000000000022000
[  123.390147]  </TASK>
[  123.445717] WARNING: CPU: 0 PID: 3868 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  123.446430] Modules linked in:
[  123.446710] CPU: 0 PID: 3868 Comm: syz-executor.2 Not tainted 6.0.0-rc7-next-20220930 #1
[  123.447309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.448157] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.448576] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.449928] RSP: 0018:ffff8880403d7c48 EFLAGS: 00010006
[  123.450329] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.450910] RDX: ffff888018985040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  123.451564] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  123.452212] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888008b60000
[  123.452871] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  123.453522] FS:  00007fe3ec74a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  123.454235] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.454773] CR2: 00007f28e01356f4 CR3: 000000001da14000 CR4: 0000000000350ef0
[  123.455427] Call Trace:
[  123.455684]  <TASK>
[  123.455898]  ctx_sched_out+0x8f1/0xc10
[  123.456273]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.456787]  ? lock_is_held_type+0xd7/0x130
[  123.457201]  ? __perf_cgroup_move+0x160/0x160
[  123.457629]  ? set_next_entity+0x304/0x550
[  123.458059]  ? update_curr+0x267/0x740
[  123.458443]  ? lock_is_held_type+0xd7/0x130
[  123.458867]  __schedule+0xedd/0x2470
[  123.459229]  ? io_schedule_timeout+0x150/0x150
[  123.459666]  ? rcu_read_lock_sched_held+0x3e/0x80
[  123.460130]  schedule+0xda/0x1b0
[  123.460457]  exit_to_user_mode_prepare+0x114/0x1a0
[  123.460914]  syscall_exit_to_user_mode+0x19/0x40
[  123.461358]  do_syscall_64+0x48/0x90
[  123.461716]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.462205] RIP: 0033:0x7fe3ef1d4b19
[  123.462578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.464358] RSP: 002b:00007fe3ec74a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.465081] RAX: 0000000000000001 RBX: 00007fe3ef2e7f68 RCX: 00007fe3ef1d4b19
[  123.465753] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe3ef2e7f6c
[  123.466443] RBP: 00007fe3ef2e7f60 R08: 000000000000000e R09: 0000000000000000
[  123.467120] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe3ef2e7f6c
[  123.467774] R13: 00007ffe3ee2172f R14: 00007fe3ec74a300 R15: 0000000000022000
[  123.468429]  </TASK>
[  123.468644] irq event stamp: 576
[  123.468957] hardirqs last  enabled at (575): [<ffffffff8133e829>] exit_to_user_mode_prepare+0x109/0x1a0
[  123.469818] hardirqs last disabled at (576): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  123.470561] softirqs last  enabled at (0): [<ffffffff8114f175>] copy_process+0x1e15/0x6e20
[  123.471381] softirqs last disabled at (0): [<0000000000000000>] 0x0
[  123.471976] ---[ end trace 0000000000000000 ]---
10:34:36 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000100001000000000000000000000000101400008e7200010800000000000000000000000a"], 0x28}}, 0x0)

[  123.674825] loop0: detected capacity change from 0 to 16383
[  123.689863] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
10:34:36 executing program 4:
r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close_range(r1, 0xffffffffffffffff, 0x4)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000300)=0x7)
close_range(r0, 0xffffffffffffffff, 0x4)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f00000001c0)={0xa, &(0x7f0000000140)=[{0x2000, 0x0, 0x1, 0x9}, {0x7, 0x2, 0x0, 0x2}, {0x20, 0x5, 0x1, 0xddb}, {0x2, 0x41, 0x3, 0x8}, {0x7ff, 0x2, 0x15, 0x8001}, {0x0, 0x7, 0xd9, 0x1ff}, {0x9f, 0x4, 0xff, 0x2}, {0xff, 0x5, 0x8, 0x7}, {0xa8, 0xe9, 0x7, 0x6}, {0x3, 0x80, 0x9, 0x4}]})
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000040), &(0x7f0000000080)={0x0, 0xfb, 0x68, 0x1, 0x7, "de0f61b5acc7c3438e2dcfc9bf7f3f31", "45d7e511e4c574ac9c0c6f01b75e4b73f14c3b103715340f95dc1c0ff66382e5458b1e2db479732200f24d4909eed62ca85070eead23b5169f08a3fb35eab6417e502175c35d306586bbb6d5d0d264fea562ae"}, 0x68, 0x3)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400028001000470000004f801002000400003000000000000008000295d20d2f153595a4b414c4c4552202046415431362020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8fffffff0ffffffffffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8fffffff0ffffffffffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="f8fffffff0ffffffffffffff00"/32, 0x20, 0x600}, {&(0x7f0000010400)="f8fffffff0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ec80325132510000ec80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100080ec70325132510000ec70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200080ec70325132510000ec70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200080ec70325132510000ec70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200080ec70325132510000ec703251070064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e20202020202020202020100080ec70325132510000ec7032510300000000002e2e202020202020202020100080ec70325132510000ec70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200080ec70325132510000ec70325104001a040000", 0x80, 0x11800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x21800}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x31800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x51800}], 0x0, &(0x7f0000010f00))

[  123.714608] loop0: detected capacity change from 0 to 16383
[  123.720391] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  123.776318] audit: type=1400 audit(1664793276.223:9): avc:  denied  { write } for  pid=3900 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.791750] loop4: detected capacity change from 0 to 1304
[  123.996656] loop6: detected capacity change from 0 to 16383
[  124.004488] loop6: detected capacity change from 0 to 264192
[  124.008242] nfs4: Unknown parameter 'fowner'
[  124.015433] loop6: detected capacity change from 0 to 16383
[  124.271583] nfs4: Unknown parameter '{'
[  124.294999] nfs4: Unknown parameter '{'

VM DIAGNOSIS:
10:34:36  Registers:
info registers vcpu 0
RAX=0000000000000072 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff8880403d7690
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000072 R11=0000000000000001
R12=0000000000000072 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fe3ec74a700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f28e01356f4 CR3=000000001da14000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fe3ef2bb7c0 00007fe3ef2bb7c8
YMM02=0000000000000000 0000000000000000 00007fe3ef2bb7e0 00007fe3ef2bb7c0
YMM03=0000000000000000 0000000000000000 00007fe3ef2bb7c8 00007fe3ef2bb7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=0000000000000001 RCX=0000000000000000 RDX=dffffc0000000000
RSI=ffffffff815ac89e RDI=0000000000000001 RBP=ffffffff848ccd80 RSP=ffff88801ad97a60
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=4000000000000002 R13=4000000000000000 R14=0000000000030a9c R15=0000000000000200
RIP=ffffffff8130b1b6 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f5ea216f540 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5ea23b0000 CR3=000000001b886000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffff00ffffffffff ffffffffffff00ff
YMM02=0000000000000000 0000000000000000 4c4700362e322e32 5f4342494c470035
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000470035
YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000