syzkaller login: [   39.825947] sshd (237) used greatest stack depth: 24792 bytes left
Warning: Permanently added '[localhost]:42763' (ECDSA) to the list of known hosts.
2022/10/04 09:39:03 fuzzer started
2022/10/04 09:39:04 dialing manager at localhost:35095
[   47.096548] cgroup: Unknown subsys name 'net'
[   47.181630] cgroup: Unknown subsys name 'rlimit'
2022/10/04 09:39:19 syscalls: 2215
2022/10/04 09:39:19 code coverage: enabled
2022/10/04 09:39:19 comparison tracing: enabled
2022/10/04 09:39:19 extra coverage: enabled
2022/10/04 09:39:19 setuid sandbox: enabled
2022/10/04 09:39:19 namespace sandbox: enabled
2022/10/04 09:39:19 Android sandbox: enabled
2022/10/04 09:39:19 fault injection: enabled
2022/10/04 09:39:19 leak checking: enabled
2022/10/04 09:39:19 net packet injection: enabled
2022/10/04 09:39:19 net device setup: enabled
2022/10/04 09:39:19 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/10/04 09:39:19 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/10/04 09:39:19 USB emulation: enabled
2022/10/04 09:39:19 hci packet injection: enabled
2022/10/04 09:39:19 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930                                          )
2022/10/04 09:39:19 802.15.4 emulation: enabled
2022/10/04 09:39:19 fetching corpus: 50, signal 27053/28895 (executing program)
2022/10/04 09:39:19 fetching corpus: 100, signal 36976/40523 (executing program)
2022/10/04 09:39:19 fetching corpus: 150, signal 42843/48058 (executing program)
2022/10/04 09:39:19 fetching corpus: 200, signal 50206/56970 (executing program)
2022/10/04 09:39:19 fetching corpus: 250, signal 58112/66336 (executing program)
2022/10/04 09:39:19 fetching corpus: 300, signal 64155/73771 (executing program)
2022/10/04 09:39:20 fetching corpus: 350, signal 70930/81855 (executing program)
2022/10/04 09:39:20 fetching corpus: 400, signal 77409/89575 (executing program)
2022/10/04 09:39:20 fetching corpus: 450, signal 81709/95114 (executing program)
2022/10/04 09:39:20 fetching corpus: 500, signal 84903/99584 (executing program)
2022/10/04 09:39:20 fetching corpus: 550, signal 87498/103456 (executing program)
2022/10/04 09:39:20 fetching corpus: 600, signal 89966/107175 (executing program)
2022/10/04 09:39:20 fetching corpus: 650, signal 91098/109622 (executing program)
2022/10/04 09:39:20 fetching corpus: 700, signal 92417/112219 (executing program)
2022/10/04 09:39:20 fetching corpus: 750, signal 94483/115506 (executing program)
2022/10/04 09:39:21 fetching corpus: 800, signal 96891/119090 (executing program)
2022/10/04 09:39:21 fetching corpus: 850, signal 99213/122628 (executing program)
2022/10/04 09:39:21 fetching corpus: 900, signal 100785/125416 (executing program)
2022/10/04 09:39:21 fetching corpus: 950, signal 103391/129076 (executing program)
2022/10/04 09:39:21 fetching corpus: 1000, signal 105021/131816 (executing program)
2022/10/04 09:39:21 fetching corpus: 1050, signal 106764/134675 (executing program)
2022/10/04 09:39:21 fetching corpus: 1100, signal 109965/138792 (executing program)
2022/10/04 09:39:21 fetching corpus: 1150, signal 111714/141570 (executing program)
2022/10/04 09:39:21 fetching corpus: 1200, signal 112937/143922 (executing program)
2022/10/04 09:39:21 fetching corpus: 1250, signal 114303/146381 (executing program)
2022/10/04 09:39:22 fetching corpus: 1300, signal 115535/148681 (executing program)
2022/10/04 09:39:22 fetching corpus: 1350, signal 116593/150818 (executing program)
2022/10/04 09:39:22 fetching corpus: 1400, signal 117627/152966 (executing program)
2022/10/04 09:39:22 fetching corpus: 1450, signal 118955/155328 (executing program)
2022/10/04 09:39:22 fetching corpus: 1500, signal 120414/157780 (executing program)
2022/10/04 09:39:22 fetching corpus: 1550, signal 122089/160367 (executing program)
2022/10/04 09:39:22 fetching corpus: 1600, signal 123565/162765 (executing program)
2022/10/04 09:39:22 fetching corpus: 1650, signal 124605/164813 (executing program)
2022/10/04 09:39:23 fetching corpus: 1700, signal 126391/167458 (executing program)
2022/10/04 09:39:23 fetching corpus: 1750, signal 127768/169778 (executing program)
2022/10/04 09:39:23 fetching corpus: 1800, signal 128904/171867 (executing program)
2022/10/04 09:39:23 fetching corpus: 1850, signal 130146/173983 (executing program)
2022/10/04 09:39:23 fetching corpus: 1900, signal 131355/176088 (executing program)
2022/10/04 09:39:23 fetching corpus: 1950, signal 133245/178668 (executing program)
2022/10/04 09:39:23 fetching corpus: 2000, signal 135043/181145 (executing program)
2022/10/04 09:39:23 fetching corpus: 2050, signal 135954/182972 (executing program)
2022/10/04 09:39:23 fetching corpus: 2100, signal 137160/184983 (executing program)
2022/10/04 09:39:24 fetching corpus: 2150, signal 139489/187794 (executing program)
2022/10/04 09:39:24 fetching corpus: 2200, signal 141438/190299 (executing program)
2022/10/04 09:39:24 fetching corpus: 2250, signal 142695/192294 (executing program)
2022/10/04 09:39:24 fetching corpus: 2300, signal 144041/194366 (executing program)
2022/10/04 09:39:24 fetching corpus: 2350, signal 145885/196783 (executing program)
2022/10/04 09:39:24 fetching corpus: 2400, signal 147697/199164 (executing program)
2022/10/04 09:39:24 fetching corpus: 2450, signal 148586/200794 (executing program)
2022/10/04 09:39:24 fetching corpus: 2500, signal 150472/203164 (executing program)
2022/10/04 09:39:25 fetching corpus: 2550, signal 151904/205176 (executing program)
2022/10/04 09:39:25 fetching corpus: 2600, signal 153571/207321 (executing program)
2022/10/04 09:39:25 fetching corpus: 2650, signal 154814/209195 (executing program)
2022/10/04 09:39:25 fetching corpus: 2700, signal 155386/210556 (executing program)
2022/10/04 09:39:25 fetching corpus: 2750, signal 155844/211872 (executing program)
2022/10/04 09:39:25 fetching corpus: 2800, signal 156336/213217 (executing program)
2022/10/04 09:39:25 fetching corpus: 2850, signal 157588/215040 (executing program)
2022/10/04 09:39:25 fetching corpus: 2900, signal 159570/217289 (executing program)
2022/10/04 09:39:26 fetching corpus: 2950, signal 161257/219341 (executing program)
2022/10/04 09:39:26 fetching corpus: 3000, signal 162243/220981 (executing program)
2022/10/04 09:39:26 fetching corpus: 3050, signal 163693/222875 (executing program)
2022/10/04 09:39:26 fetching corpus: 3100, signal 165478/224906 (executing program)
2022/10/04 09:39:26 fetching corpus: 3150, signal 166974/226834 (executing program)
2022/10/04 09:39:26 fetching corpus: 3200, signal 167770/228246 (executing program)
2022/10/04 09:39:26 fetching corpus: 3250, signal 168653/229734 (executing program)
2022/10/04 09:39:26 fetching corpus: 3300, signal 169435/231178 (executing program)
2022/10/04 09:39:27 fetching corpus: 3350, signal 169893/232377 (executing program)
2022/10/04 09:39:27 fetching corpus: 3400, signal 170965/233875 (executing program)
2022/10/04 09:39:27 fetching corpus: 3450, signal 171724/235226 (executing program)
2022/10/04 09:39:27 fetching corpus: 3500, signal 172412/236536 (executing program)
2022/10/04 09:39:27 fetching corpus: 3550, signal 173154/237893 (executing program)
2022/10/04 09:39:27 fetching corpus: 3600, signal 173929/239268 (executing program)
2022/10/04 09:39:27 fetching corpus: 3650, signal 174946/240750 (executing program)
2022/10/04 09:39:27 fetching corpus: 3700, signal 175891/242238 (executing program)
2022/10/04 09:39:28 fetching corpus: 3750, signal 177086/243749 (executing program)
2022/10/04 09:39:28 fetching corpus: 3800, signal 177566/244876 (executing program)
2022/10/04 09:39:28 fetching corpus: 3850, signal 178274/246173 (executing program)
2022/10/04 09:39:28 fetching corpus: 3900, signal 179206/247521 (executing program)
2022/10/04 09:39:28 fetching corpus: 3950, signal 179786/248744 (executing program)
2022/10/04 09:39:28 fetching corpus: 4000, signal 180635/250046 (executing program)
2022/10/04 09:39:28 fetching corpus: 4050, signal 181409/251295 (executing program)
2022/10/04 09:39:28 fetching corpus: 4100, signal 182016/252454 (executing program)
2022/10/04 09:39:29 fetching corpus: 4150, signal 182486/253583 (executing program)
2022/10/04 09:39:29 fetching corpus: 4200, signal 183809/255126 (executing program)
2022/10/04 09:39:29 fetching corpus: 4250, signal 184397/256244 (executing program)
2022/10/04 09:39:29 fetching corpus: 4300, signal 184958/257307 (executing program)
2022/10/04 09:39:29 fetching corpus: 4350, signal 185786/258539 (executing program)
2022/10/04 09:39:29 fetching corpus: 4400, signal 186476/259694 (executing program)
2022/10/04 09:39:29 fetching corpus: 4450, signal 187399/260972 (executing program)
2022/10/04 09:39:29 fetching corpus: 4500, signal 187907/262073 (executing program)
2022/10/04 09:39:29 fetching corpus: 4550, signal 188514/263147 (executing program)
2022/10/04 09:39:30 fetching corpus: 4600, signal 189015/264203 (executing program)
2022/10/04 09:39:30 fetching corpus: 4650, signal 189742/265251 (executing program)
2022/10/04 09:39:30 fetching corpus: 4700, signal 190940/266543 (executing program)
2022/10/04 09:39:30 fetching corpus: 4750, signal 191160/267424 (executing program)
2022/10/04 09:39:30 fetching corpus: 4800, signal 191707/268492 (executing program)
2022/10/04 09:39:30 fetching corpus: 4850, signal 192647/269641 (executing program)
2022/10/04 09:39:30 fetching corpus: 4900, signal 193350/270814 (executing program)
2022/10/04 09:39:30 fetching corpus: 4950, signal 193788/271763 (executing program)
2022/10/04 09:39:31 fetching corpus: 5000, signal 194729/272973 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/273808 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/274615 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/275398 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/276204 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/276985 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/277765 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/278550 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/279343 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/280123 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/280902 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/281687 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/282468 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/283237 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/283997 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/284797 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/285596 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/286359 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/287136 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/287893 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/288706 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/289485 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/290237 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/291037 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/291818 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/292632 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/293420 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/294200 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/294949 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/295740 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/296498 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/297260 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/298032 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/298799 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/299581 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/300378 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/301166 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/301969 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/302772 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/303540 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/304324 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/305136 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/305910 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/306710 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/307516 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/308299 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/309101 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/309877 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/310655 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/311422 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/312237 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/312987 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/313814 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/314646 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/315431 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/316188 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/316938 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/317759 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/318298 (executing program)
2022/10/04 09:39:31 fetching corpus: 5014, signal 194825/318298 (executing program)
2022/10/04 09:39:34 starting 8 fuzzer processes
09:39:34 executing program 0:
ioctl$BLKROGET(0xffffffffffffffff, 0x125e, &(0x7f0000000000))
ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000040)={0x81, 0x80000000, 0xffffffff, 0x80000001})
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f00000000c0)=0x123)
r1 = open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x1000)
r2 = mq_open(&(0x7f0000000140)='\x00', 0x80, 0x2d, &(0x7f0000000180)={0x1, 0xffffffffffffedfd, 0x837, 0x3})
r3 = openat$cgroup(r0, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0)
r4 = epoll_create1(0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000200)={0x0, 0x5, 0x4, 0x0, 0x0, [{{r2}, 0x3}, {{r3}, 0x6679}, {{}, 0x7fff}, {{r4}, 0x6}]})
r5 = openat$hpet(0xffffffffffffff9c, &(0x7f00000002c0), 0x80080, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f0000000300)={0x10000006})
ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000380)=<r6=>0x0)
sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)={0xf4, 0x17, 0x400, 0x70bd2c, 0x25dfdbfe, {0x18}, [@typed={0x8, 0x39, 0x0, 0x0, @pid=r6}, @generic="4f7c4aabe451b1c904047bc9ca76275e88a3f3e1d5683526f4bb0a032dc15f0dd71dc76b25129cfbc5b5b96612362c7f58612077963fe24f1707caddf8ab9e001e5122c114903a7676aca87be1ffa7af82199a5ce570f83c6fce6377b1e69cbf2a598d8184e5d4c7be7fc056d0b1fec8d26a90643c608913ca9575847c3dc59ebde0df46f5eaedadfd3c4289bcf6256b3af7dd380a1e1526296a6c664e39553c17a66d436a428aa0ca5596557f26d189ce3c3607a16edb6fc8aefbe43c6ac044c314ec989c7f95e7f8e1567c36b084", @typed={0x8, 0x20, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0xf4}}, 0x20004080)
fcntl$setsig(r3, 0xa, 0x18)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r7=>0xffffffffffffffff}, './file0/file0\x00'})
ioctl$AUTOFS_IOC_ASKUMOUNT(r7, 0x80049370, &(0x7f0000000580))
ioctl$BTRFS_IOC_INO_LOOKUP(r7, 0xd0009412, &(0x7f00000005c0)={0x0, 0x9})
write$bt_hci(r1, &(0x7f00000015c0)={0x1, @le_set_scan_rsp_data={{0x2009, 0x20}, {0x81, "bf36289fe3249e1ed44828209ab313ec007667245cf0783934b3ee0de8e1e6"}}}, 0x24)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r7, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000016c0)={&(0x7f0000001640)={0x50, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x3, 0x26}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x78}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x78}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}]}, 0x50}, 0x1, 0x0, 0x0, 0xf0e867781eb0146d}, 0x8000)
mkdirat$cgroup(r0, &(0x7f0000001740)='syz0\x00', 0x1ff)

09:39:34 executing program 7:
keyctl$join(0x1, &(0x7f0000000000)={'syz', 0x1})
keyctl$join(0x1, &(0x7f0000000040)={'syz', 0x1})
keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x3})
keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x3})
keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x0})
keyctl$join(0x1, &(0x7f0000000140)={'syz', 0x0})
keyctl$join(0x1, 0x0)
keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x3})
keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x1})
keyctl$join(0x1, &(0x7f0000000200)={'syz', 0x1})
keyctl$join(0x1, &(0x7f0000000240)={'syz', 0x1})
r0 = request_key(&(0x7f0000000280)='.dead\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)='syz', 0xfffffffffffffff9)
keyctl$join(0x1, 0x0)
keyctl$join(0x1, 0x0)
keyctl$join(0x1, &(0x7f0000000340)={'syz', 0x2})
keyctl$join(0x1, &(0x7f0000000380)={'syz', 0x3})
keyctl$join(0x1, 0x0)
keyctl$join(0x1, &(0x7f00000003c0)={'syz', 0x3})
add_key$fscrypt_provisioning(&(0x7f0000000400), &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000480)={0x2, 0x0, @a}, 0x48, r0)
keyctl$join(0x1, &(0x7f0000000500)={'syz', 0x2})

09:39:34 executing program 6:
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4001}, 0x40d0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000180)=""/108, 0x6c}, {&(0x7f0000000200)=""/25, 0x19}, {&(0x7f0000000240)=""/168, 0xa8}], 0x3, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [<r0=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [<r3=>0xffffffffffffffff, 0xffffffffffffffff, <r4=>0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [<r5=>0xffffffffffffffff, 0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff, 0xffffffffffffffff, <r14=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r15=>0xffffffffffffffff]}}], 0x128}, 0x3)
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r15, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x81}, 0xc081)
open(&(0x7f00000005c0)='./file0\x00', 0x2000, 0x11)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000640)={0x94, 0x0, 0xe4c9ad1307096c7e, 0x70bd28, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x10001}, {0x6, 0x16, 0x8f}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x1000}, {0x6, 0x16, 0x1}, {0x5, 0x12, 0x1}}]}, 0x94}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000000)
io_setup(0x6, &(0x7f0000000780)=<r16=>0x0)
r17 = pidfd_getfd(r5, r10, 0x0)
r18 = memfd_create(&(0x7f0000000bc0)='netdevsim', 0x5)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f0000000d00)={{0x1, 0x1, 0x18, <r19=>r1}, './file0\x00'})
io_submit(r16, 0x6, &(0x7f0000000e00)=[&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x8, r6, &(0x7f00000007c0)="3029ccaa8f8f5aa1c604f80d7d8533dac4585f7d282524009c4aaa3df52ff9b145f575e584d7439776d8db6e021f4cee91eb885c68804e5b08ad2f9cec7bd09cd0649727084860e58fe03d75ccf77d2766e4b952f344ec0fedac1eb0ce608029dda1f2ba744882a01acc2fc6478d23cecfbeda40de8d9bf515cb1fff2770114646be62170d21de043a772cbac3dc9fa08b70cb0eb5c8d32d165db21d96b1d31142274924a4002646b318db78a7374d7837c0c8496d732ae41c03cd3784646285befb15", 0xc3, 0x1ff, 0x0, 0x2}, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x2, 0x6, r12, &(0x7f0000000900)="8514b8e4616bb903559a9fc5c1da0efcd6c4e7f05cd5e004260bc5ece9b2ea67fca9ecbbb309a193429ed30759d10f98048dc0d3a968e2474859c20343167fc0641d380fbc8d2183b4e6b25d84d93bbda9fe1d161872847be48fd1585b0510f3c0f0c4dfdaaad3c5cfeecc1ab640b9a748d6bd5a710b90e05f742887914568f05d43c1127d39f8585d53cac9813bc1401f8e801491702b926096ecee69b64e52b0a633cc17898196857f81e22d7b8686949f1a4ddce9d6cf336d251b8efe104a84b0768482e51825ba9f63f23f07bcae9b21d310d8af83f94eb47c1fc18a8b9bd5", 0xe1, 0xffffffffffff0000, 0x0, 0x2, r17}, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x5, 0x2, r10, &(0x7f0000000a40)="e5a4354a97b592efb3cd869a880b566da9f46f83764c79e839879478d2f9761441c44484e18979bd16c81e22a954d423a015671632be62a1804ea5e2fe58867589b3030e63f8f836a340a99bcaca2b16946da8bffb240694a04d62b6", 0x5c, 0x7, 0x0, 0x2, r14}, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0xf, 0x800, 0xffffffffffffffff, &(0x7f0000000b00)="8f7a962d442d5ca762fc67518690bf96b39536130a8d557913ade5659c806eca72a38cc76c8db736505d4bc70d497259cd25cb42b3492da548896f22cd80e5494a90", 0x42, 0x78f0, 0x0, 0x2, r8}, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x6, 0x7fff, r18, &(0x7f0000000c00)="2b58fee104bfc0472af445ad09b8d4f2300f887c5ce223e38d59155f0970dfb99c3f461d44750b175f8f8866750293d8c3065f9d17ab2030b5f278da0f442795078a446a1189cb2453c9d03e07f50d68289af8a0ab303c9f3394a8ad0f6d9049391d69d27a7b6af6ccb20df78acb6d6c8c1c1c70e7f64a199c15fd347c372f5d6c0477270f70f0fe57a96a8f8c9b4d41ac90afa0c9a941363455c25796837f86787510bddd532568e0c79ba65528b7a12ffefed3fd6d17ab79e5dd0d763ad09d8f37487caba28bf91252f05e8ec104", 0xcf, 0x10001, 0x0, 0x3, r19}, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0xda815427acc44c6c, 0x1, r13, &(0x7f0000000d80)="a47ceaa23b30ad65fe0e74c449b6d038a58dc025bd305f254da4056d647adc89f2a86843", 0x24, 0x3f, 0x0, 0x1, r10}])
write$cgroup_netprio_ifpriomap(r7, &(0x7f0000000e40)={'vlan1', 0x32, 0x35}, 0x8)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000e80)={<r20=>r4, 0x2, 0x10001, 0x9})
dup2(r20, r11)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r4, 0x89f6, &(0x7f0000000f40)={'sit0\x00', &(0x7f0000000ec0)={'ip6tnl0\x00', 0x0, 0x4, 0x6, 0xf9, 0x400, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @multicast2}, 0x1, 0x8000, 0x7f, 0x8}})
r21 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000fc0), r15)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000002140)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002100)={&(0x7f0000001000)={0x10d8, r21, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}]}, @TIPC_NLA_NODE={0x108c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "ee0d21406a08845809a26fffca9068e51e66e8ce780bfaabdd05726807a8587cae0d"}}, @TIPC_NLA_NODE_ID={0x1004, 0x3, "097eebcd2425383b83386a2452cc97788c2c071abd94ccf983b6ba8efd5c3e863f58f5b498881a02adf3a28b2d02313039b2063809eb9375019164092a5c56f3d29e3e0413b18847795792eed2889bb4b7c2a4a8a8e2a4fd938d5f84d66e8767bd77bdddf9a958d3980492d417070bf3fd4a7e9fdc89377c7f0bffa613c8724f2d188229fdcc9b7da2801c30a7eca41fd6e43d63cb5f8b0714dbc9ce5035a5a9c19e8048572f695112fc101e99b29eac390089b4a09f7830eb5853997e8f1fae1e6595851d36449c9557b31d721b769f92367505c6ad22b00e848b2f502134d0ec208608c54b104746b9b2e94ec572bbe30025d3f199bcb039cb0d2702b47c1bb0ef490edf305e690f86bf84fc4ac7e027fba78a3a3c4c675714fab23ba0924220d11bd677e23848e325f1eb3c625a4dfb03a2ac84d12da8c2d2b1d3ea5350d535a617801593dd3bdd455322b8059ac7ce31bb8692e41a82ec6b75c0954133ca2c7d184294d8962f6023a8b6039c66b5672b623b4027641b669bb43823255c30a020f460c271d12ca142171687fb83b1fea8c5bdafb26d2f0a31b58d203a73b0d107b311c3a25d11dc534726cceccec99dce5a22ab1d604448ef746bf94f10b5962f2f037d8cd54a112899a19163c66b7e3a6bd7552d6b389da98fb7cb48d9bec8f7ce575a9e64917566adb06508e47ca7cbe929d6c81c60c6b5b29cdfbac73fefd44a2ec8a1ff9c8ec28bbff38b6a01e99a662a2ac424851e2e25de8d853184704fb4de731bad41bb3ee770448093a0763838d826ba50275605665bf3c1ba63ef6b036d3cecb64c0eaba129dee5fe2edaa80f1e296d0f8c48e570ee7c674fa346b9fee0acca1f9dba578fc88d2db9c0f63497d6d761d119e51ab2a5124223a50e5ddffbc45a29120f0926e23a555596e2a659fd4b55e7d2bd054c4173ddee56503dadd96e38f9e6879d1f8716bbef2b7375af5bf3679ff09e3bd81d9553538b415aac53cc04f0f949dbc48b7304430dff14cf0c8cb408555510cfac6904b3f384006469a4f0ab0db8bada36a36f67afa3065a9ab6e5a6786d3e35fde50bb1a61b271340583f192e5dd6d34b4f7e67003f7888ebce41d1eaf4e25c0a4e133989677f1f84606f61baddd14c98fa0425c3bbe5557b8b96cbbcc6466e379179517fc0fc41fe23360196e109efb521667c9d64153ff407f99def171cd2a3de5a01ae1d24b7ee4f87d71f12086a6d384447769fed43391cf93177b1b509cb681f6fda91120b0fb80fa9b53fd606ee076d8f1fa9b10964ccf102ece5c0dc11358a2a8b3cf9276e912891c417102805470da4bd870cc43fbd88bbe652fc5db5c94a861ca88bb844348996ff1346f2dcbafb09bbb7a496ec7a30205794fe13e7b0d034e32df475917e5de0a9986d2756a8edb6b29c4abe131b111fb63f6e48fa71172038b756171e3c14f783ccb46401e9b4d54e75754abf5eb984621dd142cc9b6034fd306f7c0677a48be3138d83ee6d147fb8c4d35774b2cca8fe646c8917e0d3c3eeba893db01aef28412273f7d34076f5f84aaa2518c73f97c84b93a5ce6fe8a56c72ae44079606952cb2a3dbc62e495beb48844fe2b3740df54d37e7f7f26ac8b7c653ccb755ca3becb599254e4cfcbfe612caeb31c9083600baa532f9afc2d07f8bac1e4550833e119787eabaf734b905344c1850dca1b5daaa88fea56c96b0eb7686ed7009dd26753de2c4eae2820a7c5040628fa506a37c1ac6ec041edea01718979f5a47a4432f60bbe04e3c0666168a86f2c0e765309eafe4ae9a34974307ef49232c4b15f8a6535ff55eb6604393ae67b20b85dc0495bea4d1fa553c3f16a921c816c44eb2ce3de15db6d0df6d3412ff7b08bb7ff9e0f4e33aedf3210803b9283cfb655eda61b93ea32d86488366f41523f395c067957f5870dddef11c111f5eea7e57e06ef49e1edff54dd6e9e5e5fb99124868f18a0e0fad2ada68d2c26a6808b051152eebc79acfe1fb172d839d1ccf574d2087013323d0b7c89d7b80e254c80e68cb9f1809a95b53602c603594caa0253fee73552e6a2ac815f9e3d629eb3b67d8b3c0c7e214f537e9b30d4fd9bac009693b54d82b47ad2d09525c9b8f5c501a9e4fbbe35220b4f471aefd49c922fb6b4c4a9028f03dcd16d86791a310b1f583e9782948aed7e9f6a7d854cb13b389e1b506fb4aa3b014bfa83d7cec1f66abe7941cdb18dcb0808bf55ef8f7ba3f0d4347e4a547cc51c90e8604c29b288791f9669c29914d1b39e2daa9d3a44d773b580c84141acf01391444a7803abc0c3360078c433449e4595991b3409286691e4837dc438bc6e1ea7b5581d41955610111b6d34b041891fe1b3e59219696c1ddba7dfa13925850b1b0b5be06e70ddacce9477561aa742af7112dbe95c62a086c8f4eff93eaacaf78ca3c0598d3e3d8d1372cd41a25f90931591171e42b5a79ceefdbe5a90efeca0ce8a1b16bd4a3a57115d4a42809715096f929c8386f657a8e1923d54f7689851a64b6422d88f6e7684cef8a5b28afdaf7c54b916cc6ef2802d1249e52d4d0ac7c558c58c4ca51002393bedb7c382c689af741b2bacd2d81f551ed3898f6dec8b59f699576108e5a9a54e78a140603ad9f0614ec1b4c211b48785f963ad976fcb56d791db1c2ee71a4876d042b6779c55ff074883a2fa16f17b93c0c2202d81bdeaf96d1cae9b44f80e297eaaa816d2497bb5ac3b5e618d06abd90b0b43fe8527ef13d475cdbbed2bc4218575bcdd1fb7d38f83925fafd30ce62aaaf0ae102e408d5024acfb4251587c370bcf431098ba4c5a125ea7dce7deb1a9f1d5f2835a6330bc2e4334e94632920040ad170a8ceac0800ce3509f173fcbf365ca55b2d42075e96a5491ac32d89f7e5c2ed591fe4d97a911777c152960da73a62e08a93daa20cbe2e6896b22b90da85e46535e9c6e465099aa89d84120a8cce12b4a87fd995a4499e4e492a7d9c94a0a91beb1793bc274d67df3f338ac6e79f77b30443d0c3786da6902cfe179e31f089dfe8b05ff25d46cee8c4767752598e694fcf178d84082df1745a954d56acd51824feb359a6d40d8ec88529c292c7c73c3176d236321dbf1d5ede6eaacad059ba42025b2135599b10ebaa52fa2bc8c72c712ace0a0fc2df7974e1073190d6efeee354c65c3e998943dc551e445ebfa0b448bb13f407fa47753f3fdfcf8ea1eeeb2277ba33c27264e47ac90f711da61a189c29c1597e61c706b642e4bd5d4435970619862454351c2b6c73232fbdd8f778ad990897ae15802aea5b9a24ce397c5487d994c434b47da25ac30f801a6bc02ef364fff5ae8617756f4c42f628df31f71c26f815d3bf6d810db3c4b897bf69f01fa47032f8736a7af0d5279bd7b571fba062de3a960f0ad96c7f5400e8c2cf435daf952db57fb50a983ac5990b10350ba17b37b285c5bae7bea1dc8a9e43e46d0f03c768f8106a849f57dfc3177952dc423424713c460adb6a80f9b6222a679393b8fe118faf764cd3da1bf78198cdf294eaef2efb844b1aa816501feacce212f1bb6fa40bd46b532c91a59f27f5a94a35b5dfaab061bdfd5c5810498c1f52a22a0aca3824ffb9c1bf399cccb436fe75e56e243f91769bec01b472b22008f3407909fe8efa567fece09188aaf32d94ecaab725ad5d503a6ba7b8d9853f6d57db7dbc80c8cff698b1f0ee2639a01e75919f9b33abfdae544c7f60bf3fb65e3bd652496900746964b69cd0e14db07c8257493f8849ad898be23c426c354311175285333d8147543d726f1eabe5da6ea7357847757a92bf1a5ea81d4dd026d922eab32155cd56ce640831e91f781e3fed005826968490457849c4d2e2a5aab6f105e08505e7e9a9ed9a07689798e713b3467c4418f16ed67d5f1149526e5010011cc1ab7874362875bf743d63a7ccc0e50710a4141678196233d856533767ee32dbc107eb12c86f7f1bdccb02db1ae6da94a5862cff92bf10a56c1133c7947b636fa0b379340271ef0fce08e5038910f6d6943f653c2883995c42ffd5e76993e2dda7bdac2ca7a5c67aab878867262d587a5237ef423a34da137b006044dfba3612ba61f5b10dc4b50b8e631e1c83ebf542f0d96ebd359194d129c0009f25a7f430f051d6375e2db3753dd6673a6ebf669e2c19f77135c5f697357f9fc5509a9d9a9a783c2400a93489aaea1475b057d03f10ac37288dc35071bcf5a2b638882f0ca5c9598ff8fac0681feb6eb95a1cb19268bfc09bf7f3835a1a5c68805ab75611f61271cd7124e1169ad6e35d7e861ba397f95efe3af010346150c802eab12df40bd80d0d27e29d028bb71a6ab1b9ca750fe5792859d34be99cd5812405817a6d4da497bcae090be3808808b560626df75a90e174b84d8b97251e28d0d06c22e89204e4701093d7c6ede79efcdc13de179287685c8e65a222d2bcd0158779d083841c701442f4f6994d18cc147ade301b81dea08728a8b1b6bf00153e24762b6e4bee686814b57d7562b26af3cdba939fe816ff348899985b2e165ca6a8c69be45bade1c768ce77e7855cb83fe4c62c3d36cd243ad355f5b3e96929cad3eb2d23897aacab92f27aed429d435232bbdf794b2e12061883dcfdab8c20b2cb716f36c5a54008ef3466f279c54143ee02edcf586c8c048c8b828933e8a70937a171cec5edc6b5cc9ef9411d80c9e641d8b1861aa25d9e539f2c61d46d5dc520a2beabfb15cd63d2466d5251336d6937b9c8f6b2659506922c691c2dd2f659c5627e2fa3d304179d2e0dffd589c6f490b573338da71a5d8973c7af1d411e05eb0eeea01f7e9931cc0e817eedd497eafb610d7509b11c02d3529a62ab81e0618fde4ed0cffa13a3f818b77fbfa5049e4e1b4dc0aeb02b91ecae12bf743899d487af973b5d9443a6d94e1343e2b67e82d40140ee1b4bf01cfc43e1f3e7e5a098fa1ad9e69e2b7f31ff886084160786adb5c92e1efdf737e23c27c3a4ad423d68f927ecd0cb22657133ccf91ad412c68f7132109b50bd1776cee6cc9c71188b92dd8b9c874895918dadc1152c73485d576008e0817bfc1653791d0fb536bf36026f71e4574f7331559914074c4d4327b8e1d134266abcb0c45755a088afb9b3c8208ecabf092333072a734203f3103075e0e105162802d13e08ad636e509d8bb1a6bea97f0b9bb442402775536737abcfbeb684fe8699a6f20417f71d546ff89d6c75cf5b19a16dcb0bdf361aeab43640c3fdd6a861b16ecbf083b0dc9ee775d40a7104dfc492213c25c375ffa7133576e866c62ac2c5f1d20c7c70e5ffb3cc05fca584c50a8b5f3210f3dd2f0cb3fa1b762a365ac53fb3a7d9b03e20842c46aa24e138790d65604b98ba9c255718360a238cc7d5e6ca57ed0bcb28273130b96f550d166c4931857f4446cd52f82a586f590ac8d3546cd064e2a375fe969d1231438e2b6afc28a7a845f30b5153791269bd4eeb3085627a49d97511b3d86df5f3295108faccabc4a0f9bd481a4df0fca2ca0e5e222b9527c093adfc76ec9b1a671651b0ca03efb79edc01ee81ef1a84cd895844c421693907e16c894ac1c5fccb727d617f1353fc7939726a4850c2d83056346c81c1afa7fff774fc63ede10efca2412c797c65c80cfafd83856664dc058a7ea49186dfefabafec739240c6182085d607e6a85cf6bde08dfb5eba979dc7670a1a8e76278e3384aa5588b0ec1589f9c4fb0654d8e2acc09130fdc589cb94c671a1e62938f74cfaaa7a105ef1edbeb9bbc8246a2a71313b1f0f0bdeaf"}, @TIPC_NLA_NODE_ID={0x36, 0x3, "b7394d81c22639b43899c2528a32f067ffd39dcfec42278c061c4bc8fa71ac2861330be4cf0997b99490e20b91aa1fb653eb"}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x14}]}, @TIPC_NLA_SOCK={0x4}]}, 0x10d8}}, 0x8000)
r22 = syz_genetlink_get_family_id$tipc2(&(0x7f00000021c0), r0)
sendmsg$TIPC_NL_PUBL_GET(r9, &(0x7f0000002340)={&(0x7f0000002180)={0x10, 0x0, 0x0, 0xa290c08}, 0xc, &(0x7f0000002300)={&(0x7f0000002200)={0xd0, r22, 0x300, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x20}]}, @TIPC_NLA_NODE={0x60, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10001}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "d2cb9b0698587f0680aad9df793efac1177f0e53743ca7368a3d6366d9541752e4"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xa}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r17, 0xc0189379, &(0x7f0000002380)={{0x1, 0x1, 0x18, <r23=>r10}, './file0\x00'})
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r23, &(0x7f00000023c0)={0x90000006})

09:39:34 executing program 1:
sendmsg$NL80211_CMD_LEAVE_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x66, 0x6}}}}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20004050}, 0x0)
r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r0, 0x405, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0xb4, 0x0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x400}, {0x6, 0x16, 0x8}, {0x5}, {0x6, 0x11, 0x8001}, {0x8, 0xb, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x3}, {0x5}, {0x6, 0x11, 0x7ff}, {0x8, 0xb, 0x8}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, r1, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x80)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000500), 0x1000, 0x0)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000740)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000700)={&(0x7f0000000580)={0x178, r1, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x9, 0x7f}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0xdc}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x1000}, @NL80211_ATTR_TX_RATES={0x13c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x10, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x12, 0x5, 0x1b, 0x0, 0x12, 0x2, 0x0, 0x22]}]}, @NL80211_BAND_2GHZ={0x4c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x60, 0x4, 0xb, 0x1b, 0x3, 0x3, 0x4, 0xc]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x3, 0x4}, {0x6, 0x9}, {0x6, 0x4}, {0x7, 0x2}, {0x6, 0x2}, {0x5}, {0x6, 0x4}, {0x6, 0x3}, {0x6, 0x8}, {0x2, 0xa}, {0x0, 0x4}, {0x7, 0x1}, {0x4, 0x9}, {0x6, 0x3}, {0x6, 0x9}, {0x0, 0x9}, {0x4, 0x8}, {}, {0x0, 0x2}, {0x1, 0x7}, {0x1, 0x5}, {0x3, 0x5}, {0x2, 0x2}, {0x7, 0x5}, {0x7, 0x2}, {0x2, 0x6}, {0x7, 0x4}, {0x0, 0x2}, {0x5, 0x5}, {0x1, 0x6}]}]}, @NL80211_BAND_2GHZ={0x10, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x9, 0x2, [{0x3, 0x7}, {0x1, 0x5}, {0x5, 0x5}, {0x4, 0x6}, {0x3, 0x3}]}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0xa, 0x2, [{0x1, 0xa}, {0x7, 0x3}, {0x1, 0x8}, {0x7, 0x1}, {0x7, 0x9}, {0x3, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x100, 0x7, 0x9, 0x1, 0x7, 0xe7]}}, @NL80211_TXRATE_HT={0x38, 0x2, [{0x7, 0x2}, {0x0, 0x5}, {0x0, 0xa}, {0x6, 0x9}, {0x0, 0x7}, {0x0, 0x5}, {0x5, 0x3}, {0x1, 0x3}, {0x7, 0x9}, {0x3}, {0x4}, {0x6, 0x1}, {0x0, 0x6}, {0x6, 0x3}, {0x6, 0x2}, {0x3}, {0x6}, {0x3, 0xa}, {0x2, 0x4}, {0x3, 0xa}, {0x1, 0x8}, {0x0, 0x1}, {0x6, 0x4}, {0x5, 0x7}, {0x7}, {0x5, 0x1}, {0x1, 0x7}, {0x3}, {0x3, 0x8}, {0x1, 0x6}, {0x1, 0x7}, {0x6, 0x3}, {0x2, 0xa}, {0x5, 0x6}, {0x5}, {0x6, 0x6}, {0x7, 0x9}, {0x1, 0x8}, {0x5}, {0x0, 0x8}, {0x3, 0x1}, {0x3, 0x9}, {0x7, 0x7}, {0x4}, {0x0, 0x3}, {0x7, 0x7}, {0x5, 0x4}, {0x1, 0x9}, {0x1, 0x1}, {0x5, 0x7}, {0x1, 0x6}, {0x7, 0x9}]}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffd, 0xff, 0x1, 0x7ff, 0x7, 0x80, 0x9, 0x1]}}]}, @NL80211_BAND_60GHZ={0x58, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xd, 0x1, [0x48, 0x0, 0x14, 0xc, 0x1b, 0x60, 0xb, 0x57, 0x6c]}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x3, 0x5}, {0x3, 0x8}, {0x3, 0xa}, {0x4, 0xa}, {0x7, 0x2}, {0x4, 0x1}, {0x4, 0x9}, {0x4, 0xa}, {0x7, 0x6}, {0x7, 0x3}, {0x0, 0x8}, {0x3, 0x2}, {0x1, 0x3}, {0x1, 0x4}, {0x6, 0x9}, {0x2, 0x6}, {0x7, 0x9}, {0x0, 0x3}, {0x3, 0x5}, {0x5, 0x3}, {0x2, 0x7}, {0x6, 0x9}, {0x1, 0x2}, {0x1, 0x1}, {0x0, 0x3}, {0x0, 0x3}, {0x3, 0x3}, {0x4}, {0x5, 0x4}, {0x4, 0x2}]}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0xb, 0x5, 0x30, 0x3, 0x12, 0x16, 0x24, 0xc, 0x18, 0x5, 0x5, 0xb, 0x77, 0x2, 0x36, 0x18, 0x1, 0x9, 0x24, 0x6c, 0x4, 0xb, 0xc, 0x60, 0x48, 0x6]}]}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x8001}, 0x24024810)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000780), 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x38, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20054010}, 0x4008800)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(r2, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x50, r3, 0x20, 0x70bd25, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x1, 0x9}}}}, [@NL80211_ATTR_STA_AID={0x6, 0x10, 0x1a6}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x6}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x1}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x27c}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x14040015)
r4 = open(&(0x7f0000000a00)='./file0\x00', 0x100, 0x8)
read$hidraw(r4, &(0x7f0000000a40)=""/253, 0xfd)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000b40), 0x1f7, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000bc0), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000c00)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r5, &(0x7f0000000cc0)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x40, r6, 0x300, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="438dd20ecb47"}, @NL80211_ATTR_MAC={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x40040)
sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000000f40)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000d40)={0x1bc, 0x0, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xcb22}]}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7d}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}]}]}, @TIPC_NLA_MEDIA={0x68, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MEDIA={0xec, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1279}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x71}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x20004844}, 0x40)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f00000010c0)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001080)={&(0x7f0000001000)={0x5c, r6, 0x8, 0x10000, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xe4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x3}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xa}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40010}, 0x40)

[   77.577218] audit: type=1400 audit(1664876374.958:6): avc:  denied  { execmem } for  pid=288 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
09:39:34 executing program 2:
r0 = getpgrp(0x0)
process_vm_writev(r0, &(0x7f0000001280)=[{&(0x7f0000000000)=""/4096, 0x1000}, {&(0x7f0000001000)=""/96, 0x60}, {&(0x7f0000001080)=""/165, 0xa5}, {&(0x7f0000001140)=""/14, 0xe}, {&(0x7f0000001180)=""/9, 0x9}, {&(0x7f00000011c0)=""/180, 0xb4}], 0x6, &(0x7f0000002500)=[{&(0x7f0000001300)=""/243, 0xf3}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000002400)=""/7, 0x7}, {&(0x7f0000002440)=""/119, 0x77}, {&(0x7f00000024c0)=""/28, 0x1c}], 0x5, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000002580)={[0x8]}, 0x8)
preadv2(r1, &(0x7f0000002900)=[{&(0x7f00000025c0)=""/204, 0xcc}, {&(0x7f00000026c0)=""/155, 0x9b}, {&(0x7f0000002780)}, {&(0x7f00000027c0)=""/2, 0x2}, {&(0x7f0000002800)=""/162, 0xa2}, {&(0x7f00000028c0)=""/3, 0x3}], 0x6, 0x3, 0xfffffbff, 0x1)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000002a40)={&(0x7f0000002980)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002a00)={&(0x7f00000029c0)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000002ac0), r1)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000002c00)={&(0x7f0000002a80)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002bc0)={&(0x7f0000002b00)={0x88, r2, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bridge_slave_0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wlan0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_bond\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'dummy0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x88}, 0x1, 0x0, 0x0, 0x40000}, 0x4004000)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000002c40)=<r3=>0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(r1, 0x40089416, &(0x7f0000002c80)=r3)
r4 = socket$inet(0x2, 0x3, 0x800)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xa, 0x4010, r4, 0x9d0f000)
sendto$inet(r1, &(0x7f0000002cc0)="2658e8a55a3e26f895a52ecf8a1c2bc3b5c5311be285fa54512a41bee000777f316fda176296fee9be4a8edb6bd79ba9fd53a1545cdb605db7cb05cc574e4d6852826bf28078e4cdfe6d1de2a13e5ccbce85a6e013ee730d92fca6217a780e5a57a41dcabbf05dc5e85730ea93e73285d04924612ebdd7de0dbc8c3b8238fd3f6f24c3e70ea42bb70788cc30b3d7d867c58446fdb244fe1fca0dd456500596303d9838ccd07b20ff24521a3119ce8863980ad3a0441a0491facdfa1fd8a9fc06ac867303b8a05e9de4aaf463065d4fedba13232278489f1895f807090b40900279c8bb611f62198da1c4bf304fe49105b7203ff4702ae1947bf4be", 0xfb, 0x24000880, &(0x7f0000002dc0)={0x2, 0x4e21, @local}, 0x10)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, &(0x7f0000002e00)={@private, @local, @private}, &(0x7f0000002e40)=0xc)
fremovexattr(r1, &(0x7f0000002e80)=@known='security.selinux\x00')
ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000002ec0)={{0x2, 0x4e23, @empty}, {0x306, @local}, 0xa, {0x2, 0x4e20, @private=0xa010102}, 'wg2\x00'})
process_vm_writev(r0, &(0x7f0000002f40), 0x0, &(0x7f0000003340)=[{&(0x7f0000002f80)=""/130, 0x82}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/243, 0xf3}, {&(0x7f0000003240)}, {&(0x7f0000003280)=""/172, 0xac}], 0x5, 0x0)
process_vm_writev(r0, &(0x7f0000003700)=[{&(0x7f00000033c0)=""/81, 0x51}, {&(0x7f0000003440)=""/230, 0xe6}, {&(0x7f0000003540)=""/199, 0xc7}, {&(0x7f0000003640)}, {&(0x7f0000003680)=""/110, 0x6e}], 0x5, &(0x7f0000003c40)=[{&(0x7f0000003780)=""/202, 0xca}, {&(0x7f0000003880)=""/233, 0xe9}, {&(0x7f0000003980)=""/23, 0x17}, {&(0x7f00000039c0)=""/63, 0x3f}, {&(0x7f0000003a00)=""/224, 0xe0}, {&(0x7f0000003b00)=""/204, 0xcc}, {&(0x7f0000003c00)=""/1, 0x1}], 0x7, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000003cc0), 0x0, 0x0)
r5 = syz_open_procfs(r0, &(0x7f0000003d00)='statm\x00')
fsmount(r5, 0x0, 0x7c)

09:39:34 executing program 5:
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f0000000000)={{0x0, 0x6}, 'port0\x00', 0x40, 0x180000, 0x0, 0x8, 0x3, 0x3ff, 0x2, 0x0, 0x7, 0xff})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000000c0)={0x2, 0xfffffffd, 0x1, 'queue1\x00', 0x7})
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
flock(r0, 0xb)
setsockopt$inet_udp_int(r0, 0x11, 0x1, &(0x7f0000000180)=0x5, 0x4)
r1 = fsmount(0xffffffffffffffff, 0x1, 0x2)
ioctl$CDROMPAUSE(r1, 0x5301)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_misc(r3, &(0x7f0000000200)={'syz1', "7e9caeb3f43d373b75d45e59d30b12551692317ce0ea25e2a53a76baa792c66380488fbca4b9fb51b96e3d0301e3ceae16d012b69830"}, 0x3a)
fgetxattr(r0, &(0x7f0000000240)=@random={'security.', '\x00'}, &(0x7f0000000280)=""/241, 0xf1)
getsockopt$inet_udp_int(r1, 0x11, 0x1, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r4 = fcntl$dupfd(r3, 0x406, r2)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)=[r3, r0]}, 0x2)
getsockopt$IP_SET_OP_VERSION(r4, 0x1, 0x53, &(0x7f0000000480), &(0x7f00000004c0)=0x8)
sendmsg$AUDIT_GET(r3, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x10, 0x3e8, 0x800, 0x70bd2d, 0x25dfdbfc, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000000}, 0x8840)
ioctl$CDROMSEEK(r2, 0x5316, &(0x7f0000000600)={0x3, 0x2, 0x8, 0x5, 0x1, 0x3e})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045301, &(0x7f0000000640))
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000680)={{{@in6=@initdev, @in6=@initdev}}, {{@in6=@mcast1}, 0x0, @in6}}, &(0x7f0000000780)=0xe8)
ioctl$CDROM_SET_OPTIONS(r3, 0x5320, 0x6)
ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000005a00))

09:39:34 executing program 3:
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x8, 0x1}, {0x8, 0xc1d1}, {0x4, 0x5209}]})
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
close_range(0xffffffffffffffff, r0, 0x2)
r1 = syz_open_dev$vcsa(&(0x7f0000000080), 0x7f, 0x8a201)
ioctl$TIOCMBIS(r1, 0x5416, &(0x7f00000000c0)=0x6)
recvmsg$unix(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)=""/1, 0x1}, {&(0x7f0000000140)=""/255, 0xff}], 0x2, &(0x7f0000000280)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [<r9=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf8}, 0x2100)
ioctl$KDFONTOP_COPY(r3, 0x4b72, &(0x7f00000007c0)={0x3, 0x0, 0x3, 0x19, 0x1c2, &(0x7f00000003c0)})
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000800), 0x200080, 0x0)
ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000840)=[0x8, 0x1ff])
pread64(r9, &(0x7f0000000880)=""/2, 0x2, 0x3ff)
ioctl$TIOCGISO7816(r2, 0x80285442, &(0x7f00000008c0))
r11 = socket$inet_udp(0x2, 0x2, 0x0)
dup2(r5, r11)
close_range(r6, r1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc0189379, &(0x7f0000000900)={{0x1, 0x1, 0x18}, './file0\x00'})
dup(r7)
fstat(r10, &(0x7f0000000940))
r12 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000009c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r8, 0xc018937d, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r12, {0x3}}, './file0\x00'})
setxattr$security_capability(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80), &(0x7f0000000ac0)=@v1={0x1000000, [{0x4, 0x9}]}, 0xc, 0x1)

09:39:35 executing program 4:
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x0)
ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000080)={0x2, 0x3, 0xfd, 0x9, 0x80000001, 0x800, 0x5, 0xbc4, 0x0, 0x0, 0x92c4, 0x20, 0x16, 0x2})
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, &(0x7f00000000c0)={0x0, @aes256, 0x0, @desc3})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0\x00'})
ftruncate(r0, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r1=>0x0}, &(0x7f0000000200)=0xc)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x2100010, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@mmap}, {@noextend}, {@access_any}, {@cache_none}, {@debug={'debug', 0x3d, 0x1}}, {@cache_mmap}, {@access_client}], [{@seclabel}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'trusted.overlay.redirect\x00'}}, {@euid_eq={'euid', 0x3d, r1}}]}})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000340)={<r2=>r0, 0x79ca, 0x6, 0x6})
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000380)={'rose0\x00', {0x2, 0x0, @multicast2}})
recvmsg$unix(r2, &(0x7f00000006c0)={&(0x7f00000003c0)=@abs, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000440)=""/161, 0xa1}, {&(0x7f0000000500)=""/163, 0xa3}, {&(0x7f00000005c0)=""/17, 0x11}], 0x3, &(0x7f0000000640)=[@rights={{0x24, 0x1, 0x1, [<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0x48}, 0x0)
r7 = openat(r4, &(0x7f0000000700)='./file0\x00', 0x20040, 0x40)
ioctl$FICLONE(r6, 0x40049409, r7)
fcntl$F_SET_RW_HINT(r7, 0x40c, &(0x7f0000000740)=0x4)
pread64(r6, &(0x7f0000000780)=""/197, 0xc5, 0x2)
ioctl$FICLONE(r2, 0x40049409, r2)
ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0xc020662a, &(0x7f0000000880)={0xfffffffffffff98a, 0x7f, 0x6, 0x1, 0x5, [{0x6, 0x0, 0x1, '\x00', 0x2000}, {0x7f, 0x0, 0x6, '\x00', 0xa07}, {0x1, 0x547, 0x2, '\x00', 0x303}, {0xffffffffffff0001, 0x0, 0x0, '\x00', 0x808}, {0x1, 0x60000, 0x1f, '\x00', 0x2702}]})
preadv(r3, &(0x7f0000000a00)=[{&(0x7f00000009c0)=""/36, 0x24}], 0x1, 0xffffffa4, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r3, 0x8010661b, &(0x7f0000000a40))
r8 = openat(r0, &(0x7f0000000a80)='./file0\x00', 0x0, 0x120)
ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f0000000ac0)={'batadv_slave_1\x00', @broadcast})

[   78.934320] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   78.936011] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   78.940504] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   78.942000] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   78.945050] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   78.947075] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   78.948302] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   78.951106] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   78.953005] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   78.954199] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   78.958955] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   78.960836] Bluetooth: hci0: HCI_REQ-0x0c1a
[   78.962163] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   78.967879] Bluetooth: hci1: HCI_REQ-0x0c1a
[   79.000393] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   79.002349] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   79.006443] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   79.010151] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   79.012567] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   79.014615] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   79.019885] Bluetooth: hci2: HCI_REQ-0x0c1a
[   79.042946] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   79.052507] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   79.054849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   79.058951] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   79.060757] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   79.062378] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   79.064845] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   79.066978] Bluetooth: hci6: HCI_REQ-0x0c1a
[   79.075024] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   79.076739] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   79.077992] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   79.081486] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   79.081620] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   79.084475] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   79.085098] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   79.088358] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   79.105165] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   79.107286] Bluetooth: hci7: HCI_REQ-0x0c1a
[   79.143320] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   79.146429] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   79.154597] Bluetooth: hci5: HCI_REQ-0x0c1a
[   81.017741] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   81.019236] Bluetooth: hci1: command 0x0409 tx timeout
[   81.019962] Bluetooth: hci0: command 0x0409 tx timeout
[   81.021698] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   81.081782] Bluetooth: hci6: command 0x0409 tx timeout
[   81.082428] Bluetooth: hci2: command 0x0409 tx timeout
[   81.146784] Bluetooth: hci7: command 0x0409 tx timeout
[   81.209731] Bluetooth: hci5: command 0x0409 tx timeout
[   83.065836] Bluetooth: hci0: command 0x041b tx timeout
[   83.066574] Bluetooth: hci1: command 0x041b tx timeout
[   83.129777] Bluetooth: hci2: command 0x041b tx timeout
[   83.130487] Bluetooth: hci6: command 0x041b tx timeout
[   83.194733] Bluetooth: hci7: command 0x041b tx timeout
[   83.258737] Bluetooth: hci5: command 0x041b tx timeout
[   83.881185] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.893253] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.894066] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.916304] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.917431] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   83.934139] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.957887] Bluetooth: hci3: HCI_REQ-0x0c1a
[   84.187328] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   84.189618] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   84.191150] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   84.195987] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   84.197558] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   84.199690] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   84.213435] Bluetooth: hci4: HCI_REQ-0x0c1a
[   85.113820] Bluetooth: hci1: command 0x040f tx timeout
[   85.113884] Bluetooth: hci0: command 0x040f tx timeout
[   85.178705] Bluetooth: hci6: command 0x040f tx timeout
[   85.178791] Bluetooth: hci2: command 0x040f tx timeout
[   85.241699] Bluetooth: hci7: command 0x040f tx timeout
[   85.305698] Bluetooth: hci5: command 0x040f tx timeout
[   86.010802] Bluetooth: hci3: command 0x0409 tx timeout
[   86.266724] Bluetooth: hci4: command 0x0409 tx timeout
[   87.161723] Bluetooth: hci0: command 0x0419 tx timeout
[   87.162713] Bluetooth: hci1: command 0x0419 tx timeout
[   87.225758] Bluetooth: hci6: command 0x0419 tx timeout
[   87.226771] Bluetooth: hci2: command 0x0419 tx timeout
[   87.290778] Bluetooth: hci7: command 0x0419 tx timeout
[   87.354752] Bluetooth: hci5: command 0x0419 tx timeout
[   88.058799] Bluetooth: hci3: command 0x041b tx timeout
[   88.314693] Bluetooth: hci4: command 0x041b tx timeout
[   90.105702] Bluetooth: hci3: command 0x040f tx timeout
[   90.362724] Bluetooth: hci4: command 0x040f tx timeout
[   92.154716] Bluetooth: hci3: command 0x0419 tx timeout
[   92.409698] Bluetooth: hci4: command 0x0419 tx timeout
09:40:28 executing program 7:
mkdir(&(0x7f0000003b80)='./file0\x00', 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
r4 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xffffffff, 0x8, &(0x7f0000000640)=[{&(0x7f00000000c0)="ea311a0be475c683e983dd23ecfce179056671aa3443665d614370e8262110dbc215107e325cef", 0x27, 0x9}, {&(0x7f0000000140)="9f177a31a43ff333fb67c70a505fde09db7089c80b9673c1478e229d23d39b3e62c2594a702fc8642fc09afd85fe1d517bb429b43c4850ea25643fedcfb24433af1683f0ef2613a88e7e82a2cd0dceae71", 0x51, 0x8}, {&(0x7f00000001c0)="34043bbfe07f5a0caf3e8ff0706dc5fcfba1b0dbde6df60f5918ea5ebddeb3c5b5711cad6cb74804b469f4ae5beb", 0x2e, 0x3}, {&(0x7f0000000300)="41993aef9d085643953cd9f74489bde11e705e5700de53f8d783d3ac8b572159395e534e6ab67dde9ef16c9d2726693915f88a4345d50fb72a78cfbd279d0556870fc4b0fff813eb77ab9eccbad4aad1dfe2607130c5f276268359682ca0c9af38cca24e9e8b573ba099e3b194e1a5f0df26fae13c7cf6c1155bf69509fc6e4ae72063", 0x83, 0xffffffff}, {&(0x7f00000003c0)="9e5547d3e62f6524ee598f487ea61040f21165b8fa654bb484b7d1dd8f7a4cb31966c07f45e31c985faa8c11e453fc3bbe3bb972c7d6c79190872a7f4f7db2449dea35adae1521856ee77ed60252c420403911838673a5a19f512c444c208b3ff8b9e136b80322668ef4c3394ec6d79edee0e673f2850a4e8b76f793c35b72003cb104263db6e400", 0x88}, {&(0x7f0000000480)="c09fd511475a36d4bf59f062af612d6a3e51bf8d8e7acfb94bcadfc99c31a808d441b2fe2c78b4", 0x27}, {&(0x7f00000004c0)="2dcd5210391e1c0f19cebeffe5b535f5d6994f270dddfee1d18e5ab25477df6aa632bd691e023a1942e682bdf0a7d19fcdff8beafd66ac95803587c91ce502a2aa65e8eb6212fbbc1407abf4bfcc4650c3946aba03a36dc88c0f20749a2cf46c932a76ee89a5f646c4baeb287c12d3e0a9155cd7a8a567f3f85b74ba0b444042f72ec98ff3241875de0cc12b6a7382791a0ba73a958cb8f1910f37f31449c39a5243dd5de51ec5d568fae9c15c0db0504bd9f6", 0xb3, 0x3}, {&(0x7f0000000580)="42310b8938ec3cddcbb099b8253521d17b661da66be9f182df7e12f5ec28a76546153d838be82cfc5eb591a167e5124f4a60cf755e280cee2c9dfb848a28d136299ca750f65d79f1ef1fb6757d6867441bead49b7e765103f0d651d2590cad21250295228f2d3a605730467d3c55e1b0e25389d74a8cf6fd5416a37d568983f963615be2136fc6f469c5fff6f1f0da55", 0x90, 0x7}], 0x100000, &(0x7f0000000700)={[{@dioread_nolock}, {@discard}, {@grpjquota}, {@orlov}, {@nomblk_io_submit}, {}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xd2}}], [{@euid_eq={'euid', 0x3d, r0}}, {@euid_eq={'euid', 0x3d, r0}}, {@smackfsdef={'smackfsdef', 0x3d, '\x00'}}, {@obj_role={'obj_role', 0x3d, '\x00'}}, {@pcr={'pcr', 0x3d, 0x2c}}]})
syz_io_uring_submit(r2, r3, &(0x7f0000000880)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, r4, &(0x7f0000000800)={0x480, 0x9a2e2a2660087040, 0x10}, &(0x7f0000000840)='./file0\x00', 0x18, 0x0, 0x23456}, 0x9)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x7fffdf003000, 0x0, 0x4002012, r1, 0x10000000)

09:40:28 executing program 7:
setgroups(0x4000000000000352, &(0x7f0000000300)=[0x0, 0x0])
r0 = getegid()
memfd_secret(0x0)
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={<r3=>0x0, <r4=>0x0, <r5=>0x0}, &(0x7f0000000140)=0xc)
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYRES32=r6, @ANYRES32=r2, @ANYRES32=r5, @ANYRESHEX=r4, @ANYRES64, @ANYRESOCT, @ANYRES64=r3, @ANYRES32, @ANYRESOCT])
getgroups(0x6, &(0x7f00000002c0)=[r0, r0, 0x0, r0, r1, r5])
r7 = getpid()
pidfd_open(r7, 0x0)
getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0))
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x9, 0x4, &(0x7f0000000800)=[{&(0x7f00000001c0)="506ace23e53df1153d4e7fff401c1b280455c9f815e907aedf3d707b795691a151c379e1ea4c073dfd0acbef4066510713e41d20d982f1ee563cc6ed994a7f5e9c373d81edeadababa257bfc6179410ead9dc257949f08241e10632febffb61f8371a58b1f4f74a3ba6549d535f514e61280649d98b44c1d5be5235cc8be2d861fd8cbc2722938fade549c130acc2f3f071bf00f236a1a3af8b3b34e7b782d5e017789b61f47c63ff7ef922486debe0f8c1ab10395b6edebf529143ea8f1cac52872303a70e795c9316fc64dc0aab1e733fcefb9617fada8b0e26ac20b970b8d7f7ff7bf29288fab2189", 0xea, 0x62}, {&(0x7f0000000600)="dd02e73e4c811356f3aaf30db9cc42ec6a2f2275f5a6b8987e9d891161a320d4c2554fb09baf2e9f5ccf44b9487de6a295a9d229a9faa541c20fb6bc907bbe043d087c4ff4b41509527b0470a38f002b17089eaf9fef7ddb32a683e0fe88da6f2f709f87bf5d36285563599f66d6c3722256cecf15b84500736dbab6", 0x7c, 0x200}, {&(0x7f0000000680)="4dec32614cf054998476a197bdf20c26ddbaa038a1711724291a5959066089954c9f03bdb86160e5269d4c05eb313a7a988eb1e2da139c239765da30f59f162a2422b42e0b4dd235945eddcf51f07df24611e2cbb6dcf845fded97a4abc83fdae90d40cb64cab653050a5e71023f2851370c84110ea011a7ae35d2c96de4f8a4ac5173c7", 0x84, 0x4}, {&(0x7f0000000740)="129cc8ce13864e5d41cfd8835a1a393416af7db5a6a8360ed15d0b49dbeff08c13fc3a5db5cd51d614dbcbbcaba55426ad6f827df7bb9504ccad3548f1b08253062f2328db4c157f4195c9bb7c7f21be901c25fe0be6a439fce6206e306857fd546d61b5c40edd3569717e81a3bb9fbc880b5e7caf5329c079c9ff5b07d10ce58e222089728f19db72c79ef7687da2967b19aee16362a4a73a8221cfb45c679b4743e11b44bbc89b6537f96f0e83e9f5e0a4f456598afcbe9ce1", 0xba, 0x10001}], 0x2, &(0x7f0000000880)={[{@shortname_mixed}, {@utf8no}, {@shortname_winnt}], [{@dont_appraise}, {@measure}, {@fsname={'fsname', 0x3d, '\\^/\''}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}]})
r8 = getpid()
r9 = pidfd_open(r8, 0x0)
pidfd_send_signal(r9, 0x0, &(0x7f0000000100)={0x0, 0x0, 0xfffffffa}, 0x0)
r10 = getpid()
r11 = pidfd_open(r10, 0x0)
pidfd_send_signal(r11, 0x0, &(0x7f0000000100)={0x0, 0x0, 0xfffffffa}, 0x0)
epoll_create(0x0)

[  131.008027] audit: type=1400 audit(1664876428.389:7): avc:  denied  { open } for  pid=3779 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  131.009787] audit: type=1400 audit(1664876428.390:8): avc:  denied  { kernel } for  pid=3779 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  131.024370] loop7: detected capacity change from 0 to 256
[  131.034907] FAT-fs (loop7): Unrecognized mount option "dont_appraise" or missing value
09:40:28 executing program 7:
ustat(0x8000000000201, &(0x7f0000000000))
ustat(0x7fffffff, &(0x7f0000000340))
ustat(0x5, &(0x7f0000000300))
r0 = open(0x0, 0x0, 0x22)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(0xffffffffffffffff)
write$binfmt_script(r4, &(0x7f00000004c0)=ANY=[@ANYBLOB='\t'], 0xb)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
close(r4)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r2)
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000140)={{0x7, 0x3}, 0x100, './file1\x00'})
pwritev(r3, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)

[  131.165535] ------------[ cut here ]------------
[  131.165560] 
[  131.165564] ======================================================
[  131.165568] WARNING: possible circular locking dependency detected
[  131.165572] 6.0.0-rc7-next-20220930 #1 Not tainted
[  131.165578] ------------------------------------------------------
[  131.165581] syz-executor.7/3793 is trying to acquire lock:
[  131.165588] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  131.165628] 
[  131.165628] but task is already holding lock:
[  131.165631] ffff88800fff3c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  131.165659] 
[  131.165659] which lock already depends on the new lock.
[  131.165659] 
[  131.165663] 
[  131.165663] the existing dependency chain (in reverse order) is:
[  131.165666] 
[  131.165666] -> #3 (&ctx->lock){....}-{2:2}:
[  131.165680]        _raw_spin_lock+0x2a/0x40
[  131.165691]        __perf_event_task_sched_out+0x53b/0x18d0
[  131.165702]        __schedule+0xedd/0x2470
[  131.165716]        schedule+0xda/0x1b0
[  131.165730]        exit_to_user_mode_prepare+0x114/0x1a0
[  131.165742]        syscall_exit_to_user_mode+0x19/0x40
[  131.165755]        do_syscall_64+0x48/0x90
[  131.165772]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.165785] 
[  131.165785] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  131.165798]        _raw_spin_lock_nested+0x30/0x40
[  131.165809]        raw_spin_rq_lock_nested+0x1e/0x30
[  131.165822]        task_fork_fair+0x63/0x4d0
[  131.165838]        sched_cgroup_fork+0x3d0/0x540
[  131.165853]        copy_process+0x4183/0x6e20
[  131.165863]        kernel_clone+0xe7/0x890
[  131.165872]        user_mode_thread+0xad/0xf0
[  131.165882]        rest_init+0x24/0x250
[  131.165894]        arch_call_rest_init+0xf/0x14
[  131.165911]        start_kernel+0x4c6/0x4eb
[  131.165926]        secondary_startup_64_no_verify+0xe0/0xeb
[  131.165940] 
[  131.165940] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  131.165954]        _raw_spin_lock_irqsave+0x39/0x60
[  131.165965]        try_to_wake_up+0xab/0x1930
[  131.165978]        up+0x75/0xb0
[  131.165991]        __up_console_sem+0x6e/0x80
[  131.166007]        console_unlock+0x46a/0x590
[  131.166023]        vprintk_emit+0x1bd/0x560
[  131.166039]        vprintk+0x84/0xa0
[  131.166054]        _printk+0xba/0xf1
[  131.166066]        kauditd_hold_skb.cold+0x3f/0x4e
[  131.166083]        kauditd_send_queue+0x233/0x290
[  131.166098]        kauditd_thread+0x5f9/0x9c0
[  131.166111]        kthread+0x2ed/0x3a0
[  131.166125]        ret_from_fork+0x22/0x30
[  131.166137] 
[  131.166137] -> #0 ((console_sem).lock){....}-{2:2}:
[  131.166151]        __lock_acquire+0x2a02/0x5e70
[  131.166168]        lock_acquire+0x1a2/0x530
[  131.166184]        _raw_spin_lock_irqsave+0x39/0x60
[  131.166194]        down_trylock+0xe/0x70
[  131.166209]        __down_trylock_console_sem+0x3b/0xd0
[  131.166225]        vprintk_emit+0x16b/0x560
[  131.166240]        vprintk+0x84/0xa0
[  131.166256]        _printk+0xba/0xf1
[  131.166266]        report_bug.cold+0x72/0xab
[  131.166282]        handle_bug+0x3c/0x70
[  131.166298]        exc_invalid_op+0x14/0x50
[  131.166315]        asm_exc_invalid_op+0x16/0x20
[  131.166327]        group_sched_out.part.0+0x2c7/0x460
[  131.166344]        ctx_sched_out+0x8f1/0xc10
[  131.166361]        __perf_event_task_sched_out+0x6d0/0x18d0
[  131.166372]        __schedule+0xedd/0x2470
[  131.166385]        schedule+0xda/0x1b0
[  131.166398]        exit_to_user_mode_prepare+0x114/0x1a0
[  131.166409]        syscall_exit_to_user_mode+0x19/0x40
[  131.166421]        do_syscall_64+0x48/0x90
[  131.166437]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.166450] 
[  131.166450] other info that might help us debug this:
[  131.166450] 
[  131.166452] Chain exists of:
[  131.166452]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  131.166452] 
[  131.166467]  Possible unsafe locking scenario:
[  131.166467] 
[  131.166469]        CPU0                    CPU1
[  131.166472]        ----                    ----
[  131.166474]   lock(&ctx->lock);
[  131.166479]                                lock(&rq->__lock);
[  131.166486]                                lock(&ctx->lock);
[  131.166492]   lock((console_sem).lock);
[  131.166498] 
[  131.166498]  *** DEADLOCK ***
[  131.166498] 
[  131.166500] 2 locks held by syz-executor.7/3793:
[  131.166506]  #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  131.166535]  #1: ffff88800fff3c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  131.166561] 
[  131.166561] stack backtrace:
[  131.166564] CPU: 0 PID: 3793 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  131.166577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  131.166585] Call Trace:
[  131.166588]  <TASK>
[  131.166592]  dump_stack_lvl+0x8b/0xb3
[  131.166610]  check_noncircular+0x263/0x2e0
[  131.166627]  ? format_decode+0x26c/0xb50
[  131.166643]  ? print_circular_bug+0x450/0x450
[  131.166663]  ? simple_strtoul+0x30/0x30
[  131.166677]  ? __lockdep_reset_lock+0x180/0x180
[  131.166694]  ? format_decode+0x26c/0xb50
[  131.166711]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  131.166728]  __lock_acquire+0x2a02/0x5e70
[  131.166750]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  131.166772]  lock_acquire+0x1a2/0x530
[  131.166788]  ? down_trylock+0xe/0x70
[  131.166805]  ? lock_release+0x750/0x750
[  131.166822]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  131.166843]  ? vprintk+0x84/0xa0
[  131.166860]  _raw_spin_lock_irqsave+0x39/0x60
[  131.166871]  ? down_trylock+0xe/0x70
[  131.166887]  down_trylock+0xe/0x70
[  131.166903]  ? vprintk+0x84/0xa0
[  131.166920]  __down_trylock_console_sem+0x3b/0xd0
[  131.166937]  vprintk_emit+0x16b/0x560
[  131.166953]  ? lock_downgrade+0x6d0/0x6d0
[  131.166971]  vprintk+0x84/0xa0
[  131.166989]  _printk+0xba/0xf1
[  131.167000]  ? record_print_text.cold+0x16/0x16
[  131.167014]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  131.167028]  ? lock_downgrade+0x6d0/0x6d0
[  131.167045]  ? report_bug.cold+0x66/0xab
[  131.167063]  ? group_sched_out.part.0+0x2c7/0x460
[  131.167081]  report_bug.cold+0x72/0xab
[  131.167099]  handle_bug+0x3c/0x70
[  131.167117]  exc_invalid_op+0x14/0x50
[  131.167134]  asm_exc_invalid_op+0x16/0x20
[  131.167147] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  131.167168] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  131.167179] RSP: 0018:ffff88804080fc48 EFLAGS: 00010006
[  131.167188] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  131.167195] RDX: ffff88801b120000 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  131.167203] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  131.167211] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800fff3c00
[  131.167218] R13: ffff88806ce3d2c0 R14: ffffffff8547d160 R15: 0000000000000002
[  131.167229]  ? group_sched_out.part.0+0x2c7/0x460
[  131.167248]  ? group_sched_out.part.0+0x2c7/0x460
[  131.167268]  ctx_sched_out+0x8f1/0xc10
[  131.167287]  __perf_event_task_sched_out+0x6d0/0x18d0
[  131.167301]  ? lock_is_held_type+0xd7/0x130
[  131.167315]  ? __perf_cgroup_move+0x160/0x160
[  131.167325]  ? set_next_entity+0x304/0x550
[  131.167343]  ? update_curr+0x267/0x740
[  131.167361]  ? lock_is_held_type+0xd7/0x130
[  131.167375]  __schedule+0xedd/0x2470
[  131.167392]  ? io_schedule_timeout+0x150/0x150
[  131.167408]  ? __x64_sys_futex_time32+0x480/0x480
[  131.167422]  schedule+0xda/0x1b0
[  131.167437]  exit_to_user_mode_prepare+0x114/0x1a0
[  131.167449]  syscall_exit_to_user_mode+0x19/0x40
[  131.167463]  do_syscall_64+0x48/0x90
[  131.167480]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.167493] RIP: 0033:0x7f201481eb19
[  131.167502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  131.167512] RSP: 002b:00007f2011d94218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  131.167523] RAX: 0000000000000001 RBX: 00007f2014931f68 RCX: 00007f201481eb19
[  131.167530] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2014931f6c
[  131.167537] RBP: 00007f2014931f60 R08: 000000000000000e R09: 0000000000000000
[  131.167544] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f2014931f6c
[  131.167551] R13: 00007ffeaf1c202f R14: 00007f2011d94300 R15: 0000000000022000
[  131.167564]  </TASK>
[  131.280564] WARNING: CPU: 0 PID: 3793 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  131.281914] Modules linked in:
[  131.282393] CPU: 0 PID: 3793 Comm: syz-executor.7 Not tainted 6.0.0-rc7-next-20220930 #1
[  131.283561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  131.285230] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  131.286050] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  131.288727] RSP: 0018:ffff88804080fc48 EFLAGS: 00010006
[  131.289515] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  131.290562] RDX: ffff88801b120000 RSI: ffffffff81565dc7 RDI: 0000000000000005
[  131.291591] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001
[  131.292654] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800fff3c00
[  131.293719] R13: ffff88806ce3d2c0 R14: ffffffff8547d160 R15: 0000000000000002
[  131.294770] FS:  00007f2011d94700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  131.295879] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.296657] CR2: 0000001b2dc21000 CR3: 0000000018b38000 CR4: 0000000000350ef0
[  131.297627] Call Trace:
[  131.297983]  <TASK>
[  131.298294]  ctx_sched_out+0x8f1/0xc10
[  131.298844]  __perf_event_task_sched_out+0x6d0/0x18d0
[  131.299555]  ? lock_is_held_type+0xd7/0x130
[  131.300155]  ? __perf_cgroup_move+0x160/0x160
[  131.300772]  ? set_next_entity+0x304/0x550
[  131.301368]  ? update_curr+0x267/0x740
[  131.301916]  ? lock_is_held_type+0xd7/0x130
[  131.302507]  __schedule+0xedd/0x2470
[  131.303038]  ? io_schedule_timeout+0x150/0x150
[  131.303669]  ? __x64_sys_futex_time32+0x480/0x480
[  131.304322]  schedule+0xda/0x1b0
[  131.304801]  exit_to_user_mode_prepare+0x114/0x1a0
[  131.305492]  syscall_exit_to_user_mode+0x19/0x40
[  131.306133]  do_syscall_64+0x48/0x90
[  131.306664]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.307372] RIP: 0033:0x7f201481eb19
[  131.307878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  131.310284] RSP: 002b:00007f2011d94218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  131.311326] RAX: 0000000000000001 RBX: 00007f2014931f68 RCX: 00007f201481eb19
[  131.312380] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2014931f6c
[  131.313441] RBP: 00007f2014931f60 R08: 000000000000000e R09: 0000000000000000
[  131.314483] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f2014931f6c
[  131.315529] R13: 00007ffeaf1c202f R14: 00007f2011d94300 R15: 0000000000022000
[  131.316604]  </TASK>
[  131.316949] irq event stamp: 1048
[  131.317462] hardirqs last  enabled at (1047): [<ffffffff8133e829>] exit_to_user_mode_prepare+0x109/0x1a0
[  131.318842] hardirqs last disabled at (1048): [<ffffffff8425caa5>] __schedule+0x1225/0x2470
[  131.320081] softirqs last  enabled at (996): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  131.321330] softirqs last disabled at (987): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  131.322608] ---[ end trace 0000000000000000 ]---
[  131.486279] audit: type=1400 audit(1664876428.868:9): avc:  denied  { write } for  pid=3790 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
09:40:29 executing program 7:
ustat(0x8000000000201, &(0x7f0000000000))
ustat(0x7fffffff, &(0x7f0000000340))
ustat(0x5, &(0x7f0000000300))
r0 = open(0x0, 0x0, 0x22)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(0xffffffffffffffff)
write$binfmt_script(r4, &(0x7f00000004c0)=ANY=[@ANYBLOB='\t'], 0xb)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
close(r4)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r2)
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000140)={{0x7, 0x3}, 0x100, './file1\x00'})
pwritev(r3, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)

09:40:29 executing program 3:
ustat(0x8000000000201, &(0x7f0000000000))
ustat(0x7fffffff, &(0x7f0000000340))
ustat(0x5, &(0x7f0000000300))
r0 = open(0x0, 0x0, 0x22)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(0xffffffffffffffff)
write$binfmt_script(r4, &(0x7f00000004c0)=ANY=[@ANYBLOB='\t'], 0xb)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
close(r4)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r2)
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000140)={{0x7, 0x3}, 0x100, './file1\x00'})
pwritev(r3, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)

09:40:29 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x793, 0x1, &(0x7f0000000380)=[{&(0x7f0000000280)="b5f0bc0b59452e2707784c68edb4089b89156bd26dbde362a8a854ce05fc4593964db275a1785feddaf037d531938e91d5a26b219db6a0f887a448affdb57105ebb10a3516dae69e3a7359f5782fbebbec0a19a5e77014bea5d13a26fb5c55dd97aed5226ec9ae55c66d0774a3c4f1d672982af27a9eb0bafc918d945ec2466fb4b6a4b065b0afaec870459b75be35a88d1165e4071265b99db0f4e18bfb51d4faa35f3ee23cbff0bf0b2ae111d23320d1edf73cd66f666fa5772f6fed99ca0d5b9b7e6bcd1d76a7245cc0e5dfd738f5a62667", 0xd3}], 0x40010, &(0x7f00000003c0)={[{@nr_inodes={'nr_inodes', 0x3d, [0x33, 0x36, 0x30, 0x37, 0x33, 0x38, 0x39, 0x33, 0x33]}}], [{@fowner_lt={'fowner<', 0xffffffffffffffff}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '{]'}}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@dont_measure}, {@uid_lt}]})
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0)
mount$9p_unix(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x2880, 0x0)
setxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140), &(0x7f0000000180)={'U-', 0xfffffffffffffffc}, 0x16, 0x2)

[  132.005173] loop3: detected capacity change from 0 to 3
[  132.022095] loop3: detected capacity change from 0 to 3
09:40:29 executing program 4:
ioprio_get$pid(0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[])
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x88)
openat(r0, &(0x7f0000000140)='./file0\x00', 0x10120, 0x0)

09:40:29 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
dup2(r1, r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@abs={0x1, 0x0, 0x4e23}, 0x6e, 0x0}}], 0x2, 0x0)

[  132.114595] loop4: detected capacity change from 0 to 256
[  132.135875] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)

VM DIAGNOSIS:
09:40:28  Registers:
info registers vcpu 0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff823bb06c RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88804080f638
R8 =0000000000000004 R9 =0000000000000010 R10=0000000000000010 R11=0000000000000001
R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0ecb584 R15=dffffc0000000000
RIP=ffffffff823bb0c1 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f2011d94700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2dc21000 CR3=0000000018b38000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f20149057c0 00007f20149057c8
YMM02=0000000000000000 0000000000000000 00007f20149057e0 00007f20149057c0
YMM03=0000000000000000 0000000000000000 00007f20149057c8 00007f20149057c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=ffff888008987659 RCX=1ffff11002ae325f RDX=1ffff11003756e61
RSI=ffff88800da75d18 RDI=ffff88801bab7308 RBP=ffff88800da75d18 RSP=ffff888040897898
R8 =0000000000000001 R9 =ffff88804089785b R10=ffffed1008112f0b R11=0000000000000001
R12=ffff888008987658 R13=ffff88801bab72f8 R14=ffff88801bab72f9 R15=ffffffff87080900
RIP=ffffffff84115717 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f6b7a1b3260 CR3=0000000015e9a000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 2e6f747079726362 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 00312e312e6f732e 6f74707972636269
YMM03=0000000000000000 0000000000000000 6c2f756e672d7875 6e696c2d34365f36
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000