Warning: Permanently added '[localhost]:47554' (ECDSA) to the list of known hosts.
2022/10/04 07:50:36 fuzzer started
2022/10/04 07:50:36 dialing manager at localhost:35095
syzkaller login: [   45.821725] cgroup: Unknown subsys name 'net'
[   45.940864] cgroup: Unknown subsys name 'rlimit'
2022/10/04 07:50:51 syscalls: 2215
2022/10/04 07:50:51 code coverage: enabled
2022/10/04 07:50:51 comparison tracing: enabled
2022/10/04 07:50:51 extra coverage: enabled
2022/10/04 07:50:51 setuid sandbox: enabled
2022/10/04 07:50:51 namespace sandbox: enabled
2022/10/04 07:50:51 Android sandbox: enabled
2022/10/04 07:50:51 fault injection: enabled
2022/10/04 07:50:51 leak checking: enabled
2022/10/04 07:50:51 net packet injection: enabled
2022/10/04 07:50:51 net device setup: enabled
2022/10/04 07:50:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/04 07:50:51 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/04 07:50:51 USB emulation: enabled
2022/10/04 07:50:51 hci packet injection: enabled
2022/10/04 07:50:51 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/04 07:50:51 802.15.4 emulation: enabled
2022/10/04 07:50:51 fetching corpus: 50, signal 25967/27803 (executing program)
2022/10/04 07:50:51 fetching corpus: 100, signal 38437/41967 (executing program)
2022/10/04 07:50:51 fetching corpus: 150, signal 46519/51645 (executing program)
2022/10/04 07:50:51 fetching corpus: 200, signal 50607/57299 (executing program)
2022/10/04 07:50:52 fetching corpus: 250, signal 55353/63586 (executing program)
2022/10/04 07:50:52 fetching corpus: 300, signal 63369/72951 (executing program)
2022/10/04 07:50:52 fetching corpus: 350, signal 65916/77034 (executing program)
2022/10/04 07:50:52 fetching corpus: 400, signal 71231/83670 (executing program)
2022/10/04 07:50:52 fetching corpus: 450, signal 74754/88546 (executing program)
2022/10/04 07:50:52 fetching corpus: 500, signal 79037/94089 (executing program)
2022/10/04 07:50:52 fetching corpus: 550, signal 82103/98460 (executing program)
2022/10/04 07:50:52 fetching corpus: 600, signal 85497/103078 (executing program)
2022/10/04 07:50:53 fetching corpus: 650, signal 88492/107312 (executing program)
2022/10/04 07:50:53 fetching corpus: 700, signal 90071/110183 (executing program)
2022/10/04 07:50:53 fetching corpus: 750, signal 92260/113615 (executing program)
2022/10/04 07:50:53 fetching corpus: 800, signal 95074/117566 (executing program)
2022/10/04 07:50:53 fetching corpus: 850, signal 98481/121978 (executing program)
2022/10/04 07:50:53 fetching corpus: 900, signal 100120/124824 (executing program)
2022/10/04 07:50:53 fetching corpus: 950, signal 106546/131870 (executing program)
2022/10/04 07:50:54 fetching corpus: 1000, signal 109643/135922 (executing program)
2022/10/04 07:50:54 fetching corpus: 1050, signal 112409/139644 (executing program)
2022/10/04 07:50:54 fetching corpus: 1100, signal 114169/142437 (executing program)
2022/10/04 07:50:54 fetching corpus: 1150, signal 116580/145800 (executing program)
2022/10/04 07:50:54 fetching corpus: 1200, signal 117991/148290 (executing program)
2022/10/04 07:50:54 fetching corpus: 1250, signal 118741/150171 (executing program)
2022/10/04 07:50:54 fetching corpus: 1300, signal 119592/152125 (executing program)
2022/10/04 07:50:54 fetching corpus: 1350, signal 120360/153975 (executing program)
2022/10/04 07:50:54 fetching corpus: 1400, signal 122075/156632 (executing program)
2022/10/04 07:50:55 fetching corpus: 1450, signal 123664/159181 (executing program)
2022/10/04 07:50:55 fetching corpus: 1500, signal 124527/161133 (executing program)
2022/10/04 07:50:55 fetching corpus: 1550, signal 126427/163874 (executing program)
2022/10/04 07:50:55 fetching corpus: 1600, signal 127514/165944 (executing program)
2022/10/04 07:50:55 fetching corpus: 1650, signal 128798/168125 (executing program)
2022/10/04 07:50:55 fetching corpus: 1700, signal 130138/170390 (executing program)
2022/10/04 07:50:55 fetching corpus: 1750, signal 131700/172740 (executing program)
2022/10/04 07:50:55 fetching corpus: 1800, signal 132827/174762 (executing program)
2022/10/04 07:50:55 fetching corpus: 1850, signal 133766/176596 (executing program)
2022/10/04 07:50:56 fetching corpus: 1900, signal 134639/178390 (executing program)
2022/10/04 07:50:56 fetching corpus: 1950, signal 135510/180198 (executing program)
2022/10/04 07:50:56 fetching corpus: 2000, signal 136400/182038 (executing program)
2022/10/04 07:50:56 fetching corpus: 2050, signal 137030/183636 (executing program)
2022/10/04 07:50:56 fetching corpus: 2100, signal 138352/185736 (executing program)
2022/10/04 07:50:56 fetching corpus: 2150, signal 139808/187913 (executing program)
2022/10/04 07:50:56 fetching corpus: 2200, signal 140801/189778 (executing program)
2022/10/04 07:50:56 fetching corpus: 2250, signal 141692/191569 (executing program)
2022/10/04 07:50:57 fetching corpus: 2300, signal 142721/193400 (executing program)
2022/10/04 07:50:57 fetching corpus: 2350, signal 144112/195480 (executing program)
2022/10/04 07:50:57 fetching corpus: 2400, signal 145010/197187 (executing program)
2022/10/04 07:50:57 fetching corpus: 2450, signal 145979/198905 (executing program)
2022/10/04 07:50:57 fetching corpus: 2500, signal 147099/200836 (executing program)
2022/10/04 07:50:57 fetching corpus: 2550, signal 148060/202565 (executing program)
2022/10/04 07:50:57 fetching corpus: 2600, signal 149312/204459 (executing program)
2022/10/04 07:50:57 fetching corpus: 2650, signal 150831/206534 (executing program)
2022/10/04 07:50:57 fetching corpus: 2700, signal 151815/208236 (executing program)
2022/10/04 07:50:58 fetching corpus: 2750, signal 153373/210337 (executing program)
2022/10/04 07:50:58 fetching corpus: 2800, signal 154755/212335 (executing program)
2022/10/04 07:50:58 fetching corpus: 2850, signal 156015/214151 (executing program)
2022/10/04 07:50:58 fetching corpus: 2900, signal 157407/216081 (executing program)
2022/10/04 07:50:58 fetching corpus: 2950, signal 159082/218180 (executing program)
2022/10/04 07:50:58 fetching corpus: 3000, signal 160073/219820 (executing program)
2022/10/04 07:50:58 fetching corpus: 3050, signal 161411/221612 (executing program)
2022/10/04 07:50:58 fetching corpus: 3100, signal 162340/223170 (executing program)
2022/10/04 07:50:59 fetching corpus: 3150, signal 164254/225287 (executing program)
2022/10/04 07:50:59 fetching corpus: 3200, signal 165563/227075 (executing program)
2022/10/04 07:50:59 fetching corpus: 3250, signal 166781/228752 (executing program)
2022/10/04 07:50:59 fetching corpus: 3300, signal 167347/229976 (executing program)
2022/10/04 07:50:59 fetching corpus: 3350, signal 167751/231140 (executing program)
2022/10/04 07:50:59 fetching corpus: 3400, signal 168136/232334 (executing program)
2022/10/04 07:50:59 fetching corpus: 3450, signal 168852/233697 (executing program)
2022/10/04 07:50:59 fetching corpus: 3500, signal 170163/235367 (executing program)
2022/10/04 07:50:59 fetching corpus: 3550, signal 172059/237305 (executing program)
2022/10/04 07:51:00 fetching corpus: 3600, signal 173014/238775 (executing program)
2022/10/04 07:51:00 fetching corpus: 3650, signal 174265/240439 (executing program)
2022/10/04 07:51:00 fetching corpus: 3700, signal 175367/241928 (executing program)
2022/10/04 07:51:00 fetching corpus: 3750, signal 177198/243745 (executing program)
2022/10/04 07:51:00 fetching corpus: 3800, signal 177849/244906 (executing program)
2022/10/04 07:51:00 fetching corpus: 3850, signal 178664/246205 (executing program)
2022/10/04 07:51:00 fetching corpus: 3900, signal 179200/247388 (executing program)
2022/10/04 07:51:01 fetching corpus: 3950, signal 179892/248603 (executing program)
2022/10/04 07:51:01 fetching corpus: 4000, signal 180534/249753 (executing program)
2022/10/04 07:51:01 fetching corpus: 4050, signal 181449/251085 (executing program)
2022/10/04 07:51:01 fetching corpus: 4100, signal 181998/252162 (executing program)
2022/10/04 07:51:01 fetching corpus: 4150, signal 182500/253259 (executing program)
2022/10/04 07:51:01 fetching corpus: 4200, signal 183213/254452 (executing program)
2022/10/04 07:51:01 fetching corpus: 4250, signal 184208/255842 (executing program)
2022/10/04 07:51:01 fetching corpus: 4300, signal 184820/256915 (executing program)
2022/10/04 07:51:01 fetching corpus: 4350, signal 186098/258279 (executing program)
2022/10/04 07:51:02 fetching corpus: 4400, signal 186724/259360 (executing program)
2022/10/04 07:51:02 fetching corpus: 4450, signal 187151/260383 (executing program)
2022/10/04 07:51:02 fetching corpus: 4500, signal 187779/261469 (executing program)
2022/10/04 07:51:02 fetching corpus: 4550, signal 188693/262727 (executing program)
2022/10/04 07:51:02 fetching corpus: 4600, signal 189465/263851 (executing program)
2022/10/04 07:51:02 fetching corpus: 4650, signal 189970/264921 (executing program)
2022/10/04 07:51:02 fetching corpus: 4700, signal 190750/266048 (executing program)
2022/10/04 07:51:03 fetching corpus: 4750, signal 191178/267072 (executing program)
2022/10/04 07:51:03 fetching corpus: 4800, signal 191677/268049 (executing program)
2022/10/04 07:51:03 fetching corpus: 4850, signal 192931/269320 (executing program)
2022/10/04 07:51:03 fetching corpus: 4900, signal 193392/270318 (executing program)
2022/10/04 07:51:03 fetching corpus: 4950, signal 193821/271307 (executing program)
2022/10/04 07:51:03 fetching corpus: 5000, signal 194635/272381 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/273220 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/274005 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/274767 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/275569 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/276358 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/277123 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/277889 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/278667 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/279426 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/280236 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/281017 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/281818 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/282615 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/283371 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/284145 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/284947 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/285702 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/286470 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/287275 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/288053 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/288857 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/289618 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/290394 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/291136 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/291887 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/292666 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/293464 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/294257 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/295058 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/295820 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/296594 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/297350 (executing program)
2022/10/04 07:51:03 fetching corpus: 5013, signal 194825/298174 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/299000 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/299762 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/300558 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/301321 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/302095 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/302878 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/303654 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/304454 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/305257 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/306057 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/306843 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/307647 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/308413 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/309193 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/309967 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/310725 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/311522 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/312257 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/313037 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/313848 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/314657 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/315460 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/316211 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/317008 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/317008 (executing program)
2022/10/04 07:51:04 fetching corpus: 5013, signal 194825/317008 (executing program)
2022/10/04 07:51:07 starting 8 fuzzer processes
07:51:07 executing program 0:
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x5, 0x9, 0x2, 0x1, 0x4})
ioctl$TCGETS(0xffffffffffffffff, 0x5401, &(0x7f0000000040))
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000080)=0x1459)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x145)
ioctl$TCSBRKP(r0, 0x5425, 0x3)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r1=>r0, {0x9, 0x3712d73b}}, './file0\x00'})
ioctl$TIOCL_SETVESABLANK(r1, 0x541c, &(0x7f0000000140))
r2 = syz_open_dev$vcsa(&(0x7f0000000180), 0xfff, 0x20000)
readv(r2, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/224, 0xe0}, {&(0x7f00000002c0)=""/2, 0x2}, {&(0x7f0000000300)=""/19, 0x13}, {&(0x7f0000000340)=""/39, 0x27}, {&(0x7f0000000380)=""/12, 0xc}], 0x5)
ioctl$KDENABIO(r0, 0x4b36)
ioctl$TIOCMIWAIT(0xffffffffffffffff, 0x545c, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000840)={0x3, 0x1, 0x5, 0x11, 0x14d, &(0x7f0000000440)})
r3 = syz_open_pts(r1, 0x36000)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000880)={0x2, {0x2, 0x1, 0x7f, 0xffa6, 0x9, 0x5}})
r4 = syz_mount_image$iso9660(&(0x7f00000008c0), &(0x7f0000000900)='./file0\x00', 0x9, 0x2, &(0x7f0000000b00)=[{&(0x7f0000000940)="96eec71bae70e026e55bda3fd8fdde524b6d384e71f9a1c407014786bbbc597fae97060bbb6095fd4a5aaea019694a5d03f9e38e731a125ee048980516d0b72dae23548962f88553e37bf0f7ab4bc9913161f42181beb04f68ea0ecbd256d1cce744a2276f631de0b467f3679860991fbecf654d9654d195e4b90d1ccf2931007adf6ec9fcfb3d37210f24", 0x8b, 0xffff}, {&(0x7f0000000a00)="467a59b227ed4910eefb500ee1abfb30ffda76705f89b88ab4a98cf6a58d410482abe5bcb81476be8ef6ca0f719afa04d525dbdc410dacca3d918c10914ed57944045d0926509cd997d0411592b35496fe44701624a23fd9b3ad7f6e5e410aa691151c31108e1e922b54b5703c3415bdaf5b59b4b3b47dc117e69c39ffc86f294372a1ff9fb6980f4e0f0ece1bd1a7743d3bad422cba0a4ea4c5154083580e9cb5861b1d176f384cba5c48abd412a24db5e73d36c8aeac3e9f9c3a25914b013d06d1c7ac0bf29dbd476af22cd02950cb621f38756f75a64c5172487b238942f5cfec", 0xe2, 0x20}], 0x80061, &(0x7f0000000b40)={[{@session={'session', 0x3d, 0x38}}], [{@pcr={'pcr', 0x3d, 0x3e}}, {@fowner_lt={'fowner<', 0xffffffffffffffff}}, {@dont_hash}, {@seclabel}]})
write$binfmt_aout(r4, &(0x7f0000000bc0)={{0x0, 0x1f, 0x81, 0x166, 0xb, 0x2, 0x102, 0x7}, "77294ceb41b126b215787e79c0a4352290609c2a5521588b44bbbb303f2c140018f549103f0043252abf5d0d42c3550e0765af28cb141bb02602b7b1e699437907c7797ae0150c32273a3dda655b38bd60dfe96f535db48e139bf9d0049f0886d17b0dfe4929a58bdee8b55a3bf25a9221a9054cd982774af2f56402d6cff1d155d947de27d1145967afade6f7ac07e63175bb25bc3e9a0978c2c504e34077b6fc6108aaf1f7132995fd5664ea09775292302e3551bc1398866b80f070299689c7c76e813ce91162c45ee05adc35947fe1bfdbde48e4be991f31a2a2a8c1", ['\x00', '\x00', '\x00']}, 0x3fe)
ioctl$TIOCGRS485(r2, 0x542e, &(0x7f0000000fc0))
ioctl$KDSETLED(r0, 0x4b32, 0x3)
ioctl$TIOCL_SCROLLCONSOLE(r0, 0x541c, &(0x7f0000001000)={0xd, 0x5})
mknodat$loop(0xffffffffffffffff, &(0x7f0000001040)='./file0\x00', 0x8, 0x0)

07:51:07 executing program 1:
r0 = semget$private(0x0, 0x1, 0x708)
semctl$GETNCNT(r0, 0x0, 0xe, &(0x7f0000000000)=""/79)
r1 = semget(0x0, 0x0, 0x129)
semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x3f])
semtimedop(r0, &(0x7f00000000c0)=[{0x1, 0x9}], 0x1, &(0x7f0000000100)={0x0, 0x989680})
r2 = semget$private(0x0, 0x1, 0x10)
semctl$SEM_INFO(r2, 0x0, 0x13, &(0x7f0000000140)=""/228)
r3 = semget(0x0, 0x1, 0x105)
semtimedop(r3, &(0x7f0000000240)=[{0x2, 0x6, 0x800}, {0x0, 0x400, 0x1c00}, {0x0, 0x5, 0x800}, {0x3, 0x1}, {0x4, 0x4}, {0x4, 0x3ff, 0x2800}, {0x0, 0x40, 0x1800}], 0x7, &(0x7f0000000280)={0x77359400})
semctl$SEM_INFO(0x0, 0x0, 0x13, &(0x7f00000002c0)=""/75)
semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000340)=""/101)
semctl$GETVAL(r3, 0x4, 0xc, &(0x7f00000003c0)=""/4096)
semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f00000013c0)=""/48)
semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000001400)=[0x8])
semtimedop(r3, &(0x7f0000001440)=[{0x3, 0x8000}, {0x2, 0x0, 0x800}, {0x4, 0x6, 0x800}, {0x4, 0x101}], 0x4, &(0x7f0000001480)={0x77359400})
semctl$SEM_INFO(r3, 0x0, 0x13, &(0x7f00000014c0)=""/33)
semctl$SEM_INFO(0x0, 0x3, 0x13, &(0x7f0000001500)=""/141)
semtimedop(r0, &(0x7f00000015c0)=[{0x1, 0x8, 0x800}, {0x3, 0x100, 0x3800}, {0x0, 0x6, 0x1800}, {0x1, 0x0, 0x1000}, {0x0, 0x8}, {0x1}, {0x2, 0x0, 0x1800}, {0x2, 0x3, 0x800}, {0x3, 0x2, 0x1000}, {0x3, 0x0, 0x1000}], 0xa, &(0x7f0000001600))
semtimedop(0xffffffffffffffff, &(0x7f0000001640)=[{0x1, 0x101, 0x1000}, {0x4, 0x1000, 0x800}, {0x1, 0x3}, {0x4, 0x7}, {0x3, 0x6, 0x1000}], 0x5, &(0x7f0000001680))
semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f00000016c0)=""/60)

07:51:07 executing program 2:
r0 = accept(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast1}}, &(0x7f0000000080)=0x80)
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x8, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40840}, 0x4)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200), 0x80000, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r1, 0xfffffffffffffffe, 0x4040000)
statx(r1, &(0x7f0000000240)='./file0\x00', 0x3400, 0x100, &(0x7f0000000280))
write$vga_arbiter(r1, &(0x7f0000000380)=@unlock_all, 0xb)
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f00000003c0), 0x456943, 0x0)
sendmsg$NL80211_CMD_TESTMODE(r2, &(0x7f00000007c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x24420002}, 0xc, &(0x7f0000000780)={&(0x7f0000000440)={0x328, 0x0, 0x20, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x7a}}}}, [@NL80211_ATTR_TESTDATA={0xee, 0x45, "1754a043a8eeb11cff45370d970b7fba56782582b830d8063e555d4df922b4c4d7e0d82e4c6439f54639fb0d2a2b08414015754601c79fe4f79b0b8d276fa1d273bf83b5511bc3c1cb5d222bf901dd26590cff06b4a44217eae31d3d5829e1d030f7dd32a0143a383b5d0e0af374175f719129edb9bf76f1eb3fa381f8dc67d561ce1d4dc712b3e1ec0e7cb6805118ddabb65eaabf0eb869ace1ce1f0980ac8a0b59da34d4fd05ca710abff09e2fafa6879e81cda39662ceff17fea2767d43bbf6ea50a8d02a1fa71ac1717eb5916f53c0a18993313eca7d3b967a44d27168ad5f42380679a47c95d6e0"}, @NL80211_ATTR_TESTDATA={0x57, 0x45, "1298a9441d764098053724ce76cb2f7cca8a6a81a708527975fcf8fcd03a1ae9ae5e12523ed6ae02c49e10ecdf167f7ee291f875d5a0e6f3f937c10a963ce8ceffb8c0bd5eb87417606a31d89d997991ec2bfc"}, @NL80211_ATTR_TESTDATA={0xea, 0x45, "3746fbe19f2b39140509b779f5f25f1b8840964d36369dd3473c4e4493da14c9f22576956886cc27c7ec26f8a1f5c5e0fb89516a132252856b2b891a3f3f64cae1a1bd8514f7bdfcbad91dd61030288a5efb83c892be910534f68fae156b8a46034d7967c2803e7d98d7c80857a0aa74fe1bbdc3f0e89fbd62d80050966bb045ac2e911c0b171dda201dcbc1ddf3c0ea52eb6ee7826378ccda83b406f72386fb29dbaf54ee2b3d5b69572a9bdaca7c91ecc4e3e954b6fc1d48ee125e31eac0538e3923f1c72ab8de12ba8c36856008d3831c1d8c400d15bff781b56b758192d3f85cad87e16f"}, @NL80211_ATTR_TESTDATA={0xca, 0x45, "5db943937f311928bc49c96a499fe2ac3b2e30a9b997507c6bcedb9eb225947d7a938f050e0d6dd1d389428eb448b1a62b11f2a45396d8a2ccf18c15f8c9f47f1c99196a26401f984a2c5dadfff6388a32973cfedb08b47c72546367fbb22d51ba233700d66ec92c26e66a7c806f2a389ad2fc86ad89f484a5b9189e043aaa33f02c566e6441a5a24893b0365bca78dc428fdb0882080e31db505930e65092c0c68857efe82d276d84e179ecf76de4de74bedfce66096cbf00600f2f2a8543c3bf61d067ca49"}]}, 0x328}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
mount$cgroup(0x0, &(0x7f0000000800)='./file0\x00', &(0x7f0000000840), 0x0, &(0x7f0000000880)={[{@xattr}, {@subsystem='memory'}], [{@mask={'mask', 0x3d, 'MAY_READ'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@fsname={'fsname', 0x3d, '-!\'\\^'}}]})
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f00000008c0)={0xe6, 0x6})
ioctl$VT_RELDISP(r2, 0x5605)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x24, 0x0, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x84)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000a00)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x401)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000a80), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x1c, r3, 0x800, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x8000)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000bc0), r0)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000cc0)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x74, r4, 0x0, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x80, 0x5}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "febf857ce8db0da607e62da55025ecee"}, @NL80211_ATTR_PMK={0x14, 0xfe, "d44664c6ab21966a52fed8c78ca81c98"}, @NL80211_ATTR_PMK={0x14, 0xfe, "73fc09e701ceec62c7585ed1714f0b9d"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000d80)=@IORING_OP_CONNECT={0x10, 0x3, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000d00)=@tipc=@name={0x1e, 0x2, 0x1, {{0x42, 0x1}}}, 0x0, 0x0, 0x0, {0x0, r5}}, 0xf2)
utimensat(r2, &(0x7f0000000dc0)='./file1\x00', &(0x7f0000000e00)={{0x77359400}, {0x77359400}}, 0x0)

07:51:07 executing program 3:
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0xc, 0x6, 0x101, 0x0, 0x0, {0xc, 0x0, 0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x890}, 0x4001)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140), 0xc, &(0x7f0000000440)={&(0x7f0000000180)={0x2b0, 0x10, 0xa, 0x801, 0x70bd29, 0x25dfdbfb, {0xa, 0x0, 0x4}, [@typed={0x4, 0x89}, @nested={0x296, 0x1a, 0x0, 0x1, [@typed={0x14, 0x40, 0x0, 0x0, @ipv6=@private1}, @generic="a3180b35239b3c490467d6fa0676cdf3b22073217f9f38b829a5848ac56257ecf11a1178908b23e8a22950dd6d8d521d7c6092e3d08705188f5363284e8c5ca991eda7b65273f56fe4bcad8a2ab93b16847477d313e1bdcc721b8c42f5f91d18a24f3d1dcf9eec02aac0d6c72053f0ab0ec6d5b3eaac2730a12cada4671f37aa358ae93050695d105b76d69ec9b9bb376236717b877fc6e6cf84d1428e107c2817ae78acb0c3866a0cf1f002aa9ed353f775f633bcc539a41535ff92a16d13ff8d597e50970a125a252bbb2c4b47f1f60187cac92c72deacc6436c0d84ed328d417b829d", @generic="8c7d3cf22a4d7ad86a617c75a4dde779904116646120dcf4907faf485319a7d825c0e2725d166a080c7870c5b30d09a95d1ea2af8d84a503ae7ef2b6f7f5915c7eba4248063b3310c92962dce9bc3e0e07efb7d4a65fdd175b4b0d890444b344e0e1f9f37164815f5b7c96b6ca216857ac222d481839653662ee5d3a2c740abd244d06803ee15c55071431ba9eab5c", @generic="fe8fcd190e0d48f71da64de06f2cf7c95801048d7356c1af5cfae6492ee25e25ceb8", @typed={0x4, 0x2f}, @generic="4e87114096b623d0bcdcb2bab55046f90c629b2479835ac23c8ae90de33958a8fc810fa61777b729795c7c851c424fe8070ffc4f7e2459b2bd6e1323608f665bd5ab5b5e13667cd6d6ddfb00d87198c7c9e4794897b8dc3686a79bd845a8a5fc38ea267f6a0c33fe56b11713613965ad2b69f438347d4bfff0e1f07049d6af7e844db1f13f89aeaabba7ee8401fd99e9ff71ce3d4a185095ec729bb87fba83e774c028901147fc5a69f8afa7d3631b9665027388ccd9655db15c13f9274e8e0658e883617fbacbadc3e7cad19045a03848462125a94b29cf44d6f073dcfc5a6b2c8aa98a01"]}]}, 0x2b0}, 0x1, 0x0, 0x0, 0x10}, 0x20004000)
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, 0x0, 0x4, 0x70bd2d, 0x25dfdbff, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x24000011}, 0x4001)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x2c, r0, 0x200, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x6, 0x71}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x20024824)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x7c, 0x0, 0x523, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '+\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @private=0xa010100}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040050)
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x24, 0x0, 0x8, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x1b}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @remote}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004010}, 0x20000810)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x4c, 0x0, 0x8, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_SECCTX={0x25, 0x7, 'system_u:object_r:init_exec_t:s0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000a80), r2)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000ac0), r3)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICLIST(r2, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x24, r4, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c40), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000d80)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000c80)={0x90, r5, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_RX={0x5}]}, 0x90}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x2c, r6, 0x2, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x28}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x1c, 0x0, 0x20, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48800}, 0x8004)

[   76.105841] audit: type=1400 audit(1664869867.400:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
07:51:07 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0\x00'})
ioctl$int_out(r0, 0x5466, &(0x7f0000000040))
write$P9_RREADDIR(r0, &(0x7f0000000080)={0x49, 0x29, 0x2, {0x8001, [{{0x2, 0x2, 0x8}, 0x7, 0x7, 0x7, './file1'}, {{0x4, 0x1, 0x8}, 0x9, 0x8, 0x7, './file0'}]}}, 0x49)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r1=>r0, {0x80000000}}, './file1\x00'})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x3}}, './file2\x00'})
fcntl$setflags(r1, 0x2, 0x1)
r2 = openat(r1, &(0x7f0000000180)='./file2/file0\x00', 0x80000, 0x82)
setxattr$security_selinux(&(0x7f00000001c0)='./file2\x00', &(0x7f0000000200), &(0x7f0000000240)='system_u:object_r:systemd_passwd_agent_exec_t:s0\x00', 0x31, 0x1)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/ext4', 0x200001, 0x9)
r4 = openat(r3, &(0x7f00000002c0)='./file2/file0\x00', 0x200000, 0x80)
fallocate(r0, 0x8, 0x0, 0x1)
getsockopt$inet_mreqn(r4, 0x0, 0x20, &(0x7f0000000300)={@empty, @empty, <r5=>0x0}, &(0x7f0000000340)=0xc)
mount$9p_xen(&(0x7f0000000380), &(0x7f00000003c0)='./file0/file0\x00', &(0x7f0000000400), 0x4808, &(0x7f0000000440)={'trans=xen,', {[{@cache_fscache}, {@privport}, {@uname={'uname', 0x3d, '}{(*'}}], [{@fowner_lt={'fowner<', 0xee00}}, {@measure}, {@smackfsdef={'smackfsdef', 0x3d, 'system_u:object_r:systemd_passwd_agent_exec_t:s0\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@context={'context', 0x3d, 'root'}}]}})
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000500)=0x91, 0x80d0)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000c00)={{{@in=@broadcast, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000d00)=0xe8)
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000580)='./file2/file0\x00', 0x6bb9, 0x9, &(0x7f0000000b00)=[{&(0x7f00000005c0)="f9c80b30636f656a225cf130da74e0de1e53deb27ae5f619d195e31ff8547fca5faff6fc484f4f01e0093bbfb5fcaa3fcaaea9efe9eda31045ec5d36730dea068367dc0d81b9fc3701100a33e94dc73a33545493b0448ef3b58810d1771c2411a2", 0x61, 0x7}, {&(0x7f0000000640)="c8a15811345f437bd2592b1816ccd16b7381552429a20f6bbd50874692b9c263dd35f862e0fa01764272e3e114c29526475d79a3a0fd817e284279d61084e63cb2ff546bc2db1882cab07087d7cb40088949853e5133d019336aa5291d9c8483e4d2b0dfb73a2f00c636e651d9169a9fac69ae691254c038d1441b842b77e8dde941f87b58eeaeb0c78aa9344b7bc41fccdafd1b18343101c8ffbb42ae83be98fd271eb1aa6e52e633cbe7f989fadbc93822620e3857284572", 0xb9, 0x80000000}, {&(0x7f0000000700)="691d39968a6c057c780ab5db8155b80c9ef0b46f7181f024cc61fe8a6efe979964c6b175f164d38ef9922cb3fb85aa2bf0a8e85dedd6a1f3c09d0db1a47b76c9809e159792c94a7fe65b414b5af7bfa555c2217d138ea3b37d583d48058a139ca204ff87f2637b3727c4", 0x6a, 0x80}, {&(0x7f0000000780)="05b707b60f3a374f9b0ab0445381c6134d9ec8526dfc562a17a21e93d1e929ffa919db788aa9e2919307eb94bf103247f2e40025", 0x34, 0x6}, {&(0x7f00000007c0)="8fe0e712be278fdded2c26b831882c6eed67d93fe495800b02e16d60737e4c5f36109b4d6ab77d65826334018113cdee8e8984b029f1fcda55fd597f3c8217262f3f2923082f0373d8bffeb2ccff13e7be1263609f3f4d4a9bdc4ce8eecda31c2f648656225ae9443481a196bd70172870f577d5cc5cdcc51e98c3", 0x7b, 0x5}, {&(0x7f0000000840)="db6d46e0d6eb2ddebf5d02921e1de29b5ccb1cc83b0c2980a63b8304ca751059e879f29562f278407b2eab904c3b00fb650bbfcbbddd3d4da36646e0594b7671d21512ea8d75ca5845a87e6e30f3336e490cd2fb3fea5c0aa3eb7bde8ec0395425f8e2385e40eac1e2d83c35d16abfebe21d884224eb34a4a2bfae62fe7a6ce9e33ad4575da150ad", 0x88, 0x1}, {&(0x7f0000000900)="8743c70cc09ed150d10d3b7bc6ae73cb660b7a3c6614a94d7cb87de559bbfe5f8b7b5e28833a4715f3ea0ccdc11b563813c8d5e4fa0b2f45fb26761cc006fcf9e01ee15d372fcaa9be10d8c9679ec0516d7c76b55f771f8fb661775fd6aa8d5d28dfde45d00ab1cedeb6ec118290e4036d108f0afd5ea5c5dada71dedeb2b831103a86db99c709b615d84858dd5b574044aa9422440eaeec10886d5e3a6e00e07a77210f7c01676ff14a300a2de50547", 0xb0, 0xfffffffffffffff9}, {&(0x7f00000009c0)="0aaf", 0x2, 0x1}, {&(0x7f0000000a00)="37838b034e6104c4ea725c79f3db1f2416316ac0d1e1de1da8b19c20590589b9f23b907501a8bfd01d2324972c911015ae039b9bd1c89eb2fddf08b4ec12160eede3c2c7bad9d9777101b1a2756b8dd30c77ccc4c854e18a085dd68677f2c74c2c1ec7db2f671749d2e29587774fcf48b47a07425eb3d1bfd57ba0d4adb015494610c7c8fa30796af1b71ab73c95dde0f2dd08ec151df6cf774260f5d58b282aac610b366a7a01fd17d4f6ac36e19ef9754a95c2358c1403e03800de711e6d871e3a8106d8b3a21e5a16f4f505e2f75a3342b5de0c9fc9b4c7a547", 0xdb, 0x69}], 0x1080, &(0x7f0000000d40)={[{@rodir}], [{@euid_eq={'euid', 0x3d, r7}}]})
openat(r4, &(0x7f0000000d80)='./file2\x00', 0x100, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000003bc0)={'team0\x00', <r8=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000003c80)={'syztnl2\x00', &(0x7f0000003c00)={'ip6tnl0\x00', <r9=>r5, 0x2f, 0x0, 0x1, 0xfffffff9, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8000, 0x1, 0xe, 0x3}})
sendmsg$TEAM_CMD_OPTIONS_GET(r4, &(0x7f0000008c40)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000008c00)={&(0x7f0000008640)={0x588, 0x0, 0x800, 0x70bd27, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r8}, {0x138, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r9}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f}}}]}}, {{0x8, 0x1, r6}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x401}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xb}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8}, {0x1b4, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r5}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000001}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r5}}}]}}, {{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7f5}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}]}, 0x588}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

07:51:07 executing program 5:
ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f0000000000)={0x2})
ioctl$GIO_UNIMAP(0xffffffffffffffff, 0x4b66, &(0x7f0000000080)={0x7, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}]})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000100)={0x0, 0x5, 0x8, 0x4, 0x3, 0x89d8})
execveat(r0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[&(0x7f0000000180)='[:.]&/*#((Y\r\x00'], &(0x7f00000003c0)=[&(0x7f0000000200)='%(\x00', &(0x7f0000000240)='\x00', &(0x7f0000000280)='%\x00', &(0x7f00000002c0)='\'$*\\\x00', &(0x7f0000000300)='\x00', &(0x7f0000000340)=')\x00', &(0x7f0000000380)='^(-\\\x00'], 0x100)
execveat(r0, &(0x7f0000000400)='./file0\x00', &(0x7f00000005c0)=[&(0x7f0000000440)=')\x00', &(0x7f0000000480)='$/(\x00', &(0x7f00000004c0)='\x85&.\x00', &(0x7f0000000500)='[:.]&/*#((Y\r\x00', &(0x7f0000000540)='%(\x00', &(0x7f0000000580)='\x00'], &(0x7f0000000640)=[&(0x7f0000000600)='],}/\x00'], 0x400)
ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000000a40)={{'\x00', 0x3}, {0x8}, 0x1, 0x0, 0x0, &(0x7f0000000680)='./file1\x00', &(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)="ad2c12d2f8411b440e4c2a3395119686611e36bb3a3d0bb250f8cde190c75c46d66704d91d1fc18d88c62bdcb3cbccb4383f53f9cf80468535ffec8565cf03d5c25a4e82b3a49bf98612fe2b22b6ae5d33cda6857a5bbf058c230caad6263805a523e045cc3457fa5cea4dfddc058f066f2c848c669a443214ee3366cb4cac1ac5aceabf3066e9459a0008a10230160f2c04dbcc865ab67d2668a37a77f7497aca1d50eb674729c63b4da22e0a0ef5ff6e788de930ed38afe0b1f716ee5b3869ee09036b4e74ca35e0a62811dd19b66409400df74b8896e0ab29aea2dfd89399765f86db8d087b1898fa308c273ee4e1a699c186501da24cbd40b79e647b5b882f289014e10bcbdc59013a4036e95b1061a390a24530729b8298740b72e081d2f23b8aa85f885fa0b2c5a9916c25f4206492dfd71ea0af5f", 0x138, 0x0, &(0x7f0000000840)={0x2, 0x172, {0x0, 0xc, 0x9e, "9a6306f02783f7bf27a1c3f2e0015f503edbe2ff460f0bbe5b6b3d8789d18e7f436de84aa3e219d9c23c1c1e4df9b4badb5b5c80fcd9d435d65b11daa37685d7bdc259bbd7ba68378a3332cc78b5878267137bec970bacc957950c4d8c92cdec79211ff05ca9db228679d395fdcbee04c80eb7ae279cc85602b2530c8aa70dabed09e11e19c32ddbd80ea04dd738b6bf7beddd407f1dc1b53fde20b6ff1a", 0xc7, "0b43af1cb92dbf4ed4549ee4116f2c7c062c2c0266e6a60ed77ed956ba312b3befc3305fc73c31da2f1f1d0063714cfc730eb7e7b774cdf5d364dc299e477bec7345e86697994c266ead7c18a96f3cc8783fd1696d850ce28d84b5f1ca24ea3c8a10054976b342c525b6c0bbbe58b4a5e4802dcf7eaf6b746f122104452dd691fe6aeeb4f8882b50cca796701d9b6814e061a4a485e0edcc29ba0afdae1556fa914360359e1b9a62bd9c86ee8d6f423a10fc16538b5801ed6d8a1fb73147b95c45c262fd9f3ca7"}, 0x4f, "6993387042412b1f47c8a56bb869e0afaa857e6b2404f4a9ebeefd7a5bf4c2b3ecff51e98f37141b198d6e85b3085fefc742071824e5d08427d79d71e507065040e7c2b9303083f30f1f7ca314e33d"}, 0x1cd})
r1 = openat(0xffffffffffffffff, &(0x7f0000000ac0)='./file0\x00', 0x40, 0x0)
execveat(r1, &(0x7f0000000b00)='./file0\x00', &(0x7f0000000c80)=[&(0x7f0000000b40)='\x85&.\x00', &(0x7f0000000b80)='{\x00', &(0x7f0000000bc0)='#\\\x00', &(0x7f0000000c00)='\'$*\\\x00', &(0x7f0000000c40)='}\x00'], &(0x7f0000000f00)=[&(0x7f0000000cc0)='\x00', &(0x7f0000000d00)='%(\x00', &(0x7f0000000d40)='-\x00', &(0x7f0000000d80)='[:.]&/*#((Y\r\x00', &(0x7f0000000dc0)='\x00', &(0x7f0000000e00)='\x19&\x00', &(0x7f0000000e40)='\\\x00', &(0x7f0000000e80)='%\x00', &(0x7f0000000ec0)='%\x00'], 0x800)
r2 = open(&(0x7f0000000f80)='./file1\x00', 0x10040, 0x2)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000fc0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x88}}, './file1/file0\x00'})
chmod(&(0x7f0000001000)='./file1/file0\x00', 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000001040)='fdinfo/4\x00')
ioctl$KDSIGACCEPT(r3, 0x4b4e, 0x38)
r4 = signalfd(r1, &(0x7f0000001080)={[0x10001]}, 0x8)
r5 = creat(&(0x7f00000010c0)='./file0\x00', 0x4)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc0189379, &(0x7f0000001100)={{0x1, 0x1, 0x18, <r6=>r5}, './file1/file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r4, 0xc0189377, &(0x7f0000001140)={{0x1, 0x1, 0x18, <r7=>r6, {0x2, 0xfffffff9}}, './file1/file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r7, 0xc0189373, &(0x7f0000001180)={{0x1, 0x1, 0x18, r6, {0xf7ef}}, './file1/file0\x00'})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001580)={&(0x7f0000001200)=@file={0x0, './file1/file0\x00'}, 0x6e, &(0x7f0000001440)=[{&(0x7f0000001280)="6e7514348b8669ddbc904df05c2fee6da57f25a3c9bd9140f7e07ee1f6308c087b7f0a23a6cf0c0c706e04816f7c6d8f24ff08026bda2c939d85d8a353de6f734544f98f148299c7cb6e85aea066d2cf6b36274b8cf4c8b57e7f4eacab9aeba9b71cfb2cda07932a464f6a744f7dc5111fc59579d88559d110f0cd1334e02fbf54109487646c99eb9604f0b1b5955367f8d9f25ecbe56bed42f7873bb036c22d8f21966227dbba3138fbc7aba8fd0eb8", 0xb0}, {&(0x7f0000001340)="e53cac174c7650bae727c977e8ce1b6f23af3b0a0771b14e67a5b454130aaa77f1edc860be2ada581db2d8c40276fdec0f46fcb4ab50c4fdc82e95feb695b23bf16cb86b338e5fe6143bc73d19e83fb76da3fd4cffa8f5b7ff1fee1b3be782912ec2f90c1de61c8014326348125276034d7b662f7648fd30bec8b8e9bc39fe721a42227321f0aee3417988d87648cb462c7f8344d9a40acefdc55c3e389b70ee61df", 0xa2}, {&(0x7f0000001400)}], 0x3, &(0x7f0000001500)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01, 0xffffffffffffffff}}}, @rights={{0x30, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, r2, r5, 0xffffffffffffffff]}}], 0x50, 0x40080c0}, 0x0)

07:51:07 executing program 6:
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xe4, 0x0, 0x9, 0x401, 0x0, 0x0, {0xa}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFCTH_STATUS={0x8}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x49}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_STATUS={0x8}, @NFCTH_TUPLE={0x74, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @rand_addr=0x64010102}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @NFCTH_TUPLE={0x34, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010101}, {0x8, 0x2, @rand_addr=0x64010102}}}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x4004012}, 0x40080c0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x602083, 0x0)
r1 = fcntl$dupfd(r0, 0x406, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r2=>r1, {0xee01, 0xee01}}, './file0\x00'})
sendmsg$NL80211_CMD_STOP_AP(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, 0x0, 0xc00, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0xfff, 0x5f}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000010}, 0x81)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x68, r3, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_SHORT_ADDR={0x6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa2}, @NL802154_ATTR_SHORT_ADDR={0x6}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xfffe}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xffff}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000004}, 0x6004c040)
r4 = dup(r2)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r4, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x9}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}]}, 0x2c}}, 0x8000)
r5 = openat$incfs(r1, &(0x7f00000005c0)='.pending_reads\x00', 0x14000, 0x2)
sendmsg$SEG6_CMD_GET_TUNSRC(r5, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x54, 0x0, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x50}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x80000001}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x81}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xfa}]}, 0x54}, 0x1, 0x0, 0x0, 0xc000}, 0x20040010)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x2)
fcntl$dupfd(r6, 0x406, r4)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x54, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x0, 0x54}}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8001}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x61f28890}], @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x10814}, 0x40041)
readv(0xffffffffffffffff, &(0x7f0000000a40)=[{&(0x7f0000000880)=""/107, 0x6b}, {&(0x7f0000000900)=""/144, 0x90}, {&(0x7f00000009c0)=""/43, 0x2b}, {&(0x7f0000000a00)=""/6, 0x6}], 0x4)
fsetxattr$trusted_overlay_opaque(r4, &(0x7f0000000a80), &(0x7f0000000ac0), 0x2, 0x1)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000b00))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_LINK_GET(r7, &(0x7f0000000e00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000b80)={0x210, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1c0000}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x20}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xd1c}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_LINK={0x104, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6df}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1dc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6b12f039}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff0001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_SOCK={0x7c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x101}]}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1fc00}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xf09b}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x100}]}, @TIPC_NLA_SOCK={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8000}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x65f}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8}]}]}]}, 0x210}, 0x1, 0x0, 0x0, 0x4000015}, 0x20040000)
ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000e80)={0x2, 0x7, 0x601c852a, 0xe77, 0x10, "4c1c19b5e0862bc8b0764720e417771ce373bf"})

07:51:07 executing program 7:
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:hald_cache_t:s0\x00'}]}, 0x44}}, 0x40)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NET_DM_CMD_STOP(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {}, ["", ""]}, 0x14}}, 0x4000856)
r1 = syz_open_dev$mouse(&(0x7f0000000240), 0x1000, 0x2)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x8000}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x20}, @SEG6_ATTR_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40885}, 0x0)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x0, 0x410, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x80000000}]}, 0x1c}, 0x1, 0x0, 0x0, 0x41000}, 0x800)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, 0x6, 0x1, 0x301, 0x0, 0x0, {0x3, 0x0, 0x7}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c084)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000005c0), r0)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x20, r2, 0xc00, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000804}, 0x80400)
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x50, 0x1, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x20004011}, 0x800)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000840)={'wpan1\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000880)={'wpan0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000008c0)={'wpan0\x00', <r6=>0x0})
sendmsg$IEEE802154_LLSEC_GETPARAMS(r3, &(0x7f00000009c0)={&(0x7f0000000800), 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x50, 0x0, 0x320, 0x70bd2b, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}]}, 0x50}, 0x1, 0x0, 0x0, 0x20008800}, 0x20000051)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x34, 0x0, 0x4, 0x70bd2b, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x34}}, 0x20008810)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b40), r3)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x24, r7, 0x0, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x804)
sendmsg$IEEE802154_ASSOCIATE_REQ(r3, &(0x7f0000000d00)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x1c, 0x0, 0x380, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x10}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x15)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000d40)={'wpan1\x00'})

[   77.339501] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   77.341543] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   77.342910] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.344176] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   77.348217] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   77.349581] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   77.350700] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   77.351749] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.353683] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   77.358055] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   77.360254] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.362190] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   77.363502] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.369062] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   77.381099] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   77.382383] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.386146] Bluetooth: hci1: HCI_REQ-0x0c1a
[   77.386950] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   77.388583] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   77.390410] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   77.397861] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   77.398184] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.399718] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   77.402406] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   77.402544] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   77.407405] Bluetooth: hci2: HCI_REQ-0x0c1a
[   77.409541] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.409666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.414113] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.415645] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.417218] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.421834] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   77.423012] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   77.423962] Bluetooth: hci0: HCI_REQ-0x0c1a
[   77.427010] Bluetooth: hci3: HCI_REQ-0x0c1a
[   77.447045] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   77.449341] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   77.449975] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   77.452143] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   77.453694] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   77.454050] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   77.456353] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   77.459112] Bluetooth: hci5: HCI_REQ-0x0c1a
[   77.459376] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   77.463430] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   77.464987] Bluetooth: hci6: HCI_REQ-0x0c1a
[   77.466402] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   77.469876] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   77.479063] Bluetooth: hci4: HCI_REQ-0x0c1a
[   77.530547] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   77.532451] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   77.534103] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   77.537380] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   77.539270] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   77.540852] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   77.545394] Bluetooth: hci7: HCI_REQ-0x0c1a
[   79.414202] Bluetooth: hci1: command 0x0409 tx timeout
[   79.414226] Bluetooth: hci2: command 0x0409 tx timeout
[   79.477723] Bluetooth: hci5: command 0x0409 tx timeout
[   79.478513] Bluetooth: hci6: command 0x0409 tx timeout
[   79.479269] Bluetooth: hci0: command 0x0409 tx timeout
[   79.479993] Bluetooth: hci3: command 0x0409 tx timeout
[   79.542017] Bluetooth: hci4: command 0x0409 tx timeout
[   79.637481] Bluetooth: hci7: command 0x0409 tx timeout
[   81.461777] Bluetooth: hci1: command 0x041b tx timeout
[   81.462232] Bluetooth: hci2: command 0x041b tx timeout
[   81.525716] Bluetooth: hci3: command 0x041b tx timeout
[   81.526146] Bluetooth: hci0: command 0x041b tx timeout
[   81.526553] Bluetooth: hci6: command 0x041b tx timeout
[   81.526999] Bluetooth: hci5: command 0x041b tx timeout
[   81.589663] Bluetooth: hci4: command 0x041b tx timeout
[   81.653712] Bluetooth: hci7: command 0x041b tx timeout
[   83.509671] Bluetooth: hci2: command 0x040f tx timeout
[   83.510128] Bluetooth: hci1: command 0x040f tx timeout
[   83.573713] Bluetooth: hci5: command 0x040f tx timeout
[   83.574151] Bluetooth: hci6: command 0x040f tx timeout
[   83.574547] Bluetooth: hci0: command 0x040f tx timeout
[   83.575003] Bluetooth: hci3: command 0x040f tx timeout
[   83.637750] Bluetooth: hci4: command 0x040f tx timeout
[   83.701819] Bluetooth: hci7: command 0x040f tx timeout
[   85.557655] Bluetooth: hci1: command 0x0419 tx timeout
[   85.558063] Bluetooth: hci2: command 0x0419 tx timeout
[   85.621673] Bluetooth: hci3: command 0x0419 tx timeout
[   85.622087] Bluetooth: hci0: command 0x0419 tx timeout
[   85.622491] Bluetooth: hci6: command 0x0419 tx timeout
[   85.623355] Bluetooth: hci5: command 0x0419 tx timeout
[   85.685633] Bluetooth: hci4: command 0x0419 tx timeout
[   85.749646] Bluetooth: hci7: command 0x0419 tx timeout
07:52:06 executing program 7:
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f00000004c0)={0x59, 0x7d, 0x2, {{0x0, 0x40, 0x1, 0x1, {0x1, 0x0, 0x6}, 0x4040000, 0x1a809ffd, 0x10001, 0x1, 0x2, '-#', 0x6, '\x02\x02\x02\x02\x02\x02', 0x5, '%}%@:'}, 0x4, ':\'@*', 0xee01, 0xffffffffffffffff, 0xee00}}, 0x59)
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)={0x28, 0x0, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x79}}}}}, 0x28}}, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
syncfs(r2)
syz_io_uring_setup(0x46ac, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r5}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000001, 0x4010, r2, 0x10000000)
r7 = io_uring_setup(0x7c54, &(0x7f0000000140))
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0xa, 0x0, r8)
syz_io_uring_submit(r3, r6, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x4}, 0x1, {0x0, r8}}, 0x2)

[  135.636082] audit: type=1400 audit(1664869926.930:7): avc:  denied  { open } for  pid=3770 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  135.639975] audit: type=1400 audit(1664869926.931:8): avc:  denied  { kernel } for  pid=3770 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  135.662516] ------------[ cut here ]------------
[  135.662551] 
[  135.662556] ======================================================
[  135.662562] WARNING: possible circular locking dependency detected
[  135.662569] 6.0.0-rc7-next-20220930 #1 Not tainted
[  135.662581] ------------------------------------------------------
[  135.662587] syz-executor.7/3772 is trying to acquire lock:
[  135.662603] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  135.662676] 
[  135.662676] but task is already holding lock:
[  135.662681] ffff88800ed5c420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  135.662728] 
[  135.662728] which lock already depends on the new lock.
[  135.662728] 
[  135.662733] 
[  135.662733] the existing dependency chain (in reverse order) is:
[  135.662740] 
[  135.662740] -> #3 (&ctx->lock){....}-{2:2}:
[  135.662764]        _raw_spin_lock+0x2a/0x40
[  135.662785]        __perf_event_task_sched_out+0x53b/0x18d0
[  135.662805]        __schedule+0xedd/0x2470
[  135.662831]        schedule+0xda/0x1b0
[  135.662855]        futex_wait_queue+0xf5/0x1e0
[  135.662877]        futex_wait+0x28e/0x690
[  135.662895]        do_futex+0x2ff/0x380
[  135.662912]        __x64_sys_futex+0x1c6/0x4d0
[  135.662931]        do_syscall_64+0x3b/0x90
[  135.662970]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.662994] 
[  135.662994] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  135.663019]        _raw_spin_lock_nested+0x30/0x40
[  135.663038]        raw_spin_rq_lock_nested+0x1e/0x30
[  135.663061]        task_fork_fair+0x63/0x4d0
[  135.663091]        sched_cgroup_fork+0x3d0/0x540
[  135.663117]        copy_process+0x4183/0x6e20
[  135.663136]        kernel_clone+0xe7/0x890
[  135.663153]        user_mode_thread+0xad/0xf0
[  135.663172]        rest_init+0x24/0x250
[  135.663194]        arch_call_rest_init+0xf/0x14
[  135.663224]        start_kernel+0x4c6/0x4eb
[  135.663252]        secondary_startup_64_no_verify+0xe0/0xeb
[  135.663277] 
[  135.663277] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  135.663302]        _raw_spin_lock_irqsave+0x39/0x60
[  135.663322]        try_to_wake_up+0xab/0x1930
[  135.663346]        up+0x75/0xb0
[  135.663371]        __up_console_sem+0x6e/0x80
[  135.663400]        console_unlock+0x46a/0x590
[  135.663429]        do_con_write+0xc05/0x1d50
[  135.663447]        con_write+0x21/0x40
[  135.663464]        n_tty_write+0x4d4/0xfe0
[  135.663485]        file_tty_write.constprop.0+0x455/0x8a0
[  135.663506]        vfs_write+0x9c3/0xd90
[  135.663535]        ksys_write+0x127/0x250
[  135.663563]        do_syscall_64+0x3b/0x90
[  135.663593]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.663616] 
[  135.663616] -> #0 ((console_sem).lock){....}-{2:2}:
[  135.663641]        __lock_acquire+0x2a02/0x5e70
[  135.663672]        lock_acquire+0x1a2/0x530
[  135.663701]        _raw_spin_lock_irqsave+0x39/0x60
[  135.663720]        down_trylock+0xe/0x70
[  135.663747]        __down_trylock_console_sem+0x3b/0xd0
[  135.663777]        vprintk_emit+0x16b/0x560
[  135.663806]        vprintk+0x84/0xa0
[  135.663835]        _printk+0xba/0xf1
[  135.663855]        report_bug.cold+0x72/0xab
[  135.663884]        handle_bug+0x3c/0x70
[  135.663914]        exc_invalid_op+0x14/0x50
[  135.663945]        asm_exc_invalid_op+0x16/0x20
[  135.663967]        group_sched_out.part.0+0x2c7/0x460
[  135.664000]        ctx_sched_out+0x8f1/0xc10
[  135.664030]        __perf_event_task_sched_out+0x6d0/0x18d0
[  135.664050]        __schedule+0xedd/0x2470
[  135.664075]        schedule+0xda/0x1b0
[  135.664099]        futex_wait_queue+0xf5/0x1e0
[  135.664118]        futex_wait+0x28e/0x690
[  135.664137]        do_futex+0x2ff/0x380
[  135.664154]        __x64_sys_futex+0x1c6/0x4d0
[  135.664172]        do_syscall_64+0x3b/0x90
[  135.664203]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.664226] 
[  135.664226] other info that might help us debug this:
[  135.664226] 
[  135.664230] Chain exists of:
[  135.664230]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  135.664230] 
[  135.664258]  Possible unsafe locking scenario:
[  135.664258] 
[  135.664262]        CPU0                    CPU1
[  135.664266]        ----                    ----
[  135.664270]   lock(&ctx->lock);
[  135.664280]                                lock(&rq->__lock);
[  135.664292]                                lock(&ctx->lock);
[  135.664303]   lock((console_sem).lock);
[  135.664314] 
[  135.664314]  *** DEADLOCK ***
[  135.664314] 
[  135.664318] 2 locks held by syz-executor.7/3772:
[  135.664330]  #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  135.664384]  #1: ffff88800ed5c420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  135.664432] 
[  135.664432] stack backtrace:
[  135.664437] CPU: 1 PID: 3772 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  135.664461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  135.664476] Call Trace:
[  135.664483]  <TASK>
[  135.664490]  dump_stack_lvl+0x8b/0xb3
[  135.664524]  check_noncircular+0x263/0x2e0
[  135.664554]  ? format_decode+0x26c/0xb50
[  135.664583]  ? print_circular_bug+0x450/0x450
[  135.664615]  ? simple_strtoul+0x30/0x30
[  135.664644]  ? format_decode+0x26c/0xb50
[  135.664675]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  135.664708]  __lock_acquire+0x2a02/0x5e70
[  135.664747]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  135.664789]  lock_acquire+0x1a2/0x530
[  135.664819]  ? down_trylock+0xe/0x70
[  135.664851]  ? lock_release+0x750/0x750
[  135.664888]  ? vprintk+0x84/0xa0
[  135.664921]  _raw_spin_lock_irqsave+0x39/0x60
[  135.664942]  ? down_trylock+0xe/0x70
[  135.664971]  down_trylock+0xe/0x70
[  135.665000]  ? vprintk+0x84/0xa0
[  135.665031]  __down_trylock_console_sem+0x3b/0xd0
[  135.665066]  vprintk_emit+0x16b/0x560
[  135.665113]  vprintk+0x84/0xa0
[  135.665145]  _printk+0xba/0xf1
[  135.665166]  ? record_print_text.cold+0x16/0x16
[  135.665196]  ? report_bug.cold+0x66/0xab
[  135.665229]  ? group_sched_out.part.0+0x2c7/0x460
[  135.665262]  report_bug.cold+0x72/0xab
[  135.665297]  handle_bug+0x3c/0x70
[  135.665329]  exc_invalid_op+0x14/0x50
[  135.665362]  asm_exc_invalid_op+0x16/0x20
[  135.665385] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  135.665423] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  135.665443] RSP: 0018:ffff8880092b78f8 EFLAGS: 00010006
[  135.665460] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  135.665473] RDX: ffff88803e4f0000 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  135.665487] RBP: ffff88801d9b8000 R08: 0000000000000005 R09: 0000000000000001
[  135.665501] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800ed5c400
[  135.665515] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  135.665535]  ? group_sched_out.part.0+0x2c7/0x460
[  135.665572]  ? group_sched_out.part.0+0x2c7/0x460
[  135.665608]  ctx_sched_out+0x8f1/0xc10
[  135.665644]  __perf_event_task_sched_out+0x6d0/0x18d0
[  135.665670]  ? lock_is_held_type+0xd7/0x130
[  135.665696]  ? __perf_cgroup_move+0x160/0x160
[  135.665716]  ? set_next_entity+0x304/0x550
[  135.665752]  ? lock_is_held_type+0xd7/0x130
[  135.665778]  __schedule+0xedd/0x2470
[  135.665809]  ? io_schedule_timeout+0x150/0x150
[  135.665837]  ? futex_wait_setup+0x166/0x230
[  135.665864]  schedule+0xda/0x1b0
[  135.665892]  futex_wait_queue+0xf5/0x1e0
[  135.665915]  futex_wait+0x28e/0x690
[  135.665938]  ? futex_wait_setup+0x230/0x230
[  135.665963]  ? wake_up_q+0x8b/0xf0
[  135.665987]  ? do_raw_spin_unlock+0x4f/0x220
[  135.666022]  ? futex_wake+0x158/0x490
[  135.666052]  ? fd_install+0x1f9/0x640
[  135.666079]  do_futex+0x2ff/0x380
[  135.666100]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  135.666130]  __x64_sys_futex+0x1c6/0x4d0
[  135.666154]  ? __x64_sys_futex_time32+0x480/0x480
[  135.666178]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.666204]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.666232]  do_syscall_64+0x3b/0x90
[  135.666265]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.666289] RIP: 0033:0x7fce507c9b19
[  135.666304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.666324] RSP: 002b:00007fce4dd3f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  135.666344] RAX: ffffffffffffffda RBX: 00007fce508dcf68 RCX: 00007fce507c9b19
[  135.666358] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fce508dcf68
[  135.666371] RBP: 00007fce508dcf60 R08: 0000000000000000 R09: 0000000000000000
[  135.666384] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fce508dcf6c
[  135.666397] R13: 00007fff034c80bf R14: 00007fce4dd3f300 R15: 0000000000022000
[  135.666421]  </TASK>
[  135.776658] WARNING: CPU: 1 PID: 3772 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  135.778019] Modules linked in:
[  135.778504] CPU: 1 PID: 3772 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  135.779722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  135.781343] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  135.782150] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  135.784858] RSP: 0018:ffff8880092b78f8 EFLAGS: 00010006
[  135.785644] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  135.786583] RDX: ffff88803e4f0000 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  135.787510] RBP: ffff88801d9b8000 R08: 0000000000000005 R09: 0000000000000001
[  135.788420] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff88800ed5c400
[  135.789337] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002
[  135.790260] FS:  00007fce4dd3f700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  135.791299] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  135.792052] CR2: 00007fa256490368 CR3: 000000003ee66000 CR4: 0000000000350ee0
[  135.792973] Call Trace:
[  135.793323]  <TASK>
[  135.793634]  ctx_sched_out+0x8f1/0xc10
[  135.794209]  __perf_event_task_sched_out+0x6d0/0x18d0
[  135.794982]  ? lock_is_held_type+0xd7/0x130
[  135.795629]  ? __perf_cgroup_move+0x160/0x160
[  135.796279]  ? set_next_entity+0x304/0x550
[  135.796912]  ? lock_is_held_type+0xd7/0x130
[  135.797575]  __schedule+0xedd/0x2470
[  135.798163]  ? io_schedule_timeout+0x150/0x150
[  135.798828]  ? futex_wait_setup+0x166/0x230
[  135.799461]  schedule+0xda/0x1b0
[  135.799972]  futex_wait_queue+0xf5/0x1e0
[  135.800561]  futex_wait+0x28e/0x690
[  135.801091]  ? futex_wait_setup+0x230/0x230
[  135.801715]  ? wake_up_q+0x8b/0xf0
[  135.802243]  ? do_raw_spin_unlock+0x4f/0x220
[  135.802894]  ? futex_wake+0x158/0x490
[  135.803454]  ? fd_install+0x1f9/0x640
[  135.804013]  do_futex+0x2ff/0x380
[  135.804543]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  135.805372]  __x64_sys_futex+0x1c6/0x4d0
[  135.805979]  ? __x64_sys_futex_time32+0x480/0x480
[  135.806730]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.807536]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.808313]  do_syscall_64+0x3b/0x90
[  135.808881]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.809650] RIP: 0033:0x7fce507c9b19
[  135.810195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.812842] RSP: 002b:00007fce4dd3f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  135.813917] RAX: ffffffffffffffda RBX: 00007fce508dcf68 RCX: 00007fce507c9b19
[  135.814950] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fce508dcf68
[  135.816019] RBP: 00007fce508dcf60 R08: 0000000000000000 R09: 0000000000000000
[  135.817099] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fce508dcf6c
[  135.818149] R13: 00007fff034c80bf R14: 00007fce4dd3f300 R15: 0000000000022000
[  135.819234]  </TASK>
[  135.819595] irq event stamp: 882
[  135.820095] hardirqs last  enabled at (881): [<ffffffff8425379d>] syscall_enter_from_user_mode+0x1d/0x50
[  135.821500] hardirqs last disabled at (882): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  135.822731] softirqs last  enabled at (616): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  135.823994] softirqs last disabled at (551): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  135.825218] ---[ end trace 0000000000000000 ]---
[  136.234609] hrtimer: interrupt took 18835 ns
07:52:07 executing program 7:
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r0=>0x0})
r1 = syz_open_procfs(r0, &(0x7f0000000000)='timers\x00')
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x80, 0x6, 0x3, 0x5}, {0x7e, 0x7, 0x20, 0x1}, {0x7, 0x4, 0xfe}, {0x2, 0x1, 0x9, 0x1}, {0x5, 0x97, 0x3, 0x1}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r5=>r4, {r2}}, './file0\x00'})
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f00000001c0)={0x2, &(0x7f0000000180)=[{0x40, 0x6, 0xf6, 0x4}, {0x695e, 0x9, 0x54, 0x3f}]}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0xffffffff}, 0x14)
dup2(r3, r4)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
pwrite64(r6, &(0x7f0000000080)="4e13648c036c808741572fafccaae6f391aff1bfee0502a0cba246", 0x1b, 0x5)

07:52:07 executing program 7:
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000880)={0x1f, 0xffc0}, 0xe)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000880)={0x1f, 0xffc0}, 0xe)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[@ANYRESDEC=r4, @ANYRES16=r0, @ANYRESOCT=r1, @ANYRESOCT, @ANYRES16=r3, @ANYRES64=r1, @ANYRESDEC=r2, @ANYRES32=r1, @ANYRESOCT=r3])
chdir(&(0x7f0000000140)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x6)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r5, 0x29, 0x41, &(0x7f0000000480)=ANY=[@ANYBLOB="73656375726974790000000000000000000000000000000000000000000000008400000021ef943e8a51e34d2096116b488acbe55abc2f2b77e3c2849368e6bcdad76c6b54141d1ac9d6be3bbedee565f18adc82fd1c23c00451d5cbcfd926cd66163ef92937c3d17f1cbad2bc158bf6e1a963d1bb9b92870397ec8ff2649aae3e11d11c4c59183c669b089441003d6659a970beff638ad65cca36a314104fae6abfa2b6eef2fc5218a3416fc5a1c100e36b09f1704d06e8ddee96bf979e4e2e228bad12ea297d46f2eec3d612c950c3e3baf9eee794beaf5aa9afbc00992cd3b915a6f23ce80ed6062b3e0d3be22e2f044c9fb674589c9241a8bc1bc69cd2c7da9e6f5b17b1528c89b4c2f5e9b06e6dd06f281d9d1990ad73000000ffffffffffff6efd89c62142d7541f5ffed8da447a305c9a46941ad7056dfb476070fdc133ed75fe7b69ad9a8514b92764d9e2d2e618dd31750000"], &(0x7f0000000240)=0xa8)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000880)={0x1f, 0xffc0}, 0xe)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fallocate(0xffffffffffffffff, 0x4c, 0x2, 0x1)
fallocate(r6, 0x0, 0x0, 0x8800000)
openat(r6, &(0x7f0000000080)='./file0\x00', 0x64000, 0x0)

[  136.658146] FAT-fs (loop7): Unrecognized mount option "00000000000000000008" or missing value
[  136.918707] FAT-fs (loop7): Unrecognized mount option "00000000000000000007" or missing value
[  137.012577] syz-executor.1 (298) used greatest stack depth: 24480 bytes left
07:52:08 executing program 7:
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000880)={0x1f, 0xffc0}, 0xe)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000880)={0x1f, 0xffc0}, 0xe)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[@ANYRESDEC=r4, @ANYRES16=r0, @ANYRESOCT=r1, @ANYRESOCT, @ANYRES16=r3, @ANYRES64=r1, @ANYRESDEC=r2, @ANYRES32=r1, @ANYRESOCT=r3])
chdir(&(0x7f0000000140)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x6)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r5, 0x29, 0x41, &(0x7f0000000480)=ANY=[@ANYBLOB="73656375726974790000000000000000000000000000000000000000000000008400000021ef943e8a51e34d2096116b488acbe55abc2f2b77e3c2849368e6bcdad76c6b54141d1ac9d6be3bbedee565f18adc82fd1c23c00451d5cbcfd926cd66163ef92937c3d17f1cbad2bc158bf6e1a963d1bb9b92870397ec8ff2649aae3e11d11c4c59183c669b089441003d6659a970beff638ad65cca36a314104fae6abfa2b6eef2fc5218a3416fc5a1c100e36b09f1704d06e8ddee96bf979e4e2e228bad12ea297d46f2eec3d612c950c3e3baf9eee794beaf5aa9afbc00992cd3b915a6f23ce80ed6062b3e0d3be22e2f044c9fb674589c9241a8bc1bc69cd2c7da9e6f5b17b1528c89b4c2f5e9b06e6dd06f281d9d1990ad73000000ffffffffffff6efd89c62142d7541f5ffed8da447a305c9a46941ad7056dfb476070fdc133ed75fe7b69ad9a8514b92764d9e2d2e618dd31750000"], &(0x7f0000000240)=0xa8)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000880)={0x1f, 0xffc0}, 0xe)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fallocate(0xffffffffffffffff, 0x4c, 0x2, 0x1)
fallocate(r6, 0x0, 0x0, 0x8800000)
openat(r6, &(0x7f0000000080)='./file0\x00', 0x64000, 0x0)

[  137.264834] FAT-fs (loop7): Unrecognized mount option "00000000000000000008" or missing value
07:52:08 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000)=@gcm_256={{}, "5138989efcc2101f", "d796701a21a4ef80bc8460da84b9b667b49116e85d74c10e26b6f67de9e637a1", "08a55b91"}, 0x38)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x4, &(0x7f0000000380)={0x0, {{0x2, 0x0, @multicast1}}}, 0x88)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000040)={0x3, [0x0, 0x0, 0x0]})

07:52:08 executing program 7:
ioperm(0x5, 0x8, 0x1)
ioperm(0xffffffffffffff01, 0x400, 0x8001)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0xffffffff}, 0x14)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0xffffffff}, 0x14)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000240))
setsockopt$sock_int(r1, 0x1, 0x2c, &(0x7f0000000200)=0x8, 0x4)
getpeername(r0, &(0x7f00000000c0)=@phonet, &(0x7f0000000140)=0x80)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, r2)
keyctl$update(0x2, r2, &(0x7f0000000080)='n', 0x1)
add_key$user(&(0x7f0000000000), &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000500)="ffffffffb1c48b88c9c61a8043ea0ad5661c10a26a5a41eac0c22f77f9a05a786ae97256af35bebf51d25f", 0x2b, r2)
fork()

07:52:08 executing program 7:
ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x6, 0x89})
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000001280))
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300))
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)=<r1=>0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r2, 0x80047213, &(0x7f00000004c0))
r3 = epoll_create(0x4)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r4, &(0x7f0000000140)={r3, 0xffffffffffffffff, 0x3d})
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560c, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = pidfd_open(r1, 0x0)
r7 = dup(r6)
kcmp(0x0, r1, 0x3, r7, 0xffffffffffffffff)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r5, 0xf505, 0x0)

[  137.477395] audit: type=1400 audit(1664869928.772:9): avc:  denied  { write } for  pid=3844 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
07:52:09 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x56ad, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000300))
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000140), 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
pidfd_open(0x0, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x6e, 0xa0, 0xfc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000009c0))
r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x4)
r1 = perf_event_open$cgroup(&(0x7f0000000500)={0x5, 0x80, 0x1, 0x2, 0xc1, 0xf9, 0x0, 0xd26, 0x4854d, 0x5, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000240), 0x2}, 0x42000, 0x200, 0x40, 0x0, 0x7fffffff, 0x8, 0x1, 0x0, 0x9}, r0, 0x10, 0xffffffffffffffff, 0xc)
fsync(r1)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000001, 0x8010, 0xffffffffffffffff, 0x10000000)
close(r0)
r2 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x1, 0x8, 0x6a, 0xfe, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfccec63, 0x4, @perf_config_ext={0x1, 0x8000}, 0x20, 0x0, 0x4, 0x3, 0x0, 0x6, 0xff, 0x0, 0x81, 0x0, 0x1}, 0xffffffffffffffff, 0x0, r2, 0x9)
syz_io_uring_setup(0x35a6, &(0x7f00000003c0)={0x0, 0x132c, 0x10, 0x2, 0x371}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))

[  138.190641] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  138.192173] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  138.193285] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  138.194335] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[  138.195543] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[  138.200207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.200807] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.201578] Buffer I/O error on dev sr0, logical block 0, async page read
[  138.204955] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.205467] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.206262] Buffer I/O error on dev sr0, logical block 1, async page read
[  138.207792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.208303] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.209157] Buffer I/O error on dev sr0, logical block 2, async page read
[  138.214357] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.214906] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.215845] Buffer I/O error on dev sr0, logical block 3, async page read
[  138.216892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.217395] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.218485] Buffer I/O error on dev sr0, logical block 4, async page read
[  138.254984] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.255802] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.256885] Buffer I/O error on dev sr0, logical block 5, async page read
[  138.327657] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.328396] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.329481] Buffer I/O error on dev sr0, logical block 6, async page read
[  138.384527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.385322] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.386439] Buffer I/O error on dev sr0, logical block 7, async page read
[  138.495251] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  138.496555] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  138.497530] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  138.498398] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[  138.499398] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[  138.501468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.501973] Buffer I/O error on dev sr0, logical block 0, async page read
[  138.503035] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.503447] Buffer I/O error on dev sr0, logical block 1, async page read
[  138.504176] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.505409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.506000] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.506608] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.507195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.507892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.508633] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.509225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.509852] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.510464] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.511069] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.511805] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.512372] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.512981] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.513646] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.514239] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.514824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.515413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.516029] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.516630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.517206] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.517825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.518445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.519025] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.519646] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.520224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.520805] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.521363] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.521992] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.522632] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.523259] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.523941] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.524542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.525719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.526408] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.527053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.527628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.528218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.528925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.529511] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.530099] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.531076] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.531545] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.532049] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.532516] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  138.533041] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  139.336052] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  139.337385] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  139.340043] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  139.343284] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  139.345451] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  139.346643] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  139.350722] Bluetooth: hci0: HCI_REQ-0x0c1a
[  139.384401] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  139.386398] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  139.389360] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  139.392332] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  139.394419] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  139.396224] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  139.399559] Bluetooth: hci1: HCI_REQ-0x0c1a
[  141.365654] Bluetooth: hci0: command 0x0409 tx timeout
[  141.429688] Bluetooth: hci1: command 0x0409 tx timeout
[  141.558095] Bluetooth: hci3: Opcode 0x c03 failed: -110
[  141.558741] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  141.621700] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  141.685626] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  141.686155] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  143.413630] Bluetooth: hci0: command 0x041b tx timeout
[  143.477636] Bluetooth: hci1: command 0x041b tx timeout
[  145.461629] Bluetooth: hci0: command 0x040f tx timeout
[  145.525741] Bluetooth: hci1: command 0x040f tx timeout

VM DIAGNOSIS:
07:52:07  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffffffff85452fc0 RCX=0000000000000000 RDX=000000000002b400
RSI=0000000000000008 RDI=ffffffff85453190 RBP=ffff888007c4f780 RSP=ffff8880175bf788
R8 =0000000000000000 R9 =ffffffff85b06ed7 R10=fffffbfff0b60dda R11=0000000000000001
R12=ffffffff8177fec7 R13=0000000000000200 R14=ffff88803e4f1ac0 R15=0000000000000000
RIP=ffffffff8130c21c RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000558bcf8e65d8 CR3=000000001a444000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000029 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff8880092b7340
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000029 R11=0000000000000001
R12=0000000000000029 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0
RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fce4dd3f700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa256490368 CR3=000000003ee66000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fce508b07c0 00007fce508b07c8
YMM02=0000000000000000 0000000000000000 00007fce508b07e0 00007fce508b07c0
YMM03=0000000000000000 0000000000000000 00007fce508b07c8 00007fce508b07c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000