Warning: Permanently added '[localhost]:55751' (ECDSA) to the list of known hosts.
2022/09/25 16:02:55 fuzzer started
2022/09/25 16:02:55 dialing manager at localhost:38881
syzkaller login: [   43.809042] cgroup: Unknown subsys name 'net'
[   43.899138] cgroup: Unknown subsys name 'rlimit'
2022/09/25 16:03:09 syscalls: 2215
2022/09/25 16:03:09 code coverage: enabled
2022/09/25 16:03:09 comparison tracing: enabled
2022/09/25 16:03:09 extra coverage: enabled
2022/09/25 16:03:09 setuid sandbox: enabled
2022/09/25 16:03:09 namespace sandbox: enabled
2022/09/25 16:03:09 Android sandbox: enabled
2022/09/25 16:03:09 fault injection: enabled
2022/09/25 16:03:09 leak checking: enabled
2022/09/25 16:03:09 net packet injection: enabled
2022/09/25 16:03:09 net device setup: enabled
2022/09/25 16:03:09 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/25 16:03:09 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/25 16:03:09 USB emulation: enabled
2022/09/25 16:03:09 hci packet injection: enabled
2022/09/25 16:03:09 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923                                          )
2022/09/25 16:03:09 802.15.4 emulation: enabled
2022/09/25 16:03:09 fetching corpus: 50, signal 26890/28684 (executing program)
2022/09/25 16:03:10 fetching corpus: 100, signal 34299/37746 (executing program)
2022/09/25 16:03:10 fetching corpus: 150, signal 43225/48157 (executing program)
2022/09/25 16:03:10 fetching corpus: 200, signal 48900/55334 (executing program)
2022/09/25 16:03:10 fetching corpus: 250, signal 54375/62169 (executing program)
2022/09/25 16:03:10 fetching corpus: 300, signal 59364/68498 (executing program)
2022/09/25 16:03:10 fetching corpus: 350, signal 66155/76460 (executing program)
2022/09/25 16:03:10 fetching corpus: 400, signal 72008/83446 (executing program)
2022/09/25 16:03:10 fetching corpus: 450, signal 74642/87309 (executing program)
2022/09/25 16:03:11 fetching corpus: 500, signal 80010/93660 (executing program)
2022/09/25 16:03:11 fetching corpus: 550, signal 84837/99509 (executing program)
2022/09/25 16:03:11 fetching corpus: 600, signal 88895/104554 (executing program)
2022/09/25 16:03:11 fetching corpus: 650, signal 91283/107996 (executing program)
2022/09/25 16:03:11 fetching corpus: 700, signal 94401/112071 (executing program)
2022/09/25 16:03:11 fetching corpus: 750, signal 96608/115285 (executing program)
2022/09/25 16:03:11 fetching corpus: 800, signal 98955/118542 (executing program)
2022/09/25 16:03:11 fetching corpus: 850, signal 101108/121673 (executing program)
2022/09/25 16:03:12 fetching corpus: 900, signal 102883/124419 (executing program)
2022/09/25 16:03:12 fetching corpus: 950, signal 105616/127933 (executing program)
2022/09/25 16:03:12 fetching corpus: 1000, signal 109459/132320 (executing program)
2022/09/25 16:03:12 fetching corpus: 1050, signal 115145/138224 (executing program)
2022/09/25 16:03:12 fetching corpus: 1100, signal 116693/140643 (executing program)
2022/09/25 16:03:12 fetching corpus: 1150, signal 119036/143696 (executing program)
2022/09/25 16:03:12 fetching corpus: 1200, signal 120654/146136 (executing program)
2022/09/25 16:03:13 fetching corpus: 1250, signal 122354/148590 (executing program)
2022/09/25 16:03:13 fetching corpus: 1300, signal 123733/150749 (executing program)
2022/09/25 16:03:13 fetching corpus: 1350, signal 125396/153117 (executing program)
2022/09/25 16:03:13 fetching corpus: 1400, signal 127552/155864 (executing program)
2022/09/25 16:03:13 fetching corpus: 1450, signal 129263/158216 (executing program)
2022/09/25 16:03:13 fetching corpus: 1500, signal 130455/160164 (executing program)
2022/09/25 16:03:13 fetching corpus: 1550, signal 132619/162841 (executing program)
2022/09/25 16:03:13 fetching corpus: 1600, signal 133724/164658 (executing program)
2022/09/25 16:03:14 fetching corpus: 1650, signal 135464/166925 (executing program)
2022/09/25 16:03:14 fetching corpus: 1700, signal 136823/168834 (executing program)
2022/09/25 16:03:14 fetching corpus: 1750, signal 137748/170480 (executing program)
2022/09/25 16:03:14 fetching corpus: 1800, signal 138968/172314 (executing program)
2022/09/25 16:03:14 fetching corpus: 1850, signal 140342/174233 (executing program)
2022/09/25 16:03:14 fetching corpus: 1900, signal 141849/176260 (executing program)
2022/09/25 16:03:14 fetching corpus: 1950, signal 142637/177717 (executing program)
2022/09/25 16:03:14 fetching corpus: 2000, signal 144073/179637 (executing program)
2022/09/25 16:03:14 fetching corpus: 2050, signal 146454/182258 (executing program)
2022/09/25 16:03:15 fetching corpus: 2100, signal 147456/183780 (executing program)
2022/09/25 16:03:15 fetching corpus: 2150, signal 148959/185618 (executing program)
2022/09/25 16:03:15 fetching corpus: 2200, signal 150321/187352 (executing program)
2022/09/25 16:03:15 fetching corpus: 2250, signal 151369/188900 (executing program)
2022/09/25 16:03:15 fetching corpus: 2300, signal 152238/190234 (executing program)
2022/09/25 16:03:15 fetching corpus: 2350, signal 153262/191749 (executing program)
2022/09/25 16:03:15 fetching corpus: 2400, signal 154644/193436 (executing program)
2022/09/25 16:03:15 fetching corpus: 2450, signal 155205/194582 (executing program)
2022/09/25 16:03:15 fetching corpus: 2500, signal 156133/195979 (executing program)
2022/09/25 16:03:16 fetching corpus: 2550, signal 157454/197596 (executing program)
2022/09/25 16:03:16 fetching corpus: 2600, signal 158351/198885 (executing program)
2022/09/25 16:03:16 fetching corpus: 2650, signal 159169/200113 (executing program)
2022/09/25 16:03:16 fetching corpus: 2700, signal 160093/201431 (executing program)
2022/09/25 16:03:16 fetching corpus: 2750, signal 160729/202541 (executing program)
2022/09/25 16:03:16 fetching corpus: 2800, signal 162075/204005 (executing program)
2022/09/25 16:03:16 fetching corpus: 2850, signal 163122/205360 (executing program)
2022/09/25 16:03:16 fetching corpus: 2900, signal 163877/206515 (executing program)
2022/09/25 16:03:16 fetching corpus: 2950, signal 164390/207572 (executing program)
2022/09/25 16:03:17 fetching corpus: 3000, signal 165221/208768 (executing program)
2022/09/25 16:03:17 fetching corpus: 3050, signal 165622/209713 (executing program)
2022/09/25 16:03:17 fetching corpus: 3100, signal 166700/211048 (executing program)
2022/09/25 16:03:17 fetching corpus: 3150, signal 167569/212236 (executing program)
2022/09/25 16:03:17 fetching corpus: 3200, signal 168374/213359 (executing program)
2022/09/25 16:03:17 fetching corpus: 3250, signal 169152/214467 (executing program)
2022/09/25 16:03:17 fetching corpus: 3300, signal 169949/215502 (executing program)
2022/09/25 16:03:17 fetching corpus: 3350, signal 170500/216493 (executing program)
2022/09/25 16:03:17 fetching corpus: 3400, signal 171114/217454 (executing program)
2022/09/25 16:03:18 fetching corpus: 3450, signal 171999/218718 (executing program)
2022/09/25 16:03:18 fetching corpus: 3500, signal 172729/219729 (executing program)
2022/09/25 16:03:18 fetching corpus: 3550, signal 173356/220673 (executing program)
2022/09/25 16:03:18 fetching corpus: 3600, signal 174024/221629 (executing program)
2022/09/25 16:03:18 fetching corpus: 3650, signal 174894/222669 (executing program)
2022/09/25 16:03:18 fetching corpus: 3700, signal 175643/223654 (executing program)
2022/09/25 16:03:18 fetching corpus: 3750, signal 176546/224712 (executing program)
2022/09/25 16:03:19 fetching corpus: 3800, signal 177365/225729 (executing program)
2022/09/25 16:03:19 fetching corpus: 3850, signal 177730/226497 (executing program)
2022/09/25 16:03:19 fetching corpus: 3900, signal 178805/227560 (executing program)
2022/09/25 16:03:19 fetching corpus: 3950, signal 179896/228567 (executing program)
2022/09/25 16:03:19 fetching corpus: 4000, signal 180513/229422 (executing program)
2022/09/25 16:03:19 fetching corpus: 4050, signal 181243/230284 (executing program)
2022/09/25 16:03:19 fetching corpus: 4100, signal 182037/231197 (executing program)
2022/09/25 16:03:19 fetching corpus: 4150, signal 182679/232049 (executing program)
2022/09/25 16:03:19 fetching corpus: 4200, signal 183112/232798 (executing program)
2022/09/25 16:03:20 fetching corpus: 4250, signal 183767/233602 (executing program)
2022/09/25 16:03:20 fetching corpus: 4300, signal 184692/234461 (executing program)
2022/09/25 16:03:20 fetching corpus: 4350, signal 185920/235490 (executing program)
2022/09/25 16:03:20 fetching corpus: 4400, signal 186827/236328 (executing program)
2022/09/25 16:03:20 fetching corpus: 4450, signal 187281/237044 (executing program)
2022/09/25 16:03:20 fetching corpus: 4500, signal 187986/237821 (executing program)
2022/09/25 16:03:20 fetching corpus: 4550, signal 188460/238512 (executing program)
2022/09/25 16:03:20 fetching corpus: 4600, signal 188907/239194 (executing program)
2022/09/25 16:03:20 fetching corpus: 4650, signal 189376/239876 (executing program)
2022/09/25 16:03:21 fetching corpus: 4700, signal 190082/240581 (executing program)
2022/09/25 16:03:21 fetching corpus: 4750, signal 190703/241316 (executing program)
2022/09/25 16:03:21 fetching corpus: 4800, signal 191386/242031 (executing program)
2022/09/25 16:03:21 fetching corpus: 4850, signal 191954/242711 (executing program)
2022/09/25 16:03:21 fetching corpus: 4900, signal 192297/243322 (executing program)
2022/09/25 16:03:21 fetching corpus: 4950, signal 192872/244030 (executing program)
2022/09/25 16:03:21 fetching corpus: 5000, signal 193573/244720 (executing program)
2022/09/25 16:03:21 fetching corpus: 5050, signal 194308/245430 (executing program)
2022/09/25 16:03:22 fetching corpus: 5100, signal 195002/246083 (executing program)
2022/09/25 16:03:22 fetching corpus: 5150, signal 195796/246749 (executing program)
2022/09/25 16:03:22 fetching corpus: 5200, signal 196153/247281 (executing program)
2022/09/25 16:03:22 fetching corpus: 5250, signal 196462/247810 (executing program)
2022/09/25 16:03:22 fetching corpus: 5300, signal 197227/248392 (executing program)
2022/09/25 16:03:22 fetching corpus: 5350, signal 197747/248951 (executing program)
2022/09/25 16:03:22 fetching corpus: 5400, signal 198354/249531 (executing program)
2022/09/25 16:03:22 fetching corpus: 5450, signal 199022/250091 (executing program)
2022/09/25 16:03:22 fetching corpus: 5500, signal 199734/250662 (executing program)
2022/09/25 16:03:23 fetching corpus: 5550, signal 200515/251280 (executing program)
2022/09/25 16:03:23 fetching corpus: 5600, signal 200987/251783 (executing program)
2022/09/25 16:03:23 fetching corpus: 5650, signal 201510/252317 (executing program)
2022/09/25 16:03:23 fetching corpus: 5700, signal 202496/252868 (executing program)
2022/09/25 16:03:23 fetching corpus: 5750, signal 203626/253430 (executing program)
2022/09/25 16:03:23 fetching corpus: 5800, signal 204261/253886 (executing program)
2022/09/25 16:03:23 fetching corpus: 5850, signal 204954/254401 (executing program)
2022/09/25 16:03:23 fetching corpus: 5900, signal 205775/254897 (executing program)
2022/09/25 16:03:23 fetching corpus: 5950, signal 206111/255316 (executing program)
2022/09/25 16:03:24 fetching corpus: 6000, signal 206816/255782 (executing program)
2022/09/25 16:03:24 fetching corpus: 6050, signal 207248/256227 (executing program)
2022/09/25 16:03:24 fetching corpus: 6100, signal 207770/256649 (executing program)
2022/09/25 16:03:24 fetching corpus: 6150, signal 208554/257155 (executing program)
2022/09/25 16:03:24 fetching corpus: 6200, signal 208868/257549 (executing program)
2022/09/25 16:03:24 fetching corpus: 6250, signal 209470/257985 (executing program)
2022/09/25 16:03:24 fetching corpus: 6300, signal 209904/258383 (executing program)
2022/09/25 16:03:24 fetching corpus: 6350, signal 210413/258772 (executing program)
2022/09/25 16:03:25 fetching corpus: 6400, signal 210697/259047 (executing program)
2022/09/25 16:03:25 fetching corpus: 6450, signal 211181/259047 (executing program)
2022/09/25 16:03:25 fetching corpus: 6500, signal 211570/259054 (executing program)
2022/09/25 16:03:25 fetching corpus: 6550, signal 211898/259055 (executing program)
2022/09/25 16:03:25 fetching corpus: 6600, signal 212359/259057 (executing program)
2022/09/25 16:03:25 fetching corpus: 6650, signal 212513/259066 (executing program)
2022/09/25 16:03:25 fetching corpus: 6700, signal 213197/259071 (executing program)
2022/09/25 16:03:25 fetching corpus: 6750, signal 213836/259071 (executing program)
2022/09/25 16:03:26 fetching corpus: 6800, signal 214455/259073 (executing program)
2022/09/25 16:03:26 fetching corpus: 6850, signal 214770/259073 (executing program)
2022/09/25 16:03:26 fetching corpus: 6900, signal 215379/259074 (executing program)
2022/09/25 16:03:26 fetching corpus: 6950, signal 215649/259088 (executing program)
2022/09/25 16:03:26 fetching corpus: 7000, signal 216172/259093 (executing program)
2022/09/25 16:03:26 fetching corpus: 7006, signal 216199/259093 (executing program)
2022/09/25 16:03:26 fetching corpus: 7006, signal 216199/259093 (executing program)
2022/09/25 16:03:28 starting 8 fuzzer processes
16:03:28 executing program 0:
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)

16:03:28 executing program 1:
chroot(&(0x7f0000000000)='./file0\x00')
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)={'#! ', './file0', [{0x20, '\\+}'}, {0x20, '\x82\'&+*@/&\x16'}, {0x20, ')!'}], 0xa, "b7ccc5dfa5c6c19286ea44ee804f87deb5c3e61d8544910dbba9e219d3cba4585d0ef93901a18ae42e8eb8f9c34a9ea793058190c2b2773ed4426abfc61e968a1f45d9eb3023f77e471d6a85f46011cd0c4d3af31dbdc049c8b92de2cf175385411f1550646399e48b446b7a5a4ec230648f09271125b192b60d01f435d9faf3cbd21422462a0f0443b110fef7efe4bc17ff4c60523b9d31d555c927713ba4b8aa18781dcc82a03e687d614123a71eb6c76b1a410f53cc6cee1f051cc6394d6f9ca0ab3273f7e56e3f656cb2976e99f72ebbc539c76fd77c6a638c6239df6472d7754ee899045428c4e742efb2491bfb90122132c61e0fc72e25c35a5308b6fe76674bb3428c11bc119aa36182f82f68de5fdc029f74baf8ec6f0ee905fc36d32f1c7c5bed8df55bb200ecbdc21aa72d7946b975bb49e572295313092d016660deaff7a4d8f5ee6bc1d2d1318e329fef0c66b751572c4ddd4a6c2db6a65add4ed1bdb8b6109175646a94df3f5007aa2d6fc24be96ba48f972811adc00f6dcf0f3e194e0c0e3cf57e100b9b6c28b3c8c22ec1b61ca4c95269478caec1b48744d83c56f5b957ef9e654b8432164adf92f4abf731570958361676fa7e6f270599470166011ff04e165517850647727658be97364aee9f6d8a70846878b9c40aaca9943e9d3a5f828d8dc82d4b74f83a237ddf0acab9a6f640cdec25de8b817531f30344262883f9d2a2e38f3a6d5feef6d1522dfe08a4e7d264728de9e88ad23257fd4917ac52487bd514f8d4dd8d1e03768e51d7b8fb35049358d882b1f714df2b701edaf71081c92f1dd1b90998a6abb03943c572cf10183f3cec48651f5aec57bbd2455c1818bed3c78e5aad062d389211b7da3dfba29f310d4caeb20af55f073b69fb4d8af689be26e10a700bae146315c0aa10bf857bc9c17aca628bbf3de80808ade63f9b479986b211a321c6545125774912771738671f7966022d9d65d314c04895baa33dc15ae275d9bde935fed60a8e1344a1e0cd6219793c206d6a2491ab589119ae72cd2195666fa8a9c7c3a9e09fef75fcb362e29255bcaf9cf3cd955827963b4634a94a4d6602329f2bf95e1e85357b5065c1c1e9ac01a7ac5e9371fe607100895512c9de3f815723ca6012c383df1b2ac5e638a05a0dbcf290daebdc3a71bd4f5dc87b9ac734fa12106f3e9150a0161f49f855e02b0d114fa5221885f708ffe0cc29dadf4eca5e4ec2cbb698d5e4d1d211aa43d6785fa93c0168af8e13c8cbf0fd5131f90970cdb223d84ef5deb7966f68b21139eb3871710ff3120d648205adf03c9c93ab58942aaf4a4ebf5904138d799106b369b8fdfe14260edd2d5aa4ed7ba3fcfeb9b709d8cbd5955fa9b33a4a3a66d208a284478df9741824179c503920f1d8fe86a2efe93098e547c8fc5a6b17b959d0561bf6ed8103199e9af6de1462ffe615a8a09c41919ec5c7af31ef725daba3c9bd8d07cce62d5f603d768492a57d46c8301f77ff6af5c9bcecffde8af9da7a4198038c03cc5f9faffde261a9b78e1384155248df6f70e5b696e067fd1d4aee592648a92c0614b464bad49ae9c22d888f4e8afc0721f74f168d9befd2453eb6c4c8d89d90a6bf15ce45272d4da725a317b3057eadb28fba87470efecf845529b3ab0185acdd93f728edee385f9f8583cb4384df1d224937d88034931ded2d29e4f8cbb280816b1c941c721cd161412061606fe5369126dde91b28fc431f88f0aab1c3ad69e0063e91ac34a9c4086147dd78ae335bf10f35c235d622cb02e26ba36011622cd138a1922e0798a1059e6c6b7377e24b3ea67a63b1120e167c81794d17d63e0215a55e0d5d6ad52c33b88d18a27a773dcabd37ee74821864600897c004508de224fca1224d06ae50571b70e1b040ac53c7763f3f9e72df150b99206940c4ef3bad05c80d4cd1279ca66797555b59e8d5256433399a362400aa84163490f5365a9b92f6af888e2445e40e1df5451ffb68f1b98298ad6151f333e0c6fd2570f70f889e6cf4f8045e5c98fff0f1e8a513961c1b2547c9040e8258f466afd854d3843f3bce2ee07f146047c80c77af561a744c3803f179ed442d7ca41799c10aabe79e41b5f1b2e619fa945182fa1b7e76d0422efc1c4843a312771a9a3316ea20424f041c9a453a8413079e7517fbf43c117620f8fa96419512330b51d5237176f7714d84a8bd550089ba7980320521ae09d7ab0508c197b50f9306c0309de90870b2e3e14f8ac4bb395639061d62f339bd7b0943691fa871c60ab1ebc6fda72d2e56e114da357d874115f2afc909dd0680d973cc783e3c4485474a3054e36325cf0285c571b01ec9c97df14c475408f5a14f644fe2af66181e205e50b6f9d123c8c790687f7b0f0a08814664db506d50677f6d5403d460027ba68659173a92d119abd080e01c64edd1afe084b439d55cf47c8f515cc9d051599ffd8cd54f4de7c03461074919a73aec521fbccb9e3fb85e7758c9fcffb0b69e50be052efba12b53643957e90b81a34397fbe5deb7f507438b86dd9cced958724031836de3ae75bd7c93b4146cb313f653536db24409a7081d4f37a0d1b9981f12aa2331f5b28b8f10153cb13d6a5cbd71dae439ded045fa7fe7a51726ac8fbe1bc1dc662fc51f0bf61c9c7171b7497764761d5f3edff36cd5d144c6ec449403c28e40c69f47e01b2638802ae21469773dd463d3cf5aa1f08c3a7339f3c8832ad215b15197e1eb199df1879de85eb7703a904001f6a624eb3f07cf07f25a2516a2a1b0a59f3fa8fe6c477aa1d5fbfca8e33ddbb5702268f77ede0a1a1740649755c61515aa702ff787723fdaeaed163568bdf3d2f44bb5d879b7fab5aa6a9a6dcc181de13c964f40fce34dc2015d0c4e9d40afedd30f37476f8a8121ee1a03fb38feaabe338a79467e5ab4be1ce3399f3b4da833c4fd22c2f680852e01b1e08f9a6bec2ebcf0f04649d240e987eab32d7195a43fb06b83cdbd0c3284f5e17dd3d70c0efa23fe1394fe9c81eb51abbf975d90d9d85b6bd6962bee1733b306ca7d82b64c40d0b5d665ba5a7a021bedce4e7c43c045e84e51b7c72b4141c29724fc7efe0401bcd8ca53d36e8afdfdaf01d963d8331444d19f6623e15aa6455a25c22125563da924d57bcc53e10585799b3a09516bb983a5c0817139bfb9de198143f31492bf1996f26a7c4350ba38e10ae189a20d691ea0117f5cd655ee41030c3694b973eda418147c68e23775c4b5731bb431f46e4e8dfecead51e6212203d9b2d5f758e980a528e218ef6b9d85dbebb3dbbcb3e3948f7ff5d6d0b67e8e6d3dd99dc722f880abbe5723fdc99ed53c9d33af56368b6e744e679f12cf3f9a3d8803eb76c39fe0dcbfe80715f63e06982414cebdeac5f02b419f1bdb3850c4aa1e00c8e1febc86d1295229e00284e7c6fc1dd0ef68904a77bdf4b4f1fa4bbbb40ce0f8a074b6f773de61cd03dd7eac1e5595d76238e2d202d24a3b7985b0aa8d6e1c9a3f3f62d964dc9583c052cb5e8fd189383f84951d9c91aa4d1119ce4a197c5ec949180a0163c1e7baf264a2cd4790be1756e76219ba867ea5f07d4483bb0bdcf73af4a44b09b9af70e3733e4df87346c6d5ba6a94c803538338ea29d0eacc16bd64d693adf68b6b1628f3bb1d1eacbcf0b1acc80ce89ca7c1220a82dde9724179f1d25d53c387066815aaa16ca4a3a596909a17433683370e1db2740970aa6a4ccd377322bdb54b4becd4d09da68c26449b6497ae17232f728836e45809935c13797c1d506972bff9cf995433fd49594d7115c2baa9931fd3ae0e0435c7569788bd1e25803bbe07c7f5da81366fe27d769ddf25227b419b6e0088d25f29f22ca1e55d5ce1e596d1e6bd64d75c6a25cbad74189aceb0fb08839af405d2280c5440857f554af4024b05c71335bb1867f9a18a8f0159531a8812fb34263af1440fbd1c57a43ae40e5aed30ee7bf484946eb42a4f3976ea70dd90cb89b89872ba956c1d13648e6944d0a7653e6fa36b25d568281e5a396e78fda5d6e2d1d59e629fd08270c65efe5319eb12dd4264e7cbfbe3865bf0fd6543e4dcbd04eba478db385e097d3e2f58b3ec1a4593772a7d8b5f9b403b8500208c629c320ef7d47659621e9d84e43dd7fa3c1fde26bbbf43bc6f19c65c10adcf5f4890b04e28c270d6e6216f69956e7800b61d9d4de441d2fb05edbf498c99cfa35d1a973575bfbe73cdf43a3cbf01e26348b0653e8e6a843ec1ea8bab4d872284b1ac1f0d29817a6aeeacab309e6cf70325e9861edbcccf45dd44a815cacd08e9b63cff13cfeac7f960991641877437b4e88cf07ae0448f871c71f5ff29a60d2e4ad372e0980962a12faef48c299e527ff39ee397e8476afcf3d4f1b23001201492e1c13389891fcaee1f803320bdfb5532ef0978b019655d7af6b8e58a80e57df909685661fe6fc3c236d82ba6fab714b4c750fb51e417bfa10d1973110733ab3725056f6362f79348c472d4e97c8c8ba28b90ee2c1580334914ca6591cdda7fbc5f296103a532853560ec24b0d435d6c75d3a52bacc66156d77bb86acccf2b00fd4d0125754eb3d47d325336b4a4f1aee49ef67d31b4be5b86858d2ebd72511d5d1e7499798fee1523a66a8fcb6f9e27e8146734027cbd3b75fc16eeb48ff17d6d4f88b53a32266ce9b62cd96058b0fb0ac1781493ecc456ffd783b6402b6d323e815c2da0a36bc2802ce51e00f3dde1407384a3d022e2d4fa4c68e5ad9995b038e92e9691054be3c785446fd25036b195af4f7eea1f1186c79ae818d73d884682e232fb3a15e751b964d5c206e8f3f6a29f7e44ae593de78ec8611a1916b95a57f510993c49fad2bbf207e027b4c03539c647412cf87cdfb71e3cc0d57f58931796d62c3cb781f04cc8590c49020f36ace3d6cc5eb702e69bcbbdd22161719b2846126f632a89e7476f5f9b60480dfca5568473cd4e04ad9870eab338cd6b1b72157e63c4a75ae0355ed3d0fc3d16131b4f7a209db556dfa18977656cc1641732ecf6e36b0feb2f526c857dd6349b6347321dccc269f28548ee4ef6766a8e82a47e18c4008b29a3aaa3a373d4665ff848827a42d5e49f7a6b3ad1cd90394ef8b341461cbb76c1ddafbd465fa52dcbe448aac6eb538563102e48e1e13050ebaa8186dc4e1b69a51b182ba35f6c428c01058a8047442287ae6119577022d9cd912dd0a90edad87c38c6c79afaff3115e3388163a50fec192811c72517f228fdee414d0edfd329976ec7ca4038a09ad28783af11d7b2928f215bcb20f11a90e19fdd3259e6b34af336541e762d7d92acbe1037fb30a0ef14aab8eea0701e9b0b704cfc5cbaa3468290f4b5cf727bf18793d471084fcbc7dbfc2cebb7f0ae9428ec15a15fb483c608bcde63c474a8ba2dd9fae818a3b9cc66b29b0ad7524cf13588a05857831b864e6fb79c15039b680973219afb4a88cee6b02927c260f62583ad06bd2be3d2b3f9b320d5caad2d2e61270d1a75588978b247c9c69bfadfa69b2923c150012d89f24cc65b225249f15bf66bf9ab703aefc0a4f2abe1e37ac984ca9261b830faaff517cb56376873f0cb1e14b2747921bdad66753fbd489484f14ecc671804aa5bcfe0bd5636f76828ea939d90bbf8eef4b06ef9bfe3177628d15569c69a5bfda9e44896318d27da1e97942f5b77084fe132720ec5288f3426fd04a330c1378a9bb1d09cc0cec824ded03546944d79a3101649af218694f1d4949f2aba9d44f74dc818b475f80102addad5cfec7"}, 0x101c)
r0 = fspick(0xffffffffffffff9c, &(0x7f0000001080)='./file0\x00', 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f00000012c0)={{'\x00', 0x2}, {0x7}, 0x0, 0x0, 0x0, &(0x7f00000010c0)='./file0\x00', &(0x7f0000001100)='./file0\x00', &(0x7f0000001140)="38b98affebfe1e3af1c0f0cf8ce9e1c489eec80edc9a92993ab4c983b377e91459414040de058649804a45f44723f7b09e26b419e127b100f3b2b054198bcc883f06474cdac0b54836b48a62fb659dac1cd4d1ca49e159a2a6", 0x59, 0x0, &(0x7f00000011c0)={0x2, 0x5e, {0x1, 0xc, 0x2e, "97e5f5acf3ffff39b5d13cb9f6276507949e993527b8a0d6bfe39af47775853c36c1a79ded762941fd89aad1f4f6", 0x23, "9e6effa0dde7e85485551fdb1bff1a7bfc564d86a51d0cc29f94999b017c04a1a25961"}, 0x5d, "12393c3d397b1d8b0f122bd2182456420a34a8ede03ff5a272fc45c283e4c825fe7867f13e3e56702a1e44db81819c320f96ecd10a2eeb9b38882d8658e2b5df86ae2de6cacc25ab4e2b5bb3ae73bef7f6b53b1189ca014cb5f489a57f"}, 0xc7})
r1 = inotify_init1(0x80800)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000001340)={{0x3, 0x6}, 0x100, './file0\x00'})
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001480)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f00000014c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r3 = syz_open_dev$vcsn(&(0x7f0000001500), 0x2, 0x18002)
recvmmsg$unix(r3, &(0x7f0000002cc0)=[{{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000001540)=""/245, 0xf5}, {&(0x7f0000001640)=""/98, 0x62}, {&(0x7f00000016c0)=""/15, 0xf}, {&(0x7f0000001700)=""/159, 0x9f}, {&(0x7f00000017c0)=""/75, 0x4b}], 0x5, &(0x7f00000018c0)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000001900), 0x6e, &(0x7f0000002c00)=[{&(0x7f0000001980)=""/154, 0x9a}, {&(0x7f0000001a40)=""/154, 0x9a}, {&(0x7f0000001b00)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/36, 0x24}, {&(0x7f0000002b40)=""/24, 0x18}, {&(0x7f0000002b80)=""/68, 0x44}], 0x6, &(0x7f0000002c80)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}], 0x2, 0x2022, &(0x7f0000002d40))
r8 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r5, 0x6, &(0x7f0000002dc0)={0xe662, 0x0, &(0x7f0000002d80)=[r5, r0, r8, r3]}, 0x4)
dup2(r4, r4)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002e00)='/proc/zoneinfo\x00', 0x0, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002e80), r7)
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r9, &(0x7f0000002f80)={&(0x7f0000002e40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002f40)={&(0x7f0000002ec0)={0x70, r10, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x890)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r6, 0xc0709411, &(0x7f0000002fc0)={{0x0, 0xfffffffffffffff7, 0x4, 0x101, 0x10001, 0x9, 0x6, 0x7, 0x400, 0x6, 0x200, 0x400, 0x20, 0x100, 0x1ff}, 0x38, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r11 = openat$urandom(0xffffffffffffff9c, &(0x7f0000003080), 0x9180, 0x0)
fadvise64(r11, 0x3, 0x99b, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000003140)={0xffffffffffffffff, 0x4, 0x9, 0x20})

16:03:28 executing program 2:
r0 = semget$private(0x0, 0x0, 0x0)
r1 = semget(0x2, 0x4, 0x20)
semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000000)=[0x8, 0x7, 0xe6])
semctl$GETZCNT(r1, 0x2, 0xf, &(0x7f0000000040)=""/68)
semctl$SETVAL(r0, 0x2, 0x10, &(0x7f00000000c0)=0xf4)
r2 = semget$private(0x0, 0x0, 0x2)
semctl$IPC_RMID(r2, 0x0, 0x0)
semctl$GETZCNT(r1, 0x2, 0xf, &(0x7f0000000100)=""/99)
r3 = semget$private(0x0, 0x2, 0x322)
clock_gettime(0x0, &(0x7f00000001c0)={<r4=>0x0, <r5=>0x0})
semtimedop(r3, &(0x7f0000000180)=[{0x2, 0xeb, 0x800}, {0x0, 0x1, 0x800}, {0x0, 0x3f, 0x800}, {0x4, 0x2, 0x800}, {0x2, 0x4, 0x1000}, {0x1, 0x7, 0x1000}, {0x4, 0x6, 0x1800}], 0x7, &(0x7f0000000200)={r4, r5+60000000})
semtimedop(r0, &(0x7f0000000240)=[{0x0, 0x1c, 0x800}, {0x2, 0x28f, 0x1800}, {0x2, 0x0, 0x800}, {0x3, 0x400, 0x800}], 0x4, &(0x7f0000000280)={0x0, 0x989680})
semtimedop(r0, &(0x7f00000002c0)=[{0x0, 0x200}, {0x2, 0x1dfb, 0x800}, {0x4e91a192644521a5, 0x8}], 0x3, &(0x7f0000000300))
r6 = semget$private(0x0, 0x0, 0xc)
semctl$SETALL(r6, 0x0, 0x11, &(0x7f0000000340)=[0x6, 0x4, 0x2, 0x3cde])
io_setup(0x0, &(0x7f0000000380)=<r7=>0x0)
io_pgetevents(r7, 0x441, 0x4, &(0x7f00000003c0)=[{}, {}, {}, {}], &(0x7f0000000440)={0x0, 0x3938700}, &(0x7f00000004c0)={&(0x7f0000000480)={[0x8]}, 0x8})
semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000500)=[0x5, 0x1, 0x0])
semctl$GETPID(r2, 0x1, 0xb, &(0x7f0000000540)=""/64)
semtimedop(r3, &(0x7f0000000580)=[{0x1, 0x40, 0x1000}, {0x3, 0x3, 0x1000}, {0x1, 0x1000, 0x800}, {0x3, 0xfdc7, 0x1800}, {0x3, 0x8000, 0x800}, {0x5, 0x3ff}, {0x2, 0x3, 0x800}, {0x2, 0x739, 0x800}, {0x3, 0x2, 0x1800}], 0x9, &(0x7f00000005c0)={0x0, 0x3938700})

16:03:28 executing program 3:
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="37f06b9410ba5c2f2983999b39a2c553c3d53e522c5fd4f19ac971e8ed3ed4b82019da809dcc434e252abc7639e31eb90847d28641f9d25a9f69ff370ec9034366df76aa99b29a3af10124", 0x4b}, {&(0x7f0000000080)="3c34668c7427d6b276dc76d2305d9427816c7a3ef99313f90711b46d070073de1a51ad58eb3567c714f69d08bbd27362d5cf48e4636d4287adff8b2f27d74832d49d44ba6720df62d21f5c9c1b6b91a663f30fa0a50710c1", 0x58}], 0x2, 0xc)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x9)
r0 = socket$inet6(0xa, 0x3, 0x0)
preadv(r0, &(0x7f0000000440)=[{&(0x7f0000000140)=""/188, 0xbc}, {&(0x7f0000000200)=""/199, 0xc7}, {&(0x7f0000000300)=""/60, 0x3c}, {&(0x7f0000000340)=""/254, 0xfe}], 0x4, 0x2, 0x81)
ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f0000000480)=""/193)
readahead(r0, 0x800, 0x5)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f0000000580)=""/4096)
r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001580), 0x400000, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000015c0)='/sys/bus/memory_tiering', 0x440140, 0x11)
poll(&(0x7f0000001600)=[{r2}, {r1, 0x202}, {r3, 0x400}, {r0, 0x832}, {r0, 0x5080}, {r0, 0x50}, {r1, 0x2050}, {r1}, {r1, 0x106}, {r0, 0x730}], 0xa, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000001680)={'xfrm0\x00'})
ioctl(r3, 0x8, &(0x7f00000016c0)="94445a0dae3db9ce3ddbb4ac97cc472780bd9b630a402c672e617877c5f8202b17c6154dd3d094d18d2b8de23ab4b369c5203b22571e214a612c9cc2c73f86fad493551e2607d1e27e3bc504b99c27a9fb45a70ea5f85a3415cc90db29d9f6815d76d3967e1f389c1269d2962f78e75d0edd008e6e0008f9c70c048f76aa6ad612cae2df29b7da1ce580c72f87e08cedf07c348e4ec1b81922313653baf75e3cc93df562fb1bf8f9c3335da977")
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000001780)={{0x1, 0x1, 0x18, <r4=>r3, {0xf3}}, './file0\x00'})
ioctl$BINDER_SET_MAX_THREADS(r4, 0x40046205, &(0x7f00000017c0)=0x4)
r5 = dup2(r0, r1)
r6 = open_tree(r1, &(0x7f0000001d80)='./file0\x00', 0x1000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000001dc0)={{0x1, 0x1, 0x18, <r7=>r4, {0x4}}, './file0\x00'})
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000001e00)={{{@in6=@dev, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@private}, 0x0, @in6=@mcast2}}, &(0x7f0000001f00)=0xe8)
sendmsg$netlink(r5, &(0x7f0000002180)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000001800)={0x5c, 0x34, 0x434, 0x70bd26, 0x25dfdbfd, "", [@typed={0x8, 0xf, 0x0, 0x0, @uid=0xee00}, @generic="6aae5344ca8ff69c8fc7152427411bcc42036578413bee1fe13c071738c7b899ed0eb33b903af6bd236ed7056f7209e8f52c9421e24910d3", @typed={0xc, 0x67, 0x0, 0x0, @u64=0x3ff}]}, 0x5c}, {&(0x7f0000001880)={0x160, 0x3c, 0x200, 0x70bd2a, 0x25dfdbfe, "", [@generic="c004a02f04eead98c8fbf3efed6aabbba2a7c05d501b3b59d5d09e666a85e279350838904eb069054848efc13d6804c19484e462247ccd65e28c2e6ed2d8f80f5d2470fd9cb5710c30a1d33c2f742b542757a9081000cf23ead6d25a", @generic="2be13f286d871b2315f6a8c1d8e7d7bdf6a85574922702ea7cfc64f6c001916601076b70725d71b0a10ea4b442c54feb13559dfd11127719ca166f87d1f53425fa81f1bc60ffdf5bee8566cb43a5196d51e8b325f593a7fc8a15d55aed169a713a0c3d1a511ce08b2b4497c80a742a608ff0bb8e3ec0c561a6166f466b1f711eebc89fa430887c5556d3f864641d480edace14d471ae2f0364d302bc0eaf22df6d31436c4f2605cf6ad4334310f48bb3ab21e040c287220ff8faf598b6b62cf1a58f36fcde8358ec1ed81195a31f07ac8b747ab04636460b9e1b15d9", @generic="5f851f0b587ae143b56a774c5fc59d4bbf551d3a24ff"]}, 0x160}, {&(0x7f0000001a00)={0x5c, 0x17, 0x800, 0x70bd2b, 0x25dfdbfc, "", [@generic="d43c3827df1592df35f9bfe54bd68d43fbe33f2fc29f37789fd51a8772b2fa5cf17c0e57c35ad1a972b4a0093477efb0b61a08b2a810ae6e6de9b4ba929f07bee81c81ce13bbfdb5a2"]}, 0x5c}, {&(0x7f0000001a80)={0x2b4, 0x18, 0x2, 0x70bd2b, 0x25dfdbff, "", [@nested={0x100, 0x18, 0x0, 0x1, [@typed={0x8, 0x8e, 0x0, 0x0, @pid}, @generic="2b326d351beae0167514a845a0c2229d4ab7391734e9dc5a5eda4160a5cbf1677fcb90231d2ac936ee1c43f2410bc8aba8f4604cf0b2103c7a0bee09ce90961269d25503c4821e9e1e33ebace2b2fe02892c31dbdc215e8db67a8bbd1fa50536c5dfa77f59be6a29ed18358767c62d93cd5e9481a9274e8aa36e21b0bca8d00887c401eed253eec167254f1c8527e91c7e96a0ca7ea4486f535aa8de706e9d95772f87fcf98b840e686c68221de193f2cffcfd9a0c4a114578bfd4a0f0db0d503d8a994e28dc2819bb2ad4dec443a6fb93bbac4adce158b9b912c23ec26c8760a759ca2d8440486f267fa44fefdf3d62313a665e"]}, @nested={0xbf, 0x94, 0x0, 0x1, [@generic="cdfb20d7ee39ca4586b10d390d998455e941df74be729ebd1afaaf3838bbf245544f3bf93ae90585f76dd66591df5a80deab6989fb4fc35a618777e81dc6e029ec95e299b8d062c10133f4b45b77ac241898f4cdcd2298beae9ec1ae24699a621f4871859285e45ff063b6fac2798bc9609a80f24bfd10307cff7ce4bfbe0423b7a606d2e2908cfac2524bf00f33507669829a250872c46b315ef1d433dd1cc0d5d71f29b309c51f2acf333be03785a5371e8af0aa27d83c60c344"]}, @typed={0xe2, 0x6f, 0x0, 0x0, @binary="0b8eddefd9f755b5ac9b92e4638f670c06a35939dac8b56c2f27b8e5fcb4f5026e850cbfd9462fe5b4f6f343cc18fbb3a6b23a0e0ca3ef07676cedb0691c62d37d8db35d803f7135765f9b2896d6564c139a6c0befb01ff01c7bf707ba00cf15857a10a2005dd5c21b66040afc7b343180954e24b99a79d430839a9789b1c5de387e26d96e57a21fe9c4a4c17578f0488b952720e6c8acc80ef9af69e175673880d13c0c655e80ce4cfca3cf5fd3e6892be1ca35c5529ca8f429d06f0e8fef523b45ab25d8200bf4d6c8e281ded1995b8a5864b5c2653714f98821b858f3"}]}, 0x2b4}], 0x4, &(0x7f00000020c0)=[@rights={{0x28, 0x1, 0x1, [r6, r2, r7, r2, r3, r4]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r8}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}], 0x88, 0x4000001}, 0x800)

[   76.607771] audit: type=1400 audit(1664121808.721:6): avc:  denied  { execmem } for  pid=288 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
16:03:28 executing program 7:
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, &(0x7f0000000000)={0x77359400}, 0x10)
stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {<r3=>r0, 0xee01}}, './file0\x00'})
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, 0xc, 0x6, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x50}}, 0x4845)
statx(r2, &(0x7f00000006c0)='./file0\x00', 0x400, 0x92, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x1, 0x6, &(0x7f0000000600)=[{&(0x7f0000000300)="f8186a363b89008e234c53dfda7fa1b4fe9b16759b1b2a2ba05b75cb539cbbb8bb9d18c51352bdd78c08a5071493c4ce2eec322b8af8377baead1273a78495a332dd7c3f79950c29f27771585b464717da8be897764ca7bb6c4c3a406865fde961e5f1322cb7f13c0afd14a00b43fb00274937396720d9c3692b86494f", 0x7d, 0x7}, {&(0x7f0000000380)="a6cf44f79517b107546e0be2b63ff433596c1ea1cec4ec882f146ebc6ef6282e7fc7e48a600b4bc56f704d56b273148078f2f0dd8a944d7715d8d493f0906f8344c3a78e713e2a7e38d896de5aa0b6f2ee6edd4c23b8e4011d5b6172757df6e780fa1e12d1e59239c07cdcb215542eee8ca3e1a310bb450cb7a0d1f71a52c22dfe36f5393da996f13eeccfe9b782bad65137ad5dec9a47fbc0bd77d8cb69668f2000141a22a47b58e3c59a58cb7dfe", 0xaf, 0x1ff}, {&(0x7f0000000440)="ace595860236934a2f9f647452051f43565ccf7290a4c991bc2579057a14cf1556d4810f6007dfd4de3b3352a9bfd0fd6895cb950e2da96bd4c983d4e87392227275a3598e2357cc89f382a3f52718fe91506b0468e5543ea58000848e86185e5558d660d41d7f", 0x67, 0x8000}, {&(0x7f00000004c0)="dab83a92a33d35", 0x7}, {&(0x7f0000000500)="466808a1146d75d58565abf97a0a970b28c5c0b70d143b2a8137bd1224a4fdadbc77acaa04c490f31b458fe715be40d5d9df504081fc035811a009e7cc4eb07d01b5e5072284e69dfae3ad6ec1132b", 0x4f, 0xffffffff00000000}, {&(0x7f0000000580)="c69374b8b34d3e64f2d0fbde3aa0056b6927d90cc5b5ae4dc60dbdc21d791884b03f4ecc91b725915026ea042c9b8936d2d8b63ab5b2f59b82d05aee656675f4dac372483481b632efe5dac88bfadb041bbdb39c52cef4aa95f8897fab777c7bef0866d3ad1e8a239a244e873227f2bd", 0x70, 0x7fffffff}], 0x12804, &(0x7f0000000800)={[{@mpol={'mpol', 0x3d, {'interleave', '', @val={0x3a, [0x34, 0x36]}}}}, {@gid={'gid', 0x3d, r1}}, {@huge_always}, {@huge_never}, {@uid={'uid', 0x3d, r3}}, {@huge_never}], [{@appraise_type}, {@fsuuid={'fsuuid', 0x3d, {[0x39, 0x64, 0x30, 0x37, 0x61, 0x63, 0x34, 0x34], 0x2d, [0x33, 0x62, 0x64, 0x35], 0x2d, [0x33, 0x36, 0x62, 0x37], 0x2d, [0x39, 0x31, 0x39, 0x39], 0x2d, [0x37, 0x38, 0x34, 0x63, 0x0, 0x38, 0x31, 0x31]}}}, {@euid_lt={'euid<', r0}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@appraise_type}, {@fowner_gt={'fowner>', r4}}, {@obj_type={'obj_type', 0x3d, 'syz0\x00'}}]})
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000940), 0x1c7800, 0x0)
accept4$unix(r5, &(0x7f0000000980)=@abs, &(0x7f0000000a00)=0x6e, 0x800)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80), &(0x7f0000000ac0)={'U-', 0x6}, 0x16, 0x2)
r6 = signalfd4(r2, &(0x7f0000000b00)={[0x3ff]}, 0x8, 0x800)
preadv2(r6, &(0x7f0000000e80)=[{&(0x7f0000000b40)=""/21, 0x15}, {&(0x7f0000000b80)=""/189, 0xbd}, {&(0x7f0000000c40)=""/181, 0xb5}, {&(0x7f0000000d00)=""/48, 0x30}, {&(0x7f0000000d40)=""/100, 0x64}, {&(0x7f0000000dc0)=""/143, 0x8f}], 0x6, 0x7f, 0x5, 0x11)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r6, 0x8010671f, &(0x7f0000001000)={&(0x7f0000000f00)=""/236, 0xec})
ioctl$AUTOFS_IOC_EXPIRE(r5, 0x810c9365, 0xfffffffffffffffc)
r7 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000001080), 0x1, 0x0)
r8 = openat$cgroup_pressure(r5, &(0x7f00000010c0)='io.pressure\x00', 0x2, 0x0)
sendmsg$nl_netfilter(r2, &(0x7f0000001180)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001140)={&(0x7f0000001100)={0x24, 0x8, 0x5, 0x301, 0x70bd2a, 0x25dfdbfe, {0x5, 0x0, 0x8}, [@typed={0x8, 0x87, 0x0, 0x0, @fd=r7}, @typed={0x8, 0x5f, 0x0, 0x0, @fd=r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x480d1)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000011c0), 0x1, 0x0)
r9 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
creat(&(0x7f0000001200)='./file0\x00', 0x40)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r9)

16:03:28 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xee01, <r1=>0x0}}, './file0\x00'})
fchown(0xffffffffffffffff, 0xee00, r1)
pipe2$9p(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
write(r3, &(0x7f0000000080)="488d4ca1c54ad8616118aa470db36dee9972ecc31a7ae524c7dc8f1541cc3a6b64806ee507c960ca007d3737c7c9693690d1c851d4090c5d26ed416b451a2f9ee845b9d42f4475f626", 0x49)
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x80, 0x0, 0x8, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x32}}}}, [@NL80211_ATTR_STA_FLAGS={0x1c, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x4}, @NL80211_STA_FLAG_ASSOCIATED={0x4}, @NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}]}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x2}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x4c, 0x6}}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x1}, @NL80211_ATTR_STA_EXT_CAPABILITY={0xf, 0xac, "cf827b98cfe62df3d9746a"}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x4e0}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000011}, 0x4000000)
close(r3)
sendmsg$NL80211_CMD_STOP_NAN(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x4801, 0x11}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000005}, 0x40)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r4=>r0, {0x8d9}}, './file0\x00'})
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r4, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x78, 0x2, 0x7, 0x101, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x8}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x4}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x81a}]}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0xffffffffffffffff}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0xffffffff}, @NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x101}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x10001}]}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x20044010}, 0x20008800)
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000500)={{{@in, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@private}, 0x0, @in=@multicast1}}, &(0x7f0000000600)=0xe8)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000006c0)={'syztnl0\x00', &(0x7f0000000640)={'syztnl0\x00', <r6=>0x0, 0x0, 0xff, 0x7, 0x3, 0x22, @local, @empty, 0x10, 0x700, 0x1, 0x7}})
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r4, 0x89f7, &(0x7f0000000780)={'ip6tnl0\x00', &(0x7f0000000700)={'syztnl0\x00', <r7=>0x0, 0x4, 0x7f, 0x20, 0xfffffffa, 0x20, @empty, @rand_addr=' \x01\x00', 0x10, 0x10, 0x5, 0x9}})
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r4, 0x89f7, &(0x7f0000000840)={'ip6_vti0\x00', &(0x7f00000007c0)={'ip6gre0\x00', <r8=>0x0, 0x29, 0x0, 0x8, 0x7, 0x1, @local, @local, 0x80, 0x40, 0x3ff, 0x6}})
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000880)={0x1d4, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@HEADER={0x90, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x800}, 0x4004000)
getsockopt$SO_TIMESTAMPING(r4, 0x1, 0x64, &(0x7f0000000b00), &(0x7f0000000b40)=0x4)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0xd8, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}], @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x6}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x1}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3f}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x142}], @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x80}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0xd8}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008080)
sendfile(r0, r2, &(0x7f0000000d40)=0x4, 0x1)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f0000000d80)={{0x1, 0x1, 0x18, <r9=>r0, {r4}}, './file0\x00'})
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r9, &(0x7f0000000e80)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffffff71}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x8010)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x89f8, &(0x7f0000001000)={'ip6tnl0\x00', &(0x7f0000000f80)={'ip6tnl0\x00', 0x0, 0x29, 0x2d, 0x81, 0x20, 0x18, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10, 0x1, 0x8, 0x1000}})

16:03:28 executing program 4:
r0 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, &(0x7f0000000040)=0x1c)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f00000000c0)=@routing={0x16, 0xe, 0x1, 0x20, 0x0, [@local, @local, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @mcast1, @empty, @local, @private0={0xfc, 0x0, '\x00', 0x1}]}, 0x78)
r2 = openat$incfs(r1, &(0x7f0000000140)='.log\x00', 0x40, 0xe)
setsockopt$inet6_opts(r2, 0x29, 0x37, &(0x7f0000000180)=@fragment={0x62, 0x0, 0x9, 0x1, 0x0, 0x10, 0x65}, 0x8)
r3 = open(&(0x7f00000001c0)='./file0\x00', 0x101401, 0x30)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@loopback}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000340)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, r4})
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000003c0), 0x18ec9811bdaf7c4f, 0x0)
renameat2(r3, &(0x7f0000000380)='./file0\x00', r5, &(0x7f0000000400)='./file0\x00', 0x7)
r6 = syz_open_dev$vcsa(&(0x7f0000000440), 0xd2, 0x474000)
setsockopt$packet_drop_memb(r6, 0x107, 0x2, &(0x7f0000000480)={r4, 0x1, 0x6, @local}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000004c0)="83a7395fc7cb6666c099c59d", 0xc}, {&(0x7f0000000500)="f3d99b40f8f2fe0a818ebd5b07f668d26a8efd5310d6802952a92e2081f181d3184f952c7c6c0a1d7248845523a549f55fa7bf0802c11ce38005c344a5c4e75bdc07f2c3a6ae9d57ab479f2beb19ae347aa9d3359a797b7c5fd26d033f8c201662b631b0d8558c84c5dacc6a8440f7a444e75947beaff7dca2716bf763556020a7bd8a71a543faef1f49010a6026541b7202f6fa9a4ec7ae258bab28da4d19d3f0724e0583b7a2e8ce3808dbcd20da8c8a9da38fbb306e3975ffbfa6facd08696b461917e39a0ded524dc30f0d6fc3a06e631f1ac125", 0xd6}, {&(0x7f0000000600)="72a9ba4948ea3af91d44b0109628ddbf451f577cb28bbae9efe419e6ee673b", 0x1f}, {&(0x7f0000000640)="7920d5db3f02100b0b68edf2e4602bcda36d2507d14e68d02e84575ba60f9c6d8c07b55e925cfe2d19f3a3f6e80f0c3dd68707ad0d3c0b868f638c9f82df25c5c69820699a819d35ee1755", 0x4b}, {&(0x7f00000006c0)="987583d06fbbcb5a3f8a294a6904d1d966f87194346ff677f5de54537555112216b3ae7e1ab27657d5252380498633c017bcca8ec6273c1573b6a3452b9420c4f863d39c0a02551fec89a962e08fd28fe82a7085aa5ddbea69f47aeb643c378634ae0e072d92572806a3b5d190236a14f433ce08bd7efa6a881d959607feb82870c4055ac6bd6097f66dafdc094f245b97c423afeea83a11b5bce6e922eaaf", 0x9f}], 0x5, &(0x7f0000000800)=[@pktinfo={{0x24, 0x29, 0x32, {@private1, r4}}}, @hopopts={{0x58, 0x29, 0x36, {0x0, 0x7, '\x00', [@pad1, @ra={0x5, 0x2, 0x8001}, @calipso={0x7, 0x10, {0x0, 0x2, 0x40, 0x56, [0x4]}}, @pad1, @enc_lim={0x4, 0x1, 0x6}, @jumbo={0xc2, 0x4, 0x2}, @hao={0xc9, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}, @pad1, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x8001}}], 0x98}}, {{&(0x7f00000008c0)={0xa, 0x4e23, 0xfff, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x1c, &(0x7f00000009c0)=[{&(0x7f0000000900)="13331d46afa5f57f821c4874865f96c10067fc07d9847549ef2ad39ea7ba5136349f00eecbc6ed02a1908b67f87c446ce06fd8bb87e4d57cb865610f1426883c08988366df5c11b03057ff383a192e13168a33ded784bd9e8ff466e09c", 0x5d}, {&(0x7f0000000980)="ed9a2843f40d59b67c0b5d15e844e05fb70eff62c3e2c3d0db448de3a1299467285abae7651d216812f3d6f86e6d5da2254a03091b3c08b0", 0x38}], 0x2, &(0x7f0000000a00)=[@hoplimit={{0x14, 0x29, 0x34, 0x8}}, @dontfrag={{0x14, 0x29, 0x3e, 0x9bb5}}, @dstopts={{0x90, 0x29, 0x37, {0xf, 0xe, '\x00', [@calipso={0x7, 0x20, {0x1, 0x6, 0xff, 0x53, [0x1ff, 0x2, 0xffff]}}, @calipso={0x7, 0x8, {0x1, 0x0, 0x1, 0x5}}, @generic={0x45, 0x1b, "b77fddcb383aee9418752404da77ee8322cd22c9b5c68f63d7b28f"}, @calipso={0x7, 0x20, {0x2, 0x6, 0x9, 0x3256, [0x2, 0x1010, 0x4]}}, @ra={0x5, 0x2, 0xff80}, @ra={0x5, 0x2, 0x3}, @ra={0x5, 0x2, 0x1f}]}}}], 0xc0}}], 0x2, 0x48080)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000b40)='hsr0\x00', 0x10)
ioctl$AUTOFS_IOC_PROTOSUBVER(r5, 0x80049367, &(0x7f0000000b80))
getpeername$packet(r1, &(0x7f0000000bc0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000c00)=0x14)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000d00)={'syztnl2\x00', &(0x7f0000000c40)={'syztnl1\x00', r7, 0x10, 0x1, 0xfffffff9, 0x80000001, {{0x22, 0x4, 0x3, 0x1, 0x88, 0x66, 0x0, 0x9, 0x29, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x38}, {[@timestamp_addr={0x44, 0x44, 0x66, 0x1, 0x7, [{@rand_addr=0x64010101, 0x4}, {@multicast1, 0xffffffff}, {@dev={0xac, 0x14, 0x14, 0x19}, 0x4}, {@multicast1, 0x8}, {@local, 0x800}, {@broadcast, 0x1}, {@multicast1, 0x1}, {@broadcast}]}, @cipso={0x86, 0x2d, 0x3, [{0x7, 0xf, "bd7c8a983d2d709bf8b037ad49"}, {0x0, 0x9, "9b9aad9435c69f"}, {0x0, 0xf, "554e9167fbae7975c91705e80b"}]}, @end]}}}}})
recvmsg$unix(r6, &(0x7f0000003000)={&(0x7f0000000d40), 0x6e, &(0x7f0000002f40)=[{&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f0000001dc0)=""/233, 0xe9}, {&(0x7f0000001ec0)=""/4096, 0x1000}, {&(0x7f0000002ec0)=""/102, 0x66}], 0x4, &(0x7f0000002f80)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}, 0x2)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000003040)={{0x1, 0x1, 0x18, r8, {0x2}}, './file0\x00'})
bind$netlink(0xffffffffffffffff, &(0x7f00000030c0)={0x10, 0x0, 0x25dfdbfd, 0x1000}, 0xc)

16:03:28 executing program 6:
ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000000))
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
lseek(0xffffffffffffffff, 0x90000000, 0x4)
ftruncate(0xffffffffffffffff, 0x5)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, @out_args}, './file0\x00'})
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000080)=0x8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000140)={0x7, &(0x7f0000000100)=[{0x9, 0x1, 0x1, 0x10000}, {0x4, 0x80, 0x6, 0x7}, {0x3, 0xbc, 0x18, 0x7fff}, {0xe5, 0x40, 0x6, 0x5e}, {0x0, 0x5, 0x1}, {0xfffe, 0x87, 0x7f, 0x6}, {0x7, 0x0, 0x5, 0x2}]})
ioctl$INCFS_IOC_FILL_BLOCKS(r1, 0x80106720, &(0x7f0000001440)={0x4, &(0x7f00000013c0)=[{0x7, 0x2f, &(0x7f0000000180)="c295457811d87510e1027e33fc12ea7590388c7e16fb686bc4cda6f9ba6fb867c67163e8d004bd95fa5f0cedaf12d6", 0x1, 0x1}, {0x6, 0xdb, &(0x7f00000001c0)="349867312f1ec7202606840a8b047b45683965ec53f3fa486d37a39304d04ec1119c2abce410260919ca2cbb818d9f864fa305af5befab1bcbf0c6f47da8c1c7dce5ee2d5ad2591e357694ecc4fcc55bfffaf3776fb9072a195bc33509f8763340e638cee7656a4d13d9ce2da03ca235184ec5e174962321d4a984186ff1a27e8d373ce502db9532b824ab7ff97e154d1992010bf3633eb2a6bb420a2c5ac19bb15b48fbc125de42b040515bb0dbe19519cb68abeffce098a8d578a713ed1842087d76418b0085f87ca8b24476e682bbedd478a6f104a97adb666c", 0x1, 0x1}, {0x7, 0xe2, &(0x7f00000002c0)="59e3bc22bc5ff48bf98a76f4d71e9bd64205659f4dde5d7b979bb4b227e0f7257122b336915fb80c4b51e5102831fc9a92c1826bf7a829f9e5e7579d8af5a9b61bf94512bdf34acc79b96c8d951e88cbe4e38a08bc359ee5961ec53a2642026d37d7eca8b5a48f5af9689330bf383a7b8940677e829d5d5b9abbe529be86916eeaceee5634ee64358e5874ef3fb4ad7eb0ee93b278998e705796e336a1e0f8aa7b6108f7db1a491d1012990c81e68949249c2a4256b829e74df19a6ad150e7a7af78c4a6df22eec68cd193ec615a8960d2dcea45f204c38503b69784b71c663e9d35", 0x0, 0x1}, {0x7fffffff, 0x1000, &(0x7f00000003c0)="84d8e14c861644a5980a40da8c8ab8c4e9cd9d8cea23b8ae87befc5834789e5bcdfa316fd58e78be7207c2932c0ece837b9ab54922483d946f22e047be96d40a833b4ff4b26b583f9423ff9849266b14a2c4c92fcf393819f175fd7dcd213bbf24acde7ed3aabc42eb55affabc634b15ba268456c5ec1a28513fa2876aa79dc43f9cafecfd929dfb98010df94c18b4fd4b8fa8a77625c67766b65e0de011ef7e4a45df093025554cf298017c89639e1cee85d2b8c4e6ec82a733663bf8a46ed977b1e3446379d447a305f81ac9305d6b11a8c0063dc01c1e3aa77485fff57559383c0343c36f11e903de03d816980fc2ed2087377ca9ae369103cd6a80d09e40c70406f3a4ab364f42ce7ca78f1eb2a6b1aab723fdc6679f5573ecd6f358f264b4e5ae3535c09c5fc275d73f60b2efe0e7ce8029ec7d41bc3559897d810087757480442f2489b57c1163bf5c40739a85ff82581a94ec88e00a11a671d5ddc36316117d7ce1c7bdf8241be8e0d6b1de5d7b84a06a775e20b01a09f0853cc1c9ea629884ffed60a0cc503137c7f88d5ad4569f54bb384f78ae24c9fda78b0e9a20f4f3b8a28c5e7c64015c5f1528da56023b3d8fac83e991e2e21120cc606ceda7d82323b74ee2ac26a9e935d473d091178e1c413e3ecb0d0407db4073a40997dcedaf051ca0f8a645ddc138e270cee4cb8e27a138d21ce40129b78b8188052bc13b87aff78f128ce4d872fc77e5e1d9961ce24e2403b64543d12857c5cc2c49f5fc69d39e71ee61d271a65b93856b1c9943d6d474c2065489c01cfe37123d9d34d2ec91052da315c57451bfc71bb6d5283db57e35236a9f29371d4182c5eb641e5ee0cedf30d89220eb4bec32fc8ea2ac31b49e68a0997544b720731d58750cac57adf476f8ef1d93b7dc9c1d930b45458518e2a6482bf50fef3179f65ecd97de0fa5930726908e0cd1236246cef7223de4be2388dcc5776edaffd92d3663997baf19bb63563f2c7d38910cdd2fab82a8cd5d7ae9a4690bfd664b71a07b1194d1b43d083ed0dcc7a50614d48c8c5806e36b96567c4166700dfc3cce18f3604c2e116e30d15e2768d6992a3414e527211a470d3f73de7b9534173fadf41c54ba5147ff27b19dd7fee948ca4221f629985a9dbd70105f8e0d9b79e52c5a89fbc555d6461a98e4d3f05767c4f515cf21008b5559230eaedbd9a7c942bb4098b9f69c2d43a822e059bae1f8b3c4d1a1779115c81504cba69878e794d721df8aeef25692dfe9d3283cf938b98f60d4cf4756f47ad7d7e0f439ac52ec415a1e1e1b80bac5c948072ffda80673ae8dba69f853966068c027f3af70991e77943724925b394f623a054f99be9c89c2dfb0de15c015ff508433c276f046862916489ef996e541515d674944365b2f9d126a2dd6e5ea7009f9408d488aeb6f04bc609b2678fbd72439e3dabecb71695c51f7f34a63886ba11ab3bbf00a4be8b9f69481d3cffa3d6bc58e568aa23e1e4d1321c5ad6c496d893d657dabdc05c4883de62b8e05850aa3d9100905d3eb5cb1c89c286dc7537c787fecb4c8d4190ff3467e1afbe33b120451b2213bc0b119c5b9a121714f137f7b67acd9269c8c09507990feea6d8d7f9cb375ba076ae98def6aa74ba788352d6654abd97cc5b954b8c672116d7c28e00cdc04840aff20a3ac0875d4f344bd6f44fe6c72cf27df24b53052a5ce17b1772f47f10085cf5be40aaa90c5c63e8cededcadb9fc5de76bdfddf3726ebc118c2f3c67c23df0aa7232346aa53e43e1bfe24f8a5933f54258da8937038c4b4f590041020d11c555c0fd24b8b58bd645db9fbac15a8522da5704389885a8cc512a2270570f3e76d42ddf4962640047b9c57b85469f86188088a8fed8f32597f218676c70d424451e31a9914ca3e3271711c601f1b777912d0272bcabcfc759bd8c1ac49dd131d9f6d4343082ba63c162a485278302eb66fd8f1c7bad6f6dcc39712a62d0584d80fe4564c716fba96450a4aefad1304c8a2e4cfb94af3a210fc5f7c47ff397fcad42d7e4acd969411f8d182031a8adf5db1c8635feca02fcb9071011867dfc52db01f92e886d1ca36e3dfc67bfbed89786d643305ea357fb81dd06cd6c0f21798fe98051dd1af7f7cdf3bef99d4bbb6cf32f6e97e4164c6d49e04e5462b27a33b46c7d31a62fd698b5b155d502b04cf41b574d4a30a6f1db3f7b3bff300fcae66efb7674ff3689d1ba1c562265bc7e7e32ef36bf43d351fd7e9bceeb41f9ead2fbdb7a69cfa1a661744ef2a7fb75556cc30c0e7d7f9b0f0b72d49955544f9d942ea7c2c7822bd065ffd077adb6004cd1e69882739d889fe753653950de1cebad1f58e2505e87f84622531204f0caab060ded46d94329dfec01c4fad2400b619d7b3ff96985673616a6478d7fb34b40153e3e320c4c9e892774c0bd5d4b63bc5a00fcb8e1c000e127ede0fed68c4410662baba6f0b7984bc37c3637c7af1b6f5f462fb539dad35dc08ee4b37c0829a6fdd525250cc90e31cfba4c047cb9d58c6b5f0d5a3f1f316580a920d48e3b39ef6ca1a6a7c046c07cb803dd245a5412b8a9f9d9a7e7e34d0365c40e4a089ce9fc28ddcacb446871a545e3364b929a27ea7f18b5116b19e91195df2e7e0e65ab3dd01544a5f390d32df1a0dd4f33a9f8972ac293f933262526d5515e644426aec4c07e75bbfb6017d4acc729f2e7f4c54ec3a60467cbd60198d7a128d0cea76da2f42da7f1d13941ad90383aca8e85d4eef0143f96d825e71cf6f3138afcd3f77302ba8db2a615453e8fd42252520d948d1a1c1262729ef6f24a8a2955e4d04e5f23578009248f3f6ebd616f1b51a6d481915471106e17b341b01420e52298df57e97d932b59e915046d8676a9337fa0164430bd09d1d6324f415cc27c362567db6787e5335909223e1e87b9326b0c378cca7e9ad5203d6373eaf60034e4193cba4f703d09f69b4b488542dacbb617ce638c025e2ca85f50796349a23fd8ee5594ed9e874cf58166465b762d72e0c0efdee23c92864c23776bd3b306a251f3f6eca2720fde39da280066408d4da443f19533bbe4faab21f9e99ec92d5c6894633371a2dcb3ab9f27ff0773600422b882409ecfa811c182efa321ef3ae2b603eb31a1fc22bd067324f29fdb9c68df4c719b91ba8d4544d1f5bb3e604bd018525a6663b29e860ffb2eee55afc38a2401cbfb7e8c39e057bc8775911083740c1c51da9f7e9b4a6397e79f43750f03352e0a7cd32976fca0b11f2baaa513f66c7ebfb5547262c946605f59c4120a2fb7a9e1c1dc5430c70369fa5a1c0f868fceaf1c9db866159b8cc87926f0212dc7e3ff788bf06f3576e4d9e91bd769f656d3dfbebc48a1375ae5b6912023bf4e2ee9be6ab0e3faf8b66c36e6e6ff8c5aabbe1ab04c8088d452cd1ca02f6fa0e7610664bc90d68c19e7c186dd9dc4649a95ea9e402a630e8729632cd74fdcd504bfe6908ed25c36c447dd94a0cdde25e17e69cdf66265d3659ba2a4a0d153ff3e7e9cbe9b060445f555d33b9a0a53ee3fd09f8e01320a176678b55ca69272586333c4eda12e1c681a5a6c0184068f7e80822191a4b019268e1b19a96a27bddbdb01f9e10b41fedf0573604aa4de9256f00bd72ca11d2750ec1d01e5efaf0fdd076604010bd9c166e4d5584d52a9e3fd67ff0ff60905196c6d655642d8a7bb8b1ae8369320bde2397683a3400a393b11065060c3576209838a8f5ff9de56925e1339c673f602fd05ab19311805d27cf62b84445189d238c93e41cf8e64f57ea8ceb5b7e5a77acb1b6e048030908b157fe5cb7a331efc01139610830cdf52d09f3040adb901cc2cc12b2f88c3963a897f04ed9e3c256c60d373c9d943eb0c43fba8c24f49acd89ef869b1cf2a1084946aa1806283ab4d7804142f300b4c005ad13be424811344fdef1211aaaf36456b9fa4cbd8382112c0f92bb5f984008b79ff72a34ab3e2337fb1385f9df95c8c16f8be9105e522bd3e118c1be6954d44aa2ecfdf4848b842c7a4a620fef7a12e0f4bad2fc86e676f8c6ffcf4d0873bb849b7779bf0cbe18791434cc511edc869b83eff2704887db02c8d73ea1b8adf4dae4a243b8e7b302a8b70803b407f2578fbb6447fa886394a755fcef1799061c9f48725d33e26136636699041abb9d88104f5388d64d4735fe0d0a6fadd095780ac4337d9cae2cf1f6b468a8aea6c18a6bcd6f604206c755a6d642c00d619e3c9e9d79dfe9c08fd09676999dff0b02ada88aea766dcff962d61734b36ce7f4980357bcbb7f52f1481d991fbd5b60d990074e567267264ab86437508754e71ef031a605f9b5c571a7d499531095aaa51deb16b7dec6131164816e55ceaf44edab08b45675b5fa0eb26f333776f57809f9122e9ff5f5d598ab25a3e2d5b7da59a2376628f620d698c73d7a6ba5906649dcb26ca39a93da58c0aae1f6e667e7c0576459340f9080fca7c8f3200e434c05971a49e45fb682f88678b779d8221301e2546031c4870a4500ab16a35274edc3a55c76c8625d9373b3cd293dee6847461941c1fdd7f208582658967544a3ae73292a1b293a8ad1254c8a2e5c5da84c8c2baf4c000bc88266f6250187d5d18dbfc60c0055be24025db25d295ab596e65b5a98357545f4c746a5138cf87cb675efa6ef02b3735fb141b25956fb27ee2855069afa53614ef8430d8476ea49138e4ac78821f4dfdd781c38b40cd5f0a4d35a695ca6a3dbd360e19b53080972c0514c36f1b3cd5d9defaee632b0762a76a9390ea726ece13e0609e88a17c5fc80ab3eaf5b32b3e57aa2e8c5d6d036cb3ed06f017caa97d846d1fe90bcbe66efc5fcb082c6ef42446de2abd089e1b5de78972050390647d9e441062501c31988c89c25e1d70f322d4a6e813ec6aae6f15ae8a84840d4f0876f1cacecc802f68f0c44cee29d30b36d1f7ae45bef30d416fd51a34d0dcc5fe1213dd4ce03923211649ba41be61494fb932b160e4c22f19e6fd8aa5e0e7e5e89a08638c019f62e7570336f6ba9ebbd4c923cfd45b31efba64d4ceefa6a227f50228ba33866c2ffaaceb0b2c1d4095b9567154deae3c636f7abb2cae9640100dd9f6c49b3ae4da9d5fca78103f3461c10aacdc2b7b387bb7659b5e94f8eae6e4caf8f38cb80516ed18b4f3a405cfe98540888be6d1fdb9e19e39e9c6f56612b69abeb4abc5e2ae0cb75e3ed5b1733885dec583580fe128c1633b3a7b9361c64f83f7c951a04c057aa578191327fd9fb3caf7ded2cc8e398d162223e5c4800065304e336bfb9314f7657a3c45ab5e46e8362c7dc56cdbee85d77cd9c323bd14043ed1c21ad4e0f3f176203e8bd97f22c156419c44d857c6b5424667ef97c18d81c06d92bc225f074658c337e06d4d6e1bc1d143905ea56e597bcb74db02ca7c3b055ea6356db29639e54c0751816935d092247d82d66c320a7f65adb620ed4152318ce0c72ec6b9c08856a78d6e9babf25dffd1fa6dd080340bb57011939698c11d8f173d644ab0472ec495bd8514221cdfdf14192227b785cfae056d43aaf5fe64c4c9643e40924b2a72e6524914b4008e1c823fec9331b849fd04d4a01ba0f5cbecdf3898808854d6780ea996d037a02e7ed62c7cb7aebcd54908f38596cbb3942b86577438ddf187da1d29a8efbe580f5eca80c8feffd8d47c7a440044cbcb5556057991434aeae59274f63227e16ae2699edab8e04eeb7af835321c3decc11576a3ec5109e0534f049475508ae46238a8718f16c0be1cf4d347cbedac55e51", 0x1, 0x1}]})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001480)={{0x0, 0x2, 0x0, 0x4, 0xffffffffffff8001, 0x5, 0x4, 0x7, 0x20, 0x5, 0x7, 0x6, 0x1, 0x2, 0x6}})
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x10, r1, 0x9ff6000)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000002480)='./file0\x00', 0x24800, 0x208)
openat(r2, &(0x7f00000024c0)='./file0\x00', 0x80c81, 0xaa)
getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000002500), &(0x7f0000002540)=0x4)
r3 = openat(r2, &(0x7f0000002580)='./file0\x00', 0x20000, 0xc0)
r4 = fsopen(&(0x7f00000025c0)='sockfs\x00', 0x0)
fcntl$setlease(r4, 0x400, 0x1)
readv(r2, &(0x7f0000002680)=[{&(0x7f0000002600)=""/114, 0x72}], 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002700), r3)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000002840)={&(0x7f00000026c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000002800)={&(0x7f0000002740)={0x98, r5, 0x800, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x20, 0x56}}}}, [@NL80211_ATTR_CQM={0x24, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x4}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x5}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xfffffffc}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x8}]}, @NL80211_ATTR_CQM={0x54, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x81}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x800}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x5}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x9}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x87a}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x6544}, @NL80211_ATTR_CQM_RSSI_THOLD={0x20, 0x1, [0x60b, 0xffffff81, 0x800, 0x100, 0x4, 0x100, 0x4]}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x8080}, 0x80b1)

[   77.869619] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   77.872274] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.873598] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   77.875473] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   77.876632] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.879107] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.881408] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   77.883455] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   77.885598] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.890429] Bluetooth: hci1: HCI_REQ-0x0c1a
[   77.895112] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.902265] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.903637] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.932260] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   77.934823] Bluetooth: hci0: HCI_REQ-0x0c1a
[   77.953322] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   77.959319] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   77.960850] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   77.963918] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   77.964911] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   77.966387] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   77.968422] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   77.972486] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   77.975691] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   77.980233] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   77.982137] Bluetooth: hci5: HCI_REQ-0x0c1a
[   77.982919] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   77.985251] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   77.988196] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   77.990202] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   77.992807] Bluetooth: hci4: HCI_REQ-0x0c1a
[   77.994526] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   77.996306] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   78.021264] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   78.032870] Bluetooth: hci6: HCI_REQ-0x0c1a
[   78.042382] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   78.062134] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   78.065717] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   78.086350] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   78.100866] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   78.105935] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   78.120643] Bluetooth: hci7: HCI_REQ-0x0c1a
[   79.953597] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   79.953854] Bluetooth: hci0: command 0x0409 tx timeout
[   79.954799] Bluetooth: hci1: command 0x0409 tx timeout
[   79.955923] Bluetooth: hci2: Opcode 0x c03 failed: -110
[   80.017101] Bluetooth: hci5: command 0x0409 tx timeout
[   80.018172] Bluetooth: hci4: command 0x0409 tx timeout
[   80.081108] Bluetooth: hci6: command 0x0409 tx timeout
[   80.145088] Bluetooth: hci7: command 0x0409 tx timeout
[   82.001096] Bluetooth: hci0: command 0x041b tx timeout
[   82.002157] Bluetooth: hci1: command 0x041b tx timeout
[   82.066088] Bluetooth: hci4: command 0x041b tx timeout
[   82.066470] Bluetooth: hci5: command 0x041b tx timeout
[   82.130088] Bluetooth: hci6: command 0x041b tx timeout
[   82.194071] Bluetooth: hci7: command 0x041b tx timeout
[   84.050344] Bluetooth: hci1: command 0x040f tx timeout
[   84.050814] Bluetooth: hci0: command 0x040f tx timeout
[   84.113102] Bluetooth: hci5: command 0x040f tx timeout
[   84.113623] Bluetooth: hci4: command 0x040f tx timeout
[   84.178108] Bluetooth: hci6: command 0x040f tx timeout
[   84.241095] Bluetooth: hci7: command 0x040f tx timeout
[   84.267767] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   84.269940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   84.271804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   84.277192] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   84.283217] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   84.285894] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   84.303864] Bluetooth: hci3: HCI_REQ-0x0c1a
[   84.308578] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   84.348636] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   84.374386] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   84.380945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   84.408601] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   84.409614] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.424815] Bluetooth: hci2: HCI_REQ-0x0c1a
[   86.098073] Bluetooth: hci0: command 0x0419 tx timeout
[   86.098517] Bluetooth: hci1: command 0x0419 tx timeout
[   86.161108] Bluetooth: hci4: command 0x0419 tx timeout
[   86.161528] Bluetooth: hci5: command 0x0419 tx timeout
[   86.225106] Bluetooth: hci6: command 0x0419 tx timeout
[   86.289110] Bluetooth: hci7: command 0x0419 tx timeout
[   86.353059] Bluetooth: hci3: command 0x0409 tx timeout
[   86.481371] Bluetooth: hci2: command 0x0409 tx timeout
[   88.401046] Bluetooth: hci3: command 0x041b tx timeout
[   88.529289] Bluetooth: hci2: command 0x041b tx timeout
[   90.450053] Bluetooth: hci3: command 0x040f tx timeout
[   90.578151] Bluetooth: hci2: command 0x040f tx timeout
[   92.497120] Bluetooth: hci3: command 0x0419 tx timeout
[   92.626136] Bluetooth: hci2: command 0x0419 tx timeout
16:04:20 executing program 1:
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000000400)={0x0, 0xc2, 0x80}, &(0x7f0000000440)={'enc=', 'pkcs1', ' hash=', {'crct10dif\x00'}}, &(0x7f00000004c0)="e5f2f21e7cb3b0a3202aec5eedcad96be9adcc42037a0c0b6374f6fbf5630a1daf5458aa245dcba494ce1bbaea576b68709f07101db6e2157da9fffc0eb47cbbdfc5d79f0e92a29f6571657589b96bb95867aac8696ed9866748a75f4b1eafe8a24f3992c9cb93b76fa23a36cf019440421010ff09122b4bbb5f3050d7232d0297440202c54fa958607fe78fc996b6bd45115c4a6eb2f30558481d10a12dee86b2c6cd755ae37f5b2a7788a08e2bd8a9b3fc20e81e6563eb1e3636d57e8b9d6e3286", &(0x7f00000005c0)=""/128)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0)
read(r0, &(0x7f0000004c80)=""/102392, 0x10)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
fchmodat(r0, &(0x7f00000003c0)='./cgroup/cgroup.procs\x00', 0x1b8)
sendfile(r1, r0, &(0x7f0000000000), 0xc31)
clone3(&(0x7f0000000300)={0x1c000, &(0x7f0000000080)=<r2=>0xffffffffffffffff, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000100), {0x1c}, &(0x7f0000000140)=""/159, 0x9f, &(0x7f0000000200)=""/170, &(0x7f00000002c0)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x5}, 0x58)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x10000027f)
close_range(r4, r0, 0x2)
r6 = syz_open_procfs(r3, &(0x7f0000000640)='net/nf_conntrack\x00')
dup(r6)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000380)={0x0, 0x0, 0x9, 0x7})

[  128.169387] syz-executor.1 (3660) used greatest stack depth: 24520 bytes left
16:04:20 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000002d00)=[{&(0x7f0000002c80)='1', 0x1, 0x6c37}], 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x4141, 0x40)
lseek(r0, 0x8, 0x4)

[  128.282606] loop1: detected capacity change from 0 to 108
[  128.305466] loop1: detected capacity change from 0 to 108
16:04:20 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9829fe3)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={""/10, ""/2, @loopback}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000200)=0xe8)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0xfcb, 0x0, 0xfffffffffffffffc, 0x1800000, &(0x7f0000000440)={[{@shortname_win95}, {@utf8no}, {@utf8no}, {@shortname_winnt}, {@utf8no}, {@shortname_mixed}, {@shortname_lower}], [{@fowner_lt={'fowner<', r3}}, {@subj_role={'subj_role', 0x3d, '\x00'}}, {@smackfsroot}, {@appraise}, {@dont_hash}]})
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

[  128.441946] loop1: detected capacity change from 0 to 7
[  128.449753] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value
[  128.479521] loop1: detected capacity change from 0 to 7
[  128.491601] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value
16:04:20 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9829fe3)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={""/10, ""/2, @loopback}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000200)=0xe8)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0xfcb, 0x0, 0xfffffffffffffffc, 0x1800000, &(0x7f0000000440)={[{@shortname_win95}, {@utf8no}, {@utf8no}, {@shortname_winnt}, {@utf8no}, {@shortname_mixed}, {@shortname_lower}], [{@fowner_lt={'fowner<', r3}}, {@subj_role={'subj_role', 0x3d, '\x00'}}, {@smackfsroot}, {@appraise}, {@dont_hash}]})
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

[  128.639718] loop1: detected capacity change from 0 to 7
[  128.641627] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value
16:04:20 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9829fe3)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={""/10, ""/2, @loopback}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000200)=0xe8)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0xfcb, 0x0, 0xfffffffffffffffc, 0x1800000, &(0x7f0000000440)={[{@shortname_win95}, {@utf8no}, {@utf8no}, {@shortname_winnt}, {@utf8no}, {@shortname_mixed}, {@shortname_lower}], [{@fowner_lt={'fowner<', r3}}, {@subj_role={'subj_role', 0x3d, '\x00'}}, {@smackfsroot}, {@appraise}, {@dont_hash}]})
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

[  128.802595] loop1: detected capacity change from 0 to 7
[  128.813372] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value
16:04:21 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9829fe3)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={""/10, ""/2, @loopback}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000200)=0xe8)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0xfcb, 0x0, 0xfffffffffffffffc, 0x1800000, &(0x7f0000000440)={[{@shortname_win95}, {@utf8no}, {@utf8no}, {@shortname_winnt}, {@utf8no}, {@shortname_mixed}, {@shortname_lower}], [{@fowner_lt={'fowner<', r3}}, {@subj_role={'subj_role', 0x3d, '\x00'}}, {@smackfsroot}, {@appraise}, {@dont_hash}]})
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

[  129.038818] loop1: detected capacity change from 0 to 7
[  129.053853] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value
16:04:21 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9829fe3)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={""/10, ""/2, @loopback}, @in6=@mcast2}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000200)=0xe8)
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

16:04:21 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9829fe3)
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

[  131.564417] loop7: detected capacity change from 0 to 264192
[  131.583618] loop7: detected capacity change from 0 to 264192
16:04:43 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000007f00000100000000000000000000000000000000000000000a00008000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00B\x00'/112], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001"], 0x1c}}, 0x0)

16:04:43 executing program 5:
mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00')
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r3 = openat2(r1, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_WRITE={0x17, 0x1, 0x4007, @fd_index=0x2, 0x2, &(0x7f0000000340)="1a9c9aaba3133e4d461f263a04449aced2c50aa7e6f14e393752eb4babd6ce252ef62dfcf0d9608d4f3084f43ba9084b5eb7a00d76d147427169f6f806e7be70d662be17a8c51ea55124831b2ba52a90f3", 0x51, 0x4, 0x1}, 0xc8c)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0xb)
r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000180)=0x1)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r4)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0)
ioctl$SNAPSHOT_FREE(r5, 0x3305)
mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil)
perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x81, 0x90, 0x6, 0xc7, 0x0, 0x80000ffe, 0x1, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x539, 0x2, @perf_bp={&(0x7f0000000100), 0xc}, 0x8, 0x2, 0x829c, 0x2, 0xcf4b, 0x2, 0xf4a7, 0x0, 0x5, 0x0, 0x28e5}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x3)

16:04:43 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000380), 0x2}, 0x12354}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fallocate(r1, 0x0, 0x0, 0x87ffffc)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x220000, 0x0)
openat(r2, &(0x7f00000003c0)='./file1\x00', 0x402, 0x1bb)
pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48", 0x50}], 0x1, 0x8d, 0x7bf6)
pwritev2(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="3c05886344f6c1676463474261a3cd71268afe038e7d96f46fea5246194a21c0bca49aab4882c5e4b508f5caf019902800cc407c31ecca2126ec616e9ef51561c11fb6d5ad0dc0c03998e37daae333db1252ad0d6b210c26dc017bcd9eb7b3773f1ab930713c646093f3efac450fcd793d65bfca217cf1d1be3971f4b8bee2b4fd3876a9b065f04ff62603f3cffe0e3ead48226b756653faf696165c00c54890e8d4590f8c08e761926d1a367f7adaff0cd7a0a804aae86072e3866492eabdfbbf60d4a310dfda9cb5f679ca00946a01dd39236d72f2aa56bb3d9d47c042843926cfff2164e5df0e048b3a8d", 0xec}], 0x1, 0x6, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x4800)
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xb9)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r3, 0xc018620b, &(0x7f0000000400)={0x3})
signalfd4(r4, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0)
signalfd4(r5, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r4, 0xc0189374, &(0x7f0000000340)={{0x1, 0x1, 0x18, r5, {0x1}}, './file1\x00'})

16:04:43 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)

16:04:43 executing program 7:
setitimer(0x2, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
setitimer(0x1, &(0x7f0000000140)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
setitimer(0x2, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000040)={0x0, <r0=>0x0})
setitimer(0x2, &(0x7f0000000080)={{0x0, 0xea60}, {0x0, r0/1000+10000}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x10000027f)
utimensat(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={{0x77359400}, {0x77359400}}, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)

16:04:43 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000700)={0x1c, r1, 0x1, 0x70b929, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008814}, 0x20044040)

16:04:43 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

16:04:43 executing program 4:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x401})
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f00000000c0))
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000080)={0xfe, 0xc1}, 0x2)

[  151.071898] audit: type=1400 audit(1664121883.185:7): avc:  denied  { open } for  pid=3991 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  151.074809] audit: type=1400 audit(1664121883.185:8): avc:  denied  { kernel } for  pid=3991 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  151.090508] syz-executor.7 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  151.092177] EXT4-fs warning (device sda): verify_group_input:150: Cannot add at group 1025 (only 16 groups)
[  151.096205] ------------[ cut here ]------------
[  151.096235] 
[  151.096240] ======================================================
[  151.096246] WARNING: possible circular locking dependency detected
[  151.096252] 6.0.0-rc6-next-20220923 #1 Not tainted
[  151.096264] ------------------------------------------------------
[  151.096270] syz-executor.6/4007 is trying to acquire lock:
[  151.096281] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  151.096344] 
[  151.096344] but task is already holding lock:
[  151.096349] ffff8880407fbc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  151.096399] 
[  151.096399] which lock already depends on the new lock.
[  151.096399] 
[  151.096404] 
[  151.096404] the existing dependency chain (in reverse order) is:
[  151.096410] 
[  151.096410] -> #3 (&ctx->lock){....}-{2:2}:
[  151.096435]        _raw_spin_lock+0x2a/0x40
[  151.096469]        __perf_event_task_sched_out+0x53b/0x18d0
[  151.096492]        __schedule+0xedd/0x2470
[  151.096516]        schedule+0xda/0x1b0
[  151.096539]        exit_to_user_mode_prepare+0x114/0x1a0
[  151.096560]        syscall_exit_to_user_mode+0x19/0x40
[  151.096582]        do_syscall_64+0x48/0x90
[  151.096612]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.096634] 
[  151.096634] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  151.096659]        _raw_spin_lock_nested+0x30/0x40
[  151.096692]        raw_spin_rq_lock_nested+0x1e/0x30
[  151.096715]        task_fork_fair+0x63/0x4d0
[  151.096745]        sched_cgroup_fork+0x3d0/0x540
[  151.096770]        copy_process+0x4183/0x6e20
[  151.096788]        kernel_clone+0xe7/0x890
[  151.096805]        user_mode_thread+0xad/0xf0
[  151.096824]        rest_init+0x24/0x250
[  151.096844]        arch_call_rest_init+0xf/0x14
[  151.096874]        start_kernel+0x4c1/0x4e6
[  151.096902]        secondary_startup_64_no_verify+0xe0/0xeb
[  151.096926] 
[  151.096926] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  151.096951]        _raw_spin_lock_irqsave+0x39/0x60
[  151.096985]        try_to_wake_up+0xab/0x1930
[  151.097008]        up+0x75/0xb0
[  151.097033]        __up_console_sem+0x6e/0x80
[  151.097060]        console_unlock+0x46a/0x590
[  151.097089]        do_con_write+0xc05/0x1d50
[  151.097109]        con_write+0x21/0x40
[  151.097128]        n_tty_write+0x4d4/0xfe0
[  151.097152]        file_tty_write.constprop.0+0x49c/0x8f0
[  151.097174]        vfs_write+0x9c3/0xd90
[  151.097206]        ksys_write+0x127/0x250
[  151.097236]        do_syscall_64+0x3b/0x90
[  151.097266]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.097288] 
[  151.097288] -> #0 ((console_sem).lock){....}-{2:2}:
[  151.097313]        __lock_acquire+0x2a02/0x5e70
[  151.097343]        lock_acquire+0x1a2/0x530
[  151.097371]        _raw_spin_lock_irqsave+0x39/0x60
[  151.097405]        down_trylock+0xe/0x70
[  151.097431]        __down_trylock_console_sem+0x3b/0xd0
[  151.097460]        vprintk_emit+0x16b/0x560
[  151.097489]        vprintk+0x84/0xa0
[  151.097518]        _printk+0xba/0xf1
[  151.097537]        report_bug.cold+0x72/0xab
[  151.097565]        handle_bug+0x3c/0x70
[  151.097595]        exc_invalid_op+0x14/0x50
[  151.097625]        asm_exc_invalid_op+0x16/0x20
[  151.097645]        group_sched_out.part.0+0x2c7/0x460
[  151.097665]        ctx_sched_out+0x8f1/0xc10
[  151.097683]        __perf_event_task_sched_out+0x6d0/0x18d0
[  151.097706]        __schedule+0xedd/0x2470
[  151.097730]        schedule+0xda/0x1b0
[  151.097754]        exit_to_user_mode_prepare+0x114/0x1a0
[  151.097773]        syscall_exit_to_user_mode+0x19/0x40
[  151.097795]        do_syscall_64+0x48/0x90
[  151.097825]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.097847] 
[  151.097847] other info that might help us debug this:
[  151.097847] 
[  151.097852] Chain exists of:
[  151.097852]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  151.097852] 
[  151.097879]  Possible unsafe locking scenario:
[  151.097879] 
[  151.097883]        CPU0                    CPU1
[  151.097887]        ----                    ----
[  151.097891]   lock(&ctx->lock);
[  151.097901]                                lock(&rq->__lock);
[  151.097912]                                lock(&ctx->lock);
[  151.097924]   lock((console_sem).lock);
[  151.097934] 
[  151.097934]  *** DEADLOCK ***
[  151.097934] 
[  151.097937] 2 locks held by syz-executor.6/4007:
[  151.097950]  #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  151.098002]  #1: ffff8880407fbc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  151.098057] 
[  151.098057] stack backtrace:
[  151.098061] CPU: 0 PID: 4007 Comm: syz-executor.6 Not tainted 6.0.0-rc6-next-20220923 #1
[  151.098093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  151.098107] Call Trace:
[  151.098112]  <TASK>
[  151.098119]  dump_stack_lvl+0x8b/0xb3
[  151.098151]  check_noncircular+0x263/0x2e0
[  151.098181]  ? format_decode+0x26c/0xb50
[  151.098210]  ? print_circular_bug+0x450/0x450
[  151.098241]  ? enable_ptr_key_workfn+0x20/0x20
[  151.098271]  ? format_decode+0x26c/0xb50
[  151.098301]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  151.098334]  __lock_acquire+0x2a02/0x5e70
[  151.098373]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  151.098413]  lock_acquire+0x1a2/0x530
[  151.098444]  ? down_trylock+0xe/0x70
[  151.098474]  ? lock_release+0x750/0x750
[  151.098511]  ? vprintk+0x84/0xa0
[  151.098543]  _raw_spin_lock_irqsave+0x39/0x60
[  151.098578]  ? down_trylock+0xe/0x70
[  151.098607]  down_trylock+0xe/0x70
[  151.098635]  ? vprintk+0x84/0xa0
[  151.098665]  __down_trylock_console_sem+0x3b/0xd0
[  151.098696]  vprintk_emit+0x16b/0x560
[  151.098731]  vprintk+0x84/0xa0
[  151.098762]  _printk+0xba/0xf1
[  151.098782]  ? record_print_text.cold+0x16/0x16
[  151.098811]  ? report_bug.cold+0x66/0xab
[  151.098843]  ? group_sched_out.part.0+0x2c7/0x460
[  151.098864]  report_bug.cold+0x72/0xab
[  151.098898]  handle_bug+0x3c/0x70
[  151.098928]  exc_invalid_op+0x14/0x50
[  151.098961]  asm_exc_invalid_op+0x16/0x20
[  151.098983] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  151.099008] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  151.099029] RSP: 0018:ffff8880413f7c48 EFLAGS: 00010006
[  151.099046] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  151.099059] RDX: ffff888040665040 RSI: ffffffff81564fb7 RDI: 0000000000000005
[  151.099074] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001
[  151.099087] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff8880407fbc00
[  151.099101] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002
[  151.099121]  ? group_sched_out.part.0+0x2c7/0x460
[  151.099145]  ? group_sched_out.part.0+0x2c7/0x460
[  151.099169]  ctx_sched_out+0x8f1/0xc10
[  151.099193]  __perf_event_task_sched_out+0x6d0/0x18d0
[  151.099221]  ? lock_is_held_type+0xd7/0x130
[  151.099245]  ? __perf_cgroup_move+0x160/0x160
[  151.099268]  ? set_next_entity+0x304/0x550
[  151.099299]  ? update_curr+0x267/0x740
[  151.099333]  ? lock_is_held_type+0xd7/0x130
[  151.099357]  __schedule+0xedd/0x2470
[  151.099388]  ? io_schedule_timeout+0x150/0x150
[  151.099417]  ? rcu_read_lock_sched_held+0x3e/0x80
[  151.099453]  schedule+0xda/0x1b0
[  151.099480]  exit_to_user_mode_prepare+0x114/0x1a0
[  151.099502]  syscall_exit_to_user_mode+0x19/0x40
[  151.099525]  do_syscall_64+0x48/0x90
[  151.099557]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.099581] RIP: 0033:0x7f638bd1eb19
[  151.099596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  151.099616] RSP: 002b:00007f6389294218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  151.099636] RAX: 0000000000000001 RBX: 00007f638be31f68 RCX: 00007f638bd1eb19
[  151.099649] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f638be31f6c
[  151.099663] RBP: 00007f638be31f60 R08: 000000000000000e R09: 0000000000000000
[  151.099676] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f638be31f6c
[  151.099689] R13: 00007ffd1c994ecf R14: 00007f6389294300 R15: 0000000000022000
[  151.099712]  </TASK>
[  151.213111] WARNING: CPU: 0 PID: 4007 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  151.214570] Modules linked in:
[  151.215090] CPU: 0 PID: 4007 Comm: syz-executor.6 Not tainted 6.0.0-rc6-next-20220923 #1
[  151.216360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  151.218138] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  151.218997] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  151.221809] RSP: 0018:ffff8880413f7c48 EFLAGS: 00010006
[  151.222654] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  151.223771] RDX: ffff888040665040 RSI: ffffffff81564fb7 RDI: 0000000000000005
[  151.224888] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001
[  151.225997] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff8880407fbc00
[  151.227118] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002
[  151.228235] FS:  00007f6389294700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  151.229488] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  151.230422] CR2: 0000001b2dd21000 CR3: 000000001806e000 CR4: 0000000000350ef0
[  151.231541] Call Trace:
[  151.231953]  <TASK>
[  151.232322]  ctx_sched_out+0x8f1/0xc10
[  151.232956]  __perf_event_task_sched_out+0x6d0/0x18d0
[  151.233781]  ? lock_is_held_type+0xd7/0x130
[  151.234480]  ? __perf_cgroup_move+0x160/0x160
[  151.235200]  ? set_next_entity+0x304/0x550
[  151.235887]  ? update_curr+0x267/0x740
[  151.236528]  ? lock_is_held_type+0xd7/0x130
[  151.237219]  __schedule+0xedd/0x2470
[  151.237830]  ? io_schedule_timeout+0x150/0x150
[  151.238583]  ? rcu_read_lock_sched_held+0x3e/0x80
[  151.239368]  schedule+0xda/0x1b0
[  151.239930]  exit_to_user_mode_prepare+0x114/0x1a0
[  151.240711]  syscall_exit_to_user_mode+0x19/0x40
[  151.241470]  do_syscall_64+0x48/0x90
[  151.242103]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.242921] RIP: 0033:0x7f638bd1eb19
[  151.243511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  151.246349] RSP: 002b:00007f6389294218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  151.247534] RAX: 0000000000000001 RBX: 00007f638be31f68 RCX: 00007f638bd1eb19
[  151.248647] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f638be31f6c
[  151.249740] RBP: 00007f638be31f60 R08: 000000000000000e R09: 0000000000000000
[  151.250836] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f638be31f6c
[  151.251916] R13: 00007ffd1c994ecf R14: 00007f6389294300 R15: 0000000000022000
[  151.253006]  </TASK>
[  151.253366] irq event stamp: 138
[  151.253886] hardirqs last  enabled at (137): [<ffffffff8133e999>] exit_to_user_mode_prepare+0x109/0x1a0
[  151.255332] hardirqs last disabled at (138): [<ffffffff84259645>] __schedule+0x1225/0x2470
[  151.256591] softirqs last  enabled at (0): [<ffffffff8114f175>] copy_process+0x1e15/0x6e20
[  151.257833] softirqs last disabled at (0): [<0000000000000000>] 0x0
[  151.258805] ---[ end trace 0000000000000000 ]---
[  151.290230] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  151.293013] hrtimer: interrupt took 17002 ns
[  151.296614] EXT4-fs warning (device sda): verify_group_input:150: Cannot add at group 1025 (only 16 groups)
16:04:43 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000700)={0x1c, r1, 0x1, 0x70b929, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008814}, 0x20044040)

[  151.326793] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
16:04:43 executing program 4:
ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f00000004c0))
openat$nvram(0xffffffffffffff9c, &(0x7f0000002900), 0x101080, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x10000027f)
lseek(r1, 0x100, 0x2)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000480), 0xbbb622dc30c70c7f, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000040), 0x5, 0x4040)
vmsplice(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="bfa9a9e4099623e6d6a1bd3c03e96e423d267390700f95372512ab345a7cc3f2f14f05d105488a1bf3416a58862fa71a1b8a019a7ff64b1319d90bf7790d236ac955622f79b45f0f82ebb6acd4ba9c3a30213de4cf85c5d7e87919521b69daa344ce329203ffca2cc8ce34b6ab615a54e65e8152a62b7ca82e8fc422f0b40532013ecf73a9502472e3f43a77e13a11465f58c9c59b71", 0x96}, {&(0x7f0000000140)="54d65a5a5353fe727d9c3d5d", 0xc}, {&(0x7f0000000180)="fa5184034dc7c415c5c17b9fc1b1ee33de", 0x11}, {&(0x7f00000001c0)="241583adb9c0e4af84ad45f3b04bad9a8c467bef02107cf578363a6e1499c2ea0b565238e96af2d86b", 0x29}, {&(0x7f0000000200)="431bd632d3a45c380fe4a8180fcafbf7a9409bfff72f9e049bc838c6bb62c0cac4450c806ba78dd9fffc2ae6e7c2781ae229322341e6dee19be34ae059bf39886c58497c2058bad2e2acf5890e4850d0eb7226774527e27b807e2a828b8496bb5cfa5c49e4ae8e05001b6a1bb52af5d0feaf795a84c6a0c39d90074635c020dcc2e7923ff14089332e0ad4f93bfd3b88a85366", 0x93}, {&(0x7f00000002c0)="fd53041e0bcb23cb5b3fc99e65e017857b1719acf90d3f55730000", 0x1b}, {&(0x7f0000000300)="dfdce98abc286fcfada6217c0dcb58ca11f9bdab42815fcee5c0e75db64c2533cf631a01db68b3aef4aba331ead6c48fb1f1e99170e64bf2caf18f61bae908cee83f97486619fe51264ecb3bf5aed52e030e2f74021527b58ed5d7f0eef19b3ae5f665d43baaf39b648ca15981379b7f046d23cd57764ee461c194d53be69bba9546a2c4a74cdbd3b851a3b5ccc5e2e1abaedbc62aecf8dbabc433ac80aaa7bc56bcac2c91a477d6c2a4a72b953fabdef254fd0f4c8d93123ce4894afc8b5ce3e37c444dafaa0074b2d910", 0xcb}], 0x7, 0x8)
close(r2)

[  151.371346] random: crng reseeded on system resumption
[  151.374415] Restarting kernel threads ... done.
16:04:43 executing program 1:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index}, 0x7fff)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5}, 0x0)
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

[  151.481352] random: crng reseeded on system resumption
16:04:43 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000007f00000100000000000000000000000000000000000000000a00008000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00B\x00'/112], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001"], 0x1c}}, 0x0)

16:04:43 executing program 7:
syz_mount_image$vfat(0x0, 0x0, 0x2, 0x8783db29f7bf47a, &(0x7f0000000040), 0x203cef, 0x0)

16:04:43 executing program 4:
ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f00000004c0))
openat$nvram(0xffffffffffffff9c, &(0x7f0000002900), 0x101080, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x10000027f)
lseek(r1, 0x100, 0x2)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000480), 0xbbb622dc30c70c7f, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000040), 0x5, 0x4040)
vmsplice(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="bfa9a9e4099623e6d6a1bd3c03e96e423d267390700f95372512ab345a7cc3f2f14f05d105488a1bf3416a58862fa71a1b8a019a7ff64b1319d90bf7790d236ac955622f79b45f0f82ebb6acd4ba9c3a30213de4cf85c5d7e87919521b69daa344ce329203ffca2cc8ce34b6ab615a54e65e8152a62b7ca82e8fc422f0b40532013ecf73a9502472e3f43a77e13a11465f58c9c59b71", 0x96}, {&(0x7f0000000140)="54d65a5a5353fe727d9c3d5d", 0xc}, {&(0x7f0000000180)="fa5184034dc7c415c5c17b9fc1b1ee33de", 0x11}, {&(0x7f00000001c0)="241583adb9c0e4af84ad45f3b04bad9a8c467bef02107cf578363a6e1499c2ea0b565238e96af2d86b", 0x29}, {&(0x7f0000000200)="431bd632d3a45c380fe4a8180fcafbf7a9409bfff72f9e049bc838c6bb62c0cac4450c806ba78dd9fffc2ae6e7c2781ae229322341e6dee19be34ae059bf39886c58497c2058bad2e2acf5890e4850d0eb7226774527e27b807e2a828b8496bb5cfa5c49e4ae8e05001b6a1bb52af5d0feaf795a84c6a0c39d90074635c020dcc2e7923ff14089332e0ad4f93bfd3b88a85366", 0x93}, {&(0x7f00000002c0)="fd53041e0bcb23cb5b3fc99e65e017857b1719acf90d3f55730000", 0x1b}, {&(0x7f0000000300)="dfdce98abc286fcfada6217c0dcb58ca11f9bdab42815fcee5c0e75db64c2533cf631a01db68b3aef4aba331ead6c48fb1f1e99170e64bf2caf18f61bae908cee83f97486619fe51264ecb3bf5aed52e030e2f74021527b58ed5d7f0eef19b3ae5f665d43baaf39b648ca15981379b7f046d23cd57764ee461c194d53be69bba9546a2c4a74cdbd3b851a3b5ccc5e2e1abaedbc62aecf8dbabc433ac80aaa7bc56bcac2c91a477d6c2a4a72b953fabdef254fd0f4c8d93123ce4894afc8b5ce3e37c444dafaa0074b2d910", 0xcb}], 0x7, 0x8)
close(r2)

[  151.513395] audit: type=1400 audit(1664121883.627:9): avc:  denied  { write } for  pid=3993 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
16:04:43 executing program 2:
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001080)='/sys/power/reserved_size', 0x20000, 0x12)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000001380)=ANY=[@ANYBLOB="01000000010000001800", @ANYRES32=<r2=>r0, @ANYBLOB="00100000000000002e2f66696c653000c19602cdebeefe7bd982f6d6062585dc3244a7eafb6b30636982fc1ad961ee738ce9c3e47b1bf759a515c152028fec74aa28b22aeeb4505b8c209143f647661c03179b5b5a6efb16e3fd8c04a205c2fb8b0c6b5d14319c4e9f5f5bda0983fb8dd133379815c2ca60ff3598ef171cb64c88667748c425ff184303a1bae28f5a985eda"])
getsockopt$inet6_mreq(r2, 0x29, 0x15, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000027f)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'sit0\x00', <r5=>0x0})
setsockopt$inet_mreqn(r3, 0x0, 0x24, &(0x7f0000001300)={@rand_addr=0x64010102, @broadcast, r5}, 0xc)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000001340)={'syztnl0\x00', &(0x7f0000001140)={'ip6tnl0\x00', r5, 0x4, 0xfd, 0x0, 0x3, 0x22, @dev={0xfe, 0x80, '\x00', 0x11}, @local, 0x7800, 0x2, 0x81, 0x2}})
accept$inet6(r0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={<r7=>r6, 0x0, 0x7, 0x20})
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f0000000040)={0x5, 0x0, 0x1ff, 0x7fff, 0x6, 0x279})
recvmsg(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/4096, 0x1000}, {&(0x7f00000010c0)=""/55, 0x37}, {&(0x7f0000001440)=""/200, 0xc8}], 0x3, &(0x7f0000001200)=""/217, 0xd9}, 0x302)

16:04:43 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000040), 0xb}, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000540)={0x5, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, '\x00', 0x2}}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
r1 = socket$inet6(0xa, 0x1, 0x0)
dup3(r0, r1, 0x0)
r2 = gettid()
rt_sigqueueinfo(r2, 0xb, &(0x7f00000002c0)={0x0, 0x0, 0x3})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000880)='/proc/slabinfo\x00', 0x0, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(r3, 0x4008f50a, &(0x7f00000001c0)={0x4, 0x5})
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x0, 0x80, 0x8, 0x7f, 0x0, 0xeb3, 0x90498, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0xfffffff8, 0x2, @perf_bp={&(0x7f0000000100), 0x8}, 0xc014, 0x8, 0xffffd03f, 0x6, 0x3, 0x1, 0x3, 0x0, 0x8, 0x0, 0x9}, r2, 0x7, 0xffffffffffffffff, 0x9)
openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x10000027f)
pread64(r4, &(0x7f00000003c0)=""/203, 0xcb, 0x7)

[  151.654686] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  151.858151] syz-executor.3 (4038) used greatest stack depth: 24344 bytes left

VM DIAGNOSIS:
16:04:43  Registers:
info registers vcpu 0
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff8880413f7698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000066 R11=0000000000000001
R12=0000000000000066 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0
RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f6389294700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2dd21000 CR3=000000001806e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f638be057c0 00007f638be057c8
YMM02=0000000000000000 0000000000000000 00007f638be057e0 00007f638be057c0
YMM03=0000000000000000 0000000000000000 00007f638be057c8 00007f638be057c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=8000000000000007 RCX=ffffffff816902ef RDX=ffff888015ef0000
RSI=0000000000000000 RDI=0000000000000005 RBP=ffff88800f256190 RSP=ffff888041a27640
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffff888041a27a30 R13=8000000040b36007 R14=dffffc0000000000 R15=0000000000000001
RIP=ffffffff81460af0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2de21000 CR3=00000000337a6000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000