Warning: Permanently added '[localhost]:36044' (ECDSA) to the list of known hosts.
2022/10/03 23:59:56 fuzzer started
2022/10/03 23:59:57 dialing manager at localhost:35095
syzkaller login: [   42.205655] cgroup: Unknown subsys name 'net'
[   42.318044] cgroup: Unknown subsys name 'rlimit'
2022/10/04 00:00:11 syscalls: 2215
2022/10/04 00:00:11 code coverage: enabled
2022/10/04 00:00:11 comparison tracing: enabled
2022/10/04 00:00:11 extra coverage: enabled
2022/10/04 00:00:11 setuid sandbox: enabled
2022/10/04 00:00:11 namespace sandbox: enabled
2022/10/04 00:00:11 Android sandbox: enabled
2022/10/04 00:00:11 fault injection: enabled
2022/10/04 00:00:11 leak checking: enabled
2022/10/04 00:00:11 net packet injection: enabled
2022/10/04 00:00:11 net device setup: enabled
2022/10/04 00:00:11 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/04 00:00:11 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/04 00:00:11 USB emulation: enabled
2022/10/04 00:00:11 hci packet injection: enabled
2022/10/04 00:00:11 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/04 00:00:11 802.15.4 emulation: enabled
2022/10/04 00:00:11 fetching corpus: 50, signal 23992/25807 (executing program)
2022/10/04 00:00:11 fetching corpus: 100, signal 36595/40126 (executing program)
2022/10/04 00:00:11 fetching corpus: 150, signal 42413/47581 (executing program)
2022/10/04 00:00:12 fetching corpus: 200, signal 48012/54794 (executing program)
2022/10/04 00:00:12 fetching corpus: 250, signal 53140/61445 (executing program)
2022/10/04 00:00:12 fetching corpus: 300, signal 57507/67273 (executing program)
2022/10/04 00:00:12 fetching corpus: 350, signal 61521/72717 (executing program)
2022/10/04 00:00:12 fetching corpus: 400, signal 65421/77990 (executing program)
2022/10/04 00:00:12 fetching corpus: 450, signal 69172/83144 (executing program)
2022/10/04 00:00:12 fetching corpus: 500, signal 72607/87952 (executing program)
2022/10/04 00:00:12 fetching corpus: 550, signal 77503/94050 (executing program)
2022/10/04 00:00:13 fetching corpus: 600, signal 83304/100881 (executing program)
2022/10/04 00:00:13 fetching corpus: 650, signal 86367/105114 (executing program)
2022/10/04 00:00:13 fetching corpus: 700, signal 89927/109830 (executing program)
2022/10/04 00:00:13 fetching corpus: 750, signal 92803/113875 (executing program)
2022/10/04 00:00:13 fetching corpus: 800, signal 95752/117982 (executing program)
2022/10/04 00:00:13 fetching corpus: 850, signal 96586/120081 (executing program)
2022/10/04 00:00:13 fetching corpus: 900, signal 99164/123782 (executing program)
2022/10/04 00:00:13 fetching corpus: 950, signal 101932/127594 (executing program)
2022/10/04 00:00:14 fetching corpus: 1000, signal 105608/132145 (executing program)
2022/10/04 00:00:14 fetching corpus: 1050, signal 108701/136178 (executing program)
2022/10/04 00:00:14 fetching corpus: 1100, signal 110435/139008 (executing program)
2022/10/04 00:00:14 fetching corpus: 1150, signal 112035/141703 (executing program)
2022/10/04 00:00:14 fetching corpus: 1200, signal 113599/144266 (executing program)
2022/10/04 00:00:14 fetching corpus: 1250, signal 115987/147562 (executing program)
2022/10/04 00:00:14 fetching corpus: 1300, signal 119435/151758 (executing program)
2022/10/04 00:00:14 fetching corpus: 1350, signal 120670/153998 (executing program)
2022/10/04 00:00:15 fetching corpus: 1400, signal 122235/156497 (executing program)
2022/10/04 00:00:15 fetching corpus: 1450, signal 124435/159522 (executing program)
2022/10/04 00:00:15 fetching corpus: 1500, signal 126399/162275 (executing program)
2022/10/04 00:00:15 fetching corpus: 1550, signal 128001/164761 (executing program)
2022/10/04 00:00:15 fetching corpus: 1600, signal 130166/167618 (executing program)
2022/10/04 00:00:15 fetching corpus: 1650, signal 131480/169812 (executing program)
2022/10/04 00:00:15 fetching corpus: 1700, signal 132283/171576 (executing program)
2022/10/04 00:00:15 fetching corpus: 1750, signal 133944/174024 (executing program)
2022/10/04 00:00:16 fetching corpus: 1800, signal 135006/176034 (executing program)
2022/10/04 00:00:16 fetching corpus: 1850, signal 136342/178206 (executing program)
2022/10/04 00:00:16 fetching corpus: 1900, signal 137405/180147 (executing program)
2022/10/04 00:00:16 fetching corpus: 1950, signal 138658/182188 (executing program)
2022/10/04 00:00:16 fetching corpus: 2000, signal 140298/184507 (executing program)
2022/10/04 00:00:16 fetching corpus: 2050, signal 141672/186649 (executing program)
2022/10/04 00:00:16 fetching corpus: 2100, signal 144173/189550 (executing program)
2022/10/04 00:00:17 fetching corpus: 2150, signal 146579/192344 (executing program)
2022/10/04 00:00:17 fetching corpus: 2200, signal 147496/194067 (executing program)
2022/10/04 00:00:17 fetching corpus: 2250, signal 148457/195835 (executing program)
2022/10/04 00:00:17 fetching corpus: 2300, signal 149679/197803 (executing program)
2022/10/04 00:00:17 fetching corpus: 2350, signal 150605/199510 (executing program)
2022/10/04 00:00:17 fetching corpus: 2400, signal 151561/201218 (executing program)
2022/10/04 00:00:17 fetching corpus: 2450, signal 152833/203177 (executing program)
2022/10/04 00:00:17 fetching corpus: 2500, signal 153898/204976 (executing program)
2022/10/04 00:00:17 fetching corpus: 2550, signal 155540/207149 (executing program)
2022/10/04 00:00:17 fetching corpus: 2600, signal 156032/208466 (executing program)
2022/10/04 00:00:17 fetching corpus: 2650, signal 156661/209866 (executing program)
2022/10/04 00:00:18 fetching corpus: 2700, signal 157509/211425 (executing program)
2022/10/04 00:00:18 fetching corpus: 2750, signal 158845/213283 (executing program)
2022/10/04 00:00:18 fetching corpus: 2800, signal 159961/214982 (executing program)
2022/10/04 00:00:18 fetching corpus: 2850, signal 160652/216405 (executing program)
2022/10/04 00:00:18 fetching corpus: 2900, signal 161554/218009 (executing program)
2022/10/04 00:00:18 fetching corpus: 2950, signal 162566/219633 (executing program)
2022/10/04 00:00:18 fetching corpus: 3000, signal 163661/221283 (executing program)
2022/10/04 00:00:18 fetching corpus: 3050, signal 164474/222634 (executing program)
2022/10/04 00:00:19 fetching corpus: 3100, signal 165196/223963 (executing program)
2022/10/04 00:00:19 fetching corpus: 3150, signal 166271/225536 (executing program)
2022/10/04 00:00:19 fetching corpus: 3200, signal 166831/226797 (executing program)
2022/10/04 00:00:19 fetching corpus: 3250, signal 167612/228211 (executing program)
2022/10/04 00:00:19 fetching corpus: 3300, signal 167993/229367 (executing program)
2022/10/04 00:00:19 fetching corpus: 3350, signal 169448/231110 (executing program)
2022/10/04 00:00:19 fetching corpus: 3400, signal 169850/232215 (executing program)
2022/10/04 00:00:19 fetching corpus: 3450, signal 170427/233466 (executing program)
2022/10/04 00:00:19 fetching corpus: 3500, signal 171122/234849 (executing program)
2022/10/04 00:00:20 fetching corpus: 3550, signal 171893/236190 (executing program)
2022/10/04 00:00:20 fetching corpus: 3600, signal 173271/237874 (executing program)
2022/10/04 00:00:20 fetching corpus: 3650, signal 175089/239745 (executing program)
2022/10/04 00:00:20 fetching corpus: 3700, signal 176504/241387 (executing program)
2022/10/04 00:00:20 fetching corpus: 3750, signal 177020/242480 (executing program)
2022/10/04 00:00:20 fetching corpus: 3800, signal 177608/243615 (executing program)
2022/10/04 00:00:20 fetching corpus: 3850, signal 177915/244641 (executing program)
2022/10/04 00:00:20 fetching corpus: 3900, signal 178523/245823 (executing program)
2022/10/04 00:00:21 fetching corpus: 3950, signal 179430/247167 (executing program)
2022/10/04 00:00:21 fetching corpus: 4000, signal 180095/248319 (executing program)
2022/10/04 00:00:21 fetching corpus: 4050, signal 180521/249372 (executing program)
2022/10/04 00:00:21 fetching corpus: 4100, signal 181329/250619 (executing program)
2022/10/04 00:00:21 fetching corpus: 4150, signal 181933/251751 (executing program)
2022/10/04 00:00:21 fetching corpus: 4200, signal 182367/252761 (executing program)
2022/10/04 00:00:21 fetching corpus: 4250, signal 182911/253852 (executing program)
2022/10/04 00:00:21 fetching corpus: 4300, signal 183419/254920 (executing program)
2022/10/04 00:00:21 fetching corpus: 4350, signal 184696/256286 (executing program)
2022/10/04 00:00:21 fetching corpus: 4400, signal 185262/257364 (executing program)
2022/10/04 00:00:22 fetching corpus: 4450, signal 186490/258694 (executing program)
2022/10/04 00:00:22 fetching corpus: 4500, signal 187037/259738 (executing program)
2022/10/04 00:00:22 fetching corpus: 4550, signal 187624/260806 (executing program)
2022/10/04 00:00:22 fetching corpus: 4600, signal 188176/261888 (executing program)
2022/10/04 00:00:22 fetching corpus: 4650, signal 188530/262861 (executing program)
2022/10/04 00:00:22 fetching corpus: 4700, signal 189127/263926 (executing program)
2022/10/04 00:00:22 fetching corpus: 4750, signal 189813/265010 (executing program)
2022/10/04 00:00:22 fetching corpus: 4800, signal 190503/266078 (executing program)
2022/10/04 00:00:23 fetching corpus: 4850, signal 192478/267596 (executing program)
2022/10/04 00:00:23 fetching corpus: 4900, signal 193318/268682 (executing program)
2022/10/04 00:00:23 fetching corpus: 4950, signal 193859/269652 (executing program)
2022/10/04 00:00:23 fetching corpus: 5000, signal 194782/270762 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/271507 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/272281 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/273030 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/273804 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/274530 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/275273 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/275998 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/276731 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/277517 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/278271 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/278979 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/279729 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/280480 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/281205 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/281945 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/282730 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/283519 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/284318 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/285042 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/285769 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/286512 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/287264 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/287995 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/288728 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/289504 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/290273 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/291022 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/291765 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/292492 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/293274 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/294041 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/294779 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/295546 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/296278 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/297023 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/297791 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/298557 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/299304 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/300080 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/300813 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/301566 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/302327 (executing program)
2022/10/04 00:00:23 fetching corpus: 5001, signal 194785/303064 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/303829 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/304562 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/305368 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/306113 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/306832 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/307589 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/308372 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/309119 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/309869 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/310575 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/311325 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/311530 (executing program)
2022/10/04 00:00:24 fetching corpus: 5001, signal 194785/311530 (executing program)
2022/10/04 00:00:26 starting 8 fuzzer processes
00:00:26 executing program 0:
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x38}}}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x9000}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x1}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x6aa}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x9}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000040}, 0x5)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r1=>r0, {0x80}}, './file0\x00'})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r1)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x5c, r2, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xb}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7e00000}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x81c0}, 0x1)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x38, 0x453, 0x300, 0x70bd2a, 0x25dfdbfc, "6811f8370658a0132348f3cfedfbda091e6f62e0e6ede829596bbbc7aa9027f1c4d62f40db3d", ["", "", "", "", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4040010}, 0x240000c0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000000400)={0x0, 0x0, "31d9dba59a8946b421ca2f22371a60046245cc8f2dd977f45f6e27e5deee7108b9cc20ba77730760af0da7335e6d8af1ff73ac1c1abd98b2a4201874189e8ce341d405caf4d1265f4be90553ed47c4dbcbcd9e70721d72f8ed1c298e4d6214720cd74dc7c488ce4fd2180358caa803f1a6f8b987d9bc68f3a2d3bc43b1ec51d99b955f8debd5814edb20c24996fb5787d7a355926f2fa52e3c4d18224b86b6a199f277ea412570e53121dde398d1b7fd329eda577ad3427d80f298a477f05e7f23c8acf6d54c40d8d92b482bcd74e6c0033aa86fc938447a5ec413ad6d61ab8d66662b7b9c50329f93d39578e4b1d81b5e4feb5dfbf9c401ab606c14a631165f", "3c131cc4676eb8eca0c0a4761c01ff6825e646666ce9a85465074de6228a77fa050db24f89cead1791d201d6372add325b253ce0386eb3dfb89eb1919ae426e66fb59cf34cf2f7a5e3eef312c53fbce0184e7500f3f10e7cf6c9f7720f6bd62d6b09d2edc2540e34c9b2d2c8d197c77b5950edde4bce6bc95177c7083b5d41e75bffa8dc27e49b61d4c2d6cf3e030cc370f7d6c4573006c436671fed3caa8cbbaacfcb3c9447c04969fd72dcd2620bf7468072aa640ef11eee93b73a7cc7ecd6a31b3bf1d02df7040e432d661b53e71b5bfe9f3fad06e95740eb15a42d5b8b57fb01bec9e56a56eb7cbe6598b1e6077a4ec48f1f1f9b6edcb3e74791bf08477845c9b6c06f92d25130ebd572f29c5a854d93ffc3b5b40f78cc328cc3120524cc297948c9fd56a52a70491d01d45cc37fc1b424622d4810dc4d71a3059e3a48e9c7bd98ea108c4f894e6d12cda49a9abc6ac78168913bb21347516c19439e1a617ba1952921bd2030b41129fcd55538665a4581c74c317cf313b823db819db782f3cc584e8e58759f28bf02b808ae0a5e0219975b8048fd107a724eb9111209d7b7421d360f413659b17e2cfbb80a48fd2dc842c42ab1714e97cb12e4e9aaafd3bcce4ec17c7c1249e89696a9e0758174af5f832e93a3e93ab5fb940702b1b37406317fee1acec932ee3b429c7bd1b11dc72ba6ed053283783702750732a45df1bb7334755141785175859f44c45de39ef3180c3441622a77c8204a5596bb49515b9ad3d79de1fd3b4641184cc64cae939661bdc327c26a5397d2f4ab683a873f1b11e6c4f601dd88c0ff4abf64ee26a6e5c1829a9670f9642f7f84728af52dd6d0878ce8d7492752d4ecc7891a43073f48c1080113ca11863701f74c864d4f3d730d940b95fa490dc5148e5b065fcf13a72fac90bc41382d3dd9509c9c2e9579139f0ce44e78ede0fe6e8514f8cdf321252d4210271ebd2d22a9f13c668f37b40700b5041938e53a016994e37cb1250823a9ad998fe74663c1af9fd206225cdc73583caa132f05bdfd8ccad30a0f74236cddf6d61f2092009a0e297f46078c5bed92673b34c57cec76a9df47693e9ba3712d1e9984425f67e42cbf1b0bb03486ba2f09dc61386639baf68765a97dd7a54ffada81de86393d265be545a852a3a994542aa32e7eaee611fd6aa6916fb4d603ab31065f64dd9170089109c8ab676b6f9c82f12d69c2294f05f2760fe47a7b6acf4a429de6c2f38461afd98e3f1030b9918b0658b9f482d05503cca84acc11f19770c253a6d6967f681a2d954e4997d0401abc1d0ccb869b50a7f53637ebff4194079e1f008b35326b87c9b2132f6fc2bb5764ce484e713e4ca6c7919ef592f988c80235952bf9f224451681343318d57cf83bf205866f22c468a78111805ff60bb3bcf310407f304b46dce613e62c6689130517557a447fc609e2898f05ba242f5792eca51413b8888ec8f119115772bfef9a16968c47fd7bd5a0918c24e3e63d5e9d804b731b344ffd8a165cf2ddd7cee8f44fa8b9277968f8601659706ad53b4130d6b1f7e5e986049d4bef61704938218247d8b553160f4c5566ab4a5a837bd0c35357e18b4a995a88325835d5163da7e7239a2108349dad76253cd2a6927754b3c8c20c8c54c5006c062f8ae823d85c66c3312f9796c9277e1bbbf52e5952dbb12d1670fa061fc231ea640dbc86cd7cdee746526021f9f4a20dba537830cbbd6b2ee0ce867336992d14e1dc699f8e935dfc7ea3f10d81804b755147db48820cb57d2a33c449736005d5168a93ff03ef0235e0f13feeb6603eaad9340c59a89a3b24d5829dee70027071c0430cbbd93370cad2e0167d4c6c0a79172235011f597f825cfa4ef79c4ddcc2ed69973c22e871cd850970a7ff2208998b805ebbcda50715e2a85335a2e83f68a3b55dfd3d7776f6529d6d8fc8ce6edce693d29d67d1a5c5a63f9a7fd62b58059b31048a8d5831fcba919c81d2ff040609fe85d0f0be866d5cd848641ae255c8c9e667fabd1b823177a81e8abf6b92dcbb068d9455debbcaa1c29f9f27d2ef2a822664cadb44081aef40c000f896d11665e0788cd10f1ac5aa3ad7c1d0d382e21dea0c09bbd1152423639fdb77034178e1f2ce010f50e703d315225a28af159abfe9171b633e2ac148b0ce14f068973cc116cc2706a10f02c01523aa75801252d948f7c7b00d69837347c1ea9437940f67523c9583db6905f6cbd33ac262ed3ead2ff7b1fa5b4b8409cb1d125f44ceed424d60a3efdfdb820e0539bceddb081c7fb7e6e8ced3bd5d8f26281a3f8471cf6d5ed98d54cf631b0b6656f61e91c087ed3e05928d02e73b51ee3d155576bce52a7e1842e82bd87c70d5c5eb7f5c1660f8e7d553b9e40e2e278451b15d7af9af3934bca33cedf134285c92a58f5db6813d2b4fc5b5d8269380f4d9afec7d399b74ddaae09b9e9860fc7a8b5a5b81c92a4c3bf6b534b833b5e7b26f746f47f8bfb4c37d835e6f9ad731afb864dce30a7102c916a65d761418336babeb81a6cbd18fee426af7146c403243b6eed72253fb4a7d9c99a4e589565521371d9f188dcca55279c2841c3b4952f9bbf883c14b75ecd0f2cb28e1d8e8a8e7d955bb0dd83f86887879beafd875b7cd1591736519e578d54c6392f214bc744df3f01c2c85e2508b118f8309f793df2d14981db0f632127a19b2c1c59a35fc21e3a263280bd7aa224025eb0c854435a0e6da633139aa4fc2ba3a2a5af95e85e07dc40e87f5a1e057a2a3f9c1f9f0d77bb9f4999ce29d659731f91ab2e444d296ec5b74fd399d1410c9b7975a9dcdd31a74afda4583d4cd79673839cc9a52f198fc5d595f87d329d10ce774ba268f8d2f178957c510c2a51cbe3a9fe1a01180503978cf6ebfc5778f5d6b851840b5dbd20bd3be71d14df8f4b81dafff2f5b81f244af85a938b9dbc2096da9beaa33902ce307f022faaab7b15b35949a405eadf1d532fbc4392d68bad1021b10e5abfecb410104d1a897289da3dbb8e871212686e205f90aa1dafb44fd5305a2f4d5d197f869702f7f5f2b4852c29cec8d6adaa017a9d0b1bf5d854f0f9c8e2aca9001cf5ca5055067b807a1d43a8136908e1053b2461e311f7bf8af65aa1906dc0763bf9d6ba017a37559c73f7176b71e8916ff95f9780b6b50fb3e2486c97dceefab288d0aed348526dc1aa256ba7e96efbb1030ca26972bad53e5bc506411480a28b7837bba70c080bafe25c5cc82e94d13dfe07404507549f661bffb289015c96e12f6c8d586effdf1c7551243abacc0aab582f850f80d462ba2d554bc47602bd60c4c9f304fd484f5d2773d26dc7491e600a0524fe9e1af6e3435baa42e71720e6555b21505363cf67e612e7830281817aab7c3a8cfa237866a089bef2429a364dd74ba284d05eb5898dea2388ef84af608b49782fefc24b1a40bd7ded736e06495999a6a1c26ab2e771a387d67137378da2417b3de90ed407f1b92ea5aac475c25e425ab381698514513f89c2ec2505456afba9826f9f4006b56c37b6e4afeb62b98b3a96f3d7ecb15f1e54b63b3ca108ecbf033f80b2f491d408d623fc3cc8fa2ea93fb5f417a6f0e20e6aa5d70ceeba57b9203b012a1d75ca21e87c672c0c9cdd37a11e7eedae0285bd9ae0cd5e75f5a6e6ac60f24040dba7fec6de17880db1f655c3dd4ccdabf92db0e20569a52c3d36aa6ffb822fd5601b9ecf84c6b01c1fd89f7185fab87cb2d6fd49b443ff2c247dd2520d4cbadcc54e9e747b9e604eb227d7635791d9a2b3f88b79b1e80ab95a88cfa636007e1ae61058761e3c28976da10a5b97ca8b3d60dd99f711f36e3d13ac7945fa4498f66007a36486213113fb9dc29e85b75b88be45ad37b5c7bd2cd3f2ade304d1312dc4f98189a910393e84cc020ea1785253d532df3af08d9259fcdd5686468ccc3cddbb1801016f3b49a6c34d0419ab112d11d57c1c4f2ced31f42e909c51bdb3a2ad5b93aed8764d38d89111ca9a7256c6817ce19d6a54f89c05fc74c867c38e91805ae24567cfb8010ed655b9e4b36001eaf11396b03d034900be98bf468811fc07be33f206961c209474e2416bf38dcfc7bc7866ee19a7fe0a2728d488da9a1e98a289765b10dad04b910b3ab10d1bc7421672d92f47990ba6d1ace6e42bf483d009344fffb4957b7e248bd4938e5fcb4259f2c63d575a889172d5f8e9b2c17e80cc77ecde391444827ecdd9995e0400dc72ff367717b2abbf67d84f98a93fb2394804af8a5ffe0b042fa522b35386baabbf1d1a793dbfa9c9de4421ee63b36ca482b0ccbe6e83dbb38683f848b14fb3be8142fe7238a6c8fbf83e7aed188f292ecb0421b703a2bf803689441dcb32c7f3ecd5568afd8b92a3d44a942a39c25d7bfda498721a306b5581270bbc3fb03fe0aeafa880a470c0fdbdd9853aa7b7f1d5f3c73792ecf60d77b9fe5eb36e3f12ee0628d9c90374d6885d952d4286010399e9a4e4ce1a1644db31d837436678ac94464d6a43b996d077323d6c2d014df77f30ed40e0b7455af1fc958a23a1c7fdb180fb39b994d0d2a228847756b353bfe6e129778cfd636a6130e45bf3a23f74458e163c20dd5548c264c0cb26542ac94f7ae76ac4d76664c396db2fe1625be3aab4c1b69785095893d3d5db33317e6cdaf4252b4691c52d4ad429dbfc79a1244a3e89c2b01c9ba7783ccc7e4ce1a7bfbb51f5d92fa35ca256be96c43248a14d7edc02c9e9743076a23e198e154ee907c175768e76c43c005ea5d2ec0c7c8d97905b28a51614643d38ac177d98786c9dfb08bfa117cbfe27843ac1f3304bd4d9d752000664701efa2c0846500c6700ec6e71a50150164c4d679a183f9fa94c92807b770f49b6b62c315ffa300ac20808f7869bb53a0bba95b6ccec122f8d0338e892d79d8de3f056199aabec0245addfbbe572f1cfc5c575579469f07ae4831b7c6f48078134fb7d918a056d269dc0c826df04714d0bada0d9cd9f81c8421b7cefc25416b26de30d36708dbf4bd5f62bfceef4b16b3cf0878d2fb86969930cb0c6cdca6272a12a669010cd139ebde831f0b21b680bd4612e16360665cc50e28422aa986ce0d25f0c1a2f0e2f6d620ada85737b8d19e78f34a64760dce1abf984b6de9fefbc366df5eea2c7c14fcfe9222a4117e703a9e017b3cca4602ee82c1b1f3e0721e9ce84ea2fc2b5bf1bbf74f394eb83c71a072faf20b54c541b4f3ef4c933d83ffedba8e021a22e32695206c8802503f9298a220bbd586ba66fbb01f8b7a73f2c59bacca853905226b9e78ee92cbfda6a8a73f1680017e95f4a41689bd5e4cf4c05349c4dc2fcb1bc867bf81d0521540621a779d6bf69c158d3af3a551e6449482ae3ec24d31729bc8316399abddd0"})
r3 = openat(r0, &(0x7f0000001400)='./file0/file0\x00', 0x20000, 0x104)
r4 = socket$netlink(0x10, 0x3, 0x8)
sendmsg$NL80211_CMD_GET_REG(r4, &(0x7f0000001600)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001480)={0x120, 0x0, 0x0, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_RULES={0xb8, 0x22, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x2}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x9}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xf537}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1000}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x2}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7ff}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xfffffff8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x1}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xfff}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xfffffc00}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x101}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x5}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xfb}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xff}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}, @NL80211_ATTR_REG_RULES={0x2c, 0x22, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x8001}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x100}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x7}]}, 0x120}, 0x1, 0x0, 0x0, 0x2004c090}, 0x20000000)
clock_gettime(0x0, &(0x7f0000001680)={<r5=>0x0, <r6=>0x0})
ppoll(&(0x7f0000001640)=[{r0, 0x1202}, {r3, 0x13}], 0x2, &(0x7f00000016c0)={r5, r6+10000000}, &(0x7f0000001700)={[0x1000000]}, 0x8)
sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001800)={&(0x7f0000001780)={0x44, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x41b9255c74ac9c9d}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x40040c0)
r7 = openat$hpet(0xffffffffffffff9c, &(0x7f0000001880), 0x20400, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000001ac0)={&(0x7f00000018c0), 0xc, &(0x7f0000001a80)={&(0x7f0000001900)={{0x14}, [@NFT_MSG_NEWTABLE={0x34, 0x0, 0xa, 0x801, 0x0, 0x0, {0xd, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8}]}, @NFT_MSG_NEWCHAIN={0xa4, 0x3, 0xa, 0x304, 0x0, 0x0, {0xc, 0x0, 0x1}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffb}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x64, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x38f66f50}, @NFTA_HOOK_DEV={0x14, 0x3, 'macvlan1\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1e94f7dc}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x67f1ac41}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_vlan\x00'}]}]}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xffffffffffffffff}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, @NFT_OBJECT_CT_EXPECT=@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}}], {0x14}}, 0x148}, 0x1, 0x0, 0x0, 0x20000800}, 0x4040000)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b40), r7)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001b80)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000001d00)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001bc0)={0xd0, r8, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x2, 0x49}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xff}, @NL80211_ATTR_VENDOR_DATA={0x9f, 0xc5, "4d4564baa2140a1cd257e125b5495b0cbeae7359a707d4a60f76ace82e9dd3874ee4053972bfd226519b746183ff4386079bc788cf4e7121a436ed573b09d53318e1f2f76e97252ca576d05eda8e72b0211cf6b6cbbd4b2b4fb2c9a3a6d853a93e2257a275116660a3d9a2a84e111aa9ca5c7469ddae38b40c4e8f3e938bf5b8d292e43b2a6e4070ab56b5979cfaee049f8bcf12c2d4be93744222"}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4008841}, 0x80)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001d80), r7)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000001e40)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001e00)={&(0x7f0000001dc0)={0x2c, r10, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80d0}, 0x2008000)

00:00:26 executing program 1:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200, 0x95)
openat(r0, &(0x7f0000000040)='./file0\x00', 0x204000, 0x80)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x42)
clock_gettime(0x0, &(0x7f0000000100)={<r2=>0x0, <r3=>0x0})
utimensat(r1, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={{0x77359400}, {r2, r3/1000+10000}}, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r4=>0x0, <r5=>0x0})
rt_sigtimedwait(&(0x7f0000000180)={[0x3]}, &(0x7f00000001c0), &(0x7f0000000280)={r4, r5+10000000}, 0x8)
clock_gettime(0x7, &(0x7f00000002c0))
recvmsg$unix(r0, &(0x7f00000039c0)={&(0x7f0000000580), 0x6e, &(0x7f0000003900)=[{&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/64, 0x40}, {&(0x7f0000001640)=""/229, 0xe5}, {&(0x7f0000001740)=""/233, 0xe9}, {&(0x7f0000001840)=""/4096, 0x1000}, {&(0x7f0000002840)=""/158, 0x9e}, {&(0x7f0000002900)=""/4096, 0x1000}], 0x7, &(0x7f0000003980)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r6=>0x0}}}], 0x38}, 0x10080)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x1, 0x3, &(0x7f0000000500)=[{&(0x7f0000000380)="bd2db80bdcc11b5052882ea30368fffc525e54398387bcbd8e5ac8996eab325623ce87334e76a523ec68763478cc31108ba4d78b3c8578aa447520229de51daa377a6b7c10051f300d31129cd6d426ef804e7d5096059a32e1bbeaa2b3f1da51d431633937797463eea8b57bc822795cd3a840132e4e877738545af936c708a9f4d5addb84d2b12aa61e101225912ae651722a5024689c65bc", 0x99, 0x9}, {&(0x7f0000000440)="26962b1164282d5b1290899f4d4a52ea1a93f014f0c5659a", 0x18, 0xff}, {&(0x7f0000000480)="d57c624c19b424864532a506b8a0713dfb2fc988f0e30f178cb7ea3af82cae1aab9ee4afe8357592c7f76c76b0fe0477303be5921d04b1f02537b12e1b170d783636f66676626cdb73cb3dfa83ed5ed213db511918c06879e166e2252953dc4f7d760b0396254253cfd58168a51549a3e86c25", 0x73, 0x1}], 0x800e0, &(0x7f0000003a00)={[{@discard}, {@init_itable}, {@nodelalloc}, {@jqfmt_vfsv1}, {@resuid}, {@grpquota}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@abort}, {@oldalloc}], [{@fsname}, {@smackfsfloor={'smackfsfloor', 0x3d, '$'}}, {@smackfshat={'smackfshat', 0x3d, '[--^#'}}, {@euid_lt={'euid<', r6}}, {@fsname}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@appraise}, {@dont_hash}]})
epoll_pwait2(r1, &(0x7f0000003b00)=[{}, {}], 0x2, &(0x7f0000003b40)={0x0, 0x3938700}, &(0x7f0000003b80)={[0x1]}, 0x8)
clock_gettime(0x2, &(0x7f0000003bc0))
clock_gettime(0x7, &(0x7f0000003c00))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
fadvise64(r7, 0x6, 0x5, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000079c0)=[{{&(0x7f0000003c40)=@qipcrtr, 0x80, &(0x7f0000004d80)=[{&(0x7f0000003cc0)=""/4096, 0x1000}, {&(0x7f0000004cc0)=""/28, 0x1c}, {&(0x7f0000004d00)=""/81, 0x51}], 0x3, &(0x7f0000004dc0)=""/254, 0xfe}, 0x9}, {{&(0x7f0000004ec0)=@isdn, 0x80, &(0x7f0000005080)=[{&(0x7f0000004f40)=""/10, 0xa}, {&(0x7f0000004f80)=""/220, 0xdc}], 0x2, &(0x7f00000050c0)=""/71, 0x47}, 0x1}, {{&(0x7f0000005140)=@can, 0x80, &(0x7f00000057c0)=[{&(0x7f00000051c0)=""/26, 0x1a}, {&(0x7f0000005200)=""/213, 0xd5}, {&(0x7f0000005300)=""/184, 0xb8}, {&(0x7f00000053c0)=""/15, 0xf}, {&(0x7f0000005400)=""/153, 0x99}, {&(0x7f00000054c0)=""/78, 0x4e}, {&(0x7f0000005540)=""/254, 0xfe}, {&(0x7f0000005640)=""/229, 0xe5}, {&(0x7f0000005740)=""/6, 0x6}, {&(0x7f0000005780)=""/16, 0x10}], 0xa, &(0x7f0000005880)=""/42, 0x2a}, 0x40}, {{0x0, 0x0, &(0x7f00000078c0)=[{&(0x7f00000058c0)=""/4096, 0x1000}, {&(0x7f00000068c0)=""/4096, 0x1000}], 0x2, &(0x7f0000007900)=""/139, 0x8b}, 0x3}], 0x4, 0x20, &(0x7f0000007ac0)={0x0, 0x989680})
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000007b00))
syz_io_uring_submit(0x0, 0x0, &(0x7f0000007b40)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4004, @fd_index=0x8, 0x81, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x41c2)
futex(&(0x7f0000007b80), 0x7, 0x0, &(0x7f0000007bc0)={0x77359400}, &(0x7f0000007c00), 0x2)
pselect6(0x40, &(0x7f0000007c40)={0x56e6, 0x7, 0x7, 0x8001, 0x6e36, 0xff, 0x6, 0x7766}, &(0x7f0000007c80)={0xc6, 0xd04, 0x8, 0x80000000, 0x0, 0xff, 0x473b, 0xfffffffffffffa8b}, &(0x7f0000007cc0)={0x9, 0x0, 0x5, 0x8, 0x4, 0x8, 0x9, 0xfffffffffffff457}, &(0x7f0000007d00)={0x0, 0x989680}, &(0x7f0000007d80)={&(0x7f0000007d40)={[0x314b]}, 0x8})

00:00:27 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x200, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000080}, 0x4041840)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xf0, 0x0, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0xc4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffc}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8001}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3a20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x200}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x101}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffc}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x55}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7092}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1f}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x7f}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8}]}]}, @TIPC_NLA_BEARER={0x18, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'syzkaller0\x00'}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x40800}, 0x8090)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x80, 0x0, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x80}}, 0x800)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000004c0), r0)
sendmsg$NLBL_CALIPSO_C_REMOVE(r3, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x5c, r6, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20044852}, 0x8010)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wpan3\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r1, &(0x7f0000000740)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x74, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_MAX_BE={0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x8}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_MAX_BE={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x74}, 0x1, 0x0, 0x0, 0x48081}, 0x400c810)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, 0x0, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x18}, @IEEE802154_ATTR_PAN_COORD={0x5}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0xe}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
sendmsg$NLBL_UNLABEL_C_LIST(r5, &(0x7f0000000940)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x1c, 0x0, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004000}, 0x50)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000980), r1)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r3, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x44, 0x0, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x2}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x8}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x2}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r7}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3f}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x4040)

00:00:27 executing program 2:
setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000000000)={0x2b, @rand_addr=0x64010100, 0x4e22, 0x2, 'sed\x00', 0x2, 0x2, 0x36}, 0x2c)
r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0x8001, 0xac000)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000080)={'filter\x00', 0x0, 0x0, 0x0, [0x7, 0x8, 0x3, 0x0, 0x0, 0x8]}, &(0x7f0000000100)=0x78)
getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000140)={'broute\x00', 0x0, 0x0, 0x0, [0x3f2413ac, 0x2, 0x10000, 0x3, 0x4, 0x6]}, &(0x7f00000001c0)=0x78)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000200)={0xfffffffc, {{0x2, 0x4e22, @private=0xa010101}}}, 0x88)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f00000002c0)={'hsr0\x00', {0x2, 0x0, @empty}})
getsockname$inet(r0, &(0x7f0000000300)={0x2, 0x0, @broadcast}, &(0x7f0000000340)=0x10)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000380)={0x2, 'ip6gre0\x00', 0x3}, 0x18)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f00000003c0)={0x2, 0xfffffff8, 0x10001, 0x0, 0x4}, 0x14)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000400)={{0x2, 0x4e20, @local}, {0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x3a, {0x2, 0x4e23, @multicast2}, 'sit0\x00'})
getsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000480), &(0x7f00000004c0)=0x4)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000580)={'ip6gre0\x00', &(0x7f0000000500)={'syztnl1\x00', 0x0, 0x4, 0x4, 0x2, 0x7ff, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, 0x20, 0x700, 0x400, 0x7}})
r1 = socket$inet(0x2, 0xa, 0x5)
ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f00000005c0))
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_EDITDEST(r2, 0x0, 0x489, &(0x7f00000006c0)={{0x5e, @loopback, 0x4e23, 0x4, 'ovf\x00', 0x0, 0x80, 0x56}, {@broadcast, 0x4e22, 0x3, 0xf8800, 0x2, 0x400}}, 0x44)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000740)={{0x2, 0x4e21, @remote}, {0x1, @random="b8248bc9974f"}, 0x74, {0x2, 0x4e22, @remote}, 'rose0\x00'})
socket$inet_tcp(0x2, 0x1, 0x0)
writev(r2, &(0x7f0000000880)=[{&(0x7f00000007c0)="253eafa18f5f9ca6607a2ab6f3a07e6b1a6c5e33dbbc052092672cd67b9a47708771d3d0b44d3710c9a6ec6af4fa4d3ccee272c053629596c74db34e24f00bf64710b64a182c3c5e2ea57f95e0e584dce78629b488abd5b0d5bdd7ada82bd2ec6a94bd0cca506afaaa74c4733814016a6985c9bd74712e7f170a0b60addfe415803a51f8cf7f4dbd870aa8a74a04cdb89b80fde724df7cae85", 0x99}], 0x1)
socket$inet(0x2, 0x80806, 0x101)

[   71.940566] audit: type=1400 audit(1664841627.030:6): avc:  denied  { execmem } for  pid=286 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
00:00:27 executing program 4:
prctl$PR_SET_DUMPABLE(0x4, 0x1)
prctl$PR_SET_DUMPABLE(0x4, 0x0)
prctl$PR_SET_DUMPABLE(0x4, 0x0)
prctl$PR_SET_DUMPABLE(0x4, 0x1)
prctl$PR_SET_DUMPABLE(0x4, 0x0)
prctl$PR_SET_DUMPABLE(0x4, 0x2)
prctl$PR_SET_DUMPABLE(0x4, 0x4)
prctl$PR_SET_DUMPABLE(0x4, 0x2)
prctl$PR_SET_DUMPABLE(0x4, 0x0)
prctl$PR_SET_DUMPABLE(0x4, 0x3)
prctl$PR_SET_DUMPABLE(0x4, 0x3)
prctl$PR_SET_DUMPABLE(0x4, 0x1)
prctl$PR_SET_DUMPABLE(0x4, 0x5)
prctl$PR_SET_DUMPABLE(0x4, 0x2)
prctl$PR_SET_DUMPABLE(0x4, 0x2)
prctl$PR_SET_DUMPABLE(0x4, 0x7)
prctl$PR_SET_DUMPABLE(0x4, 0x3)
prctl$PR_SET_DUMPABLE(0x4, 0x3)
prctl$PR_SET_DUMPABLE(0x4, 0x2)
prctl$PR_SET_DUMPABLE(0x4, 0x0)

00:00:27 executing program 5:
r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000040)=0x14)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/hidraw', 0x40a000, 0x50)
io_submit(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x45cb7588d7adb9df, 0xfff, r0, &(0x7f0000000080)="ef5020f82bc6bd8662eb29d5652cef966de91afcfb0b4d6ae764f03555dfe0bc", 0x20, 0x6, 0x0, 0x3, r1}])
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000180)=0x40)
r2 = memfd_secret(0x0)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x48a}}, './file0\x00'})
r4 = syz_io_uring_setup(0x4634, &(0x7f0000000200)={0x0, 0x61ca, 0x10, 0x2, 0x2a7, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000280), &(0x7f00000002c0))
r5 = dup3(r1, r0, 0x80000)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000340)={0x3ff, 0x0, &(0x7f0000000300)=[r4, r5, r6, r2]}, 0x4)
syz_io_uring_setup(0x6df5, &(0x7f0000000380)={0x0, 0x3e4e, 0x2, 0x2, 0x137, 0x0, r4}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000440))
ioctl$SG_GET_TIMEOUT(r1, 0x2202, 0x0)
r7 = openat(r2, &(0x7f0000000480)='./file0\x00', 0x101000, 0x1a)
fcntl$dupfd(r7, 0x406, r2)
accept4$unix(0xffffffffffffffff, 0x0, &(0x7f00000004c0), 0x180800)
perf_event_open(&(0x7f0000000540)={0x3, 0x80, 0x6, 0x7f, 0x7, 0x20, 0x0, 0x400, 0x100, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x4, @perf_bp={&(0x7f0000000500), 0x9}, 0x5404c, 0xffffffffffffff80, 0x0, 0x6, 0x40000000, 0x9, 0x1f, 0x0, 0xfff, 0x0, 0x100000001}, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KDMKTONE(r3, 0x4b30, 0xaefc)
ioctl$SG_GET_LOW_DMA(r2, 0x227a, &(0x7f00000005c0))
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, &(0x7f0000000640))

00:00:27 executing program 6:
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {<r0=>0xffffffffffffffff}}, './file0\x00'})
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000040), &(0x7f0000000080)=0x30)
r1 = openat$cgroup_devices(r0, &(0x7f00000000c0)='devices.deny\x00', 0x2, 0x0)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000180)={&(0x7f0000000100)=""/68, 0x44, 0x4, 0x10001})
r2 = fork()
r3 = getpid()
r4 = clone3(&(0x7f0000000400)={0x104000000, &(0x7f00000001c0), &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000240)=<r6=>0x0, {0x2e}, &(0x7f0000000280)=""/69, 0x45, &(0x7f0000000300)=""/149, &(0x7f00000003c0)=[r2, r3, 0xffffffffffffffff], 0x3}, 0x58)
tgkill(0x0, r4, 0x41)
sched_getparam(r3, &(0x7f0000000480))
ptrace$peek(0x6b41120f0cb77621, r6, &(0x7f00000004c0))
r7 = getpid()
process_vm_writev(r7, &(0x7f0000000680)=[{&(0x7f0000000500)=""/108, 0x6c}, {&(0x7f0000000580)=""/195, 0xc3}], 0x2, &(0x7f0000001700)=[{&(0x7f00000006c0)=""/5, 0x5}, {&(0x7f0000000700)=""/4096, 0x1000}], 0x2, 0x0)
socket$inet6(0xa, 0x80000, 0x8000)
r8 = syz_open_dev$vcsn(&(0x7f0000001740), 0x80, 0x2)
connect$inet6(r8, &(0x7f0000001780)={0xa, 0x4e21, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}, 0x1c)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f00000017c0))
ptrace$setopts(0x4200, r5, 0x6, 0x32)
r9 = open_tree(r8, &(0x7f0000001840)='./file0\x00', 0x80001)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r9, 0xc038943b, &(0x7f00000018c0)={0x4, 0x20, '\x00', 0x1, &(0x7f0000001880)=[0x0, 0x0, 0x0, 0x0]})
setsockopt$inet6_IPV6_PKTINFO(r9, 0x29, 0x32, &(0x7f0000001900)={@private1}, 0x14)

00:00:27 executing program 7:
ioctl$F2FS_IOC_START_ATOMIC_WRITE(0xffffffffffffffff, 0xf501, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'syztnl0\x00', <r1=>0x0, 0x29, 0x1, 0x26, 0x31, 0x29, @dev={0xfe, 0x80, '\x00', 0x39}, @remote, 0x80, 0x7f00, 0x5, 0x3}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl1\x00', <r2=>0x0, 0x4, 0x81, 0x7f, 0x0, 0x2, @local, @mcast1, 0x40, 0x7800, 0x7, 0x4}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f0000000200)={0x1c4, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4000050}, 0x4000000)
r3 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000480)='cpuset.mem_hardwall\x00', 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000004c0)={0x0, 0x1, 0xff, 0x8})
finit_module(r3, &(0x7f0000000500)='@$$(]#\x00', 0x3)
fcntl$setflags(r3, 0x2, 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x2000, 0x20)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
finit_module(r5, &(0x7f0000000580)='\x00', 0x4)
mkdirat(r4, &(0x7f00000005c0)='./file0/file0\x00', 0x64)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r4, 0x89f4, &(0x7f00000006c0)={'syztnl0\x00', &(0x7f0000000640)={'ip6tnl0\x00', <r6=>r2, 0x4, 0x80, 0xfc, 0x7fff, 0xc, @remote, @local, 0x1, 0x10, 0x1, 0x18000000}})
sendmsg$ETHTOOL_MSG_RINGS_GET(r5, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x20, 0x0, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000002}, 0x44000)
getpeername(r5, &(0x7f00000007c0)=@xdp, &(0x7f0000000840)=0x80)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000880), 0x185b00, 0x0)
finit_module(r7, &(0x7f00000008c0)='/:$\xa2\x00', 0x3)
r8 = openat$cgroup_ro(r4, &(0x7f0000000900)='devices.list\x00', 0x0, 0x0)
sendmsg$DEVLINK_CMD_PORT_SET(r8, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x40, 0x0, 0x300, 0x70bd29, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x6}}]}, 0x40}, 0x1, 0x0, 0x0, 0x44001}, 0x0)

[   73.388330] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   73.391204] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   73.392974] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   73.394842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   73.396190] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   73.397807] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   73.401378] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   73.402964] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   73.404307] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   73.405690] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   73.407167] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   73.420650] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   73.422273] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   73.424018] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   73.426520] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   73.427978] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   73.429638] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   73.432505] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   73.434144] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   73.435533] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   73.435723] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   73.437152] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   73.438141] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   73.439545] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   73.439826] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   73.442036] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   73.444661] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   73.444967] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   73.447108] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   73.448987] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   73.449040] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   73.450283] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   73.450970] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   73.452866] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   73.458304] Bluetooth: hci7: HCI_REQ-0x0c1a
[   73.458397] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   73.461704] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   73.464364] Bluetooth: hci4: HCI_REQ-0x0c1a
[   73.469482] Bluetooth: hci1: HCI_REQ-0x0c1a
[   73.474269] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   73.476272] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   73.480900] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   73.492178] Bluetooth: hci5: HCI_REQ-0x0c1a
[   73.496682] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   73.502986] Bluetooth: hci3: HCI_REQ-0x0c1a
[   73.509972] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   73.510120] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   73.517755] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   73.519929] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   73.522043] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   73.523995] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   73.525698] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   73.538291] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   73.544381] Bluetooth: hci6: HCI_REQ-0x0c1a
[   73.549717] Bluetooth: hci0: HCI_REQ-0x0c1a
[   73.550860] Bluetooth: hci2: HCI_REQ-0x0c1a
[   75.509649] Bluetooth: hci3: command 0x0409 tx timeout
[   75.510670] Bluetooth: hci5: command 0x0409 tx timeout
[   75.511204] Bluetooth: hci4: command 0x0409 tx timeout
[   75.511796] Bluetooth: hci1: command 0x0409 tx timeout
[   75.512364] Bluetooth: hci7: command 0x0409 tx timeout
[   75.574668] Bluetooth: hci0: command 0x0409 tx timeout
[   75.575302] Bluetooth: hci2: command 0x0409 tx timeout
[   75.576012] Bluetooth: hci6: command 0x0409 tx timeout
[   77.557364] Bluetooth: hci7: command 0x041b tx timeout
[   77.557976] Bluetooth: hci1: command 0x041b tx timeout
[   77.558534] Bluetooth: hci4: command 0x041b tx timeout
[   77.558914] Bluetooth: hci5: command 0x041b tx timeout
[   77.559456] Bluetooth: hci3: command 0x041b tx timeout
[   77.622361] Bluetooth: hci6: command 0x041b tx timeout
[   77.622948] Bluetooth: hci2: command 0x041b tx timeout
[   77.623355] Bluetooth: hci0: command 0x041b tx timeout
[   79.605412] Bluetooth: hci3: command 0x040f tx timeout
[   79.606205] Bluetooth: hci5: command 0x040f tx timeout
[   79.607001] Bluetooth: hci4: command 0x040f tx timeout
[   79.607776] Bluetooth: hci1: command 0x040f tx timeout
[   79.608646] Bluetooth: hci7: command 0x040f tx timeout
[   79.670343] Bluetooth: hci0: command 0x040f tx timeout
[   79.671086] Bluetooth: hci2: command 0x040f tx timeout
[   79.671853] Bluetooth: hci6: command 0x040f tx timeout
[   81.654349] Bluetooth: hci7: command 0x0419 tx timeout
[   81.655108] Bluetooth: hci1: command 0x0419 tx timeout
[   81.655873] Bluetooth: hci4: command 0x0419 tx timeout
[   81.656659] Bluetooth: hci5: command 0x0419 tx timeout
[   81.657401] Bluetooth: hci3: command 0x0419 tx timeout
[   81.718396] Bluetooth: hci6: command 0x0419 tx timeout
[   81.719159] Bluetooth: hci2: command 0x0419 tx timeout
[   81.720268] Bluetooth: hci0: command 0x0419 tx timeout
00:01:20 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000100)=ANY=[], 0x18)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c)
getpeername(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff}}, &(0x7f0000000000)=0x80)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000100), 0x4)
r2 = socket$inet6(0xa, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000001700), 0x40000000000002f, 0x0)

00:01:21 executing program 4:
pwritev(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x0, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000180), 0x1000000000000096, 0x0)
sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x2, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @void}}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x4840)
fcntl$getown(r0, 0x9)

00:01:21 executing program 4:
ptrace$setsig(0x4203, 0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x30, 0xf0e, 0x8})
r0 = fork()
waitid(0x2, r0, &(0x7f0000000080), 0x80000000, &(0x7f0000000100))
ptrace$getsig(0x4202, r0, 0xe3, &(0x7f00000001c0))
syz_genetlink_get_family_id$devlink(&(0x7f0000000240), 0xffffffffffffffff)
ioprio_get$pid(0x1, r0)
getresuid(&(0x7f0000000280)=<r1=>0x0, &(0x7f00000002c0), &(0x7f0000000300))
statx(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x100, 0x1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = signalfd(0xffffffffffffffff, &(0x7f00000006c0)={[0x80000000]}, 0x8)
perf_event_open(&(0x7f0000000640)={0x4, 0x80, 0x7f, 0x9, 0x5, 0x1c, 0x0, 0x1, 0x13002, 0xa, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x1, @perf_config_ext={0x800, 0x6}, 0x200, 0x1, 0x299, 0x7, 0x80000001, 0x80000000, 0x7, 0x0, 0x7, 0x0, 0x6}, 0x0, 0x9, r3, 0x9)
msgctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000480)={{0x1, 0xffffffffffffffff, 0xee00, r1, r2, 0x41, 0xbd3}, 0x0, 0x0, 0x0, 0x10000, 0xaa9, 0x3, 0x0, 0x81, 0x71, 0x8, r0})
connect$netlink(0xffffffffffffffff, &(0x7f0000000500)=@proc={0x10, 0x0, 0x25dfdbff, 0x80000}, 0xc)
r4 = geteuid()
r5 = fork()
r6 = fork()
shmctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000540)={{0x1, r4, r2, r1, r2, 0x24, 0x9}, 0xfffffff9, 0x3, 0x2, 0x0, r5, r6, 0x8})
ptrace$getsig(0x4202, r0, 0x800, &(0x7f00000005c0))
process_vm_writev(r0, &(0x7f0000001b80)=[{&(0x7f0000000800)=""/209, 0xd1}, {&(0x7f0000000900)=""/148, 0x94}, {&(0x7f00000009c0)=""/156, 0x9c}, {&(0x7f0000000a80)=""/4096, 0x1000}, {&(0x7f0000001a80)=""/238, 0xee}], 0x5, &(0x7f0000002240)=[{&(0x7f0000001c00)=""/250, 0xfa}, {&(0x7f0000001d00)=""/160, 0xa0}, {&(0x7f0000001dc0)=""/147, 0x93}, {&(0x7f0000001e80)=""/25, 0x19}, {&(0x7f0000001ec0)=""/68, 0x44}, {&(0x7f0000001f40)=""/50, 0x32}, {&(0x7f0000001f80)=""/76, 0x4c}, {&(0x7f0000002000)=""/129, 0x81}, {&(0x7f00000020c0)=""/150, 0x96}, {&(0x7f0000002180)=""/160, 0xa0}], 0xa, 0x0)

[  126.261868] audit: type=1400 audit(1664841681.352:7): avc:  denied  { open } for  pid=3797 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
00:01:21 executing program 6:
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="b72ae8fb5a4c316e545238e0ab3072648cb4112885ba4fbb2708b78f54536ca6a32a2225055b327cc4c2bd11ea44091a596882f5ff4e6443d91b21882e117fa45cc66fefc714c91b092c18"])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_io_uring_setup(0xeaf, &(0x7f00000003c0)={0x0, 0x5ca5, 0x2, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000180)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x6000, @fd_index=0x8, 0x101, 0x3, 0x9, 0x4, 0x1, {0x2}}, 0x401)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x401, @loopback}, 0x1c)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_print_times', 0x10ba42, 0x0)
pwritev(r4, &(0x7f0000000500)=[{&(0x7f00000000c0)="e8", 0x1}], 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x15450b03, 0x16}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0xc40}, 0x4008090)
ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611)
pwritev(r3, &(0x7f0000000140)=[{&(0x7f0000000000)='P', 0x1}], 0x1, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0xc020662a, &(0x7f0000000140))

00:01:21 executing program 4:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000040)={{0x0, 0x2}})
fcntl$getownex(r2, 0x10, &(0x7f0000000080))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={<r3=>0x0}, &(0x7f0000000140)=0xc)
syz_open_procfs(r3, &(0x7f00000001c0)='net/if_inet6\x00')
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17)
r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0)
ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0x5320, &(0x7f0000000000))
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r4)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>0xffffffffffffffff, @ANYBLOB="18d500000000fcff2d2f66696c653000df3d53332c0b4b0372576aa7262281463fa6cf66f884f7554f9743171b91cbcdbb8992bdf8899ae41408a46eca7c00f14ebe86b7dcba9789f38a6d6a35cfe0c45fc32ac3bc1660ae1f81c5963cc6f786c54720046102d65b1fe7ab5de1f634fbe0a2584123cf644cb406"])
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x12}}, 0x0)
poll(0x0, 0xfffffffffffffdc0, 0x7fffffff)
close_range(r0, r1, 0x0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0xc000}, 0x20014040)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff66, 0x0, @perf_config_ext, 0x0, 0x0, 0xffffffff}, 0x0, 0xb, 0xffffffffffffffff, 0x8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$sr(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x8, 0x20010, 0xffffffffffffffff, 0x7fea3000)

[  126.653797] audit: type=1400 audit(1664841681.744:8): avc:  denied  { kernel } for  pid=3843 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  126.666725] ------------[ cut here ]------------
[  126.666749] 
[  126.666753] ======================================================
[  126.666758] WARNING: possible circular locking dependency detected
[  126.666763] 6.0.0-rc7-next-20220930 #1 Not tainted
[  126.666770] ------------------------------------------------------
[  126.666774] syz-executor.6/3845 is trying to acquire lock:
[  126.666781] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  126.666825] 
[  126.666825] but task is already holding lock:
[  126.666828] ffff88802104ac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  126.666855] 
[  126.666855] which lock already depends on the new lock.
[  126.666855] 
[  126.666858] 
[  126.666858] the existing dependency chain (in reverse order) is:
[  126.666861] 
[  126.666861] -> #3 (&ctx->lock){....}-{2:2}:
[  126.666874]        _raw_spin_lock+0x2a/0x40
[  126.666886]        __perf_event_task_sched_out+0x53b/0x18d0
[  126.666897]        __schedule+0xedd/0x2470
[  126.666911]        schedule+0xda/0x1b0
[  126.666925]        futex_wait_queue+0xf5/0x1e0
[  126.666938]        futex_wait+0x28e/0x690
[  126.666948]        do_futex+0x2ff/0x380
[  126.666957]        __x64_sys_futex+0x1c6/0x4d0
[  126.666968]        do_syscall_64+0x3b/0x90
[  126.666985]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.666998] 
[  126.666998] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  126.667012]        _raw_spin_lock_nested+0x30/0x40
[  126.667022]        raw_spin_rq_lock_nested+0x1e/0x30
[  126.667036]        task_fork_fair+0x63/0x4d0
[  126.667052]        sched_cgroup_fork+0x3d0/0x540
[  126.667066]        copy_process+0x4183/0x6e20
[  126.667078]        kernel_clone+0xe7/0x890
[  126.667087]        user_mode_thread+0xad/0xf0
[  126.667097]        rest_init+0x24/0x250
[  126.667109]        arch_call_rest_init+0xf/0x14
[  126.667127]        start_kernel+0x4c6/0x4eb
[  126.667145]        secondary_startup_64_no_verify+0xe0/0xeb
[  126.667159] 
[  126.667159] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  126.667173]        _raw_spin_lock_irqsave+0x39/0x60
[  126.667183]        try_to_wake_up+0xab/0x1930
[  126.667196]        up+0x75/0xb0
[  126.667213]        __up_console_sem+0x6e/0x80
[  126.667229]        console_unlock+0x46a/0x590
[  126.667245]        vprintk_emit+0x1bd/0x560
[  126.667261]        vprintk+0x84/0xa0
[  126.667276]        _printk+0xba/0xf1
[  126.667288]        kauditd_hold_skb.cold+0x3f/0x4e
[  126.667306]        kauditd_send_queue+0x233/0x290
[  126.667321]        kauditd_thread+0x5f9/0x9c0
[  126.667334]        kthread+0x2ed/0x3a0
[  126.667349]        ret_from_fork+0x22/0x30
[  126.667361] 
[  126.667361] -> #0 ((console_sem).lock){....}-{2:2}:
[  126.667375]        __lock_acquire+0x2a02/0x5e70
[  126.667391]        lock_acquire+0x1a2/0x530
[  126.667407]        _raw_spin_lock_irqsave+0x39/0x60
[  126.667418]        down_trylock+0xe/0x70
[  126.667433]        __down_trylock_console_sem+0x3b/0xd0
[  126.667449]        vprintk_emit+0x16b/0x560
[  126.667464]        vprintk+0x84/0xa0
[  126.667480]        _printk+0xba/0xf1
[  126.667490]        report_bug.cold+0x72/0xab
[  126.667506]        handle_bug+0x3c/0x70
[  126.667523]        exc_invalid_op+0x14/0x50
[  126.667539]        asm_exc_invalid_op+0x16/0x20
[  126.667551]        group_sched_out.part.0+0x2c7/0x460
[  126.667569]        ctx_sched_out+0x8f1/0xc10
[  126.667586]        __perf_event_task_sched_out+0x6d0/0x18d0
[  126.667597]        __schedule+0xedd/0x2470
[  126.667610]        schedule+0xda/0x1b0
[  126.667623]        futex_wait_queue+0xf5/0x1e0
[  126.667634]        futex_wait+0x28e/0x690
[  126.667644]        do_futex+0x2ff/0x380
[  126.667653]        __x64_sys_futex+0x1c6/0x4d0
[  126.667663]        do_syscall_64+0x3b/0x90
[  126.667680]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.667692] 
[  126.667692] other info that might help us debug this:
[  126.667692] 
[  126.667695] Chain exists of:
[  126.667695]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  126.667695] 
[  126.667710]  Possible unsafe locking scenario:
[  126.667710] 
[  126.667712]        CPU0                    CPU1
[  126.667715]        ----                    ----
[  126.667717]   lock(&ctx->lock);
[  126.667722]                                lock(&rq->__lock);
[  126.667729]                                lock(&ctx->lock);
[  126.667735]   lock((console_sem).lock);
[  126.667741] 
[  126.667741]  *** DEADLOCK ***
[  126.667741] 
[  126.667742] 2 locks held by syz-executor.6/3845:
[  126.667749]  #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  126.667778]  #1: ffff88802104ac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  126.667804] 
[  126.667804] stack backtrace:
[  126.667807] CPU: 0 PID: 3845 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1
[  126.667820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  126.667828] Call Trace:
[  126.667831]  <TASK>
[  126.667835]  dump_stack_lvl+0x8b/0xb3
[  126.667854]  check_noncircular+0x263/0x2e0
[  126.667870]  ? format_decode+0x26c/0xb50
[  126.667887]  ? print_circular_bug+0x450/0x450
[  126.667904]  ? simple_strtoul+0x30/0x30
[  126.667919]  ? format_decode+0x26c/0xb50
[  126.667936]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  126.667954]  __lock_acquire+0x2a02/0x5e70
[  126.667975]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  126.667997]  lock_acquire+0x1a2/0x530
[  126.668014]  ? down_trylock+0xe/0x70
[  126.668031]  ? lock_release+0x750/0x750
[  126.668051]  ? vprintk+0x84/0xa0
[  126.668069]  _raw_spin_lock_irqsave+0x39/0x60
[  126.668080]  ? down_trylock+0xe/0x70
[  126.668096]  down_trylock+0xe/0x70
[  126.668112]  ? vprintk+0x84/0xa0
[  126.668128]  __down_trylock_console_sem+0x3b/0xd0
[  126.668145]  vprintk_emit+0x16b/0x560
[  126.668164]  vprintk+0x84/0xa0
[  126.668181]  _printk+0xba/0xf1
[  126.668193]  ? record_print_text.cold+0x16/0x16
[  126.668208]  ? report_bug.cold+0x66/0xab
[  126.668226]  ? group_sched_out.part.0+0x2c7/0x460
[  126.668244]  report_bug.cold+0x72/0xab
[  126.668263]  handle_bug+0x3c/0x70
[  126.668280]  exc_invalid_op+0x14/0x50
[  126.668298]  asm_exc_invalid_op+0x16/0x20
[  126.668311] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  126.668332] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  126.668343] RSP: 0018:ffff88803b4bf8f8 EFLAGS: 00010006
[  126.668352] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  126.668359] RDX: ffff88800f695040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  126.668367] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  126.668374] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88802104ac00
[  126.668382] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  126.668392]  ? group_sched_out.part.0+0x2c7/0x460
[  126.668412]  ? group_sched_out.part.0+0x2c7/0x460
[  126.668432]  ctx_sched_out+0x8f1/0xc10
[  126.668451]  __perf_event_task_sched_out+0x6d0/0x18d0
[  126.668465]  ? lock_is_held_type+0xd7/0x130
[  126.668480]  ? __perf_cgroup_move+0x160/0x160
[  126.668490]  ? set_next_entity+0x304/0x550
[  126.668510]  ? lock_is_held_type+0xd7/0x130
[  126.668524]  __schedule+0xedd/0x2470
[  126.668541]  ? io_schedule_timeout+0x150/0x150
[  126.668556]  ? futex_wait_setup+0x166/0x230
[  126.668571]  schedule+0xda/0x1b0
[  126.668585]  futex_wait_queue+0xf5/0x1e0
[  126.668598]  futex_wait+0x28e/0x690
[  126.668610]  ? futex_wait_setup+0x230/0x230
[  126.668624]  ? wake_up_q+0x8b/0xf0
[  126.668637]  ? do_raw_spin_unlock+0x4f/0x220
[  126.668656]  ? futex_wake+0x158/0x490
[  126.668672]  ? fd_install+0x1f9/0x640
[  126.668688]  do_futex+0x2ff/0x380
[  126.668699]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  126.668715]  __x64_sys_futex+0x1c6/0x4d0
[  126.668728]  ? __x64_sys_futex_time32+0x480/0x480
[  126.668741]  ? syscall_enter_from_user_mode+0x1d/0x50
[  126.668755]  ? syscall_enter_from_user_mode+0x1d/0x50
[  126.668770]  do_syscall_64+0x3b/0x90
[  126.668788]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.668801] RIP: 0033:0x7f3eb9597b19
[  126.668809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  126.668820] RSP: 002b:00007f3eb6b0d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.668831] RAX: ffffffffffffffda RBX: 00007f3eb96aaf68 RCX: 00007f3eb9597b19
[  126.668838] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3eb96aaf68
[  126.668845] RBP: 00007f3eb96aaf60 R08: 0000000000000000 R09: 0000000000000000
[  126.668852] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3eb96aaf6c
[  126.668860] R13: 00007ffea7b8854f R14: 00007f3eb6b0d300 R15: 0000000000022000
[  126.668872]  </TASK>
[  126.731497] WARNING: CPU: 0 PID: 3845 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  126.732196] Modules linked in:
[  126.732448] CPU: 0 PID: 3845 Comm: syz-executor.6 Not tainted 6.0.0-rc7-next-20220930 #1
[  126.733046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  126.733894] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  126.734310] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  126.735664] RSP: 0018:ffff88803b4bf8f8 EFLAGS: 00010006
[  126.736062] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  126.736587] RDX: ffff88800f695040 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  126.737133] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  126.737667] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88802104ac00
[  126.738204] R13: ffff88806ce3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  126.738740] FS:  00007f3eb6b0d700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  126.739339] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.739779] CR2: 00007f4dd2243ff8 CR3: 000000000f28e000 CR4: 0000000000350ef0
[  126.740315] Call Trace:
[  126.740518]  <TASK>
[  126.740696]  ctx_sched_out+0x8f1/0xc10
[  126.740998]  __perf_event_task_sched_out+0x6d0/0x18d0
[  126.741393]  ? lock_is_held_type+0xd7/0x130
[  126.741724]  ? __perf_cgroup_move+0x160/0x160
[  126.742066]  ? set_next_entity+0x304/0x550
[  126.742398]  ? lock_is_held_type+0xd7/0x130
[  126.742728]  __schedule+0xedd/0x2470
[  126.743027]  ? io_schedule_timeout+0x150/0x150
[  126.743374]  ? futex_wait_setup+0x166/0x230
[  126.743705]  schedule+0xda/0x1b0
[  126.743971]  futex_wait_queue+0xf5/0x1e0
[  126.744281]  futex_wait+0x28e/0x690
[  126.744565]  ? futex_wait_setup+0x230/0x230
[  126.744893]  ? wake_up_q+0x8b/0xf0
[  126.745181]  ? do_raw_spin_unlock+0x4f/0x220
[  126.745525]  ? futex_wake+0x158/0x490
[  126.745825]  ? fd_install+0x1f9/0x640
[  126.746130]  do_futex+0x2ff/0x380
[  126.746399]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  126.746835]  __x64_sys_futex+0x1c6/0x4d0
[  126.747151]  ? __x64_sys_futex_time32+0x480/0x480
[  126.747520]  ? syscall_enter_from_user_mode+0x1d/0x50
[  126.747913]  ? syscall_enter_from_user_mode+0x1d/0x50
[  126.748305]  do_syscall_64+0x3b/0x90
[  126.748594]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.748983] RIP: 0033:0x7f3eb9597b19
[  126.749275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  126.750619] RSP: 002b:00007f3eb6b0d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.751183] RAX: ffffffffffffffda RBX: 00007f3eb96aaf68 RCX: 00007f3eb9597b19
[  126.751714] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3eb96aaf68
[  126.752250] RBP: 00007f3eb96aaf60 R08: 0000000000000000 R09: 0000000000000000
[  126.752787] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3eb96aaf6c
[  126.753332] R13: 00007ffea7b8854f R14: 00007f3eb6b0d300 R15: 0000000000022000
[  126.753864]  </TASK>
[  126.754047] irq event stamp: 510
[  126.754302] hardirqs last  enabled at (509): [<ffffffff8425379d>] syscall_enter_from_user_mode+0x1d/0x50
[  126.755000] hardirqs last disabled at (510): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  126.755614] softirqs last  enabled at (242): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  126.756253] softirqs last disabled at (235): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  126.756889] ---[ end trace 0000000000000000 ]---
00:01:21 executing program 4:
r0 = syz_io_uring_setup(0x6d0f, &(0x7f0000000000), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x2}})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x4, 0x102, 0x285}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000380)=<r5=>0x0, &(0x7f00000003c0))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000500)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, &(0x7f0000000400)=0x80, &(0x7f0000000300)=@isdn, 0x0, 0x80800, 0x0, {0x0, r6}}, 0x3)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f00000000c0)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x6000, @fd_index=0x9, 0xeaf2, 0x100000000, 0x0, 0x4, 0x0, {0x1, r7}}, 0xbb48)

00:01:22 executing program 6:
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="b72ae8fb5a4c316e545238e0ab3072648cb4112885ba4fbb2708b78f54536ca6a32a2225055b327cc4c2bd11ea44091a596882f5ff4e6443d91b21882e117fa45cc66fefc714c91b092c18"])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_io_uring_setup(0xeaf, &(0x7f00000003c0)={0x0, 0x5ca5, 0x2, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000180)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x6000, @fd_index=0x8, 0x101, 0x3, 0x9, 0x4, 0x1, {0x2}}, 0x401)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x401, @loopback}, 0x1c)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_print_times', 0x10ba42, 0x0)
pwritev(r4, &(0x7f0000000500)=[{&(0x7f00000000c0)="e8", 0x1}], 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x15450b03, 0x16}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0xc40}, 0x4008090)
ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611)
pwritev(r3, &(0x7f0000000140)=[{&(0x7f0000000000)='P', 0x1}], 0x1, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0xc020662a, &(0x7f0000000140))

00:01:22 executing program 4:
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="b72ae8fb5a4c316e545238e0ab3072648cb4112885ba4fbb2708b78f54536ca6a32a2225055b327cc4c2bd11ea44091a596882f5ff4e6443d91b21882e117fa45cc66fefc714c91b092c18"])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_io_uring_setup(0xeaf, &(0x7f00000003c0)={0x0, 0x5ca5, 0x2, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000180)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x6000, @fd_index=0x8, 0x101, 0x3, 0x9, 0x4, 0x1, {0x2}}, 0x401)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x401, @loopback}, 0x1c)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_print_times', 0x10ba42, 0x0)
pwritev(r4, &(0x7f0000000500)=[{&(0x7f00000000c0)="e8", 0x1}], 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x15450b03, 0x16}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0xc40}, 0x4008090)
ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611)
pwritev(r3, &(0x7f0000000140)=[{&(0x7f0000000000)='P', 0x1}], 0x1, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0xc020662a, &(0x7f0000000140))

[  127.930689] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET)
[  127.933337] audit: type=1400 audit(1664841683.023:9): avc:  denied  { create } for  pid=3969 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1
[  128.195472] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=3995 comm=syz-executor.7
[  128.204630] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=3998 comm=syz-executor.7
[  128.254696] =======================================================
[  128.254696] WARNING: The mand mount option has been deprecated and
[  128.254696]          and is ignored by this kernel. Remove the mand
[  128.254696]          option from the mount to silence this warning.
[  128.254696] =======================================================

VM DIAGNOSIS:
00:01:22  Registers:
info registers vcpu 0
RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803b4bf340
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000074 R11=0000000000000001
R12=0000000000000074 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3eb6b0d700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4dd2243ff8 CR3=000000000f28e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=c676ef0000000000 401d FPR7=f000000000000000 4002
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f3eb967e7c0 00007f3eb967e7c8
YMM02=0000000000000000 0000000000000000 00007f3eb967e7e0 00007f3eb967e7c0
YMM03=0000000000000000 0000000000000000 00007f3eb967e7c8 00007f3eb967e7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000003 RBX=0000000000000001 RCX=1ffffffff0e0c0d8 RDX=0000000000000004
RSI=ffff88803f2d74c0 RDI=0000000000000001 RBP=ffff88803f2d0000 RSP=ffff88803f2d7348
R8 =ffffffff85e3411e R9 =ffffffff85e34122 R10=ffffed1007e5ae92 R11=ffff88803f2d7468
R12=ffff88803f2d7469 R13=ffff88803f2d7488 R14=ffff88803f2d7428 R15=0000000000000003
RIP=ffffffff81203615 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007effcae00000 CR3=0000000018466000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=c676ef0000000000 401d FPR7=f000000000000000 4002
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000