Warning: Permanently added '[localhost]:44341' (ECDSA) to the list of known hosts.
2022/09/30 10:22:57 fuzzer started
2022/09/30 10:22:58 dialing manager at localhost:40535
syzkaller login: [   37.290248] cgroup: Unknown subsys name 'net'
[   37.386862] cgroup: Unknown subsys name 'rlimit'
2022/09/30 10:23:13 syscalls: 2215
2022/09/30 10:23:13 code coverage: enabled
2022/09/30 10:23:13 comparison tracing: enabled
2022/09/30 10:23:13 extra coverage: enabled
2022/09/30 10:23:13 setuid sandbox: enabled
2022/09/30 10:23:13 namespace sandbox: enabled
2022/09/30 10:23:13 Android sandbox: enabled
2022/09/30 10:23:13 fault injection: enabled
2022/09/30 10:23:13 leak checking: enabled
2022/09/30 10:23:13 net packet injection: enabled
2022/09/30 10:23:13 net device setup: enabled
2022/09/30 10:23:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/30 10:23:13 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/30 10:23:13 USB emulation: enabled
2022/09/30 10:23:13 hci packet injection: enabled
2022/09/30 10:23:13 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220929                                          )
2022/09/30 10:23:13 802.15.4 emulation: enabled
2022/09/30 10:23:13 fetching corpus: 50, signal 26084/27845 (executing program)
2022/09/30 10:23:13 fetching corpus: 100, signal 37347/40664 (executing program)
2022/09/30 10:23:14 fetching corpus: 150, signal 45027/49821 (executing program)
2022/09/30 10:23:14 fetching corpus: 200, signal 49599/55798 (executing program)
2022/09/30 10:23:14 fetching corpus: 250, signal 54618/62138 (executing program)
2022/09/30 10:23:14 fetching corpus: 300, signal 60454/69159 (executing program)
2022/09/30 10:23:14 fetching corpus: 350, signal 66674/76428 (executing program)
2022/09/30 10:23:14 fetching corpus: 400, signal 68819/79805 (executing program)
2022/09/30 10:23:14 fetching corpus: 450, signal 71797/83944 (executing program)
2022/09/30 10:23:14 fetching corpus: 500, signal 77607/90575 (executing program)
2022/09/30 10:23:14 fetching corpus: 550, signal 80800/94761 (executing program)
2022/09/30 10:23:15 fetching corpus: 600, signal 83282/98295 (executing program)
2022/09/30 10:23:15 fetching corpus: 650, signal 85726/101615 (executing program)
2022/09/30 10:23:15 fetching corpus: 700, signal 88125/104967 (executing program)
2022/09/30 10:23:15 fetching corpus: 750, signal 92634/110077 (executing program)
2022/09/30 10:23:15 fetching corpus: 800, signal 94714/113014 (executing program)
2022/09/30 10:23:15 fetching corpus: 850, signal 97624/116601 (executing program)
2022/09/30 10:23:15 fetching corpus: 900, signal 99267/119036 (executing program)
2022/09/30 10:23:16 fetching corpus: 950, signal 103479/123611 (executing program)
2022/09/30 10:23:16 fetching corpus: 1000, signal 105643/126435 (executing program)
2022/09/30 10:23:16 fetching corpus: 1050, signal 107461/129048 (executing program)
2022/09/30 10:23:16 fetching corpus: 1100, signal 108864/131221 (executing program)
2022/09/30 10:23:16 fetching corpus: 1150, signal 113015/135580 (executing program)
2022/09/30 10:23:16 fetching corpus: 1200, signal 116598/139406 (executing program)
2022/09/30 10:23:16 fetching corpus: 1250, signal 118220/141668 (executing program)
2022/09/30 10:23:16 fetching corpus: 1300, signal 120521/144401 (executing program)
2022/09/30 10:23:17 fetching corpus: 1350, signal 121921/146384 (executing program)
2022/09/30 10:23:17 fetching corpus: 1400, signal 124297/149048 (executing program)
2022/09/30 10:23:17 fetching corpus: 1450, signal 125182/150599 (executing program)
2022/09/30 10:23:17 fetching corpus: 1500, signal 127161/152954 (executing program)
2022/09/30 10:23:17 fetching corpus: 1550, signal 128321/154672 (executing program)
2022/09/30 10:23:17 fetching corpus: 1600, signal 129545/156376 (executing program)
2022/09/30 10:23:17 fetching corpus: 1650, signal 131053/158269 (executing program)
2022/09/30 10:23:17 fetching corpus: 1700, signal 132264/159923 (executing program)
2022/09/30 10:23:17 fetching corpus: 1750, signal 133781/161795 (executing program)
2022/09/30 10:23:18 fetching corpus: 1800, signal 135103/163498 (executing program)
2022/09/30 10:23:18 fetching corpus: 1850, signal 136556/165205 (executing program)
2022/09/30 10:23:18 fetching corpus: 1900, signal 137791/166794 (executing program)
2022/09/30 10:23:18 fetching corpus: 1950, signal 138614/168034 (executing program)
2022/09/30 10:23:18 fetching corpus: 2000, signal 140051/169771 (executing program)
2022/09/30 10:23:18 fetching corpus: 2050, signal 141332/171322 (executing program)
2022/09/30 10:23:18 fetching corpus: 2100, signal 142530/172769 (executing program)
2022/09/30 10:23:18 fetching corpus: 2150, signal 143515/174095 (executing program)
2022/09/30 10:23:18 fetching corpus: 2200, signal 145472/175985 (executing program)
2022/09/30 10:23:19 fetching corpus: 2250, signal 147309/177722 (executing program)
2022/09/30 10:23:19 fetching corpus: 2300, signal 148097/178882 (executing program)
2022/09/30 10:23:19 fetching corpus: 2350, signal 149187/180193 (executing program)
2022/09/30 10:23:19 fetching corpus: 2400, signal 150794/181833 (executing program)
2022/09/30 10:23:19 fetching corpus: 2450, signal 151976/183155 (executing program)
2022/09/30 10:23:19 fetching corpus: 2500, signal 152531/184050 (executing program)
2022/09/30 10:23:19 fetching corpus: 2550, signal 153831/185341 (executing program)
2022/09/30 10:23:19 fetching corpus: 2600, signal 154656/186432 (executing program)
2022/09/30 10:23:19 fetching corpus: 2650, signal 155574/187538 (executing program)
2022/09/30 10:23:20 fetching corpus: 2700, signal 156887/188789 (executing program)
2022/09/30 10:23:20 fetching corpus: 2750, signal 157672/189764 (executing program)
2022/09/30 10:23:20 fetching corpus: 2800, signal 158793/190873 (executing program)
2022/09/30 10:23:20 fetching corpus: 2850, signal 159858/191962 (executing program)
2022/09/30 10:23:20 fetching corpus: 2900, signal 160602/192861 (executing program)
2022/09/30 10:23:20 fetching corpus: 2950, signal 161457/193834 (executing program)
2022/09/30 10:23:20 fetching corpus: 3000, signal 162806/194982 (executing program)
2022/09/30 10:23:20 fetching corpus: 3050, signal 163719/195907 (executing program)
2022/09/30 10:23:20 fetching corpus: 3100, signal 164398/196705 (executing program)
2022/09/30 10:23:20 fetching corpus: 3150, signal 165161/197531 (executing program)
2022/09/30 10:23:20 fetching corpus: 3200, signal 166048/198410 (executing program)
2022/09/30 10:23:21 fetching corpus: 3250, signal 167032/199301 (executing program)
2022/09/30 10:23:21 fetching corpus: 3300, signal 167577/199992 (executing program)
2022/09/30 10:23:21 fetching corpus: 3350, signal 168462/200837 (executing program)
2022/09/30 10:23:21 fetching corpus: 3400, signal 169008/201529 (executing program)
2022/09/30 10:23:21 fetching corpus: 3450, signal 169679/202290 (executing program)
2022/09/30 10:23:21 fetching corpus: 3500, signal 171076/203253 (executing program)
2022/09/30 10:23:21 fetching corpus: 3550, signal 172044/204076 (executing program)
2022/09/30 10:23:21 fetching corpus: 3600, signal 172710/204766 (executing program)
2022/09/30 10:23:22 fetching corpus: 3650, signal 173508/205519 (executing program)
2022/09/30 10:23:22 fetching corpus: 3700, signal 173953/206124 (executing program)
2022/09/30 10:23:22 fetching corpus: 3750, signal 175126/206915 (executing program)
2022/09/30 10:23:22 fetching corpus: 3800, signal 175509/207434 (executing program)
2022/09/30 10:23:22 fetching corpus: 3850, signal 176566/208188 (executing program)
2022/09/30 10:23:22 fetching corpus: 3900, signal 177443/208869 (executing program)
2022/09/30 10:23:22 fetching corpus: 3950, signal 177984/209429 (executing program)
2022/09/30 10:23:22 fetching corpus: 4000, signal 178685/210068 (executing program)
2022/09/30 10:23:22 fetching corpus: 4050, signal 179269/210612 (executing program)
2022/09/30 10:23:23 fetching corpus: 4100, signal 179825/211117 (executing program)
2022/09/30 10:23:23 fetching corpus: 4150, signal 180674/211701 (executing program)
2022/09/30 10:23:23 fetching corpus: 4200, signal 181486/212249 (executing program)
2022/09/30 10:23:23 fetching corpus: 4250, signal 182548/212852 (executing program)
2022/09/30 10:23:23 fetching corpus: 4300, signal 183162/213338 (executing program)
2022/09/30 10:23:23 fetching corpus: 4350, signal 183790/213795 (executing program)
2022/09/30 10:23:23 fetching corpus: 4400, signal 184312/214253 (executing program)
2022/09/30 10:23:23 fetching corpus: 4450, signal 184841/214663 (executing program)
2022/09/30 10:23:24 fetching corpus: 4500, signal 185393/215111 (executing program)
2022/09/30 10:23:24 fetching corpus: 4550, signal 186147/215597 (executing program)
2022/09/30 10:23:24 fetching corpus: 4600, signal 186591/215970 (executing program)
2022/09/30 10:23:24 fetching corpus: 4650, signal 187171/216419 (executing program)
2022/09/30 10:23:24 fetching corpus: 4700, signal 188625/217001 (executing program)
2022/09/30 10:23:24 fetching corpus: 4750, signal 189196/217391 (executing program)
2022/09/30 10:23:24 fetching corpus: 4800, signal 189956/217772 (executing program)
2022/09/30 10:23:24 fetching corpus: 4850, signal 190552/218125 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/218464 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/218746 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/219071 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/219357 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/219667 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/219927 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/220214 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/220498 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/220794 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/221055 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/221322 (executing program)
2022/09/30 10:23:24 fetching corpus: 4872, signal 190746/221568 (executing program)
2022/09/30 10:23:25 fetching corpus: 4872, signal 190746/221568 (executing program)
2022/09/30 10:23:27 starting 8 fuzzer processes
10:23:27 executing program 2:
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x9}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4c040}, 0x4)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x400, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_MIN_BE={0x5, 0x11, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x10048)
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000005}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0000c0}, 0x20000000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r3, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8020}, 0x4001840)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wpan4\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r5, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x40, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r2)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r7, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r8, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x20}, 0x1, 0x0, 0x0, 0x2000}, 0x20020051)
r9 = syz_open_dev$vcsu(&(0x7f0000000740), 0xa8, 0x12040)
sendmsg$IPSET_CMD_LIST(r9, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x24, 0x7, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x6}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4008000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r7, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0xb0, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gre0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r10, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10021130}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x34, r8, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)

10:23:27 executing program 1:
ioctl$TIOCCBRK(0xffffffffffffffff, 0x5428)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x18)
fdatasync(0xffffffffffffffff)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x8}}, './file0\x00'})
ioctl$TIOCL_BLANKSCREEN(r1, 0x541c, &(0x7f0000000080))
fadvise64(r0, 0x2, 0x6, 0x0)
ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f00000000c0)={0x20, "87443ef5fbf3fdb538bb5f756db5eb6988261c9705e73eb62b7649ed7a70109792059dfde992a7b3d86e310bda5498635474278205f7a7c6939c879b7fdd3460fb69f24c9ccb8b9a30a11e4515d579f19b81820613447a852710328934bb0505c9b465f52c813a8bde0f718bf0c1934fd2bdf1a3a7c56253c55bf19a512dec85e8d190582f51e966394cda10cc1341d06a37f471998e3f5354b4ffa4f6e955f94242c71e83fd99386992f092b96a912a0d31685b51c1c7b1ea6e37fdb3b544371a85d5506cecdb6bcab7ff9208a60c450b8ead6d66e8a3940b2fa7aa8684b3f967354fa8e8cb73543e12717b2109eed1d08563ac07b695788f5a40036327779593ef9246359a6e894c6f6b7afa5cec3d6c11cca77effbd3d2595593d23f19557ac3a7c362e2d28e248d0a0d24524dda8b0b03a687867cdf24857cb76a5c529f4944c3ac49f78637120eccb4fd6e847ad573896647681ab6259ff0a886e295ea9860549df6a16d484339de896b1faeff3f3559331870c0011d84187b951226f088a12eea230d8481da88e3153cac65c33fb49d07c98d2634aa28a54b67f34bff407ddc18b99dc9b4abf7a077729b4b0a0cb3b9e845c8356a8599f7a8d367846051a63a1dba446952f225303766cc4030dc81a9831ce7762d9920fc13e516ec0eb136a7b0e6fea56478e3eacfcd573b6fd463af975a0ca02c5f13a40117d69daaf"})
r2 = pidfd_getfd(r1, r0, 0x0)
ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000300)="20602f51803b8cb04c2ac12285bc394d9969ca5fe90c23bfedb372df0d46019f914e8d7ec9d7a96a0a4dd28a9d893c76214d852338e3b1d9fc1b09ed2461d455653375f7575d18ba8dca3b6a1e241f92cef1962e91577337e4")
process_mrelease(r2, 0x0)
recvmmsg$unix(r1, &(0x7f0000006b00)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000380)=""/129, 0x81}, {&(0x7f0000000440)=""/83, 0x53}, {&(0x7f00000004c0)=""/46, 0x2e}, {&(0x7f0000000500)=""/128, 0x80}, {&(0x7f0000000580)=""/97, 0x61}], 0x5, &(0x7f0000000680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}, {{&(0x7f00000006c0)=@abs, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000740)=""/185, 0xb9}, {&(0x7f0000000800)=""/177, 0xb1}, {&(0x7f00000008c0)=""/39, 0x27}], 0x3, &(0x7f0000000940)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r3=>0xffffffffffffffff]}}], 0x50}}, {{&(0x7f00000009c0), 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000a40)=""/38, 0x26}, {&(0x7f0000000a80)=""/137, 0x89}, {&(0x7f0000000b40)=""/208, 0xd0}, {&(0x7f0000000c40)=""/195, 0xc3}, {&(0x7f0000000d40)=""/3, 0x3}, {&(0x7f0000000d80)=""/46, 0x2e}], 0x6, &(0x7f0000000e40)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000000e80), 0x6e, &(0x7f0000003140)=[{&(0x7f0000000f00)=""/4096, 0x1000}, {&(0x7f0000001f00)=""/78, 0x4e}, {&(0x7f0000001f80)=""/25, 0x19}, {&(0x7f0000001fc0)=""/4096, 0x1000}, {&(0x7f0000002fc0)=""/6, 0x6}, {&(0x7f0000003000)=""/138, 0x8a}, {&(0x7f00000030c0)=""/85, 0x55}], 0x7, &(0x7f00000031c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000003240), 0x6e, &(0x7f0000004740)=[{&(0x7f00000032c0)=""/141, 0x8d}, {&(0x7f0000003380)=""/63, 0x3f}, {&(0x7f00000033c0)=""/8, 0x8}, {&(0x7f0000003400)=""/156, 0x9c}, {&(0x7f00000034c0)=""/170, 0xaa}, {&(0x7f0000003580)=""/226, 0xe2}, {&(0x7f0000003680)=""/4096, 0x1000}, {&(0x7f0000004680)=""/64, 0x40}, {&(0x7f00000046c0)=""/124, 0x7c}], 0x9}}, {{&(0x7f0000004800)=@abs, 0x6e, &(0x7f0000004a40)=[{&(0x7f0000004880)=""/124, 0x7c}, {&(0x7f0000004900)=""/231, 0xe7}, {&(0x7f0000004a00)=""/42, 0x2a}], 0x3, &(0x7f0000004a80)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}}, {{&(0x7f0000004b00)=@abs, 0x6e, &(0x7f0000005f00)=[{&(0x7f0000004b80)=""/53, 0x35}, {&(0x7f0000004bc0)=""/108, 0x6c}, {&(0x7f0000004c40)=""/123, 0x7b}, {&(0x7f0000004cc0)=""/4096, 0x1000}, {&(0x7f0000005cc0)=""/201, 0xc9}, {&(0x7f0000005dc0)=""/40, 0x28}, {&(0x7f0000005e00)=""/198, 0xc6}], 0x7, &(0x7f0000005f80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}, {{&(0x7f0000006040)=@abs, 0x6e, &(0x7f00000062c0)=[{&(0x7f00000060c0)=""/149, 0x95}, {&(0x7f0000006180)=""/169, 0xa9}, {&(0x7f0000006240)=""/77, 0x4d}], 0x3, &(0x7f0000006300)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r4=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa8}}, {{&(0x7f00000063c0), 0x6e, &(0x7f0000006980)=[{&(0x7f0000006440)=""/80, 0x50}, {&(0x7f00000064c0)=""/106, 0x6a}, {&(0x7f0000006540)=""/198, 0xc6}, {&(0x7f0000006640)=""/242, 0xf2}, {&(0x7f0000006740)=""/6, 0x6}, {&(0x7f0000006780)=""/181, 0xb5}, {&(0x7f0000006840)=""/17, 0x11}, {&(0x7f0000006880)=""/223, 0xdf}], 0x8, &(0x7f0000006a00)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc8}}], 0x9, 0x2, &(0x7f0000006d40)={0x0, 0x3938700})
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000006dc0), r2)
sendmsg$ETHTOOL_MSG_RINGS_SET(r5, &(0x7f0000006e80)={&(0x7f0000006d80)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000006e40)={&(0x7f0000006e00)={0x1c, r7, 0x400, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x40680c4)
ioctl$CDROM_TIMED_MEDIA_CHANGE(r6, 0x5396, &(0x7f0000006ec0)={0x1004})
r8 = openat(r5, &(0x7f0000006f00)='./file0\x00', 0x10000, 0x1)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f0000007080)={&(0x7f0000006f40)={0x10, 0x0, 0x0, 0x40001400}, 0xc, &(0x7f0000007040)={&(0x7f0000006f80)={0xa4, r7, 0x0, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000000)
ioctl$TIOCEXCL(r3, 0x540c)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000007580)={&(0x7f0000007100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000007540)={&(0x7f0000007240)={0x2f8, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x401}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x4}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1fc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xb2, 0x4, "6afa825a55a826e5981e6ebcbc3164f2d84d35ff9fef2c8848b1981eb57c2b265c546b55bf3082521d76a0d65a4a65f1be2acc891d81cc752f62ba2e76e20cd74e38ee49b7089f0f7474b5c6ca462f94057af6104458808e62ef15061163c3e95e86d60a12b7cf0de38b3476973a95cfbc3839a40a22eb5c9779dd775c5dc0df09cc1e819ff4f775d8acb4cc7da18b08896788ed01f9c849a1e33acb7d135e6608430da2d10a9690901a4a14cdc0"}, @ETHTOOL_A_BITSET_MASK={0xae, 0x5, "fb4febf8f7d9f9c2d4e8807717e14f3d50f28f0f3d41b3c80fef58b38c530f93cf1c6b190d9317876d17c6a9e066e79b82003aa9e060c2e2d2f0b0e57704abb6a3f1ce26e715dd995f2fd652edb1d939430e62737366001d60775b5aabc890409fb5fe51937f51d461b7fb7d981f46eea2b7bcf4a7032337e66143f565049e3ba6c29452aba2b23bdfbf4a3292d4dc41701659b3d0683bc72c7d9bd42eba156c074545b12de5587c4367"}, @ETHTOOL_A_BITSET_BITS={0x24, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ']\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_BITS={0x70, 0x3, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1f}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x21}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}]}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x20, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x17, 0x5, "5354f9e0a16725ec2a38e96d47783423cab2da"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}]}, 0x2f8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

10:23:27 executing program 0:
r0 = request_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='*\x00', 0xfffffffffffffff9)
r1 = add_key(&(0x7f0000000140)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1)
keyctl$read(0xb, r0, &(0x7f00000001c0)=""/158, 0x9e)
r3 = add_key$fscrypt_provisioning(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)={0x1, 0x0, @a}, 0x48, r0)
r4 = add_key$fscrypt_provisioning(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x0}, &(0x7f0000000400)={0x0, 0x0, @b}, 0x48, r1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000480)='cifs.spnego\x00', &(0x7f00000004c0)=@keyring={'key_or_keyring:', r3})
getresgid(&(0x7f0000000500), &(0x7f0000000540)=<r5=>0x0, &(0x7f0000000580))
keyctl$chown(0x4, r1, 0xee00, r5)
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f00000005c0), 0x501002, 0x0)
recvmsg$unix(r6, &(0x7f00000008c0)={&(0x7f0000000600)=@abs, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000680)=""/62, 0x3e}, {&(0x7f00000006c0)=""/90, 0x5a}], 0x2, &(0x7f0000000780)=[@rights={{0x20, 0x1, 0x1, [<r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x120}, 0x2)
r9 = add_key(&(0x7f0000000900)='id_resolver\x00', &(0x7f0000000940)={'syz', 0x0}, &(0x7f0000000980)="4514aa25a8a6efaf0cba50969127e8f42775c8efd3c22e0d0826da9a32427a70ffdb3baa67e09250741fab577304505def0d3f5cb7f81c196e4be51830dcf80201bbb3bb21f23dbda39c5339d7240b5b99ed6288b78bd4b9d625628edba06e4e1ee4d52a03d74da7e2c7a181a25ef1eb30bb7214889a34a4dcb3b4666f6144fecd2c221b60a85c7197ca406c16f639719119f17e870a627b2092d59cece018d6e57b9455f5c76f00821e02213cf70f351fb35e6634", 0xb5, r2)
keyctl$restrict_keyring(0x1d, r9, &(0x7f0000000a40)='blacklist\x00', &(0x7f0000000a80)='[*}]}$)\x00')
r10 = add_key$keyring(&(0x7f0000000b40), &(0x7f0000000b80)={'syz', 0x3}, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000ac0), &(0x7f0000000b00)={'syz', 0x2}, 0x0, 0x0, r10)
add_key$fscrypt_v1(&(0x7f0000000bc0), &(0x7f0000000c00)={'fscrypt:', @desc3}, &(0x7f0000000c40)={0x0, "626cd5ab6a451c60c81ef3799ea445c60b09b5d716ea939244ceaa794f43dc65075b741f90354cb7620694e18058d26adff55d9586591244c484691f66c66fdf", 0x20}, 0x48, r9)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r7, 0xc0189379, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, <r11=>r8}, './file0\x00'})
dup2(r11, 0xffffffffffffffff)
add_key(&(0x7f0000000d00)='trusted\x00', &(0x7f0000000d40)={'syz', 0x2}, &(0x7f0000000d80)="c0ee04b22da6b935a8f32f4ec4c92c84d4e1d2dade7632449da954ac3db7724063242fbb9bab85329f3982f344938c1a98bbb6caf865501feb804c6c7677c9c642188248bc637a233b05e10f5da33003de63b6414281aea46fc792ded4bcefab301d838dfcc3a69a47215e1639f610da2b6ebdbbfe7bbd0a29f91773ed5cb9066b86db80d5a6e0a955a7", 0x8a, r1)
syz_open_dev$rtc(&(0x7f0000000e40), 0x0, 0x6a400)

10:23:27 executing program 4:
r0 = syz_io_uring_setup(0x3efb, &(0x7f0000000000)={0x0, 0xc20d, 0x4, 0x2, 0xd4}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_io_uring_setup(0x44c3, &(0x7f0000000100)={0x0, 0x5365, 0x2, 0x2, 0x16e, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
fallocate(r2, 0x61, 0x9, 0x7)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000006, 0x810, 0xffffffffffffffff, 0x8000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r3, r1, &(0x7f0000001680)=@IORING_OP_RECVMSG={0xa, 0xc65ce0d9d83ca856, 0x0, r4, 0x0, &(0x7f0000001640)={&(0x7f0000000200)=@hci, 0x80, &(0x7f00000015c0)=[{&(0x7f0000000280)=""/57, 0x39}, {&(0x7f00000002c0)=""/223, 0xdf}, {&(0x7f00000003c0)=""/234, 0xea}, {&(0x7f00000004c0)=""/44, 0x2c}, {&(0x7f0000000500)=""/85, 0x55}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/53, 0x35}], 0x7}, 0x0, 0x40000100, 0x1, {0x1}}, 0x6)
renameat2(0xffffffffffffff9c, &(0x7f00000016c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000001700)='./file0\x00', 0x6)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000001, 0x50, r2, 0x8000000)
syz_io_uring_setup(0x66b6, &(0x7f0000001740)={0x0, 0x26d3, 0x1, 0x0, 0x18c, 0x0, r0}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000017c0), &(0x7f0000001800)=<r6=>0x0)
r7 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000001840)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd=r7, 0x0, 0x0, 0x9, 0x1, 0x0, {0x0, 0x0, r4}}, 0x1f)
fchown(r7, 0xee01, 0xee00)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000018c0), r4)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000001a00)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000019c0)={&(0x7f0000001900)={0xac, r8, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r9 = syz_io_uring_setup(0x4375, &(0x7f0000001a40)={0x0, 0x499, 0x20, 0x0, 0x7f, 0x0, r0}, &(0x7f0000ff2000/0xe000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000001ac0), &(0x7f0000001b00))
r10 = epoll_create1(0x80000)
sync_file_range(r10, 0x7, 0x0, 0x2)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000001b40)={{0x1, 0x1, 0x18, <r11=>r2, {<r12=>r9}}, './file0\x00'})
syz_io_uring_submit(r3, r6, &(0x7f0000001b80)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r12, 0x0, 0x0, 0xf, 0x0, 0x0, {0x0, 0x0, r0}}, 0x3)
sendmsg$SMC_PNETID_FLUSH(r11, &(0x7f0000001cc0)={&(0x7f0000001bc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001c80)={&(0x7f0000001c40)={0x2c, 0x0, 0x403efc060b4ed7f7, 0x70bd2d, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000801}, 0x40)

10:23:27 executing program 7:
ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f0000000000)={{}, {@val, @max}})
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f00000000c0)={{r0}, 0x0, 0x10, @inherit={0x58, &(0x7f0000000040)={0x0, 0x2, 0x3, 0x7, {0x14, 0xff, 0x1, 0x8, 0xffffffff}, [0x10001, 0x3]}}, @subvolid=0x80000001})
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000010c0)=<r1=>0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000001100)='./file0\x00', 0x20000, 0x9)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x50009417, &(0x7f00000011c0)={{r3}, 0x0, 0x7c085c3b30c8a12e, @inherit={0x60, &(0x7f0000001140)={0x0, 0x3, 0xeb, 0x7fffffff, {0x10, 0x6, 0x2d, 0x8001, 0x7}, [0x556, 0x10001, 0xe2]}}, @devid})
r4 = syz_open_pts(r2, 0x4000)
dup(r4)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000021c0)={<r5=>r3, 0x7, 0xffff, 0x7})
ioctl$BTRFS_IOC_SNAP_CREATE(r5, 0x50009401, &(0x7f0000002200)={{r0}, "bc796ad4c09b9de9ce8ad5b417db70d4e1a8610c6d09e812db84fd728847a533156be94aefec281e0cc9e4c4a50c0e75e236a81e488826897ac7a61e82b8bc5631e7eb65e79c462f17e1f05cfae249580e19f9230f9098bfbf8495878ba5cb316d970b29a90fd412c49ff21f01fc5a6b9735060d217c0213bdf8a5e66f3898f173fcb99c00a97f498150dfae9e17f9a6a62a2f6d1ddb07052dfc0c92d4ce8a7c5fe0343625526b7194b9ec7563b69725f24c310f690b6149bd729873ea2388693001f47e76cbcf5c3737b9cad6a138a2802c5c81df8f22440699c693ea0f47748c0f12ee323bcee8c2697ba404a326b7ea0d8f270371ae964e79bb25bd29fd03940a72ab24eeeae50ff0e68c70dbdc82a1a4b46b330656a4b437097f1d832efab078e1a3cb0ac4dca3b367bff418f6aaafc3b34779443f9e23c8a2ec4016a05c110acf1f9a723924ab206c61e8a15bb73f58b8ede3d153fb30062b9b855b43723285648e2b3505884a25ef7a6401dc38c1db495d9ff314f0b30b48e4f4e77aa5a31133ed727941cebac22734bc6d2de4c5d96150b9b7f1e45f92c8c4a56a37daabab04ced8247bfe724e00c34f1ad126d0f90c7a2329cb38a2d51365c344946af877668bd17b919dcd2314ed0cb98db9ca52b226c8d43783348b30918c185e731559a346d52ddb9af9e47eac153eaf8718c3f05dfa3533fb40d73b1250543bc77e39a08b4b48e01a8009dbc6c2fe60e8334b164a603f985324ab067b20691d9b13bc63115ac132c3ffabba710b82aa5409e83f349ca38e7fc5f40c0c6f7f000a0f985ac767653222209987077600e785c64ad7bc8c3c0c174135fe6e8687251731a92d798881bb218605bb4376f630251a9391d1971347e00d479778c20a34f2a3aa263849c71221ba97cfedf0035c5cdb4b307b759802bc9561e1a9ec78c35fccb13f49ed00e608c650eec3a6eec245f4a4cf145f70e33a8207d68b691b4c3fbddc22b68af73b90d895f515611db02c9ffe848707d38e4e96730a8425a4aa00b584eeb3cf481db8d4133acea986bf059d44c6c122dd3308970676527a9fbb0f674cf916b066a7c7b52d4d9fc8e87a2e13af480997ac919d8c197dc6e94b6891e927ca8c152f9ccf8bdd76dc1c580b9ec8703d42a07d05385cc63ea48152f637631bd671706b8c50e9419911af9637eb189fc05e3916fb819bdbbe453074047b9038f5fbaa77211c0828c26f4a6309c6bbe515607fdf256f588f85d8c7a5f0e09efb365ddb5cefea9475078b90b8b4e4b557f29f7d896535e95c84100491606d66aa6bcaeeafbcaedd01c2c94b473003b8849e221b40fc170ff2ec741eea61f4cb5833fa4964f92e5f72823b8d45530e1b063ac2a99ee8ee9c2079eafddbc2533ed3ecf70149a24911bea7c7f1538970da16d4a86ac12d7d4b9cd7df38e0616bb0a2139ee59ddba65697c9c66d4cc68c0874c61c3f7c9f499dc89210e45d5372a57a3a1a8428495fc1a006897f770432e39c4e92614db3d05abb6f03f47acb21f76bb613707c18ff1dda7253e330d90efa5479d1a6a466cc282553ea65eb5eb524b82a0ba619307c8a77a28144915c37c7a683563b43cb46c80ea4e2d867ff1d831ff76f22b2a3251b1301905a72f9f9c8dd30d30069dcb5dfa181770b91c2c47d101e5904afac86ce7164fa10eb1626b83d67f707fbc7fee3dc704950705f61ace5fd27a4d662821dca36636a4e107b885d29cb0e91450775f7ea4445c238f7b8413f8389bbbfa2866b0d6aee59389e9f6e4f628f040537aaf267943fb5b35521195fc1a851caf3ce3a5f7ecefb26551080b6720fc8d85eae2d2332e1b98c83682b2a50147a0c77df93ddf42e958af3712a0142ee1377e0d2cc242c2e2a77b9b7d2501eda7f0587e4958a1889b47f6966bd2cd9f0a384af05932dedf39e3f415af46a29374e6b1bfa75c51cd2df1972656dc1c1b738b6bc95073d8cccac22465f91339986d71256233eeac03be406c78dc06298ec28eaffec59b882e351a95d159f4ea03e8dbac6f778b2310d437cda633d6f576f003047628cb6946e1467a65fad39126f2917d027a64bbbac5a371b47c1457d07c946bb12a2a3fd085b2fae77bfba0528fe7cd97c7d837bfcfaa6ee4fabe0bd0deff1a8ff0a7b12fb4ec79e490a383d124cb2e2386dbbb3dc70b86bdac03c7b01a468d9e6baae7e692feff2ad437b00d609f638d13068b07835c7a78aa2edd4eefc69a897597edacff1e8c8c65d21038b905c889e7a931680b79a52d08b7abbdf08fc5124bc74c2f9eb1f300b795c1277cc4adb46cf599b39b92a48b52111a9a5d69709e38d85aa7a2652bfec9f8746ea0198785d9c91bd03d0df06e2ad2494e639a86d129242df3b0705fd3344d4d214042708da5fad9bb2bc60a4b28e70f545a45ae2eb4a62181c6cf8a0938d4816719f7cbbbf040dfa25ca4c2f4ce20474553a6fdfdecb882323ab78ba3a3e30682faaef61ce1333fe6f0255f78ba892bb6f04b35b7bfef48e0cbfbe23fe6d04e56cb975c01963058cfe127580dcb0023f38d94b96bfa9b60c243bd26450d8e8e151632786a31c1d19cc79ab784fd70f8a911c106c2fbb74ad72b02c80e9ca267790ae9fef14a5c46c340790873715c0b10790c7077b060fd3cb330dbc6c304d230daafccb8b843a42bd20402fb1c2ec6bdb4f2bf8086a013a54c53d9374e0722524b14e779cc181b43f0419c3e9ede2755961e26b4482c9bfe87b8a96d833cbff13ebc08c029cabcc94ba706bbb601dc57698b32d9b084ca03af2feba981cb7a843b0c05458b16734f736de5d0e544f004e285c12c2fd91daa74710abc0807b8a4c6791921ec98cc4082973067b9cd61d901aaadbba8796164f19606a97da49d14829caaad32d2f02d1889a21616ec574e59d01d74cd0f773a165b8d52e16c2716850a9723c0a6462675c5619269655efaa971e3929461a2675fc2822370adc37880ef58ceab23771a8199e7b2bca87346681569ff990b8bfbbfca6d9926f53d2fdb973007437b9eb43839ee77da9ab4ec87683e2853902a472ad13ee732dc2c375d287fc28711a7a701c6dc73662b460228d5ae6d11a9c51a528cddf210bf16d05b6ea80e5d798497782ce5a2153efab07103ce449765fa5b7b3eb7be517729592c074fafdf4a3865a653bb4dca9c55d7fdbbaa3e2de5be25a4af5cafd959b3902e6a0baae54bb95aa864df359e41462c3f4d4a42560a8c7cb0e26a64a506eeb21b822843a682349d3afbd12f908d08e76a20cb6f535454c6eca292dafa98436146258c0dc5acb1d3eed9405b7328b17abd72f883ec52e870ee017905857fe85999af8ed4d5c448a28caf3b4cbcac54b3c3c69708bde414331663c9de930aff4eddc417002ff1cb6d2307d828a94af8bac494f32a92b44dd2716e7efc0658afcb2effc26ffa353cf1d1d2563c582b754df853eb7b89d1f8d2a9c9c57925dd9440fc27c6e8b9587d15935b004f5e1bcf8fecdbe6586f5ab637c853f3a8a6e76fc5503dbc86984b91cc6f8e39c3ed1834de4bdb87d64fe2ff84c97f8af944eceea0ece53576563929be7740ddfb8df0bf59be451e53d7714a311341c262725e3274d8481d640d12c3c823b7ae1066816e484d5e6be8d86085d3bd16a552eb1b1143f36f764685d6a3d834d283782ffaad35e70741bbe6d3472654f99558533bcd77f3d6a4d51ca8936b081e6922d2f748ea04375b374e37394a389358b8e149b0e7507e73d9ebae013cbcb889e0cafa49491efb38e40fa72bd1c8a05ab994d0518db56bc8b3d0e8dac3a7d2f0e8516553594d128256d19cac8cb46405d6da2ba3f62d412296aef0ec7a6c918c8211a9140c6666176fe435542ceff0f427448b3bab272cd339d40e0eee71b6dbde336bd3e72d9e661026b282bc9d9e657ca0195f81f6cbae1ee7f799f14b95f2f1149aff17768b4247202b538c3b4542eeaa94d10ac856537bdd5c18c26df8f3e7916d1eb388a69ca4d9f76e3f06db760f978fea8a5f8cfe3b3310d63c3778646fff40e30f0f9d9d943c43fc587781726cc1d39adbaff2b236f7903dff8b343f3399a9580cc53e18fadfa925445d72831e39b1a9647c2c8af1b972c4643609b2f945fa211b182bedd73e3074fdef5f9384790e5b8f6eaaf90e90c18b1abb090bddd2465b1f00bdefb516b969c8c510e8865849beecf8dbf7582b2a3f393bffa0b2733eef67ccc459d07ab33402ee36701f8d10e7e1c07d664751bfa27724b8299d624d45f0302a5775ee21e0704cf0a2d236e33702e6e00e505553a4649ef3cacda8155747e5e23737e0d0ca43cb111f18ceb8ebeb3f4d740b9f9d30e6d74b94910a7a24bde6aebec2d68393d11661919adf01227ee1452d24f06bc3ddcd40af6317cc5e2665d7534e2e32959fabb261a95cede1cfe44503f3dd55f27399458d005d713d4910ce4689a841c141415d96a181dc2e3044d2a2160d9371490bfb82e99f9809f6b2d80553624f56818aeb5cae04574e147a8e7263add218a9c072c7c38f26344296b056efe1e7e7d01440616f19afbe4ee5a5830c5daa1471e73e43bb8da123b3244403359f546467cc94a8920c34164fd630ae358e8bfff0bb78173b19c65a06dd096175ee8d816b178f61be7dc3cb0b5c08ee286ec8e588534dd904378a3c74156946dffcf1e068c894caa4f94c1b84990878d638dd4b26d5479320c1d2b5424146bd5840f3ba20e7db62e92c36155bdab9d882c0e5720597f23fd506b2f8400d576543d77318617c22bd5f7c774e54f203f64b35b823e1259eb386444bf5685b368c241f30d23db8dc3427a52e8bf59f744a13e5b1043f3a3535380ea08fa6e6d1877c1d7bd2782481fb2a697a126973b1034874387b8df9ef5b5bfee7665db21822aea7aa3a803b42df999719f1e43558e75e701fd7630443740b0871ac738cfea062a572fe61e46a4c7d7d2705afefaf45ccb853b8aa718f8dee8c3d5f2e6bc407dc75f389ef405efc90497555c8a1d607f23779a84c74235d43f4c8d2cbb94bbdf4d1c881ba993bd4314df67725400cc161fa3c2b1c5869574dd3d8b3e858e2d8e3996cd0395d55672031a9c475cfb78e1f07e36aeed91178d52662365576223fb6a4a155bef63ac466c83db5df300ba7baa78bd7b75536f05564c3bf2437393bd71bfffbfef244b7724f203724b5cf322bb15017b9795d7d3e91c9ec72944e3710a779922a90dbc01439311f70ec140677d7d1499fc8d3e512e6c7a07830d6ff217b09c827406b98a839e0b75a92b61c0004aa1dd3d5b8433d0ad46312a28bd28f90415118c0aaf505d726b1f1562f14be0616cbfa6d7743dc05871dc877f502b81c1ed54385de2d8235da41c9bcee27b5be9ead5a5208127bb68db7ec8908c5e9da2f49bc8cd58276e3b307b8714c481b9ef63a68e8dcf751d271a99b79534250c66ea3f7b100fb6371ea289a18f728677f995d9ba1649070e69bb0a17f213d7cac994e827e4adfe698e17d925e544a9e7f9a39b90ccf3f0bf0f4a1cb4876eba4bc87e4905c2fdbe9a18058483ca01f64b46716d14695657954f462887b7327731f7b710f94dc369974b715b72c7cd0f7f6198f2a1cc0b0d6c731811cc85167edeaf032b5c27623518a352ca28c371234e9aefafdc5f3f1dcf42f4902812eda2b30d6d7d6b019eff86b96c9f286ecafc840a4709b4e05d303a666cd98d2dd9b3229e89ee08c5891bd5627e091797b3d76e087accf22d12a2c699c27f3e1ef8cc"})
r6 = syz_open_dev$vcsu(&(0x7f0000003280), 0x6, 0x28000)
r7 = perf_event_open(&(0x7f0000003200)={0x5, 0x80, 0x4e, 0x7f, 0x6, 0x3f, 0x0, 0x1, 0x200, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x4, @perf_config_ext={0x0, 0x2}, 0x2878, 0xc0d0, 0x39a, 0x4, 0xf1, 0x5, 0x0, 0x0, 0x1102, 0x0, 0x10001}, r1, 0x3, r6, 0x3)
perf_event_open(&(0x7f0000003300)={0x2, 0x80, 0x5, 0x3, 0x6, 0x3, 0x0, 0x8, 0x1000, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f00000032c0), 0xc}, 0x1cc36, 0xff, 0x1, 0x3, 0x5, 0x6, 0x8, 0x0, 0x400, 0x0, 0x200}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000003380)={{0x1, 0x1, 0x18, <r8=>r5, {0x101, 0x10001}}, './file0\x00'})
ioctl$FS_IOC_ENABLE_VERITY(r8, 0x40806685, &(0x7f0000003500)={0x1, 0x2, 0x1000, 0x9, &(0x7f00000033c0)="2b154451072b383b0f", 0xe5, 0x0, &(0x7f0000003400)="bb834808ab490bed4484081c15ad444a83ece24764dba1ad5797977167a2074c5a43adfb71fe71800ed405654545a3c624b89b37bd9914ea8e0dc6e0b5552de7a5b97f1c3991e4ed050a56327e998f8c31194918fd16466aca500ffdae6964d3aea3a1341af0172e32e8255e5f9181f8b844b0d3acdc02e6a8fb0d961ce152269d1f2e73028baf62d776798a4c0e481fd9f78f5516f52f131e149cb6a1739163bc5c0441c8cb1b742440e8b25aa322eaf96a7aeef24dfdb7f662ea60eca367875c0bd197011295e2e22b9eb90e93273157cb6e70e618e3690d13dd00361345b630182814dc"})
ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
write$binfmt_script(r8, &(0x7f0000003580)={'#! ', './file0', [{0x20, '\x00'}, {0x20, '\xb4[.\\$'}, {0x20, '[:-[(^)}/'}], 0xa, "52ec50974bb3bf16e8e28bbd208aa659e6f3031550501e64c7bec80244850e85cf118ef99aab131a19aee990cb27e7fe254135c138d2ac674689e21a90b66d58a45456566fda36bd55036b4c32fb0c2bd725ffcee6bf4e64516ee65d5d4e92fa56351f0c7c0ea92477645e5dd3933d1e96c23dbe69fa983fdef2faaef21dbe1477d7cee760bf84dc"}, 0xa5)
perf_event_open(&(0x7f0000003680)={0x5, 0x80, 0xf9, 0x3, 0x4, 0x1, 0x0, 0xff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000003640), 0x2}, 0x7100, 0x8, 0xad, 0x4, 0xfffffffffffffff8, 0xb4, 0x7, 0x0, 0x1e83, 0x0, 0x81}, r1, 0x4, r7, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000003740)={{0x1, 0x1, 0x18, r2, {0x8a15, 0x9e9}}, './file0\x00'})

10:23:27 executing program 5:
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r0=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, 0x0, 0x4, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r0}, @void}}, [@NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x1, 0x3}, {0x4, 0x7}, {0x8}, {0x1f, 0x7}, {0x5, 0x1}, {0x5, 0x5}, {0xb9, 0x3}, {0x87, 0x7}, {0x1a, 0x4}, {0x0, 0x1}, {0x0, 0x3}], "72735e42ac05b20d"}}, @NL80211_ATTR_QOS_MAP={0xc, 0xc7, {[], "cf20f45a68bc0106"}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240480c1}, 0x40)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000008}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x50, r1, 0x100, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x840f5}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0xe)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x40, r1, 0x2, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3, 0x61}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xb}]]}, 0x40}, 0x1, 0x0, 0x0, 0x128e36f7285832ec}, 0x800)
connect$netlink(r2, &(0x7f0000000440)=@kern={0x10, 0x0, 0x0, 0x100000}, 0xc)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r2)
sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r3, 0x1, 0x20, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r0}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4850}, 0x4000840)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0), 0x361681, 0x0)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x48, 0x13, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x20044080}, 0x44000)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r4, &(0x7f0000000800)={&(0x7f0000000740), 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x30, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {}, {0x14, 0x19, {0x6, 0x30, 0x0, 0x2}}}, ["", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000040}, 0x4044004)
sendmsg$TIPC_NL_NET_GET(r2, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x48, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x38fa}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xd3}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x8001}, 0x80)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000a40)={0x0, <r5=>0x0})
perf_event_open(&(0x7f00000009c0)={0x3, 0x80, 0x5, 0x81, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000980), 0x4}, 0x4, 0x4, 0x7931, 0x2, 0x8, 0x2, 0x7, 0x0, 0x9, 0x0, 0x100000000}, r5, 0x5, 0xffffffffffffffff, 0x2)
r6 = syz_open_dev$hidraw(&(0x7f0000000ac0), 0xcb, 0x4000)
sendfile(r6, r2, &(0x7f0000000b00)=0x20, 0x9)
openat$sr(0xffffffffffffff9c, &(0x7f0000000b40), 0x480000, 0x0)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000d80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x34, 0x0, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

10:23:27 executing program 6:
fremovexattr(0xffffffffffffffff, &(0x7f0000000000)=@random={'os2.', '\xed\xa6#^\x00'})
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000080)={0x1, 0x8, 0x7})
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
listen(r0, 0x400)
r1 = accept4$unix(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0x6e, 0x80000)
getsockname(r1, &(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @dev}}, &(0x7f0000000200)=0x80)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r2, &(0x7f0000000240)={0x1f, @none}, 0x8)
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x4100, 0x0)
socket(0x10891fe818f11300, 0x2, 0x3f)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r4=>r3, {0x0, 0xee00}}, './file0\x00'})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000300)={<r5=>r4, 0x0, 0x9, 0x7})
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000340), 0x480000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r7=>r4, {0x1ff, 0x81}}, './file0\x00'})
r8 = syz_open_dev$vcsa(&(0x7f00000003c0), 0x6039, 0x82600)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r8, 0xc0189375, &(0x7f0000000400)={{0x1, 0x1, 0x18}, './file0\x00'})
getsockopt$bt_BT_VOICE(r5, 0x112, 0xb, &(0x7f0000000440)=0x81, &(0x7f0000000480)=0x2)
write$binfmt_aout(r7, &(0x7f00000004c0)={{0x107, 0x40, 0xfc, 0x222, 0x2e4, 0x5, 0x21f}, "038e4a8c31fb0ea7e5cf255e51128e69601c7fca08c5294d2a53ff8753b74e1a35fd976b31561d874062b3b1d7dc29a87ba860e1c14503edb168519e98fe978900290e46beedfd7ff6b94df7adfb41c94bb8d950d276d812edff9de0b64cc3b6792fe2c1d56cbf737f4289b277c30edc9de3a0baa6b915338ada2762f6546f4b1d9d4cada46d25af1124a45f1c269fbc16869c10c8ce988c41080d500e284439e8e9ec28aa3a03f205e35d16d9f865b0c694291f6bac52d3853357654a67e4c78d72aed857dfaa3d6e4ae4", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x7eb)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000cc0), 0x8)

10:23:27 executing program 3:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r0, 0x4, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void, @val={0xc, 0x99, {0x2f, 0x69}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4800}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x34050000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x108, r0, 0x200, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x81, 0xc}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_MESH_SETUP={0x24, 0x70, [@NL80211_MESH_SETUP_USERSPACE_MPM={0x4}, @NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC={0x5}, @NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5, 0x2, 0x1}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_AUTH_PROTOCOL={0x5, 0x8, 0x2}]}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x17, 0x24, [{0x9}, {0x18}, {0x6c, 0x1}, {0x12, 0x1}, {0x18, 0x1}, {0x48, 0x1}, {0x6, 0x1}, {0x30, 0x1}, {0x24}, {0x1}, {}, {0xb}, {0x24, 0x1}, {}, {0x60, 0x1}, {0x6c}, {0x6}, {0x9}, {0x2, 0x1}]}, @NL80211_ATTR_BSS_BASIC_RATES={0x6, 0x24, [{0x60}, {0x24}]}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x5}, @NL80211_ATTR_TX_RATES={0x88, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x84, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x3, 0xb, 0x18, 0x15, 0x1, 0x36, 0x1, 0x18, 0x18, 0x1, 0x30, 0x18, 0x16, 0x48, 0x12, 0x0, 0x6, 0xb, 0x1, 0x9, 0x1b, 0x3, 0x60, 0x6, 0x4, 0x16, 0x6c]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x6, 0xf4, 0x7, 0x6, 0x40, 0x2, 0x9]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x2, 0x3, 0x1b, 0x2, 0x1, 0x36, 0x36]}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x7, 0x9}, {0x5, 0x9}, {0x2, 0x4}, {0x6}, {0x6, 0x1}, {0x1, 0x4}, {0x2, 0x7}, {0x5, 0x3}, {}, {0x3}, {0x0, 0x3}, {0x0, 0x4}, {0x1}, {0x2, 0x1}, {0x6}, {0x3, 0xa}, {0x5}, {0x7, 0x2}, {0x5, 0x9}, {0x2, 0x3}, {0x2, 0x1}, {0x3, 0x4}, {0x4}, {0x5, 0x7}, {0x5, 0x1}, {0x0, 0x6}, {0x0, 0x5}, {0x2, 0x9}, {0x5}, {0x2, 0x8}, {0x6, 0xa}, {0x4, 0x5}, {0x6, 0xa}, {0x1, 0x6}, {0x0, 0x1}, {0x2, 0x2}, {0x6, 0x7}, {0x3, 0x1}, {0x2, 0x9}, {0x5, 0x6}, {0x5, 0x7}, {0x5, 0x1}, {0x3, 0x3}, {0x6, 0x9}]}]}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x108}, 0x1, 0x0, 0x0, 0x28020000}, 0x4080)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x28, r2, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xff}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x28}}, 0x4000)
r3 = creat(&(0x7f00000004c0)='./file0\x00', 0x2)
clone3(&(0x7f0000000700)={0x0, &(0x7f0000000500)=<r4=>0xffffffffffffffff, &(0x7f0000000540), &(0x7f0000000580)=<r5=>0x0, {0x29}, &(0x7f00000005c0)=""/93, 0x5d, &(0x7f0000000640)=""/82, &(0x7f00000006c0)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x3}, 0x58)
ioctl$sock_SIOCSPGRP(r3, 0x8902, &(0x7f0000000780)=r5)
ioctl$INCFS_IOC_CREATE_FILE(r4, 0xc058671e, &(0x7f0000000b80)={{'\x00', 0x3}, {0x3c39}, 0x138, 0x0, 0x0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='./file0\x00', &(0x7f0000000840)="a04102d2b20fa838e3313bab99303c109645e4b89d68574e2c5cd3bed70c1e3833eff46a7ccd64e442f2f0a5479dbc1152a609e56772acd5356549b1b0f6cb5019b7e2a7ee9302c5aa7821bd2bd8b8b78a3f28ed0143442948d182066936ae916ea1b73abeb372fe5da9bcb013a2871c7bad4b24825d482137966ab9005d495ccd0968cb9108295997b89a5272875422a62ce246a75702112954f22d2d1fb933c7d56f9ed62d6301ea3a68ebadf0a541cc85add82cbbba7690498e93466076fdb718c0ef96905e02cba3abd3549c096ec1c1a413abd9f82e2628369353e60eb0bc5c53841333a867e36cabfa49c86941c5e5f98cd28311d3bea3e3407e05d22b57504a17902e246bb969905635c8430b373cfc6436e465a23e22920401843b3e16dcfc76e4c3b0c34e797678efcb8ebd88cd802b9e6788e2e69dcdb15428c99c9eb1fef8aad88a31ce628eeef7faeb20ab0c83fe1bd97c6be3213b2183738f226005250cf4e07dfce0d7d52f8b56ea2efa6027f54590ef689ad2e4654dca990133fa400fb95a9cf0d66088c936b623c524a70bba4bf0c82dbf2045abdb047500a9035503f9e9676b9d7e8acfecf124ab27958a18d4dadd99f0a96b8d2b022f52e2d67dad196dfe3af0852a2b2a", 0x1cd, 0x0, &(0x7f0000000a40)={0x2, 0xda, {0x0, 0xc, 0x78, "f42fbb9d80f347b1969c82cd9ffb7fe2920c3b961a84d6ed987416ac76b7611cd23722962d9fda753e11257baa1756d367cc0420545e76eed355928bb49e345b02b070367ab78c6d93f77e0b683cf38ed434bb26071de6b014257456ebf87d2e4a934afd272f9a545483f6f40be1a05d7b1f91d02f149c63", 0x55, "a7b9db82c8434e1cf41ae1ac188357d8528b61aede350ec4115f9c1ecdd451bf83266845bdc3754c2eaa58b496ad3ca98e1e1eeecba4c3a975315a8b772c0309dbeca73cdfa882662fd156201139bf01073c7d074f"}, 0x4d, "4db573a6e0de718394bb0040d2f057463e13b03c1f85f4059b82924ddfcf49cb47d93b43ac597e30b21eaa002dfaff0b618f35d15a3f2a8874ad8de867e06b811d8853551b46ba38eabf28f982"}, 0x133})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c40), r3)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000000d00)={&(0x7f0000000c00), 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x1c, r6, 0x100, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x480d1}, 0x40005)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000d40)={{0x1, 0x1, 0x18, <r7=>r4, {0x4}}, './file0\x00'})
openat(r7, &(0x7f0000000d80)='./file0\x00', 0x90181, 0xc)
openat(0xffffffffffffff9c, &(0x7f0000000dc0)='./file0\x00', 0x8000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000e00)={{0x1, 0x1, 0x18, <r8=>r4, {0x351}}, './file0\x00'})
sendmsg$NL80211_CMD_GET_MPP(r8, &(0x7f0000000f00)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x54081080}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x2c, 0x0, 0x4, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2004c810}, 0x60000000)
r9 = accept(r3, &(0x7f0000000f40)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f0000000fc0)=0x80)
sendmsg$NL80211_CMD_NEW_INTERFACE(r9, &(0x7f00000010c0)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x34, r2, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4000811)
sendmsg$OSF_MSG_REMOVE(r8, &(0x7f0000001400)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000013c0)={&(0x7f0000001140)={0x268, 0x1, 0x5, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2}, [{{0x254, 0x1, {{0x3, 0x3f}, 0x0, 0x5f, 0x1, 0x6, 0x20, 'syz0\x00', "ed6f7a11bdf129530d4ab679ae2b3b1da6cc7924523cda676ae13a78c34ab042", "eb6313d510ba5368a83f3762c47d116b80c22d8d59be9791bc9b12b93fe86ea0", [{0x7ff, 0x2, {0x1, 0x9f}}, {0x7, 0xff6, {0x1, 0x7}}, {0x7fff, 0x100, {0x3, 0x3}}, {0x5, 0x0, {0x2, 0xfffffeff}}, {0x6, 0xf5e, {0x1, 0xffffffff}}, {0x20, 0x8}, {0x1, 0xfe00, {0x2, 0x51}}, {0x3, 0x2, {0x3, 0x4}}, {0x1, 0x40, {0x1, 0x5}}, {0x5, 0x81, {0x1, 0xad2}}, {0x4, 0x2, {0x1, 0x7}}, {0x5, 0x19, {0x0, 0x9}}, {0x0, 0x0, {0x3, 0x2}}, {0x2, 0x85, {0x3, 0x9}}, {0x300, 0x9, {0x1, 0x2}}, {0x400, 0x7f, {0x1}}, {0x0, 0x4, {0x2, 0x79}}, {0x400, 0x2, {0x2, 0x40}}, {0x1, 0xfff, {0x1, 0x6}}, {0xde1, 0x8, {0x0, 0x4}}, {0x8, 0x4, {0x1, 0x7}}, {0x6, 0x2, {0x3, 0x401}}, {0x0, 0x1, {0x3, 0x2}}, {0x9, 0x1, {0x1, 0x40}}, {0x7, 0x9, {0x1, 0x1000}}, {0x4, 0x0, {0x3, 0x87e}}, {0xf91, 0x2, {0x3, 0x7ff}}, {0x7, 0x51, {0x2, 0xffffffff}}, {0x3, 0x2, {0x2, 0x7f}}, {0xb81, 0x7ff, {0x1, 0x7}}, {0xc38d, 0x6}, {0x100, 0x4d0d, {0x1, 0x8}}, {0xc615, 0x800, {0x2, 0x3}}, {0x1ff, 0xfff7, {0x1, 0x5}}, {0x1f, 0xf6, {0x0, 0xadcc}}, {0x100, 0x2, {0x0, 0x6}}, {0xfffc, 0x8, {0x2, 0x18}}, {0xffe0, 0x5, {0x2, 0x8001}}, {0x7, 0x7ff, {0x1}}, {0x8, 0x7, {0x1, 0x5}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040)

[   66.397364] audit: type=1400 audit(1664533407.374:6): avc:  denied  { execmem } for  pid=287 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   67.587441] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.589549] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.591881] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.595095] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.597563] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   67.598870] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.606770] Bluetooth: hci0: HCI_REQ-0x0c1a
[   67.650931] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   67.652941] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   67.654844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   67.663949] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   67.665524] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   67.667116] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   67.668287] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   67.669601] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   67.670918] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   67.676562] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   67.678056] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   67.684153] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   67.704537] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   67.706139] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   67.707457] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   67.711172] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   67.713099] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   67.714500] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   67.719282] Bluetooth: hci7: HCI_REQ-0x0c1a
[   67.733516] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   67.734670] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   67.736950] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   67.738416] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   67.740867] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   67.742217] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   67.756712] Bluetooth: hci3: HCI_REQ-0x0c1a
[   67.757564] Bluetooth: hci2: HCI_REQ-0x0c1a
[   67.758858] Bluetooth: hci1: HCI_REQ-0x0c1a
[   67.770214] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   67.772616] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   67.775634] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   67.788204] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   67.798405] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   67.800159] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   67.805232] Bluetooth: hci5: HCI_REQ-0x0c1a
[   67.810926] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   67.813828] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   67.819507] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   67.823910] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   67.826252] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   67.828534] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   67.843413] Bluetooth: hci6: HCI_REQ-0x0c1a
[   69.670684] Bluetooth: hci0: command 0x0409 tx timeout
[   69.733350] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   69.734389] Bluetooth: hci7: command 0x0409 tx timeout
[   69.797373] Bluetooth: hci3: command 0x0409 tx timeout
[   69.797399] Bluetooth: hci1: command 0x0409 tx timeout
[   69.798401] Bluetooth: hci2: command 0x0409 tx timeout
[   69.861369] Bluetooth: hci5: command 0x0409 tx timeout
[   69.862370] Bluetooth: hci6: command 0x0409 tx timeout
[   71.717353] Bluetooth: hci0: command 0x041b tx timeout
[   71.781408] Bluetooth: hci7: command 0x041b tx timeout
[   71.845368] Bluetooth: hci1: command 0x041b tx timeout
[   71.846450] Bluetooth: hci2: command 0x041b tx timeout
[   71.846867] Bluetooth: hci3: command 0x041b tx timeout
[   71.909405] Bluetooth: hci6: command 0x041b tx timeout
[   71.909816] Bluetooth: hci5: command 0x041b tx timeout
[   73.766352] Bluetooth: hci0: command 0x040f tx timeout
[   73.829355] Bluetooth: hci7: command 0x040f tx timeout
[   73.893397] Bluetooth: hci3: command 0x040f tx timeout
[   73.893425] Bluetooth: hci2: command 0x040f tx timeout
[   73.893871] Bluetooth: hci1: command 0x040f tx timeout
[   73.958440] Bluetooth: hci5: command 0x040f tx timeout
[   73.959464] Bluetooth: hci6: command 0x040f tx timeout
[   74.598361] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   75.813351] Bluetooth: hci0: command 0x0419 tx timeout
[   75.877346] Bluetooth: hci7: command 0x0419 tx timeout
[   75.941378] Bluetooth: hci1: command 0x0419 tx timeout
[   75.942380] Bluetooth: hci2: command 0x0419 tx timeout
[   75.942427] Bluetooth: hci3: command 0x0419 tx timeout
[   76.005359] Bluetooth: hci6: command 0x0419 tx timeout
[   76.005393] Bluetooth: hci5: command 0x0419 tx timeout
[   77.116087] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   77.121798] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   77.122760] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   77.127052] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   77.130740] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   77.133924] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   77.141890] Bluetooth: hci4: HCI_REQ-0x0c1a
[   79.205407] Bluetooth: hci4: command 0x0409 tx timeout
[   81.253354] Bluetooth: hci4: command 0x041b tx timeout
[   83.301392] Bluetooth: hci4: command 0x040f tx timeout
[   85.349355] Bluetooth: hci4: command 0x0419 tx timeout
10:24:20 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000240)={0x5, 0x80, 0x0, 0x40, 0x8, 0x6, 0x0, 0x7fffffff, 0x10140, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x4, 0x4, @perf_bp={&(0x7f0000000180), 0x5}, 0xa1, 0x7, 0xa9, 0x0, 0x1800000000000000, 0x100, 0x3, 0x0, 0x81, 0x0, 0x3f}, 0xffffffffffffffff, 0x10, r0, 0x8)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x1, 0x2, 0x20, 0x2, 0x0, 0x138, 0x8, 0xa, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x64f, 0x6, @perf_config_ext={0xffff, 0x3}, 0xa, 0x0, 0xff, 0x4, 0x7, 0xf7d, 0x800, 0x0, 0x20, 0x0, 0x8}, 0x0, 0xe, r2, 0x0)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x56, 0x20, 0x3e, 0x0, 0x0, 0x2904, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0xde, 0x200}, 0x8, 0x6, 0x8, 0x8, 0xffffffffffffffde, 0x40, 0xc82a, 0x0, 0x5, 0x0, 0x5}, 0x0, 0xf, r0, 0x8)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x9, 0x3, 0x80, 0x6, 0x0, 0x2a, 0x4000, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3f, 0x2, @perf_config_ext, 0x59131, 0xb8, 0x2, 0x4, 0x3, 0x8, 0x3, 0x0, 0x7fffffff, 0x0, 0x6}, 0xffffffffffffffff, 0x6, r2, 0xb)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x2a, &(0x7f0000000200)={0x77359400}, 0x10)
r3 = syz_io_uring_complete(0x0)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x62, &(0x7f0000000740)=0x3, 0x4)

[  119.938261] audit: type=1400 audit(1664533460.915:7): avc:  denied  { open } for  pid=3741 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.939820] audit: type=1400 audit(1664533460.915:8): avc:  denied  { kernel } for  pid=3741 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.964167] ------------[ cut here ]------------
[  119.964198] 
[  119.964204] ======================================================
[  119.964209] WARNING: possible circular locking dependency detected
[  119.964215] 6.0.0-rc7-next-20220929 #1 Not tainted
[  119.964225] ------------------------------------------------------
[  119.964230] syz-executor.4/3742 is trying to acquire lock:
[  119.964242] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  119.964306] 
[  119.964306] but task is already holding lock:
[  119.964311] ffff88803f31b820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  119.964353] 
[  119.964353] which lock already depends on the new lock.
[  119.964353] 
[  119.964358] 
[  119.964358] the existing dependency chain (in reverse order) is:
[  119.964363] 
[  119.964363] -> #3 (&ctx->lock){....}-{2:2}:
[  119.964386]        _raw_spin_lock+0x2a/0x40
[  119.964404]        __perf_event_task_sched_out+0x53b/0x18d0
[  119.964423]        __schedule+0xedd/0x2470
[  119.964446]        schedule+0xda/0x1b0
[  119.964468]        exit_to_user_mode_prepare+0x114/0x1a0
[  119.964488]        syscall_exit_to_user_mode+0x19/0x40
[  119.964509]        do_syscall_64+0x48/0x90
[  119.964537]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.964558] 
[  119.964558] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  119.964581]        _raw_spin_lock_nested+0x30/0x40
[  119.964598]        raw_spin_rq_lock_nested+0x1e/0x30
[  119.964619]        task_fork_fair+0x63/0x4d0
[  119.964646]        sched_cgroup_fork+0x3d0/0x540
[  119.964669]        copy_process+0x4183/0x6e20
[  119.964686]        kernel_clone+0xe7/0x890
[  119.964702]        user_mode_thread+0xad/0xf0
[  119.964719]        rest_init+0x24/0x250
[  119.964738]        arch_call_rest_init+0xf/0x14
[  119.964764]        start_kernel+0x4c6/0x4eb
[  119.964788]        secondary_startup_64_no_verify+0xe0/0xeb
[  119.964811] 
[  119.964811] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  119.964834]        _raw_spin_lock_irqsave+0x39/0x60
[  119.964852]        try_to_wake_up+0xab/0x1930
[  119.964873]        up+0x75/0xb0
[  119.964896]        __up_console_sem+0x6e/0x80
[  119.964922]        console_unlock+0x46a/0x590
[  119.964948]        vprintk_emit+0x1bd/0x560
[  119.964975]        vprintk+0x84/0xa0
[  119.965001]        _printk+0xba/0xf1
[  119.965020]        regdb_fw_cb.cold+0x6c/0xa7
[  119.965047]        request_firmware_work_func+0x12e/0x240
[  119.965079]        process_one_work+0xa17/0x16a0
[  119.965107]        worker_thread+0x637/0x1260
[  119.965135]        kthread+0x2ed/0x3a0
[  119.965158]        ret_from_fork+0x22/0x30
[  119.965178] 
[  119.965178] -> #0 ((console_sem).lock){....}-{2:2}:
[  119.965201]        __lock_acquire+0x2a02/0x5e70
[  119.965228]        lock_acquire+0x1a2/0x530
[  119.965254]        _raw_spin_lock_irqsave+0x39/0x60
[  119.965272]        down_trylock+0xe/0x70
[  119.965296]        __down_trylock_console_sem+0x3b/0xd0
[  119.965327]        vprintk_emit+0x16b/0x560
[  119.965353]        vprintk+0x84/0xa0
[  119.965380]        _printk+0xba/0xf1
[  119.965397]        report_bug.cold+0x72/0xab
[  119.965423]        handle_bug+0x3c/0x70
[  119.965450]        exc_invalid_op+0x14/0x50
[  119.965478]        asm_exc_invalid_op+0x16/0x20
[  119.965498]        group_sched_out.part.0+0x2c7/0x460
[  119.965527]        ctx_sched_out+0x8f1/0xc10
[  119.965555]        __perf_event_task_sched_out+0x6d0/0x18d0
[  119.965573]        __schedule+0xedd/0x2470
[  119.965595]        schedule+0xda/0x1b0
[  119.965617]        exit_to_user_mode_prepare+0x114/0x1a0
[  119.965635]        syscall_exit_to_user_mode+0x19/0x40
[  119.965656]        do_syscall_64+0x48/0x90
[  119.965684]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.965704] 
[  119.965704] other info that might help us debug this:
[  119.965704] 
[  119.965709] Chain exists of:
[  119.965709]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  119.965709] 
[  119.965733]  Possible unsafe locking scenario:
[  119.965733] 
[  119.965737]        CPU0                    CPU1
[  119.965741]        ----                    ----
[  119.965744]   lock(&ctx->lock);
[  119.965753]                                lock(&rq->__lock);
[  119.965764]                                lock(&ctx->lock);
[  119.965774]   lock((console_sem).lock);
[  119.965784] 
[  119.965784]  *** DEADLOCK ***
[  119.965784] 
[  119.965787] 2 locks held by syz-executor.4/3742:
[  119.965798]  #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  119.965856]  #1: ffff88803f31b820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  119.965900] 
[  119.965900] stack backtrace:
[  119.965904] CPU: 0 PID: 3742 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220929 #1
[  119.965925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  119.965937] Call Trace:
[  119.965942]  <TASK>
[  119.965950]  dump_stack_lvl+0x8b/0xb3
[  119.965980]  check_noncircular+0x263/0x2e0
[  119.966008]  ? format_decode+0x26c/0xb50
[  119.966035]  ? print_circular_bug+0x450/0x450
[  119.966063]  ? enable_ptr_key_workfn+0x20/0x20
[  119.966090]  ? perf_trace_lock+0x308/0x560
[  119.966114]  ? format_decode+0x26c/0xb50
[  119.966144]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  119.966174]  __lock_acquire+0x2a02/0x5e70
[  119.966213]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  119.966254]  lock_acquire+0x1a2/0x530
[  119.966281]  ? down_trylock+0xe/0x70
[  119.966311]  ? lock_release+0x750/0x750
[  119.966348]  ? vprintk+0x84/0xa0
[  119.966378]  _raw_spin_lock_irqsave+0x39/0x60
[  119.966397]  ? down_trylock+0xe/0x70
[  119.966424]  down_trylock+0xe/0x70
[  119.966450]  ? vprintk+0x84/0xa0
[  119.966479]  __down_trylock_console_sem+0x3b/0xd0
[  119.966508]  vprintk_emit+0x16b/0x560
[  119.966540]  vprintk+0x84/0xa0
[  119.966570]  _printk+0xba/0xf1
[  119.966589]  ? record_print_text.cold+0x16/0x16
[  119.966618]  ? report_bug.cold+0x66/0xab
[  119.966648]  ? group_sched_out.part.0+0x2c7/0x460
[  119.966679]  report_bug.cold+0x72/0xab
[  119.966711]  handle_bug+0x3c/0x70
[  119.966740]  exc_invalid_op+0x14/0x50
[  119.966771]  asm_exc_invalid_op+0x16/0x20
[  119.966792] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  119.966826] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  119.966844] RSP: 0018:ffff88801ab5fc48 EFLAGS: 00010006
[  119.966859] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  119.966872] RDX: ffff88801ab3d040 RSI: ffffffff81565e67 RDI: 0000000000000005
[  119.966885] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  119.966897] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803f31b800
[  119.966910] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002
[  119.966930]  ? group_sched_out.part.0+0x2c7/0x460
[  119.966964]  ? group_sched_out.part.0+0x2c7/0x460
[  119.966998]  ctx_sched_out+0x8f1/0xc10
[  119.967032]  __perf_event_task_sched_out+0x6d0/0x18d0
[  119.967057]  ? lock_is_held_type+0xd7/0x130
[  119.967081]  ? __perf_cgroup_move+0x160/0x160
[  119.967099]  ? set_next_entity+0x304/0x550
[  119.967128]  ? update_curr+0x267/0x740
[  119.967160]  ? lock_is_held_type+0xd7/0x130
[  119.967185]  __schedule+0xedd/0x2470
[  119.967215]  ? io_schedule_timeout+0x150/0x150
[  119.967243]  ? __x64_sys_futex_time32+0x480/0x480
[  119.967268]  schedule+0xda/0x1b0
[  119.967293]  exit_to_user_mode_prepare+0x114/0x1a0
[  119.967314]  syscall_exit_to_user_mode+0x19/0x40
[  119.967337]  do_syscall_64+0x48/0x90
[  119.967367]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.967389] RIP: 0033:0x7f455c65bb19
[  119.967402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  119.967420] RSP: 002b:00007f4559bd1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  119.967438] RAX: 0000000000000001 RBX: 00007f455c76ef68 RCX: 00007f455c65bb19
[  119.967451] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f455c76ef6c
[  119.967463] RBP: 00007f455c76ef60 R08: 000000000000000e R09: 0000000000000000
[  119.967475] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f455c76ef6c
[  119.967487] R13: 00007fffba3810ff R14: 00007f4559bd1300 R15: 0000000000022000
[  119.967512]  </TASK>
[  120.054391] WARNING: CPU: 0 PID: 3742 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  120.055415] Modules linked in:
[  120.055780] CPU: 0 PID: 3742 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220929 #1
[  120.056663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  120.057906] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  120.058520] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  120.060477] RSP: 0018:ffff88801ab5fc48 EFLAGS: 00010006
[  120.061057] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  120.061846] RDX: ffff88801ab3d040 RSI: ffffffff81565e67 RDI: 0000000000000005
[  120.062625] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  120.063403] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803f31b800
[  120.064176] R13: ffff88806ce3d2c0 R14: ffffffff8547d040 R15: 0000000000000002
[  120.064951] FS:  00007f4559bd1700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  120.065833] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  120.066490] CR2: 00007fb06d8a6310 CR3: 000000003fed4000 CR4: 0000000000350ef0
[  120.067268] Call Trace:
[  120.067561]  <TASK>
[  120.067821]  ctx_sched_out+0x8f1/0xc10
[  120.068274]  __perf_event_task_sched_out+0x6d0/0x18d0
[  120.068842]  ? lock_is_held_type+0xd7/0x130
[  120.069326]  ? __perf_cgroup_move+0x160/0x160
[  120.069826]  ? set_next_entity+0x304/0x550
[  120.070311]  ? update_curr+0x267/0x740
[  120.070767]  ? lock_is_held_type+0xd7/0x130
[  120.071251]  __schedule+0xedd/0x2470
[  120.071682]  ? io_schedule_timeout+0x150/0x150
[  120.072191]  ? __x64_sys_futex_time32+0x480/0x480
[  120.072726]  schedule+0xda/0x1b0
[  120.073112]  exit_to_user_mode_prepare+0x114/0x1a0
[  120.073656]  syscall_exit_to_user_mode+0x19/0x40
[  120.074188]  do_syscall_64+0x48/0x90
[  120.074616]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  120.075178] RIP: 0033:0x7f455c65bb19
[  120.075590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  120.077552] RSP: 002b:00007f4559bd1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  120.078391] RAX: 0000000000000001 RBX: 00007f455c76ef68 RCX: 00007f455c65bb19
[  120.079154] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f455c76ef6c
[  120.079923] RBP: 00007f455c76ef60 R08: 000000000000000e R09: 0000000000000000
[  120.080687] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f455c76ef6c
[  120.081461] R13: 00007fffba3810ff R14: 00007f4559bd1300 R15: 0000000000022000
[  120.082257]  </TASK>
[  120.082517] irq event stamp: 706
[  120.082893] hardirqs last  enabled at (705): [<ffffffff8133e8c9>] exit_to_user_mode_prepare+0x109/0x1a0
[  120.083902] hardirqs last disabled at (706): [<ffffffff8425a985>] __schedule+0x1225/0x2470
[  120.084800] softirqs last  enabled at (558): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  120.085721] softirqs last disabled at (391): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  120.086655] ---[ end trace 0000000000000000 ]---
10:24:21 executing program 2:
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x9}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4c040}, 0x4)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x400, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_MIN_BE={0x5, 0x11, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x10048)
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000005}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0000c0}, 0x20000000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r3, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8020}, 0x4001840)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wpan4\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r5, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x40, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r2)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r7, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r8, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x20}, 0x1, 0x0, 0x0, 0x2000}, 0x20020051)
r9 = syz_open_dev$vcsu(&(0x7f0000000740), 0xa8, 0x12040)
sendmsg$IPSET_CMD_LIST(r9, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x24, 0x7, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x6}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4008000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r7, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0xb0, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gre0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r10, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10021130}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x34, r8, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)

10:24:21 executing program 2:
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x9}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4c040}, 0x4)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x400, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_MIN_BE={0x5, 0x11, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x10048)
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000005}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0000c0}, 0x20000000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r3, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8020}, 0x4001840)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wpan4\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r5, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x40, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r2)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r7, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r8, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x20}, 0x1, 0x0, 0x0, 0x2000}, 0x20020051)
r9 = syz_open_dev$vcsu(&(0x7f0000000740), 0xa8, 0x12040)
sendmsg$IPSET_CMD_LIST(r9, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x24, 0x7, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x6}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4008000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r7, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0xb0, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gre0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r10, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10021130}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x34, r8, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)

10:24:21 executing program 2:
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x9}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4c040}, 0x4)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x400, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_MIN_BE={0x5, 0x11, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x10048)
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000005}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0000c0}, 0x20000000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r3, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8020}, 0x4001840)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wpan4\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r5, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x40, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r2)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r7, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r8, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x20}, 0x1, 0x0, 0x0, 0x2000}, 0x20020051)
r9 = syz_open_dev$vcsu(&(0x7f0000000740), 0xa8, 0x12040)
sendmsg$IPSET_CMD_LIST(r9, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x24, 0x7, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x6}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4008000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r7, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0xb0, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gre0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r10, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10021130}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x34, r8, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)

10:24:21 executing program 2:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_io_uring_setup(0x759a, &(0x7f0000000000)={0x0, 0x0, 0x20, 0xfffffffc, 0x0, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000640), 0x400, 0x0)
io_uring_setup(0x4ac4, &(0x7f0000000680)={0x0, 0x7543, 0x2, 0x0, 0x20, 0x0, r1})

10:24:21 executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x8, 0xffffffffffffffff, 0x3)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x1)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)=0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00')
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0)
ioctl$SNAPSHOT_FREE(r3, 0x3305)
mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil)

10:24:21 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r3=>0x0)
r4 = syz_open_procfs(0x0, 0x0)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
r5 = fcntl$dupfd(r0, 0x406, r1)
io_submit(0x0, 0x2, &(0x7f0000000240)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0xc7b9, 0xffffffffffffffff, &(0x7f0000000180)="f1fd6e0cce0b5ff2916a9857aadaa97bf1cda2b0439885b7bb3655b9", 0x1c, 0x7fffffff00000000, 0x0, 0x2}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0xc85, r4, &(0x7f0000000700)="d5b2a128b306247533e4746df8d2c6be57605cedd1176dd1577820d5ce4559b754ac4e80118f3a7cca60448b541b27e0cdfe5cb47f34e25d358a91f6b77bdfcc0fc0c89129d6d69088712db50ac81b51591a81ccae6b0fae44ac3b6899fbcc322c2bb6512983f6d4012ad7108ca46268fc6646759e43feab03135b5515aaaf5bd8be6b26582058c62e68ad576bd5956dc326400ae7813b27cafa020b", 0x9c, 0x1, 0x0, 0x3, r5}])
r6 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getdents64(0xffffffffffffffff, &(0x7f0000000600)=""/148, 0x94)
r7 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00')
read$hiddev(r7, &(0x7f0000000040)=""/169, 0x200000e9)
memfd_secret(0x80000)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r8=>r6}, './file1\x00'})
r9 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r9, 0x5407, &(0x7f0000000000)={0x1000, 0x0, 0x0, 0x0, 0x10, "ddab93e1adcbd470"})
ioctl$VT_DISALLOCATE(r9, 0x5608)
io_submit(r3, 0x4, &(0x7f00000005c0)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x3, 0xffffffffffffffff, &(0x7f0000000300)="666fd6fb7c4c8e8bf4059397e83e5ca7e7a13e2dbc305703a2c6a90bba95bb649867b6deabc9", 0x26, 0x4, 0x0, 0x3, r8}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x1000, 0xffffffffffffffff, &(0x7f0000000400)="bcf3b4f072b97e9c8e5e4369e898ea7d3b9aaf8d0633f79e97d0826da4635d97340e117a758d18b9fe61c37ab2832aa388c707228965f582216544e3d9b9e1d50f2085b8b532a2d6b3c64fef32086daf609dede175371d47064c088a9ccda4c9", 0x60, 0x1, 0x0, 0x1, r1}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x3, r9, &(0x7f00000004c0)="457e9ecce6f0e6267ca821ea89e945294a9d2c204cfc7e6ab54c199887166c29b9dd581d3b99a5afd0", 0x29, 0xffff, 0x0, 0x1, r1}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x1, 0xffffffffffffffff, &(0x7f00000006c0)="caab5ab60cec2af461a1c275cab0df2622d311b22d15515e3c4d26fe7dddedecf8b1d9938e233d24e9941337524c7aaaa1ee7e747d80fbc3cca3eeec", 0x3c, 0xffffffffffffffff, 0x0, 0x1, r4}])
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x220)

[  120.733039] random: crng reseeded on system resumption
[  120.751020] Restarting kernel threads ... done.
[  120.788994] random: crng reseeded on system resumption
[  120.803147] Restarting kernel threads ... done.
10:24:21 executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x8, 0xffffffffffffffff, 0x3)
mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x1)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)=0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00')
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0)
ioctl$SNAPSHOT_FREE(r3, 0x3305)
mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil)

[  120.869774] audit: type=1400 audit(1664533461.847:9): avc:  denied  { write } for  pid=3808 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  120.943896] random: crng reseeded on system resumption
[  120.958900] Restarting kernel threads ... done.
[  126.117358] Bluetooth: hci4: command 0x0405 tx timeout

VM DIAGNOSIS:
10:24:21  Registers:
info registers vcpu 0
RAX=0000000000000073 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823ba3c1 RDI=ffffffff8765a9c0 RBP=ffffffff8765a980 RSP=ffff88801ab5f690
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000073 R11=0000000000000001
R12=0000000000000073 R13=ffffffff8765a980 R14=0000000000000010 R15=ffffffff823ba3b0
RIP=ffffffff823ba419 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f4559bd1700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb06d8a6310 CR3=000000003fed4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f455c7427c0 00007f455c7427c8
YMM02=0000000000000000 0000000000000000 00007f455c7427e0 00007f455c7427c0
YMM03=0000000000000000 0000000000000000 00007f455c7427c8 00007f455c7427c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff888009ca81c0 RCX=0000000000000001 RDX=0000000000010170
RSI=ffff888009ca81c8 RDI=0000000000000007 RBP=0000000000000003 RSP=ffff88800fa6faf8
R8 =0000000000000007 R9 =0000000000010000 R10=0000000000010170 R11=0000000000000001
R12=0000000000010170 R13=0000000000000001 R14=0000000000000000 R15=0000000000010170
RIP=ffffffff820c048e RFL=00010093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fbfada964a1 CR3=000000003f2b8000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 0000ffff00000000 0000000000000000
YMM02=0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
YMM03=0000000000000000 0000000000000000 756e20796d6d7564 20736e6f6974706f
YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000