Warning: Permanently added '[localhost]:24158' (ECDSA) to the list of known hosts.
2022/09/15 14:09:19 fuzzer started
2022/09/15 14:09:19 dialing manager at localhost:36559
syzkaller login: [   44.399153] cgroup: Unknown subsys name 'net'
[   44.499526] cgroup: Unknown subsys name 'rlimit'
2022/09/15 14:09:34 syscalls: 2215
2022/09/15 14:09:34 code coverage: enabled
2022/09/15 14:09:34 comparison tracing: enabled
2022/09/15 14:09:34 extra coverage: enabled
2022/09/15 14:09:34 setuid sandbox: enabled
2022/09/15 14:09:34 namespace sandbox: enabled
2022/09/15 14:09:34 Android sandbox: enabled
2022/09/15 14:09:34 fault injection: enabled
2022/09/15 14:09:34 leak checking: enabled
2022/09/15 14:09:34 net packet injection: enabled
2022/09/15 14:09:34 net device setup: enabled
2022/09/15 14:09:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/15 14:09:34 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/15 14:09:34 USB emulation: enabled
2022/09/15 14:09:34 hci packet injection: enabled
2022/09/15 14:09:34 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220915                                          )
2022/09/15 14:09:34 802.15.4 emulation: enabled
2022/09/15 14:09:34 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/15 14:09:34 fetching corpus: 50, signal 17295/21015 (executing program)
2022/09/15 14:09:34 fetching corpus: 100, signal 42508/47449 (executing program)
2022/09/15 14:09:34 fetching corpus: 150, signal 50666/57046 (executing program)
2022/09/15 14:09:35 fetching corpus: 200, signal 59252/66879 (executing program)
2022/09/15 14:09:35 fetching corpus: 250, signal 66708/75508 (executing program)
2022/09/15 14:09:35 fetching corpus: 300, signal 71322/81320 (executing program)
2022/09/15 14:09:35 fetching corpus: 350, signal 76619/87690 (executing program)
2022/09/15 14:09:35 fetching corpus: 400, signal 82744/94809 (executing program)
2022/09/15 14:09:35 fetching corpus: 450, signal 87028/100114 (executing program)
2022/09/15 14:09:35 fetching corpus: 500, signal 94361/108146 (executing program)
2022/09/15 14:09:36 fetching corpus: 550, signal 97618/112372 (executing program)
2022/09/15 14:09:36 fetching corpus: 600, signal 99911/115651 (executing program)
2022/09/15 14:09:36 fetching corpus: 650, signal 105467/121786 (executing program)
2022/09/15 14:09:36 fetching corpus: 700, signal 108853/125872 (executing program)
2022/09/15 14:09:36 fetching corpus: 750, signal 111377/129192 (executing program)
2022/09/15 14:09:36 fetching corpus: 800, signal 115013/133480 (executing program)
2022/09/15 14:09:37 fetching corpus: 850, signal 118729/137743 (executing program)
2022/09/15 14:09:37 fetching corpus: 900, signal 122353/141982 (executing program)
2022/09/15 14:09:37 fetching corpus: 950, signal 125979/146077 (executing program)
2022/09/15 14:09:37 fetching corpus: 1000, signal 128449/149169 (executing program)
2022/09/15 14:09:37 fetching corpus: 1050, signal 131320/152504 (executing program)
2022/09/15 14:09:37 fetching corpus: 1100, signal 132678/154508 (executing program)
2022/09/15 14:09:38 fetching corpus: 1150, signal 135408/157790 (executing program)
2022/09/15 14:09:38 fetching corpus: 1200, signal 136940/159991 (executing program)
2022/09/15 14:09:38 fetching corpus: 1250, signal 138656/162280 (executing program)
2022/09/15 14:09:38 fetching corpus: 1300, signal 140812/164929 (executing program)
2022/09/15 14:09:38 fetching corpus: 1350, signal 142737/167335 (executing program)
2022/09/15 14:09:38 fetching corpus: 1400, signal 143787/169030 (executing program)
2022/09/15 14:09:38 fetching corpus: 1450, signal 145064/170848 (executing program)
2022/09/15 14:09:39 fetching corpus: 1500, signal 147582/173681 (executing program)
2022/09/15 14:09:39 fetching corpus: 1550, signal 149545/175947 (executing program)
2022/09/15 14:09:39 fetching corpus: 1600, signal 150992/177874 (executing program)
2022/09/15 14:09:39 fetching corpus: 1650, signal 152663/179902 (executing program)
2022/09/15 14:09:39 fetching corpus: 1700, signal 154446/182020 (executing program)
2022/09/15 14:09:39 fetching corpus: 1750, signal 155540/183583 (executing program)
2022/09/15 14:09:39 fetching corpus: 1800, signal 157465/185691 (executing program)
2022/09/15 14:09:40 fetching corpus: 1850, signal 158765/187376 (executing program)
2022/09/15 14:09:40 fetching corpus: 1900, signal 159646/188730 (executing program)
2022/09/15 14:09:40 fetching corpus: 1950, signal 161720/190873 (executing program)
2022/09/15 14:09:40 fetching corpus: 2000, signal 163132/192568 (executing program)
2022/09/15 14:09:40 fetching corpus: 2050, signal 164423/194165 (executing program)
2022/09/15 14:09:40 fetching corpus: 2100, signal 166114/195960 (executing program)
2022/09/15 14:09:40 fetching corpus: 2150, signal 167085/197298 (executing program)
2022/09/15 14:09:41 fetching corpus: 2200, signal 169162/199308 (executing program)
2022/09/15 14:09:41 fetching corpus: 2250, signal 170546/200915 (executing program)
2022/09/15 14:09:41 fetching corpus: 2300, signal 172738/203007 (executing program)
2022/09/15 14:09:41 fetching corpus: 2350, signal 174249/204586 (executing program)
2022/09/15 14:09:41 fetching corpus: 2400, signal 175170/205767 (executing program)
2022/09/15 14:09:41 fetching corpus: 2450, signal 175982/206853 (executing program)
2022/09/15 14:09:42 fetching corpus: 2500, signal 177405/208336 (executing program)
2022/09/15 14:09:42 fetching corpus: 2550, signal 178500/209588 (executing program)
2022/09/15 14:09:42 fetching corpus: 2600, signal 179459/210750 (executing program)
2022/09/15 14:09:42 fetching corpus: 2650, signal 180882/212175 (executing program)
2022/09/15 14:09:42 fetching corpus: 2700, signal 182545/213788 (executing program)
2022/09/15 14:09:42 fetching corpus: 2750, signal 183732/215089 (executing program)
2022/09/15 14:09:42 fetching corpus: 2800, signal 185031/216347 (executing program)
2022/09/15 14:09:43 fetching corpus: 2850, signal 186767/217814 (executing program)
2022/09/15 14:09:43 fetching corpus: 2900, signal 187758/218899 (executing program)
2022/09/15 14:09:43 fetching corpus: 2950, signal 188511/219814 (executing program)
2022/09/15 14:09:43 fetching corpus: 3000, signal 189545/220856 (executing program)
2022/09/15 14:09:43 fetching corpus: 3050, signal 190733/221980 (executing program)
2022/09/15 14:09:43 fetching corpus: 3100, signal 191244/222739 (executing program)
2022/09/15 14:09:43 fetching corpus: 3150, signal 192658/223944 (executing program)
2022/09/15 14:09:44 fetching corpus: 3200, signal 193987/225093 (executing program)
2022/09/15 14:09:44 fetching corpus: 3250, signal 195134/226109 (executing program)
2022/09/15 14:09:44 fetching corpus: 3300, signal 195968/226989 (executing program)
2022/09/15 14:09:44 fetching corpus: 3350, signal 197000/227962 (executing program)
2022/09/15 14:09:44 fetching corpus: 3400, signal 197892/228835 (executing program)
2022/09/15 14:09:44 fetching corpus: 3450, signal 198863/229774 (executing program)
2022/09/15 14:09:44 fetching corpus: 3500, signal 200673/230985 (executing program)
2022/09/15 14:09:45 fetching corpus: 3550, signal 201578/231868 (executing program)
2022/09/15 14:09:45 fetching corpus: 3600, signal 202572/232753 (executing program)
2022/09/15 14:09:45 fetching corpus: 3650, signal 203785/233700 (executing program)
2022/09/15 14:09:45 fetching corpus: 3700, signal 204705/234465 (executing program)
2022/09/15 14:09:45 fetching corpus: 3750, signal 205387/235145 (executing program)
2022/09/15 14:09:45 fetching corpus: 3800, signal 206305/235887 (executing program)
2022/09/15 14:09:45 fetching corpus: 3850, signal 207031/236603 (executing program)
2022/09/15 14:09:46 fetching corpus: 3900, signal 207433/237119 (executing program)
2022/09/15 14:09:46 fetching corpus: 3950, signal 208759/238011 (executing program)
2022/09/15 14:09:46 fetching corpus: 4000, signal 210399/238906 (executing program)
2022/09/15 14:09:46 fetching corpus: 4050, signal 211193/239506 (executing program)
2022/09/15 14:09:46 fetching corpus: 4100, signal 211814/240077 (executing program)
2022/09/15 14:09:46 fetching corpus: 4150, signal 212555/240624 (executing program)
2022/09/15 14:09:46 fetching corpus: 4200, signal 213177/241192 (executing program)
2022/09/15 14:09:47 fetching corpus: 4250, signal 213936/241763 (executing program)
2022/09/15 14:09:47 fetching corpus: 4300, signal 215149/242418 (executing program)
2022/09/15 14:09:47 fetching corpus: 4350, signal 215539/242844 (executing program)
2022/09/15 14:09:47 fetching corpus: 4400, signal 216216/243345 (executing program)
2022/09/15 14:09:47 fetching corpus: 4450, signal 216760/243787 (executing program)
2022/09/15 14:09:47 fetching corpus: 4500, signal 217229/244252 (executing program)
2022/09/15 14:09:47 fetching corpus: 4550, signal 217892/244763 (executing program)
2022/09/15 14:09:47 fetching corpus: 4600, signal 218631/245254 (executing program)
2022/09/15 14:09:48 fetching corpus: 4650, signal 219484/245729 (executing program)
2022/09/15 14:09:48 fetching corpus: 4700, signal 220080/246187 (executing program)
2022/09/15 14:09:48 fetching corpus: 4750, signal 220837/246642 (executing program)
2022/09/15 14:09:48 fetching corpus: 4800, signal 221704/247112 (executing program)
2022/09/15 14:09:48 fetching corpus: 4850, signal 222533/247587 (executing program)
2022/09/15 14:09:48 fetching corpus: 4900, signal 223364/248086 (executing program)
2022/09/15 14:09:48 fetching corpus: 4950, signal 224074/248470 (executing program)
2022/09/15 14:09:49 fetching corpus: 5000, signal 224850/248903 (executing program)
2022/09/15 14:09:49 fetching corpus: 5050, signal 225649/249284 (executing program)
2022/09/15 14:09:49 fetching corpus: 5100, signal 226305/249633 (executing program)
2022/09/15 14:09:49 fetching corpus: 5150, signal 226812/249967 (executing program)
2022/09/15 14:09:49 fetching corpus: 5200, signal 227377/250305 (executing program)
2022/09/15 14:09:49 fetching corpus: 5250, signal 227857/250623 (executing program)
2022/09/15 14:09:49 fetching corpus: 5300, signal 228498/250914 (executing program)
2022/09/15 14:09:50 fetching corpus: 5350, signal 229023/251244 (executing program)
2022/09/15 14:09:50 fetching corpus: 5400, signal 229580/251498 (executing program)
2022/09/15 14:09:50 fetching corpus: 5450, signal 230069/251745 (executing program)
2022/09/15 14:09:50 fetching corpus: 5500, signal 230911/252038 (executing program)
2022/09/15 14:09:50 fetching corpus: 5550, signal 231353/252267 (executing program)
2022/09/15 14:09:50 fetching corpus: 5600, signal 232036/252542 (executing program)
2022/09/15 14:09:50 fetching corpus: 5650, signal 232889/252793 (executing program)
2022/09/15 14:09:51 fetching corpus: 5700, signal 233247/253011 (executing program)
2022/09/15 14:09:51 fetching corpus: 5750, signal 233744/253250 (executing program)
2022/09/15 14:09:51 fetching corpus: 5800, signal 234383/253493 (executing program)
2022/09/15 14:09:51 fetching corpus: 5850, signal 234797/253654 (executing program)
2022/09/15 14:09:51 fetching corpus: 5900, signal 235610/253896 (executing program)
2022/09/15 14:09:51 fetching corpus: 5950, signal 236641/254147 (executing program)
2022/09/15 14:09:51 fetching corpus: 6000, signal 237071/254314 (executing program)
2022/09/15 14:09:52 fetching corpus: 6050, signal 237476/254484 (executing program)
2022/09/15 14:09:52 fetching corpus: 6100, signal 237942/254589 (executing program)
2022/09/15 14:09:52 fetching corpus: 6150, signal 238626/254591 (executing program)
2022/09/15 14:09:52 fetching corpus: 6200, signal 239069/254606 (executing program)
2022/09/15 14:09:52 fetching corpus: 6250, signal 239597/254624 (executing program)
2022/09/15 14:09:52 fetching corpus: 6300, signal 239861/254636 (executing program)
2022/09/15 14:09:52 fetching corpus: 6350, signal 240578/254646 (executing program)
2022/09/15 14:09:52 fetching corpus: 6400, signal 241278/254658 (executing program)
2022/09/15 14:09:53 fetching corpus: 6450, signal 241932/254766 (executing program)
2022/09/15 14:09:53 fetching corpus: 6500, signal 242244/254769 (executing program)
2022/09/15 14:09:53 fetching corpus: 6550, signal 242906/254804 (executing program)
2022/09/15 14:09:53 fetching corpus: 6600, signal 243631/254834 (executing program)
2022/09/15 14:09:53 fetching corpus: 6650, signal 244022/254836 (executing program)
2022/09/15 14:09:53 fetching corpus: 6700, signal 244639/254844 (executing program)
2022/09/15 14:09:53 fetching corpus: 6750, signal 245083/254846 (executing program)
2022/09/15 14:09:54 fetching corpus: 6800, signal 245858/255086 (executing program)
2022/09/15 14:09:54 fetching corpus: 6850, signal 246361/255104 (executing program)
2022/09/15 14:09:54 fetching corpus: 6900, signal 246793/255114 (executing program)
2022/09/15 14:09:54 fetching corpus: 6917, signal 246938/255118 (executing program)
2022/09/15 14:09:54 fetching corpus: 6917, signal 246938/255118 (executing program)
2022/09/15 14:09:56 starting 8 fuzzer processes
14:09:56 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x820, &(0x7f0000000340)=ANY=[])
utime(&(0x7f0000000640)='./file1\x00', 0x0)

14:09:56 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x10)
connect$netlink(r0, &(0x7f0000000180), 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)

14:09:56 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="02", 0x1}], 0x1, 0x20000, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fallocate(r1, 0x0, 0x0, 0x8800000)

14:09:56 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)

14:09:56 executing program 4:
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000000c0)={0x0, 0x1, [@link_local]})

14:09:56 executing program 5:
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@gid}]})
read(0xffffffffffffffff, &(0x7f0000000140)=""/85, 0x55)
r1 = epoll_create1(0x0)
r2 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000300000000fbdbdf255a220076fc3b40d50b4454ce8e6e1ac484086f0008000300dad5", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
setgroups(0x1, &(0x7f0000001880)=[0x0])
mount_setattr(r0, &(0x7f00000001c0)='./file0\x00', 0x1100, &(0x7f0000000200)={0x103, 0x2}, 0x20)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000340)=0xb42584faf4018bdd, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000100))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c, 0x0}}], 0x1, 0xc880)

14:09:56 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40880, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x5325, &(0x7f0000000700))
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)

[   81.280707] audit: type=1400 audit(1663250996.715:6): avc:  denied  { execmem } for  pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
14:09:56 executing program 6:
futex(&(0x7f00000008c0), 0xb, 0x0, 0x0, 0x0, 0x0)

[   82.591502] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   82.592707] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   82.595067] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   82.595768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   82.596824] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   82.597842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   82.599716] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   82.600813] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   82.601701] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   82.604553] Bluetooth: hci0: HCI_REQ-0x0c1a
[   82.623901] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   82.637081] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   82.639073] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   82.640735] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   82.642291] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   82.643658] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   82.644802] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   82.646504] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   82.648663] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   82.649904] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   82.651522] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   82.652951] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   82.654650] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   82.655866] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   82.658878] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   82.662265] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   82.663456] Bluetooth: hci4: HCI_REQ-0x0c1a
[   82.668264] Bluetooth: hci7: HCI_REQ-0x0c1a
[   82.681250] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   82.683692] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   82.689596] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   82.692886] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   82.694745] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   82.696077] Bluetooth: hci1: HCI_REQ-0x0c1a
[   82.696102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   82.702075] Bluetooth: hci2: HCI_REQ-0x0c1a
[   82.735685] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   82.741239] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   82.745503] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   82.758703] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   82.764871] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   82.793255] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   82.799549] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   82.809047] Bluetooth: hci3: HCI_REQ-0x0c1a
[   82.824193] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   82.826477] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   82.828055] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   82.830711] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   82.832954] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   82.834582] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   82.844383] Bluetooth: hci6: HCI_REQ-0x0c1a
[   82.897563] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   82.935230] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   82.946203] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   82.956514] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   82.973170] Bluetooth: hci5: HCI_REQ-0x0c1a
[   84.666516] Bluetooth: hci0: command 0x0409 tx timeout
[   84.730074] Bluetooth: hci4: command 0x0409 tx timeout
[   84.730229] Bluetooth: hci2: command 0x0409 tx timeout
[   84.731447] Bluetooth: hci1: command 0x0409 tx timeout
[   84.732836] Bluetooth: hci7: command 0x0409 tx timeout
[   84.858084] Bluetooth: hci6: command 0x0409 tx timeout
[   84.858871] Bluetooth: hci3: command 0x0409 tx timeout
[   84.986048] Bluetooth: hci5: command 0x0409 tx timeout
[   86.714036] Bluetooth: hci0: command 0x041b tx timeout
[   86.778095] Bluetooth: hci7: command 0x041b tx timeout
[   86.778613] Bluetooth: hci1: command 0x041b tx timeout
[   86.779066] Bluetooth: hci2: command 0x041b tx timeout
[   86.779507] Bluetooth: hci4: command 0x041b tx timeout
[   86.906031] Bluetooth: hci3: command 0x041b tx timeout
[   86.906564] Bluetooth: hci6: command 0x041b tx timeout
[   87.034527] Bluetooth: hci5: command 0x041b tx timeout
[   88.762032] Bluetooth: hci0: command 0x040f tx timeout
[   88.826062] Bluetooth: hci4: command 0x040f tx timeout
[   88.826586] Bluetooth: hci2: command 0x040f tx timeout
[   88.828039] Bluetooth: hci1: command 0x040f tx timeout
[   88.828476] Bluetooth: hci7: command 0x040f tx timeout
[   88.954044] Bluetooth: hci6: command 0x040f tx timeout
[   88.954571] Bluetooth: hci3: command 0x040f tx timeout
[   89.082082] Bluetooth: hci5: command 0x040f tx timeout
[   90.810055] Bluetooth: hci0: command 0x0419 tx timeout
[   90.874119] Bluetooth: hci7: command 0x0419 tx timeout
[   90.874717] Bluetooth: hci1: command 0x0419 tx timeout
[   90.875670] Bluetooth: hci2: command 0x0419 tx timeout
[   90.876594] Bluetooth: hci4: command 0x0419 tx timeout
[   91.002084] Bluetooth: hci3: command 0x0419 tx timeout
[   91.002579] Bluetooth: hci6: command 0x0419 tx timeout
[   91.130489] Bluetooth: hci5: command 0x0419 tx timeout
[  135.106959] audit: type=1400 audit(1663251050.541:7): avc:  denied  { open } for  pid=3701 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  135.108512] audit: type=1400 audit(1663251050.541:8): avc:  denied  { kernel } for  pid=3701 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  135.124778] ------------[ cut here ]------------
[  135.124802] 
[  135.124806] ======================================================
[  135.124809] WARNING: possible circular locking dependency detected
[  135.124814] 6.0.0-rc5-next-20220915 #1 Not tainted
[  135.124820] ------------------------------------------------------
[  135.124823] syz-executor.5/3705 is trying to acquire lock:
[  135.124830] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  135.124869] 
[  135.124869] but task is already holding lock:
[  135.124872] ffff88800f283020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  135.124906] 
[  135.124906] which lock already depends on the new lock.
[  135.124906] 
[  135.124909] 
[  135.124909] the existing dependency chain (in reverse order) is:
[  135.124913] 
[  135.124913] -> #3 (&ctx->lock){....}-{2:2}:
[  135.124927]        _raw_spin_lock+0x2a/0x40
[  135.124945]        __perf_event_task_sched_out+0x53b/0x18d0
[  135.124958]        __schedule+0xedd/0x2470
[  135.124968]        schedule+0xda/0x1b0
[  135.124979]        exit_to_user_mode_prepare+0x114/0x1a0
[  135.125000]        syscall_exit_to_user_mode+0x19/0x40
[  135.125018]        do_syscall_64+0x48/0x90
[  135.125033]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.125051] 
[  135.125051] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  135.125065]        _raw_spin_lock_nested+0x30/0x40
[  135.125081]        raw_spin_rq_lock_nested+0x1e/0x30
[  135.125094]        task_fork_fair+0x63/0x4d0
[  135.125112]        sched_cgroup_fork+0x3d0/0x540
[  135.125126]        copy_process+0x4183/0x6e20
[  135.125137]        kernel_clone+0xe7/0x890
[  135.125146]        user_mode_thread+0xad/0xf0
[  135.125156]        rest_init+0x24/0x250
[  135.125173]        arch_call_rest_init+0xf/0x14
[  135.125187]        start_kernel+0x4c1/0x4e6
[  135.125197]        secondary_startup_64_no_verify+0xe0/0xeb
[  135.125211] 
[  135.125211] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  135.125225]        _raw_spin_lock_irqsave+0x39/0x60
[  135.125240]        try_to_wake_up+0xab/0x1920
[  135.125254]        up+0x75/0xb0
[  135.125265]        __up_console_sem+0x6e/0x80
[  135.125282]        console_unlock+0x46a/0x590
[  135.125298]        vprintk_emit+0x1bd/0x560
[  135.125315]        vprintk+0x84/0xa0
[  135.125332]        _printk+0xba/0xf1
[  135.125351]        kauditd_hold_skb.cold+0x3f/0x4e
[  135.125365]        kauditd_send_queue+0x233/0x290
[  135.125381]        kauditd_thread+0x5da/0x9a0
[  135.125394]        kthread+0x2ed/0x3a0
[  135.125410]        ret_from_fork+0x22/0x30
[  135.125422] 
[  135.125422] -> #0 ((console_sem).lock){....}-{2:2}:
[  135.125436]        __lock_acquire+0x2a02/0x5e70
[  135.125453]        lock_acquire+0x1a2/0x530
[  135.125469]        _raw_spin_lock_irqsave+0x39/0x60
[  135.125484]        down_trylock+0xe/0x70
[  135.125497]        __down_trylock_console_sem+0x3b/0xd0
[  135.125513]        vprintk_emit+0x16b/0x560
[  135.125530]        vprintk+0x84/0xa0
[  135.125546]        _printk+0xba/0xf1
[  135.125564]        report_bug.cold+0x72/0xab
[  135.125577]        handle_bug+0x3c/0x70
[  135.125590]        exc_invalid_op+0x14/0x50
[  135.125604]        asm_exc_invalid_op+0x16/0x20
[  135.125621]        group_sched_out.part.0+0x2c7/0x460
[  135.125631]        ctx_sched_out+0x8f1/0xc10
[  135.125641]        __perf_event_task_sched_out+0x6d0/0x18d0
[  135.125653]        __schedule+0xedd/0x2470
[  135.125663]        schedule+0xda/0x1b0
[  135.125673]        exit_to_user_mode_prepare+0x114/0x1a0
[  135.125693]        syscall_exit_to_user_mode+0x19/0x40
[  135.125710]        do_syscall_64+0x48/0x90
[  135.125724]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.125741] 
[  135.125741] other info that might help us debug this:
[  135.125741] 
[  135.125744] Chain exists of:
[  135.125744]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  135.125744] 
[  135.125759]  Possible unsafe locking scenario:
[  135.125759] 
[  135.125761]        CPU0                    CPU1
[  135.125764]        ----                    ----
[  135.125766]   lock(&ctx->lock);
[  135.125772]                                lock(&rq->__lock);
[  135.125778]                                lock(&ctx->lock);
[  135.125785]   lock((console_sem).lock);
[  135.125790] 
[  135.125790]  *** DEADLOCK ***
[  135.125790] 
[  135.125792] 2 locks held by syz-executor.5/3705:
[  135.125799]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  135.125825]  #1: ffff88800f283020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  135.125853] 
[  135.125853] stack backtrace:
[  135.125856] CPU: 0 PID: 3705 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220915 #1
[  135.125869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  135.125877] Call Trace:
[  135.125880]  <TASK>
[  135.125885]  dump_stack_lvl+0x8b/0xb3
[  135.125900]  check_noncircular+0x263/0x2e0
[  135.125917]  ? format_decode+0x26c/0xb50
[  135.125933]  ? print_circular_bug+0x450/0x450
[  135.125950]  ? enable_ptr_key_workfn+0x20/0x20
[  135.125965]  ? __lockdep_reset_lock+0x180/0x180
[  135.125982]  ? format_decode+0x26c/0xb50
[  135.125998]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  135.126016]  __lock_acquire+0x2a02/0x5e70
[  135.126038]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  135.126061]  lock_acquire+0x1a2/0x530
[  135.126078]  ? down_trylock+0xe/0x70
[  135.126093]  ? rcu_read_unlock+0x40/0x40
[  135.126110]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  135.126132]  ? vprintk+0x84/0xa0
[  135.126150]  _raw_spin_lock_irqsave+0x39/0x60
[  135.126167]  ? down_trylock+0xe/0x70
[  135.126180]  down_trylock+0xe/0x70
[  135.126194]  ? vprintk+0x84/0xa0
[  135.126211]  __down_trylock_console_sem+0x3b/0xd0
[  135.126229]  vprintk_emit+0x16b/0x560
[  135.126246]  ? lock_downgrade+0x6d0/0x6d0
[  135.126265]  vprintk+0x84/0xa0
[  135.126283]  _printk+0xba/0xf1
[  135.126301]  ? record_print_text.cold+0x16/0x16
[  135.126322]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  135.126336]  ? lock_downgrade+0x6d0/0x6d0
[  135.126354]  ? report_bug.cold+0x66/0xab
[  135.126369]  ? group_sched_out.part.0+0x2c7/0x460
[  135.126381]  report_bug.cold+0x72/0xab
[  135.126396]  handle_bug+0x3c/0x70
[  135.126411]  exc_invalid_op+0x14/0x50
[  135.126426]  asm_exc_invalid_op+0x16/0x20
[  135.126444] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  135.126458] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  135.126469] RSP: 0018:ffff8880177c7c48 EFLAGS: 00010006
[  135.126478] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  135.126486] RDX: ffff88803ff11ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[  135.126493] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  135.126501] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800f283000
[  135.126508] R13: ffff88806ce3d100 R14: ffffffff8547bfc0 R15: 0000000000000002
[  135.126519]  ? group_sched_out.part.0+0x2c7/0x460
[  135.126533]  ? group_sched_out.part.0+0x2c7/0x460
[  135.126545]  ctx_sched_out+0x8f1/0xc10
[  135.126558]  __perf_event_task_sched_out+0x6d0/0x18d0
[  135.126573]  ? lock_is_held_type+0xd7/0x130
[  135.126593]  ? __perf_cgroup_move+0x160/0x160
[  135.126605]  ? set_next_entity+0x304/0x550
[  135.126623]  ? update_curr+0x267/0x740
[  135.126642]  ? lock_is_held_type+0xd7/0x130
[  135.126661]  __schedule+0xedd/0x2470
[  135.126675]  ? io_schedule_timeout+0x150/0x150
[  135.126688]  ? __x64_sys_futex_time32+0x480/0x480
[  135.126702]  schedule+0xda/0x1b0
[  135.126714]  exit_to_user_mode_prepare+0x114/0x1a0
[  135.126735]  syscall_exit_to_user_mode+0x19/0x40
[  135.126753]  do_syscall_64+0x48/0x90
[  135.126768]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.126787] RIP: 0033:0x7fcb44dc8b19
[  135.126795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.126806] RSP: 002b:00007fcb4233e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  135.126817] RAX: 0000000000000001 RBX: 00007fcb44edbf68 RCX: 00007fcb44dc8b19
[  135.126824] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcb44edbf6c
[  135.126832] RBP: 00007fcb44edbf60 R08: 000000000000000e R09: 0000000000000000
[  135.126842] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fcb44edbf6c
[  135.126849] R13: 00007fffaef60eef R14: 00007fcb4233e300 R15: 0000000000022000
[  135.126862]  </TASK>
[  135.185917] WARNING: CPU: 0 PID: 3705 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  135.186615] Modules linked in:
[  135.186871] CPU: 0 PID: 3705 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220915 #1
[  135.187497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  135.188390] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  135.188814] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  135.190221] RSP: 0018:ffff8880177c7c48 EFLAGS: 00010006
[  135.190623] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  135.191172] RDX: ffff88803ff11ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[  135.191723] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  135.192277] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800f283000
[  135.192804] R13: ffff88806ce3d100 R14: ffffffff8547bfc0 R15: 0000000000000002
[  135.193365] FS:  00007fcb4233e700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  135.193981] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  135.194427] CR2: 00007fdb1987b008 CR3: 000000001ba70000 CR4: 0000000000350ef0
[  135.194951] Call Trace:
[  135.195147]  <TASK>
[  135.195322]  ctx_sched_out+0x8f1/0xc10
[  135.195616]  __perf_event_task_sched_out+0x6d0/0x18d0
[  135.196002]  ? lock_is_held_type+0xd7/0x130
[  135.196322]  ? __perf_cgroup_move+0x160/0x160
[  135.196656]  ? set_next_entity+0x304/0x550
[  135.196980]  ? update_curr+0x267/0x740
[  135.197272]  ? lock_is_held_type+0xd7/0x130
[  135.197589]  __schedule+0xedd/0x2470
[  135.197863]  ? io_schedule_timeout+0x150/0x150
[  135.198203]  ? __x64_sys_futex_time32+0x480/0x480
[  135.198557]  schedule+0xda/0x1b0
[  135.198828]  exit_to_user_mode_prepare+0x114/0x1a0
[  135.199201]  syscall_exit_to_user_mode+0x19/0x40
[  135.199554]  do_syscall_64+0x48/0x90
[  135.199829]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.200209] RIP: 0033:0x7fcb44dc8b19
[  135.200486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.201801] RSP: 002b:00007fcb4233e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  135.202343] RAX: 0000000000000001 RBX: 00007fcb44edbf68 RCX: 00007fcb44dc8b19
[  135.202855] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcb44edbf6c
[  135.203366] RBP: 00007fcb44edbf60 R08: 000000000000000e R09: 0000000000000000
[  135.203887] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fcb44edbf6c
[  135.204413] R13: 00007fffaef60eef R14: 00007fcb4233e300 R15: 0000000000022000
[  135.204953]  </TASK>
[  135.205131] irq event stamp: 470
[  135.205387] hardirqs last  enabled at (469): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  135.206086] hardirqs last disabled at (470): [<ffffffff8424cb25>] __schedule+0x1225/0x2470
[  135.206692] softirqs last  enabled at (230): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  135.207323] softirqs last disabled at (219): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  135.207956] ---[ end trace 0000000000000000 ]---
14:10:50 executing program 7:
mknod(&(0x7f0000008d80)='./file0\x00', 0x7ff, 0x0)
link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00')

14:10:50 executing program 7:
syz_io_uring_setup(0x282d, &(0x7f0000000400)={0x0, 0x0, 0x20}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000480), &(0x7f00000004c0))

14:10:50 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000001c0)={0x14, 0x22, 0x101, 0x0, 0x0, "", [@nested={0x2}]}, 0x14}], 0x1}, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/179, 0xb3}], 0x1)

14:10:50 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000001c0)={0x14, 0x22, 0x101, 0x0, 0x0, "", [@nested={0x2}]}, 0x14}], 0x1}, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/179, 0xb3}], 0x1)

14:10:50 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000001c0)={0x14, 0x22, 0x101, 0x0, 0x0, "", [@nested={0x2}]}, 0x14}], 0x1}, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/179, 0xb3}], 0x1)

14:10:51 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000001c0)={0x14, 0x22, 0x101, 0x0, 0x0, "", [@nested={0x2}]}, 0x14}], 0x1}, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/179, 0xb3}], 0x1)

14:10:51 executing program 5:
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@gid}]})
read(0xffffffffffffffff, &(0x7f0000000140)=""/85, 0x55)
r1 = epoll_create1(0x0)
r2 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000300000000fbdbdf255a220076fc3b40d50b4454ce8e6e1ac484086f0008000300dad5", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
setgroups(0x1, &(0x7f0000001880)=[0x0])
mount_setattr(r0, &(0x7f00000001c0)='./file0\x00', 0x1100, &(0x7f0000000200)={0x103, 0x2}, 0x20)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000340)=0xb42584faf4018bdd, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000100))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c, 0x0}}], 0x1, 0xc880)

14:10:51 executing program 7:
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@gid}]})
read(0xffffffffffffffff, &(0x7f0000000140)=""/85, 0x55)
r1 = epoll_create1(0x0)
r2 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000300000000fbdbdf255a220076fc3b40d50b4454ce8e6e1ac484086f0008000300dad5", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
setgroups(0x1, &(0x7f0000001880)=[0x0])
mount_setattr(r0, &(0x7f00000001c0)='./file0\x00', 0x1100, &(0x7f0000000200)={0x103, 0x2}, 0x20)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000340)=0xb42584faf4018bdd, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000100))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c, 0x0}}], 0x1, 0xc880)


VM DIAGNOSIS:
14:10:50  Registers:
info registers vcpu 0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b29f1 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff8880177c7698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001
R12=0000000000000020 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b29e0
RIP=ffffffff822b2a49 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fcb4233e700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fdb1987b008 CR3=000000001ba70000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fcb44eaf7c0 00007fcb44eaf7c8
YMM02=0000000000000000 0000000000000000 00007fcb44eaf7e0 00007fcb44eaf7c0
YMM03=0000000000000000 0000000000000000 00007fcb44eaf7c8 00007fcb44eaf7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=ffffffff8135b390 RCX=0000000000000000 RDX=1ffff11003011f82
RSI=ffffffff8181e440 RDI=ffff88801808fc80 RBP=ffff88801808fc50 RSP=ffff88801808fbb0
R8 =ffffffff85eda1a0 R9 =ffffffff85eda1a4 R10=ffffed1003011f84 R11=ffff88801808fbf8
R12=ffff88801808fc80 R13=0000000000000000 R14=ffff8880172ed040 R15=ffff88801b49cf30
RIP=ffffffff8135b39a RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f2573e358c0 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055f32f5c78b8 CR3=000000000eb32000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000031 0000000000000000
YMM03=0000000000000000 0000000000000000 7269762f73656369 7665642f7379732f
YMM04=0000000000000000 0000000000000000 0000000300000000 000055f32f5b1740
YMM05=0000000000000000 0000000000000000 000055f32f5b12f0 000055f32f5b16f0
YMM06=0000000000000000 0000000000000000 0000000000000000 00000000ffffffff
YMM07=0000000000000000 0000000000000000 0000000400000001 000055f32f59fc60
YMM08=0000000000000000 0000000000000000 2f63697361622f63 72732f2e2e000d0a
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000002000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000