skb_clone+0x154/0x3d0
[  891.898602][T19934]  netlink_broadcast_filtered+0x8dc/0xb90
[  891.904355][T19934]  netlink_broadcast+0x3a/0x50
[  891.909137][T19934]  kobject_uevent_env+0xad4/0x1023
[  891.914275][T19934]  kobject_uevent+0x20/0x26
[  891.918793][T19934]  device_add+0xad8/0x17a0
[  891.923234][T19934]  ? uevent_show+0x370/0x370
[  891.927836][T19934]  ? _raw_spin_unlock+0x2d/0x50
[  891.932711][T19934]  hci_register_dev+0x2e8/0x8f0
[  891.937583][T19934]  hci_uart_tty_ioctl+0x87e/0xc00
[  891.942622][T19934]  tty_ioctl+0xaf9/0x14f0
[  891.946958][T19934]  ? hci_uart_init_work+0x180/0x180
[  891.952165][T19934]  ? do_tty_hangup+0x30/0x30
[  891.956763][T19934]  ? tomoyo_path_number_perm+0x459/0x520
[  891.962417][T19934]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  891.968667][T19934]  ? tomoyo_path_number_perm+0x263/0x520
[  891.974313][T19934]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  891.980126][T19934]  ? __f_unlock_pos+0x19/0x20
[  891.984839][T19934]  ? do_tty_hangup+0x30/0x30
[  891.989442][T19934]  do_vfs_ioctl+0xdb6/0x13e0
[  891.994048][T19934]  ? ioctl_preallocate+0x210/0x210
[  891.999167][T19934]  ? __fget+0x384/0x560
[  892.003340][T19934]  ? ksys_dup3+0x3e0/0x3e0
[  892.007765][T19934]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  892.014015][T19934]  ? fput_many+0x12c/0x1a0
[  892.018452][T19934]  ? tomoyo_file_ioctl+0x23/0x30
[  892.023407][T19934]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  892.029662][T19934]  ? security_file_ioctl+0x8d/0xc0
[  892.034788][T19934]  ksys_ioctl+0xab/0xd0
[  892.038959][T19934]  __x64_sys_ioctl+0x73/0xb0
[  892.043564][T19934]  do_syscall_64+0xfa/0x760
[  892.048081][T19934]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  892.053982][T19934] RIP: 0033:0x45a639
[  892.057895][T19934] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  892.077509][T19934] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  892.085933][T19934] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  892.093935][T19934] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  892.101921][T19934] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  892.109915][T19934] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  892.117906][T19934] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:52:42 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:52:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:52:42 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:52:42 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  894.208832][T19053] Bluetooth: hci0: command 0x1003 tx timeout
[  894.216238][T15043] Bluetooth: hci0: sending frame failed (-49)
[  894.222752][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[  894.229008][T15043] Bluetooth: hci1: sending frame failed (-49)
[  896.288838][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[  896.294971][T15043] Bluetooth: hci1: sending frame failed (-49)
[  896.301554][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[  896.307628][T15043] Bluetooth: hci0: sending frame failed (-49)
[  898.368811][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[  898.374910][   T22] Bluetooth: hci1: command 0x1009 tx timeout
12:52:52 executing program 5 (fault-call:2 fault-nth:46):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:52:52 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:52:52 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:52:52 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x6000000, @remote, 0x7}, 0x1c)

12:52:52 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
write$binfmt_misc(r1, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRES64, @ANYPTR=&(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYRESOCT=r2, @ANYRES16, @ANYPTR64=&(0x7f0000000440)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7e5c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb42bc30000000000000003b66f70dfd9eef38641fbdf8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf60400000000000000403060177496e35983faed0a035f5c31fb6ca4a6612c33648eedceff87911292811b03fd3acd3c403afa75904d12d72f79cd2528dca0f133eabca228b9ae2b2aff349bc0aef9aa4cbb40f5f369caaf81dc8edb2e70436dbe6b8b2a6f94d88a19ce7cff563c89cf1184a41b1606ff5844370630aa67aab7f0dda280c7c518cb4ec64dec5da3c6370f91ef3deeae744b0461b59ec2b18edac18ad0851b5909f664e57004f29e477db969f6d38a0026f370614a4c9fdd7249ac9d6ed0c0", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0x37)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
ptrace$getenv(0x4201, r3, 0x5, &(0x7f0000000180))
splice(r0, 0x0, r1, 0x0, 0x100000000000a, 0x2)

12:52:52 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
ioctl$TCSETX(0xffffffffffffffff, 0x5433, &(0x7f0000000000)={0x3, 0x6, [0x3ff, 0x9, 0x5, 0x200]})
r1 = shmget(0x0, 0x1000, 0x80, &(0x7f0000ffe000/0x1000)=nil)
shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0xd3dc85af9527d9af)
sync_file_range(r0, 0x3, 0x4c, 0x4)

12:52:52 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x4, 0x7f, 0x8, 0x0, 0x0, 0x8, 0x80, 0x3, 0x6, 0x0, 0x9, 0x1f, 0x0, 0xffffc58b, 0x7ed2, 0xb9, 0xfb, 0x8e})
write$binfmt_misc(r3, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r3, 0x0, 0x100000000000a, 0x2)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.capability\x00', &(0x7f00000000c0)=@v1={0x1000000, [{0x0, 0x10001}]}, 0xc, 0x5)

12:52:52 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  902.664667][T19969] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  902.677179][T19969] FAULT_INJECTION: forcing a failure.
[  902.677179][T19969] name failslab, interval 1, probability 0, space 0, times 0
[  902.720928][T19969] CPU: 1 PID: 19969 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  902.729679][T19969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  902.729686][T19969] Call Trace:
[  902.729711][T19969]  dump_stack+0x197/0x210
[  902.729735][T19969]  should_fail.cold+0xa/0x15
[  902.729754][T19969]  ? fault_create_debugfs_attr+0x180/0x180
[  902.729774][T19969]  ? ___might_sleep+0x163/0x2c0
[  902.729792][T19969]  __should_failslab+0x121/0x190
[  902.729808][T19969]  should_failslab+0x9/0x14
[  902.729819][T19969]  __kmalloc+0x2e0/0x770
[  902.729833][T19969]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  902.729846][T19969]  ? devres_add+0x40/0x50
[  902.729861][T19969]  ? rfkill_alloc+0xaa/0x2b0
[  902.729880][T19969]  rfkill_alloc+0xaa/0x2b0
[  902.729894][T19969]  ? hci_leds_init+0x104/0x1c0
[  902.729914][T19969]  hci_register_dev+0x326/0x8f0
[  902.729935][T19969]  hci_uart_tty_ioctl+0x87e/0xc00
[  902.729958][T19969]  tty_ioctl+0xaf9/0x14f0
[  902.743309][T19969]  ? hci_uart_init_work+0x180/0x180
[  902.743327][T19969]  ? do_tty_hangup+0x30/0x30
[  902.743340][T19969]  ? tomoyo_path_number_perm+0x459/0x520
[  902.743360][T19969]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  902.767832][T19969]  ? tomoyo_path_number_perm+0x263/0x520
[  902.767852][T19969]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  902.767865][T19969]  ? __f_unlock_pos+0x19/0x20
[  902.767902][T19969]  ? do_tty_hangup+0x30/0x30
[  902.786844][T19969]  do_vfs_ioctl+0xdb6/0x13e0
[  902.786866][T19969]  ? ioctl_preallocate+0x210/0x210
[  902.786880][T19969]  ? __fget+0x384/0x560
[  902.786898][T19969]  ? ksys_dup3+0x3e0/0x3e0
[  902.786912][T19969]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  902.786926][T19969]  ? fput_many+0x12c/0x1a0
[  902.786944][T19969]  ? tomoyo_file_ioctl+0x23/0x30
[  902.786963][T19969]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  902.805569][T19969]  ? security_file_ioctl+0x8d/0xc0
[  902.805589][T19969]  ksys_ioctl+0xab/0xd0
[  902.805608][T19969]  __x64_sys_ioctl+0x73/0xb0
[  902.805625][T19969]  do_syscall_64+0xfa/0x760
[  902.805644][T19969]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  902.824755][T19969] RIP: 0033:0x45a639
[  902.824772][T19969] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  902.824780][T19969] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  902.824796][T19969] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  902.824805][T19969] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  902.824813][T19969] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  902.824820][T19969] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  902.824834][T19969] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:52:53 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:52:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:52:53 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:52:53 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  903.440896][T19994] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[  904.768779][T19240] Bluetooth: hci1: command 0x1003 tx timeout
[  904.774924][T19051] Bluetooth: hci1: sending frame failed (-49)
[  904.938768][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[  904.944893][T19051] Bluetooth: hci0: sending frame failed (-49)
[  905.488853][T19053] Bluetooth: hci2: command 0x1003 tx timeout
[  905.495128][T19051] Bluetooth: hci2: sending frame failed (-49)
[  906.848862][T19053] Bluetooth: hci1: command 0x1001 tx timeout
[  906.855000][T19051] Bluetooth: hci1: sending frame failed (-49)
[  907.008822][T19053] Bluetooth: hci0: command 0x1001 tx timeout
[  907.014942][T19051] Bluetooth: hci0: sending frame failed (-49)
[  907.568842][T19053] Bluetooth: hci2: command 0x1001 tx timeout
[  907.574977][T19051] Bluetooth: hci2: sending frame failed (-49)
[  908.928882][T19053] Bluetooth: hci1: command 0x1009 tx timeout
[  909.088788][T19053] Bluetooth: hci0: command 0x1009 tx timeout
[  909.648875][T19053] Bluetooth: hci2: command 0x1009 tx timeout
12:53:03 executing program 5 (fault-call:2 fault-nth:47):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:53:03 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7000000, @remote, 0x7}, 0x1c)

12:53:03 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:03 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:03 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000040)={'broute\x00', 0x0, 0x0, 0x0, [], 0x3, &(0x7f0000000000)=[{}], 0x0, [{}, {}, {}]}, 0xa8)

[  913.505001][T20004] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  913.521234][T20004] FAULT_INJECTION: forcing a failure.
[  913.521234][T20004] name failslab, interval 1, probability 0, space 0, times 0
[  913.548521][T20004] CPU: 1 PID: 20004 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  913.557257][T20004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  913.567328][T20004] Call Trace:
[  913.570639][T20004]  dump_stack+0x197/0x210
[  913.574998][T20004]  should_fail.cold+0xa/0x15
[  913.579615][T20004]  ? fault_create_debugfs_attr+0x180/0x180
[  913.585438][T20004]  ? ___might_sleep+0x163/0x2c0
[  913.590308][T20004]  __should_failslab+0x121/0x190
[  913.595261][T20004]  should_failslab+0x9/0x14
[  913.599775][T20004]  kmem_cache_alloc+0x2aa/0x710
[  913.604636][T20004]  ? __kasan_check_write+0x14/0x20
[  913.609765][T20004]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  913.615336][T20004]  __kernfs_new_node+0xf0/0x6c0
[  913.620208][T20004]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  913.625686][T20004]  ? kernfs_activate+0x192/0x1f0
[  913.630650][T20004]  ? acpi_get_bus_type+0x9b/0xc0
[  913.635610][T20004]  ? find_held_lock+0x35/0x130
[  913.640384][T20004]  ? acpi_get_bus_type+0x9b/0xc0
[  913.645337][T20004]  kernfs_new_node+0x96/0x120
[  913.650040][T20004]  __kernfs_create_file+0x51/0x340
[  913.655170][T20004]  sysfs_add_file_mode_ns+0x222/0x560
[  913.660565][T20004]  sysfs_create_file_ns+0x13d/0x1d0
[  913.665781][T20004]  ? acpi_unbind_one+0x4a0/0x4a0
[  913.670736][T20004]  ? sysfs_add_file_mode_ns+0x560/0x560
[  913.676296][T20004]  ? kset_create_and_add+0x1a0/0x1a0
[  913.681778][T20004]  ? dev_fwnode+0xd/0x40
[  913.686041][T20004]  device_create_file+0xf6/0x1e0
[  913.691345][T20004]  device_add+0x5a3/0x17a0
[  913.695780][T20004]  ? uevent_show+0x370/0x370
[  913.700394][T20004]  rfkill_register+0x1bf/0xb50
[  913.705178][T20004]  hci_register_dev+0x378/0x8f0
[  913.710058][T20004]  hci_uart_tty_ioctl+0x87e/0xc00
[  913.715096][T20004]  tty_ioctl+0xaf9/0x14f0
[  913.719438][T20004]  ? hci_uart_init_work+0x180/0x180
[  913.724648][T20004]  ? do_tty_hangup+0x30/0x30
[  913.729249][T20004]  ? tomoyo_path_number_perm+0x459/0x520
[  913.734899][T20004]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  913.741151][T20004]  ? tomoyo_path_number_perm+0x263/0x520
[  913.746813][T20004]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  913.752647][T20004]  ? __f_unlock_pos+0x19/0x20
[  913.757364][T20004]  ? do_tty_hangup+0x30/0x30
[  913.761970][T20004]  do_vfs_ioctl+0xdb6/0x13e0
[  913.766582][T20004]  ? ioctl_preallocate+0x210/0x210
[  913.771970][T20004]  ? __fget+0x384/0x560
[  913.776146][T20004]  ? ksys_dup3+0x3e0/0x3e0
[  913.780579][T20004]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  913.786839][T20004]  ? fput_many+0x12c/0x1a0
[  913.791276][T20004]  ? tomoyo_file_ioctl+0x23/0x30
[  913.796227][T20004]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  913.802488][T20004]  ? security_file_ioctl+0x8d/0xc0
[  913.807615][T20004]  ksys_ioctl+0xab/0xd0
[  913.811796][T20004]  __x64_sys_ioctl+0x73/0xb0
[  913.816443][T20004]  do_syscall_64+0xfa/0x760
[  913.820970][T20004]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  913.826873][T20004] RIP: 0033:0x45a639
[  913.830892][T20004] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  913.850529][T20004] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  913.858956][T20004] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  913.866959][T20004] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  913.874947][T20004] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  913.882932][T20004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  913.891003][T20004] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:53:04 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:04 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:04 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:04 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESDEC=r3, @ANYRESDEC, @ANYRES32, @ANYRES64], 0x3c)
r4 = socket(0x1e, 0x4, 0x0)
r5 = socket$inet6_sctp(0xa, 0x2, 0x84)
r6 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, 0x0, 0x0)
setsockopt$inet_icmp_ICMP_FILTER(r6, 0x1, 0x1, &(0x7f00000001c0)={0xc}, 0x4)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000140)={@mcast2, 0x3, 0x0, 0x0, 0x1, 0x7, 0x3}, &(0x7f0000000180)=0x20)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f00000000c0)={0x1d, @remote, 0x4e24, 0x2, 'ovf\x00', 0x4, 0xffff, 0x2}, 0x2c)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f0000000100))
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
ioctl$BLKFLSBUF(r8, 0x1261, &(0x7f0000000200)=0x8)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r8, 0x4008240b, &(0x7f0000000040)={0x2, 0x70, 0x1, 0x6, 0x7f, 0xd5, 0x0, 0x1f, 0xa8201, 0xe, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x86428d996db3bb5c, 0x4, 0xffffffff, 0x2, 0xffffffffffffffca, 0x5, 0x401})
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
acct(&(0x7f00000002c0)='./file0\x00')

12:53:04 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:04 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x8000000, @remote, 0x7}, 0x1c)

[  915.968856][ T3015] Bluetooth: hci0: command 0x1003 tx timeout
[  915.975011][T15043] Bluetooth: hci0: sending frame failed (-49)
[  918.048808][ T3015] Bluetooth: hci0: command 0x1001 tx timeout
[  918.054937][T15043] Bluetooth: hci0: sending frame failed (-49)
[  920.128845][ T3015] Bluetooth: hci0: command 0x1009 tx timeout
12:53:14 executing program 5 (fault-call:2 fault-nth:48):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:53:14 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:14 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
chroot(&(0x7f0000000000)='./file0\x00')
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000040)=ANY=[], @ANYRES64], 0x43)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:53:14 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:14 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x9000000, @remote, 0x7}, 0x1c)

12:53:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = fcntl$getown(r0, 0x9)
r2 = getpid()
sched_setscheduler(r2, 0x5, &(0x7f0000000380))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$DRM_IOCTL_GEM_OPEN(r6, 0xc010640b, &(0x7f0000000100)={0x0, <r7=>0x0, 0x4})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = fcntl$dupfd(r10, 0x0, r10)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r11, 0xc00c642e, &(0x7f0000000000)={r7, 0x180000, <r12=>r9})
r13 = socket$inet6_tcp(0xa, 0x1, 0x0)
r14 = fcntl$dupfd(r13, 0x0, r13)
ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200)
r15 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r15, 0x10f, 0x87, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r12, &(0x7f00000000c0)={r14, r15, 0x81})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r10)

12:53:14 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:14 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000000)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e52274ada9c85b6852b62bb88fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e1522b31558a4172ad24f7d9dc722f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
syz_open_dev$binderN(&(0x7f00000000c0)='/dev/binder#\x00', 0x0, 0x800)

[  924.414329][T20048] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  924.453628][T20054] FAULT_INJECTION: forcing a failure.
[  924.453628][T20054] name failslab, interval 1, probability 0, space 0, times 0
[  924.476647][T20054] CPU: 0 PID: 20054 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  924.485387][T20054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  924.485402][T20054] Call Trace:
[  924.498764][T20054]  dump_stack+0x197/0x210
[  924.498787][T20054]  should_fail.cold+0xa/0x15
[  924.498806][T20054]  ? fault_create_debugfs_attr+0x180/0x180
[  924.498826][T20054]  ? ___might_sleep+0x163/0x2c0
[  924.498846][T20054]  __should_failslab+0x121/0x190
[  924.508102][T20054]  should_failslab+0x9/0x14
[  924.518820][T20054]  kmem_cache_alloc+0x2aa/0x710
[  924.518834][T20054]  ? memcpy+0x46/0x50
[  924.518851][T20054]  ? kstrdup+0x5a/0x70
[  924.518873][T20054]  __kernfs_new_node+0xf0/0x6c0
[  924.518887][T20054]  ? __lock_acquire+0x16f2/0x4a00
[  924.518936][T20054]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  924.528402][T20054]  ? find_held_lock+0x35/0x130
[  924.528420][T20054]  ? sysfs_do_create_link_sd.isra.0+0x82/0x140
[  924.528446][T20054]  kernfs_new_node+0x96/0x120
[  924.537258][T20054]  kernfs_create_link+0xd7/0x250
[  924.537278][T20054]  sysfs_do_create_link_sd.isra.0+0x90/0x140
[  924.537296][T20054]  sysfs_create_link+0x65/0xc0
[  924.546219][T20054]  device_add+0x75c/0x17a0
[  924.546238][T20054]  ? uevent_show+0x370/0x370
[  924.546253][T20054]  ? _raw_spin_unlock+0x2d/0x50
[  924.546278][T20054]  hci_register_dev+0x2e8/0x8f0
[  924.607716][T20054]  hci_uart_tty_ioctl+0x87e/0xc00
[  924.612777][T20054]  tty_ioctl+0xaf9/0x14f0
[  924.617601][T20054]  ? hci_uart_init_work+0x180/0x180
[  924.622816][T20054]  ? do_tty_hangup+0x30/0x30
[  924.627416][T20054]  ? tomoyo_path_number_perm+0x459/0x520
[  924.633153][T20054]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  924.639403][T20054]  ? tomoyo_path_number_perm+0x263/0x520
[  924.645054][T20054]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  924.651221][T20054]  ? __f_unlock_pos+0x19/0x20
[  924.655937][T20054]  ? do_tty_hangup+0x30/0x30
[  924.660541][T20054]  do_vfs_ioctl+0xdb6/0x13e0
[  924.665147][T20054]  ? ioctl_preallocate+0x210/0x210
[  924.670278][T20054]  ? __fget+0x384/0x560
[  924.674544][T20054]  ? ksys_dup3+0x3e0/0x3e0
[  924.679403][T20054]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  924.690341][T20054]  ? fput_many+0x12c/0x1a0
[  924.694775][T20054]  ? tomoyo_file_ioctl+0x23/0x30
[  924.699723][T20054]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  924.706159][T20054]  ? security_file_ioctl+0x8d/0xc0
[  924.711283][T20054]  ksys_ioctl+0xab/0xd0
[  924.715456][T20054]  __x64_sys_ioctl+0x73/0xb0
[  924.720239][T20054]  do_syscall_64+0xfa/0x760
[  924.724756][T20054]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  924.731455][T20054] RIP: 0033:0x45a639
[  924.735359][T20054] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  924.755073][T20054] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  924.763494][T20054] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  924.772089][T20054] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  924.780074][T20054] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  924.788052][T20054] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  924.796331][T20054] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
[  924.813548][T20054] Bluetooth: Can't register HCI device
12:53:14 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
lseek(r2, 0x6, 0x0)
write$binfmt_aout(r0, &(0x7f00000008c0)={{0x107, 0x8, 0x1, 0x1a1, 0x101, 0x9, 0x11f}, "6e2b418ff87ad1deab0b00185355ab036f0a49a998ff4d61a84f879e64329861537a86ec658640359cce65fcc83edd1ed102603f2ff09207f4e5f50bf2b9cad98e1f8d5425ed2788572cfb125ac1581d00d886d7724141b7a4e2cbed0106cd6054f4c53b849ed4fc0fd1cf4bb62a10912e4eed83d854337616249b7e40b2f3b60c506aef5661dde3b72cdf9b17f3e4b93383db94eaff0ae45b53a15dd19bc11a320e85ee39a367b122b09273a0bb11b9ac9265bc5e99248ceac4b16f3f7ccffce7c4445c82e5940ff5d87eaef223258beac89fcb593cb06980d71c40b499504dbf0986", [[], [], []]}, 0x403)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x9, 0x220c00)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r5, &(0x7f0000000000), 0x2ab, 0x4)
write$binfmt_misc(r3, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC=r4, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRES64=r5, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[]], @ANYRES64], 0x43)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r3, 0x0, 0x100000000000a, 0x2)

12:53:14 executing program 5 (fault-call:2 fault-nth:49):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:53:14 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:14 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  924.966037][T20069] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[  924.981998][T20069] FAULT_INJECTION: forcing a failure.
[  924.981998][T20069] name failslab, interval 1, probability 0, space 0, times 0
[  925.003022][T20069] CPU: 1 PID: 20069 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  925.011738][T20069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  925.011746][T20069] Call Trace:
[  925.011770][T20069]  dump_stack+0x197/0x210
[  925.011793][T20069]  should_fail.cold+0xa/0x15
[  925.011811][T20069]  ? fault_create_debugfs_attr+0x180/0x180
[  925.011832][T20069]  ? ___might_sleep+0x163/0x2c0
[  925.011850][T20069]  __should_failslab+0x121/0x190
[  925.011874][T20069]  should_failslab+0x9/0x14
[  925.011894][T20069]  kmem_cache_alloc+0x2aa/0x710
[  925.039964][T20069]  ? __kasan_check_read+0x11/0x20
[  925.039980][T20069]  ? mark_lock+0xc2/0x1220
[  925.040001][T20069]  __kernfs_new_node+0xf0/0x6c0
[  925.040015][T20069]  ? __lock_acquire+0x16f2/0x4a00
[  925.040032][T20069]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  925.040050][T20069]  ? find_held_lock+0x35/0x130
[  925.040068][T20069]  ? sysfs_do_create_link_sd.isra.0+0x82/0x140
[  925.050551][T20069]  kernfs_new_node+0x96/0x120
[  925.050569][T20069]  kernfs_create_link+0xd7/0x250
[  925.050588][T20069]  sysfs_do_create_link_sd.isra.0+0x90/0x140
[  925.050605][T20069]  sysfs_create_link+0x65/0xc0
[  925.050625][T20069]  device_add+0x6bf/0x17a0
[  925.059953][T20069]  ? uevent_show+0x370/0x370
[  925.059980][T20069]  rfkill_register+0x1bf/0xb50
[  925.060000][T20069]  hci_register_dev+0x378/0x8f0
[  925.060020][T20069]  hci_uart_tty_ioctl+0x87e/0xc00
[  925.060044][T20069]  tty_ioctl+0xaf9/0x14f0
[  925.069471][T20069]  ? hci_uart_init_work+0x180/0x180
[  925.084761][T20069]  ? do_tty_hangup+0x30/0x30
[  925.084775][T20069]  ? tomoyo_path_number_perm+0x459/0x520
[  925.084793][T20069]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  925.103170][T20069]  ? tomoyo_path_number_perm+0x263/0x520
[  925.103187][T20069]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  925.103206][T20069]  ? __f_unlock_pos+0x19/0x20
[  925.148169][T20069]  ? do_tty_hangup+0x30/0x30
[  925.157927][T20069]  do_vfs_ioctl+0xdb6/0x13e0
[  925.157948][T20069]  ? ioctl_preallocate+0x210/0x210
[  925.157961][T20069]  ? __fget+0x384/0x560
[  925.157982][T20069]  ? ksys_dup3+0x3e0/0x3e0
[  925.210074][T20069]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  925.215638][T20069]  ? tomoyo_file_ioctl+0x23/0x30
[  925.220603][T20069]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  925.226871][T20069]  ? security_file_ioctl+0x8d/0xc0
[  925.226891][T20069]  ksys_ioctl+0xab/0xd0
[  925.226908][T20069]  __x64_sys_ioctl+0x73/0xb0
[  925.226924][T20069]  do_syscall_64+0xfa/0x760
[  925.226945][T20069]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  925.251536][T20069] RIP: 0033:0x45a639
12:53:15 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xa000000, @remote, 0x7}, 0x1c)

[  925.255453][T20069] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  925.281341][T20069] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  925.281357][T20069] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  925.281364][T20069] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  925.281370][T20069] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  925.281377][T20069] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
12:53:15 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYBLOB="62d9e74f611f3e8bfaba640c8ae78a680bf6d7cd5285e623b4aa715de34f54b9495098652b0a336822e502e108064b23bc13801361fc88d750baa26f6c104dff707cce2c4d1c40305e9698fa1e9e6ae2998d7967a2d35ef039f409e4cd9444ef8156f3ee9a6065556181bdea262860eff7152985703ce93b5ca0b4b6bcd11b648ceffc24c488a719dc1afccbfc9cef4c39630d451eb6b84cd196f74b6999520d75744e77176b7319286208b76221b95d86364ae5c039988355cfbe8e364e91ab0e7c74fa564c1dba7ddc"], @ANYRES64=0x0], 0xfffffffffffffc41)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000040)={{0x3, 0x82, 0x98, 0x9, 0x4, 0xfc}, 0x386e})
ioctl$USBDEVFS_RELEASEINTERFACE(r4, 0x80045510, &(0x7f0000000000)=0x1)

12:53:15 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  925.281385][T20069] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:53:15 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$l2tp_PPPOL2TP_SO_DEBUG(0xffffffffffffffff, 0x111, 0x1, 0x7ff, 0x4)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
r3 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$FICLONE(r3, 0x40049409, 0xffffffffffffffff)

12:53:15 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  926.528796][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[  926.534931][ T1531] Bluetooth: hci0: sending frame failed (-49)
[  927.408769][T19240] Bluetooth: hci1: command 0x1003 tx timeout
[  927.415104][ T1531] Bluetooth: hci1: sending frame failed (-49)
[  928.608840][T19240] Bluetooth: hci0: command 0x1001 tx timeout
[  928.614963][ T1531] Bluetooth: hci0: sending frame failed (-49)
[  929.488795][T19240] Bluetooth: hci1: command 0x1001 tx timeout
[  929.494919][ T1531] Bluetooth: hci1: sending frame failed (-49)
[  930.688915][T19240] Bluetooth: hci0: command 0x1009 tx timeout
[  931.568814][T19240] Bluetooth: hci1: command 0x1009 tx timeout
12:53:24 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xfffffffffffffffe)
close(r0)

12:53:24 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:24 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:24 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xe000000, @remote, 0x7}, 0x1c)

12:53:25 executing program 5 (fault-call:2 fault-nth:50):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:53:25 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_misc(r3, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000000)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYBLOB="946f1416ae5e63808470f12684084e0ea4e15e8a5ed31bc220fe88936d1f68ae20a09545298744da1a918421a67ce6a6cd5ebed76f5051b052042f0218ec3e5275f9a15b653cb4b9b11c83368c66b3f1bea4154ea42713a7f63ddf57e555e3688ff3aca43ed24181ce"]], @ANYRES64], 0x43)
r4 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x7)
ioctl$TIOCSSOFTCAR(r4, 0x541a, &(0x7f00000003c0)=0xfffffff8)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r5 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x0, 0x8000)
r6 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r6, 0x84, 0x13, &(0x7f0000000180)={<r7=>0x0, 0x1}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0x11, &(0x7f00000002c0)={r7, 0xb94}, 0x8)
splice(r0, 0x0, r3, 0x0, 0x100000000000a, 0x2)
r8 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r8, 0x84, 0x13, &(0x7f0000000340)={r7, 0x7}, &(0x7f0000000380)=0x8)
r9 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r9, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r9, 0x84, 0x21, &(0x7f0000000480), &(0x7f00000004c0)=0x4)

12:53:25 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:25 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f00000000c0)={0x88, 0x8, 0xf60a, 0x7fff, 0x9, 0x6})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x10000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000100)={0x8, 0x8, 0x0, 0x8}, 0x8)
prctl$PR_GET_TSC(0x19, &(0x7f0000000080))
ioctl$KDADDIO(r2, 0x400455c8, 0x1)
close(r2)

12:53:25 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:25 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x10000000, @remote, 0x7}, 0x1c)

12:53:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='\x00\x00\x00\x00\xe1\xe2\x9et\x00', 0x2080, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x8, 0x109000)
io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0)

12:53:26 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
signalfd(r0, &(0x7f0000000000)={0x9}, 0x8)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:53:26 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x40, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0), 0x13f}}, 0x20)

[  936.039828][T20210] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  936.060497][T20210] FAULT_INJECTION: forcing a failure.
[  936.060497][T20210] name failslab, interval 1, probability 0, space 0, times 0
[  936.112284][T20210] CPU: 0 PID: 20210 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  936.122220][T20234] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[  936.123905][T20210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  936.123911][T20210] Call Trace:
[  936.123939][T20210]  dump_stack+0x197/0x210
[  936.123962][T20210]  should_fail.cold+0xa/0x15
[  936.123986][T20210]  ? fault_create_debugfs_attr+0x180/0x180
[  936.143305][T20210]  ? ___might_sleep+0x163/0x2c0
[  936.143326][T20210]  __should_failslab+0x121/0x190
[  936.143346][T20210]  should_failslab+0x9/0x14
[  936.143358][T20210]  __kmalloc_track_caller+0x2dc/0x760
[  936.143372][T20210]  ? find_held_lock+0x35/0x130
[  936.143387][T20210]  ? __kasan_check_read+0x11/0x20
[  936.143400][T20210]  ? kstrdup_const+0x66/0x80
[  936.143420][T20210]  kstrdup+0x3a/0x70
[  936.151049][T20210]  kstrdup_const+0x66/0x80
[  936.151069][T20210]  __kernfs_new_node+0xb1/0x6c0
[  936.151088][T20210]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  936.151107][T20210]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  936.151119][T20210]  ? irq_work_claim+0x98/0xc0
[  936.151136][T20210]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  936.161835][T20210]  ? irq_work_queue+0x30/0x90
[  936.161851][T20210]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  936.161865][T20210]  ? wake_up_klogd+0x99/0xd0
[  936.161886][T20210]  kernfs_new_node+0x96/0x120
[  936.161904][T20210]  kernfs_create_dir_ns+0x52/0x160
[  936.161923][T20210]  sysfs_create_dir_ns+0x131/0x2a0
[  936.264862][T20210]  ? sysfs_create_mount_point+0xa0/0xa0
[  936.270540][T20210]  kobject_add_internal.cold+0x116/0x662
[  936.276186][T20210]  ? rcu_lockdep_current_cpu_online+0x51/0x130
[  936.282356][T20210]  kobject_add+0x150/0x1c0
[  936.286999][T20210]  ? kset_create_and_add+0x1a0/0x1a0
[  936.292309][T20210]  ? lockdep_init_map+0x1be/0x6d0
[  936.297354][T20210]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  936.303610][T20210]  device_add+0x3b7/0x17a0
[  936.308044][T20210]  ? uevent_show+0x370/0x370
[  936.312661][T20210]  rfkill_register+0x1bf/0xb50
[  936.317444][T20210]  hci_register_dev+0x378/0x8f0
[  936.322591][T20210]  hci_uart_tty_ioctl+0x87e/0xc00
[  936.327713][T20210]  tty_ioctl+0xaf9/0x14f0
[  936.332052][T20210]  ? hci_uart_init_work+0x180/0x180
[  936.337257][T20210]  ? do_tty_hangup+0x30/0x30
[  936.341855][T20210]  ? tomoyo_path_number_perm+0x459/0x520
[  936.347516][T20210]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  936.353793][T20210]  ? tomoyo_path_number_perm+0x263/0x520
[  936.359455][T20210]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  936.365962][T20210]  ? __f_unlock_pos+0x19/0x20
[  936.370673][T20210]  ? do_tty_hangup+0x30/0x30
[  936.375277][T20210]  do_vfs_ioctl+0xdb6/0x13e0
[  936.379878][T20210]  ? ioctl_preallocate+0x210/0x210
[  936.385022][T20210]  ? __fget+0x384/0x560
[  936.389368][T20210]  ? ksys_dup3+0x3e0/0x3e0
[  936.393802][T20210]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  936.400140][T20210]  ? fput_many+0x12c/0x1a0
[  936.404575][T20210]  ? tomoyo_file_ioctl+0x23/0x30
[  936.409608][T20210]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  936.416059][T20210]  ? security_file_ioctl+0x8d/0xc0
[  936.421214][T20210]  ksys_ioctl+0xab/0xd0
[  936.425415][T20210]  __x64_sys_ioctl+0x73/0xb0
[  936.430117][T20210]  do_syscall_64+0xfa/0x760
[  936.434637][T20210]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  936.440537][T20210] RIP: 0033:0x45a639
[  936.444455][T20210] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
12:53:26 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[  936.464076][T20210] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  936.472499][T20210] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  936.480496][T20210] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  936.488568][T20210] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  936.496632][T20210] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  936.504613][T20210] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
[  936.523060][T20210] kobject_add_internal failed for rfkill104 (error: -12 parent: hci0)
12:53:26 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  936.917917][T20236] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[  938.608951][    T5] Bluetooth: hci1: command 0x1003 tx timeout
[  938.615233][T19051] Bluetooth: hci1: sending frame failed (-49)
[  938.618900][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[  938.627675][T19051] Bluetooth: hci0: sending frame failed (-49)
[  939.008942][    T5] Bluetooth: hci2: command 0x1003 tx timeout
[  939.015182][T19051] Bluetooth: hci2: sending frame failed (-49)
[  940.688991][    T5] Bluetooth: hci0: command 0x1001 tx timeout
[  940.695462][T19051] Bluetooth: hci0: sending frame failed (-49)
[  940.708775][    T5] Bluetooth: hci1: command 0x1001 tx timeout
[  940.714896][T19051] Bluetooth: hci1: sending frame failed (-49)
[  941.088839][    T5] Bluetooth: hci2: command 0x1001 tx timeout
[  941.094972][T19051] Bluetooth: hci2: sending frame failed (-49)
[  942.768906][    T5] Bluetooth: hci1: command 0x1009 tx timeout
[  942.775023][    T5] Bluetooth: hci0: command 0x1009 tx timeout
[  943.168805][    T5] Bluetooth: hci2: command 0x1009 tx timeout
12:53:36 executing program 5 (fault-call:2 fault-nth:51):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:53:36 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x11000000, @remote, 0x7}, 0x1c)

12:53:36 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:36 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_misc(r3, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYPTR=&(0x7f0000000000)=ANY=[], @ANYPTR=&(0x7f0000000200)=ANY=[@ANYPTR=&(0x7f0000000040)=ANY=[@ANYRESDEC=r0], @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000080)=ANY=[]], @ANYRES64], 0x37)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r3, 0x0, 0x100000000000a, 0x2)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r4=>r2})
ioctl$sock_inet_SIOCGIFDSTADDR(r4, 0x8917, &(0x7f0000000180)={'bond_slave_1\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x24}}})

12:53:36 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0)

12:53:36 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$VIDIOC_LOG_STATUS(r4, 0x5646, 0x0)
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:53:36 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0)

[  946.798151][T20457] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  946.824521][T20457] FAULT_INJECTION: forcing a failure.
[  946.824521][T20457] name failslab, interval 1, probability 0, space 0, times 0
[  946.867460][T20457] CPU: 1 PID: 20457 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  946.876351][T20457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  946.876359][T20457] Call Trace:
[  946.876385][T20457]  dump_stack+0x197/0x210
[  946.876409][T20457]  should_fail.cold+0xa/0x15
[  946.876432][T20457]  ? fault_create_debugfs_attr+0x180/0x180
[  946.906161][T20457]  ? ___might_sleep+0x163/0x2c0
[  946.906182][T20457]  __should_failslab+0x121/0x190
[  946.906202][T20457]  should_failslab+0x9/0x14
[  946.920531][T20457]  __kmalloc_track_caller+0x2dc/0x760
[  946.925937][T20457]  ? kstrdup_const+0x66/0x80
[  946.930544][T20457]  kstrdup+0x3a/0x70
[  946.934468][T20457]  kstrdup_const+0x66/0x80
[  946.938899][T20457]  __kernfs_new_node+0xb1/0x6c0
[  946.943759][T20457]  ? __lock_acquire+0x16f2/0x4a00
[  946.948898][T20457]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  946.954369][T20457]  ? find_held_lock+0x35/0x130
[  946.959146][T20457]  ? sysfs_do_create_link_sd.isra.0+0x82/0x140
12:53:37 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0)

[  946.965420][T20457]  kernfs_new_node+0x96/0x120
[  946.970201][T20457]  kernfs_create_link+0xd7/0x250
[  946.975152][T20457]  sysfs_do_create_link_sd.isra.0+0x90/0x140
[  946.981151][T20457]  sysfs_create_link+0x65/0xc0
[  946.985926][T20457]  device_add+0x75c/0x17a0
[  946.990376][T20457]  ? uevent_show+0x370/0x370
[  946.994980][T20457]  rfkill_register+0x1bf/0xb50
[  946.999760][T20457]  hci_register_dev+0x378/0x8f0
[  946.999780][T20457]  hci_uart_tty_ioctl+0x87e/0xc00
[  946.999801][T20457]  tty_ioctl+0xaf9/0x14f0
[  946.999814][T20457]  ? hci_uart_init_work+0x180/0x180
[  946.999826][T20457]  ? do_tty_hangup+0x30/0x30
[  946.999839][T20457]  ? tomoyo_path_number_perm+0x459/0x520
[  946.999854][T20457]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  946.999866][T20457]  ? tomoyo_path_number_perm+0x263/0x520
[  946.999883][T20457]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  946.999896][T20457]  ? __f_unlock_pos+0x19/0x20
[  946.999927][T20457]  ? do_tty_hangup+0x30/0x30
[  946.999946][T20457]  do_vfs_ioctl+0xdb6/0x13e0
[  947.062404][T20457]  ? ioctl_preallocate+0x210/0x210
[  947.067523][T20457]  ? __fget+0x384/0x560
[  947.071692][T20457]  ? ksys_dup3+0x3e0/0x3e0
[  947.076118][T20457]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  947.082365][T20457]  ? fput_many+0x12c/0x1a0
[  947.086806][T20457]  ? tomoyo_file_ioctl+0x23/0x30
[  947.092215][T20457]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  947.098566][T20457]  ? security_file_ioctl+0x8d/0xc0
[  947.103699][T20457]  ksys_ioctl+0xab/0xd0
[  947.107876][T20457]  __x64_sys_ioctl+0x73/0xb0
[  947.112508][T20457]  do_syscall_64+0xfa/0x760
[  947.117028][T20457]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  947.122930][T20457] RIP: 0033:0x45a639
[  947.126834][T20457] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  947.146446][T20457] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  947.154874][T20457] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  947.162984][T20457] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  947.171424][T20457] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  947.179422][T20457] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  947.187428][T20457] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:53:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[  947.229559][T15043] Bluetooth: hci0: sending frame failed (-49)
12:53:37 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = fcntl$dupfd(r10, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
r12 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r12, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:53:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$RTC_WKALM_RD(r2, 0x80287010, &(0x7f0000000000))

[  947.450606][T20474] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:53:37 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = fcntl$dupfd(r10, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
r12 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r12, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  948.216444][T20552] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[  949.248814][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[  949.256488][T19051] Bluetooth: hci0: sending frame failed (-49)
[  949.488758][T19240] Bluetooth: hci1: command 0x1003 tx timeout
[  949.494880][T19051] Bluetooth: hci1: sending frame failed (-49)
[  950.288804][    T5] Bluetooth: hci2: command 0x1003 tx timeout
[  950.295044][T19051] Bluetooth: hci2: sending frame failed (-49)
[  951.328868][    T5] Bluetooth: hci0: command 0x1001 tx timeout
[  951.335008][T19051] Bluetooth: hci0: sending frame failed (-49)
[  951.568860][    T5] Bluetooth: hci1: command 0x1001 tx timeout
[  951.574980][T19051] Bluetooth: hci1: sending frame failed (-49)
[  952.368832][    T5] Bluetooth: hci2: command 0x1001 tx timeout
[  952.375039][T19051] Bluetooth: hci2: sending frame failed (-49)
[  953.408872][    T5] Bluetooth: hci0: command 0x1009 tx timeout
[  953.648879][    T5] Bluetooth: hci1: command 0x1009 tx timeout
[  954.448781][    T5] Bluetooth: hci2: command 0x1009 tx timeout
12:53:47 executing program 5 (fault-call:2 fault-nth:52):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:53:47 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:47 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x18020000, @remote, 0x7}, 0x1c)

12:53:47 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0x8000, 0x0)
ioctl$VIDIOC_S_JPEGCOMP(r2, 0x408c563e, &(0x7f0000001640)={0x2, 0x7, 0x2d, "9b4c95cf7c018567e854c988117708b0b23bb5389d7faf68d673bef88570c84551f1c4981dc4239a581b1307e8ca40d68e66c0ad9a467b26f2837482", 0x25, "0757ee239c52c3caf739fefcb6c7d7232910f6e8e61e5b2892873aade664e30a616b4bbb49571e9c7ed5fa2bfe34efb800e0e8b02dc4812eee62a479", 0xa0})
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbf2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e5216c63abbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYPTR64, @ANYRES16, @ANYRES32]], @ANYRES64], 0x43)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = openat(r5, &(0x7f0000001700)='./file0\x00', 0x10000, 0x80)
ioctl$VIDIOC_G_AUDOUT(r6, 0x80345631, &(0x7f0000001740))
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
readv(r3, &(0x7f0000001500)=[{&(0x7f0000000000)=""/213, 0xd5}, {&(0x7f0000000100)=""/61, 0x3d}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000000140)=""/76, 0x4c}, {&(0x7f0000001480)=""/121, 0x79}], 0x5)
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getpeername(r7, &(0x7f0000001580)=@alg, &(0x7f0000001600)=0x80)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x100000000000a, 0x2)
fsetxattr$security_evm(0xffffffffffffffff, &(0x7f00000001c0)='security.evm\x00', &(0x7f00000002c0)=@md5={0x1, "c1d208c20432053942f8e79ac58ec323"}, 0x11, 0x2)

12:53:47 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = fcntl$dupfd(r10, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
r12 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r12, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[  957.663435][T20693] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  957.677324][T20693] FAULT_INJECTION: forcing a failure.
[  957.677324][T20693] name failslab, interval 1, probability 0, space 0, times 0
[  957.697827][T20693] CPU: 0 PID: 20693 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  957.706886][T20693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  957.706894][T20693] Call Trace:
[  957.706919][T20693]  dump_stack+0x197/0x210
[  957.706942][T20693]  should_fail.cold+0xa/0x15
[  957.706962][T20693]  ? fault_create_debugfs_attr+0x180/0x180
[  957.706985][T20693]  ? ___might_sleep+0x163/0x2c0
[  957.707005][T20693]  __should_failslab+0x121/0x190
[  957.707022][T20693]  should_failslab+0x9/0x14
[  957.707100][T20693]  __kmalloc_track_caller+0x2dc/0x760
[  957.757181][T20693]  ? kstrdup_const+0x66/0x80
[  957.761784][T20693]  kstrdup+0x3a/0x70
[  957.765689][T20693]  kstrdup_const+0x66/0x80
[  957.770114][T20693]  __kernfs_new_node+0xb1/0x6c0
[  957.775078][T20693]  ? __lock_acquire+0x16f2/0x4a00
[  957.780119][T20693]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  957.785678][T20693]  ? find_held_lock+0x35/0x130
[  957.790583][T20693]  ? sysfs_do_create_link_sd.isra.0+0x82/0x140
[  957.796776][T20693]  kernfs_new_node+0x96/0x120
[  957.801467][T20693]  kernfs_create_link+0xd7/0x250
[  957.806443][T20693]  sysfs_do_create_link_sd.isra.0+0x90/0x140
[  957.812438][T20693]  sysfs_create_link+0x65/0xc0
[  957.817230][T20693]  device_add+0x75c/0x17a0
[  957.821923][T20693]  ? uevent_show+0x370/0x370
[  957.826798][T20693]  rfkill_register+0x1bf/0xb50
[  957.831598][T20693]  hci_register_dev+0x378/0x8f0
[  957.837339][T20693]  hci_uart_tty_ioctl+0x87e/0xc00
[  957.842898][T20693]  tty_ioctl+0xaf9/0x14f0
[  957.847240][T20693]  ? hci_uart_init_work+0x180/0x180
[  957.852623][T20693]  ? do_tty_hangup+0x30/0x30
[  957.857225][T20693]  ? tomoyo_path_number_perm+0x459/0x520
[  957.862957][T20693]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  957.869290][T20693]  ? tomoyo_path_number_perm+0x263/0x520
[  957.875021][T20693]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  957.880923][T20693]  ? __f_unlock_pos+0x19/0x20
[  957.885649][T20693]  ? do_tty_hangup+0x30/0x30
[  957.890248][T20693]  do_vfs_ioctl+0xdb6/0x13e0
[  957.894878][T20693]  ? ioctl_preallocate+0x210/0x210
[  957.899993][T20693]  ? __fget+0x384/0x560
[  957.904165][T20693]  ? ksys_dup3+0x3e0/0x3e0
[  957.908869][T20693]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  957.915128][T20693]  ? fput_many+0x12c/0x1a0
[  957.919571][T20693]  ? tomoyo_file_ioctl+0x23/0x30
[  957.924714][T20693]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.931159][T20693]  ? security_file_ioctl+0x8d/0xc0
[  957.936318][T20693]  ksys_ioctl+0xab/0xd0
[  957.940487][T20693]  __x64_sys_ioctl+0x73/0xb0
[  957.945127][T20693]  do_syscall_64+0xfa/0x760
[  957.949676][T20693]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  957.955599][T20693] RIP: 0033:0x45a639
[  957.959514][T20693] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  957.980170][T20693] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  957.988591][T20693] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  957.996569][T20693] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  958.004546][T20693] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  958.012525][T20693] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  958.020540][T20693] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:53:48 executing program 4:
r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0)

12:53:48 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$video(&(0x7f0000000180)='/dev/video#\x00', 0x6, 0x0)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000000)={0x9d0000, 0x0, 0x0, [], 0x0})
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

12:53:48 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:48 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup\x00\f#\x9f\xd0\x85\xac\xc4\x9b\x81-\xb3\xd7=C\xea', 0x200002, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x800002, 0x11, r1, 0x0)
io_setup(0x9, &(0x7f00000004c0))

12:53:48 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000080)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES64, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYBLOB="e6369118e6d852ccbb070aefd2b6b6221ec1a281467be6ae6846116f15696c186716bdc01c606db1174542b040bdd4c6913cc1"], 0x6e)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:53:48 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:48 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x20000000, @remote, 0x7}, 0x1c)

[  960.048852][    T5] Bluetooth: hci0: command 0x1003 tx timeout
[  960.055001][T15043] Bluetooth: hci0: sending frame failed (-49)
[  962.128783][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[  962.135407][T15043] Bluetooth: hci0: sending frame failed (-49)
[  964.208923][T18189] Bluetooth: hci0: command 0x1009 tx timeout
12:53:58 executing program 5 (fault-call:2 fault-nth:53):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:53:58 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
sendto(r0, &(0x7f0000000680)="120000001200e7ef3fb657d0d459b501bca1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x3d}, {&(0x7f00000000c0)=""/85, 0x4e4}, {&(0x7f00000024c0)=""/4096, 0x1058}, {&(0x7f0000000400)=""/120, 0x78}, {&(0x7f0000000480)=""/60, 0xc6}, {&(0x7f0000000280)=""/77, 0x2f}, {&(0x7f0000000540)=""/154, 0x1b8}, {&(0x7f0000000000)=""/22, 0x1de}], 0x8, &(0x7f0000000140)=""/191, 0x1f9}}], 0x400000000000257, 0x6, &(0x7f0000003700)={0x77359400})

12:53:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x1d0902, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2, 0x0)
getsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f00000000c0)={@loopback, @loopback}, &(0x7f0000000140)=0x8)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:53:58 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
getsockopt(r0, 0x2, 0xfffff13d, &(0x7f0000000000)=""/158, &(0x7f00000000c0)=0x9e)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:53:58 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:58 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x3f000000, @remote, 0x7}, 0x1c)

12:53:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0xa9859bb98e009f30, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000000c0)={0x3000000})
close(r0)

[  968.581320][T21058] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  968.606684][T21058] FAULT_INJECTION: forcing a failure.
[  968.606684][T21058] name failslab, interval 1, probability 0, space 0, times 0
[  968.646927][T21058] CPU: 1 PID: 21058 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  968.655849][T21058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.666090][T21058] Call Trace:
[  968.666117][T21058]  dump_stack+0x197/0x210
[  968.666141][T21058]  should_fail.cold+0xa/0x15
[  968.666161][T21058]  ? fault_create_debugfs_attr+0x180/0x180
[  968.666180][T21058]  ? ___might_sleep+0x163/0x2c0
[  968.666199][T21058]  __should_failslab+0x121/0x190
[  968.666215][T21058]  should_failslab+0x9/0x14
[  968.666226][T21058]  kmem_cache_alloc+0x2aa/0x710
[  968.666235][T21058]  ? memcpy+0x46/0x50
[  968.666254][T21058]  ? kstrdup+0x5a/0x70
[  968.695857][T21058]  __kernfs_new_node+0xf0/0x6c0
[  968.695876][T21058]  ? __lock_acquire+0x16f2/0x4a00
[  968.695893][T21058]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  968.695912][T21058]  ? find_held_lock+0x35/0x130
[  968.713577][T21058]  ? sysfs_do_create_link_sd.isra.0+0x82/0x140
[  968.713607][T21058]  kernfs_new_node+0x96/0x120
[  968.713629][T21058]  kernfs_create_link+0xd7/0x250
[  968.723857][T21058]  sysfs_do_create_link_sd.isra.0+0x90/0x140
[  968.746065][T21058]  sysfs_create_link+0x65/0xc0
[  968.746082][T21058]  device_add+0x75c/0x17a0
[  968.746102][T21058]  ? uevent_show+0x370/0x370
[  968.746127][T21058]  rfkill_register+0x1bf/0xb50
[  968.746153][T21058]  hci_register_dev+0x378/0x8f0
[  968.773149][T21058]  hci_uart_tty_ioctl+0x87e/0xc00
[  968.773169][T21058]  tty_ioctl+0xaf9/0x14f0
[  968.773185][T21058]  ? hci_uart_init_work+0x180/0x180
[  968.773198][T21058]  ? do_tty_hangup+0x30/0x30
[  968.773217][T21058]  ? tomoyo_path_number_perm+0x459/0x520
[  968.787979][T21058]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  968.787996][T21058]  ? tomoyo_path_number_perm+0x263/0x520
[  968.788014][T21058]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  968.788031][T21058]  ? __f_unlock_pos+0x19/0x20
[  968.808431][T21058]  ? do_tty_hangup+0x30/0x30
[  968.808450][T21058]  do_vfs_ioctl+0xdb6/0x13e0
[  968.808476][T21058]  ? ioctl_preallocate+0x210/0x210
[  968.820748][T21058]  ? __fget+0x384/0x560
[  968.820769][T21058]  ? ksys_dup3+0x3e0/0x3e0
[  968.820783][T21058]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  968.820803][T21058]  ? fput_many+0x12c/0x1a0
[  968.820824][T21058]  ? tomoyo_file_ioctl+0x23/0x30
[  968.820836][T21058]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  968.820850][T21058]  ? security_file_ioctl+0x8d/0xc0
[  968.820867][T21058]  ksys_ioctl+0xab/0xd0
[  968.889998][T21058]  __x64_sys_ioctl+0x73/0xb0
[  968.894859][T21058]  do_syscall_64+0xfa/0x760
[  968.899742][T21058]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  968.905832][T21058] RIP: 0033:0x45a639
[  968.909752][T21058] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  968.930100][T21058] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  968.938549][T21058] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
12:53:59 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x3d, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  968.946625][T21058] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  968.954705][T21058] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  968.962870][T21058] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  968.970946][T21058] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:53:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000840)='/dev/autofs\x00', 0x800, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f0000000880))
r2 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0xff7f)
ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000000))

12:53:59 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[  969.174761][T21243] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:53:59 executing program 4:
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:53:59 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r3 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$evdev(r3, &(0x7f0000000180)=[{{0x0, 0x7530}}], 0x11e8)
r4 = socket$isdn(0x22, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r4, 0x89a1, &(0x7f0000000000)='ip6tnl0\x00')
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

[  969.956999][T21355] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[  971.008842][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[  971.016880][T19051] Bluetooth: hci0: sending frame failed (-49)
[  971.248923][    T5] Bluetooth: hci1: command 0x1003 tx timeout
[  971.256789][T19051] Bluetooth: hci1: sending frame failed (-49)
[  972.048800][    T5] Bluetooth: hci2: command 0x1003 tx timeout
[  972.055148][T19051] Bluetooth: hci2: sending frame failed (-49)
[  973.088813][    T5] Bluetooth: hci0: command 0x1001 tx timeout
[  973.095509][T19051] Bluetooth: hci0: sending frame failed (-49)
[  973.328908][    T5] Bluetooth: hci1: command 0x1001 tx timeout
[  973.335042][T19051] Bluetooth: hci1: sending frame failed (-49)
[  974.128824][    T5] Bluetooth: hci2: command 0x1001 tx timeout
[  974.134948][T19051] Bluetooth: hci2: sending frame failed (-49)
[  975.168770][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[  975.409096][   T22] Bluetooth: hci1: command 0x1009 tx timeout
[  976.208812][   T22] Bluetooth: hci2: command 0x1009 tx timeout
12:54:09 executing program 5 (fault-call:2 fault-nth:54):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:54:09 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x40000000, @remote, 0x7}, 0x1c)

12:54:09 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r1 = socket$inet(0x2, 0x3, 0x1)
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000000)=0x4, 0x4)
sendto$inet(r1, &(0x7f0000004000), 0xffec, 0x0, &(0x7f0000002000), 0x10)

12:54:09 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:09 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r4, 0xc040563d, &(0x7f0000000000)={0x1, 0x0, 0x2, 0x2, {0x3371, 0xcaa, 0x4, 0x4}})

[  979.464330][T21367] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  979.478087][T21367] FAULT_INJECTION: forcing a failure.
[  979.478087][T21367] name failslab, interval 1, probability 0, space 0, times 0
[  979.499913][T21367] CPU: 1 PID: 21367 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  979.508725][T21367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  979.519727][T21367] Call Trace:
[  979.519764][T21367]  dump_stack+0x197/0x210
[  979.519787][T21367]  should_fail.cold+0xa/0x15
[  979.519806][T21367]  ? fault_create_debugfs_attr+0x180/0x180
[  979.519828][T21367]  ? ___might_sleep+0x163/0x2c0
[  979.519847][T21367]  __should_failslab+0x121/0x190
[  979.519864][T21367]  should_failslab+0x9/0x14
[  979.519876][T21367]  kmem_cache_alloc+0x2aa/0x710
[  979.519889][T21367]  ? __mutex_lock+0x45d/0x13c0
[  979.519912][T21367]  __kernfs_new_node+0xf0/0x6c0
[  979.519933][T21367]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  979.545427][T21367]  ? wait_for_completion+0x440/0x440
[  979.545454][T21367]  ? mutex_unlock+0xd/0x10
[  979.545471][T21367]  ? kernfs_activate+0x192/0x1f0
[  979.545493][T21367]  kernfs_new_node+0x96/0x120
[  979.580373][T21367]  __kernfs_create_file+0x51/0x340
[  979.580393][T21367]  sysfs_add_file_mode_ns+0x222/0x560
[  979.580414][T21367]  internal_create_group+0x359/0xc40
[  979.580437][T21367]  ? remove_files.isra.0+0x190/0x190
[  979.580455][T21367]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  979.580467][T21367]  ? kernfs_create_link+0x1cc/0x250
[  979.580487][T21367]  internal_create_groups.part.0+0x90/0x140
[  979.580506][T21367]  sysfs_create_groups+0x2a/0x50
[  979.599655][T21367]  device_add+0x80f/0x17a0
[  979.599677][T21367]  ? uevent_show+0x370/0x370
[  979.599712][T21367]  rfkill_register+0x1bf/0xb50
[  979.599731][T21367]  hci_register_dev+0x378/0x8f0
[  979.599751][T21367]  hci_uart_tty_ioctl+0x87e/0xc00
[  979.599770][T21367]  tty_ioctl+0xaf9/0x14f0
[  979.599787][T21367]  ? hci_uart_init_work+0x180/0x180
[  979.622034][T21367]  ? do_tty_hangup+0x30/0x30
[  979.622050][T21367]  ? tomoyo_path_number_perm+0x459/0x520
[  979.622069][T21367]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  979.622080][T21367]  ? tomoyo_path_number_perm+0x263/0x520
[  979.622096][T21367]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  979.622108][T21367]  ? __f_unlock_pos+0x19/0x20
[  979.622138][T21367]  ? do_tty_hangup+0x30/0x30
[  979.622153][T21367]  do_vfs_ioctl+0xdb6/0x13e0
[  979.622176][T21367]  ? ioctl_preallocate+0x210/0x210
[  979.647147][T21367]  ? __fget+0x384/0x560
[  979.647168][T21367]  ? ksys_dup3+0x3e0/0x3e0
[  979.647187][T21367]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  979.647211][T21367]  ? tomoyo_file_ioctl+0x23/0x30
[  979.681563][T21367]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  979.681583][T21367]  ? security_file_ioctl+0x8d/0xc0
[  979.681600][T21367]  ksys_ioctl+0xab/0xd0
[  979.681616][T21367]  __x64_sys_ioctl+0x73/0xb0
[  979.681634][T21367]  do_syscall_64+0xfa/0x760
[  979.681657][T21367]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  979.681668][T21367] RIP: 0033:0x45a639
[  979.681682][T21367] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  979.681695][T21367] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  979.703990][T21367] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  979.703999][T21367] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  979.704007][T21367] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  979.704016][T21367] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  979.704024][T21367] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:54:09 executing program 4:
r0 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x2761, 0x0)
r3 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
close(r3)

12:54:09 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:10 executing program 4:
pipe(&(0x7f0000000540))
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

12:54:10 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
pwritev(r0, &(0x7f0000001480)=[{&(0x7f00000000c0)="cce191b5a24a7d46da01bcab48b1f83f1467826f4e5120d583222665b28664378f064a2226218ef16bb8e12dd96e828bf4db364a75268ed7ebe0ee84d75cbe07c8c85bd2dd8a3bb34cf4fb4868f8f1daa9b4cba5699849f1e93b00b7eb07d8e81dd98991855a188bef245d2a19732e0b8c913079bc8df157ff2a4a1a70", 0x7d}, {&(0x7f0000000140)="2bca279ab73198c74278ed7943fd725573a5b34e1d639557670d01aee5a7eac82ac74f93d0fb240ba1c7dcc623f605633bc8758334ab8a52e7c6957648c53761e0c5022fe9ffeb7ceee0f42efbc912dbafedc46609dc527ae0578b64717d6c181838516f7b9726d23983b6e1778705ae67b91fe4b4aa21eff92080b9e0888a1032f3c12de9da7ff60e6a23bab94c25f25afda62441360f49e18e47afeb8c40189fdbcff4fddf6178d84bcc764fafa5369a5cef17f62964eca77296b333b461a8427d8e2d1aca51be49a1b0e5f8037953ba95eb415f6fc5223c501cfe64f871bb", 0xe0}, {&(0x7f0000000240)="d52e51afd24ca6f24a397dd6d6b502793a4500bc230a99dd7fe1c50310cce575abfab6abaed6a0790bd0c727a2164f3eceabb2d0992483fe01491d5ec6ddce6b488bf3ab9f2556065fdec2afa9548e3b7c1d434fccc7479196b525a9988c76ee7146bcbaf115a58621f63586c7e56a82c63ac5244b60252b9651c2e7a216af4a346609df068829d537fbb9cd0a5fe23d0197fe01666931c513a5916a2ff4a3ff4bb5c746", 0xa4}, {&(0x7f0000000300)="0f0068b917346568231cd1e99d5cb716633f83adac23f751990a02d8188dd824c81fba238bc93f9bd7665f6a06316af8cab5160d194042230f090046c3b3d52b8efe786cb32a5f1761db2b0adb7f", 0x4e}, {&(0x7f0000000380)="dba1cb8145354b4b8d8bddb69f23f8fb65b05d378522a811f2274e2633f4730ba5d19db565dc00249f5cd3f227dbebc7b7ee6351f7ec0330ead1898e968fc42551678fcef06a71221b58e7651c8d20cc67f93af8087aa873d4e0d5e494da250ef267b6aacc82de1fc0d735cf3ff02471ab0ae4303629bcf0aafe3814ba1c5fc0f6fc2515b2920d0539f8d38c66c34e9e6f93c3175b47cafd6897fc6147148ad8badee581f8d1af750efcbc09a32e45f8e909aaf5a6f86a2734f63f192d188cc457c59f1af8fa67970c1cbc668c3dab445f0895895b10bbb7a3e75553f9e56489399c263ca401900a53fd863d40b420da413c1bbb81f96208c4", 0xf9}, {&(0x7f0000000000)="bdd456e46e86027ce61d21454ab6aa01e9eabccdb227c6bedb43db708dc49b26972e6ba8e6f1f175d660f29c0fd289c6fe7fc0e95b54", 0x36}, {&(0x7f0000000480)="c1cb171bc9c1c09999729ffa6c4f0c93757b304ab52348d73840aa1e55e1e3888655b3818b1d09a26daa1f305f6bf51eaa1f7ea12590a7303acd7047703d8c5fcffc1964c19358d9d9cea352710df5fd1b9e68ea61aae7ea5b966a91be24c72c02d0dbb0ecc86cb1eac250e88df289f429b312895b439c869e1beab67c8e8fd6860c2b93524c88d1eac0dcae0eb342811ce7db6ef1b1302ed39faebb8d4c6700627c2ed2d24008c7b168419521f037a00a5bf01eacc65bdb22bb9b85f26a309b863f92a251ffeca6727a3480d2a74bb024f9adbd8bf9742d0ce4564d279e36e24e403e17345307b8ff4efb5060d4eab52cdce67265dd29ffbcf68b620a7dbab5713858fc79d8ba30f74976ff686eb61672d1d517628d7495c4277017661f796cabd6565b5590a3e0ea311c4cead62619d4d1e33e5f41bc2d9b690fcf8d96f018c6bb11a5ef4cc39ca4467241e525a36860f49b7538b4ba34c5a08592b6c205e1004b883a74ef4176af80e7d2208c15329d25ec339752e5fad1b6294a2285fb049d9c87f35f40d777acac0d516c275b11b4a5cd03c8218c79f55c6be6923fe96b3e0d92daa6056b4c8e9395aae0a3fff90d67b626a65ea7cb1550d7d558384b7f6a08c4881a0e0e7065fb767a6b7463024afc4d8f5e5ba21bec6a643e2ac74d441a4c2ea4fca5278cbad03b1ced4296314ae64d5ad49bdf446444ad03e6ea2ffb70e480cdc8b8d60e63462f27894621bc457c8b5582b7186f51d28ab31b24efb0797a958839984a49eba996f619e306978df1210d05567a8d9db7e44313a9b269f4455ea8da85d9eb99434f01c0036d510a62cae32eb54b425d8da1c6b7b974653477106537f84d54a6649bf1e1c2567a5c30963e5ebcc679b65a9f3db304159b8850a77750a1f452a4f0e788b518a3a5231b3dad83067112441cf47d8ef9872b0dcd0a8e9621fb654799afdcf4873c050aa6f8f3848df0c6e3f92453cea8cf01cae917a3ee120f918d663865c7e22d74327c9220cbb694ac8b4fb1f209fa4ae90f768fa0dbe62c8cdbc91872f16d496a2bf6ba1f552cd4fa2c688bc9685442f8ad78b8209adc6291ada6dacef41d8a3a5760032c942493f9caffcb2292b9e2a8fbd81edd546f5e8aea86525c5a67d414a927372182adc6562d41f6bd9450c554d7cc0856600d0f79dc98084518fd5edf46dbb8c386038495e224a55a7e7bb8df8a625e43bce9e6438cd38d0a356ecfe737098e72f2ac8d127c177c01115b2e0250b38becce019db0abd2a68a13da1dea6c6c8f06b90dcf8fbbb3c0741fa630696035c02df947a31559b65dd9a33261e720a94342435155c006cc2b659ffa693c5192e06ce2c5049f47cacc45e0e3da6d27b61caff5d40ce148b7b05beac3e7cb10ba70f160a32d405898a01e1a640cfe8fdc7958c1686022e947b0aab2dbd98777bdd06124c079638ec1136c6c684e505f649e5e7e42a778e1857b32073f9cf4431be91e3aa294f9f440793697f5bc2ca549677c39f68a4af54ec47c24a8abee60d7cb34c6aa3a8127695de4002b810f3a2526dcf1405274be899cee2f48f8cfc4c6a9807c5c12e7dc124c2ea0a037fe5b16b8e0fbd55838151686a92e241f4861cc92c80a3df579bc120e95e517f2bcf372c09143488f3a688f16b933c643122fcb146a8b92f868d30bb580778cf73bcc2a19efe3458a00a3fb7d15921897955e300e7a3a91a6fc25a1be0d28f574c56ce8d03e28a93fbbfae607804af67f62bece2e6d51ea26b1d12f4065738e680be74e67f3f8d2b5725c4c162f17a18f1acc996b1079bdcda7bc9824a432eee1e32d6fb155ee14865c5cb315e2143b6a183977078d718ed335de19ea431535b3cf71d53bb4d5cf4e2049a6338231e1dfcba334e94363668366130dc1b6ea6d13d7e41af620619ba466e9b332c63842232f87f245c1b854d1ff1a9858900bb9824f30c7f33ea41056dce6a734dee8834932d679f40c4f596043be6773e1100239c96f99ee1576d09322bbb3d0a3e6aa6cca88fbc8219e52c26bd270d52fb792a58aeee78f9b6d0f28da8d786534fb306c829d2b6ed6d8c98816d33105b38361ffce9feda20127c8a32213a1a3d06957f7c579f8d49f40c559ea8ea0701b5b67e1ebce4ed4e77a207ae26491a45f0ba4f7c941a87c613a9be80f29ba25b9617988b0c30fdbae62ce7dd474e8fec39e9c2b32760edc941bf3b4cd2729f8f6c6efa991cf5527fd627e6f1bed8e74d407fd01c489e2c79c57030fa7b9e9c44de73de06ea71d8dababc3896dadc4b87392c3f48a94b57b1be0dafe3328fd209e2f879283942651c40360ccb28496cb60cfa8aec66a19e52ee038094a1d60decbd4a4afee7c3df62d03daa3559283e4988abbf09aa03acdb5bfb151bb8c1997d0ce68b9a6f0afd8b962f0c780f56f5e0477af62695097670bf880f704edd9a706d4332ec798550c69ab31029d2c5ada33d8a2aa619b31b5ac3e1c426035213788e75b14eb373a8917e7cf00c27aa45aa4e19e7a11b7e3b85f7973894ded1a121cec03dfc4f35a975fa6c59b8b0aa6cfb8d1f90ee7e0d28a163f08caa37632f526b91362981a474d053d5aaeaeb42faa42ed4552675ffdc278e8882f414a2df3e8636f09e813f1d5c06f0d756cf4cf19dcef7757ac07132d0668796b4505d168eb6273a622fa460a6a2f67375be63edf35da999fcbfa9cb4c353d796abcc6edae0968378209ca6cebbfd2f5852f050e30fadb370532366815a948740b762543ace059d92d5b5975b2e5064173b6ebee0d012f19741993670910d33f0e1184dff6abefafe933143d50c1b4e5ddeab21b890891e6504418c625bc20b74c1059f3ceb35116b1afb8a462c7dd23ffd1305c41d3353269ce6005c286aaa3ad2324fd41136872968f8467f266fa14e16c6534e0e4c58857cef62306f292edb6fbd0f5a531ad1c7aed482d4b1dfe32ade4419025e7eb1d9db90eee68dca97453c4f254b05aace3120b533e43d98636b94d3ee8cff8c5b384a908f52105b571c9e271a897a5577271bbce3c28fd5e64edf2d049507878ea51c31d7da255ee3355f84df35a624832b6f21219a1641c3f2833a4043e1de97480102644325be0dd7123cb59dcb4d8d211770b0122d1e1df4ed7b1bc8cc92fa28278a31b33b094e9740388e5c0f57a5742b68ebfa73f1dae67478e3aecf136dc069ac1772b64425987a3f8aed8c35390ce24238ba663666610645e938c6a626ab0c55c83f05ddce8dcb16abd59286edfa164bbfb9be19312a2f4291544bc199f17aff605277a666a53bf06e5a22417a201ed2fbccdca02bcc07ca984332f5c53263df8a2f12ce214360ff7ca2eaba929c11161a06ce5cca59bfe1aaca2da424dfe9046e935eb121b159aee60a79026b1f2ca528eff8d5f7e22645f6d25b73645f07ee47f90198a089c412232b4e1be926c0637edc177f0c92e98f2e2122ec76eb8a6ce49a829f71043db02d29a650e8805cf2d824b232337acbe155928c42a53a282b9db67ba78962fabfe4062a3f381d236d949be2a341a97d7f18c337a9f7706fc71dae4e4a8886b2e352c444538b8e5d107ad26fe69d7889ca23999b3fa58d2f48c4924eed761ec45b7fb83d6439fb60a4b0f7906af509fc8af67be8841d2f934cbb50c7f10913427d41fb1345c02c22bdd56d6ec50345515da9ffe440a77e61aa35578ee815edd1a70783784361df2eed25b6ace40d1e5765c49ad53ee02f821172437078979d8b0fb5bb01b4cd8dd82f839402ffff3877acfcf457d188e80e8fd6971827b067a0369f49ec2c3b12338ac2f8d8e5c27ecede1582a9fff4c4b7af4a0ba7afc448e10fda33ccf01d97a1be512132e60a05d82c3d2db501893211ec45e97f094ed2a1e56bd0e70469c1f70ced2d8c61f56990fe55ec8db8e5554efa48b9f9c6d8a02e5cb4bfe8bbd46691916134ef113d0cc0f32633a3dc9b8d91c154a0907cbdafb43f68eee72860bdfde05af1b06be2649adf234c4a388c61859157ec01de0136428be606d28df949977e472f41a2d87e8b262b100f80062ad9392f8cb2935e7e84db4a35341d4d89c19a659b8df5491c32bbdfce299fee6e34f62d2b947a72d935023b5720c338f77b41ca305ca2a3c6df1c64007d9aa5478d3982fa3a69a53b29e6071f36d1f2a6bb0a5bb33844f3b8323879d13fb15f9ff2beb9d5c6fa29237e4a81003c3b9b05dbd1b519687108842a8bd907d8f1d0069b0f51b0d2549764b4be37b62f2021b6d839db3ebf77ec751897b7c6444c6471af3e06efc52cebba7cb42aa30776dfa6b9ccd660390659c2305d7ed6ab5ea75fd3752be4d461167bbcee1ccd848b5cf7806ae506d2c4f689910ad1f5308c6389e99b97d5983acedc247ee54e8c8356afcf1a2d3a8f42887fb55b4f1eafc9fe6911b52c9579ca288b61ddea70639b0e633a530b9f734f0ce849a875e574daaa7dd1852cb38904130e77b2731d32639a4f13e5eebd958a846f632c7d24db3df2cb443792922266b5e544211877463dc6c70563a6f0c03eaff698d2e5eb60dd505450f061e99b4d31c46039bbf215a1918d8d187466bad419808842e5573e1d6b1e164d142691ff0f9494df47dabba57ea8361fa354afd28d0e10b0b38e88b7092f45afd1f36570de8cacb7e1a4f37f5f97fb7236dfd488abba999136d4a3fc3b965503d87d0ffe4f3ad10a914bc7c9f6481d25975ecadf66eea8fa1bd2cf0ebe6ee3c55365102196976efddab9fa9a4d5a96d6c823378ea35fdb796b720672d8a4aa17d4270168e3b6dc691b37da833090fb72e91ca7b6d6e87f88118d4cff29a0248ef49c1b31ffc127b1965c0ed598a85d2c76dd1f6b68aeed9afebe56bfc420e16bd2ef9c97c0c7fa4a3250b1d587894a8b66d335fbe4400b6f3228f74c679f0135ef58841fbd34d2e3071a09ad6711eeb68ceedfe569647f3f07e591040fc684bb4309e12cad4e83c499051a7614e660e17e71c834c6efb1f8e0c57461ed0ce1b81adebe550db6f418d0e9607b5ec439a0620938592811c526892056531f5156b547fdd9feab2a051a91720f3f0116680b1c41ef178379c6aa11693c97cf91586fd56ab261431aaddfb14bf3f0c496a7bf0312dcfc97ae2f26c31e065e0bfd989cc58e5023481f13051c72e9e618927180770d2d5b2a13135a40c69681e203062657bd7dbd3293d69c559518a9f7a90a0995c76012ba91cbf9a7c7e8725f8143f4010f17ee488d2cd3e88a41ac6f933a0ea66231251675234a69e219b03e983f7621df9e5e86461ef6e095c406afa2f30dd462a8900706dc47c97cf4b42a39961a6915f3f3f3e016f35d3a482c5323ab7279d993659b117a01e875430c42581df274a0d77d1a0b10ca6f26023b28f26f88a9da1d6d4ca689da0330c7b0cfafb59b8afe56691d884a80189fc1e7e1ac6aca1b02d1f27f346cea71d08f7b5e18637d31ae41ffab18590e85cc0ebb3f06b0fcc3853c407054cb606e3a03fc1f0a4678b26982bb89436610cbb79e65f60770cf7b9a17fbdde1b149d9c06f247c6d9649fe860c7c96fc1da5a6078f8cca00289d85219ce4abda8df26e24a4d617db6f5d6ea5e8f6a9298ea6b2a16236cdf5580c17399dbb4d24069846effc1a5119aa0e35a7ca15dcf2df3e8143654a40390b2893c996744605ce2f832c95eda6d331e7a9f093a8512fb772a3d8528d5c88650cf889815ca1e17a15b1b3fa0c4c348e7e621571532d965bad519a4aca968ce483c6a99cbcbe267b42f267726adb2a28", 0x1000}], 0x7, 0x8000)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001540)={{{@in6=@dev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@initdev}, 0x0, @in6=@empty}}, &(0x7f0000001e40)=0x1a5)
r2 = syz_open_dev$vcsa(&(0x7f0000001e80)='/dev/vcsa#\x00', 0x4b, 0x20182)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001f80)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0xa0203402}, 0xc, &(0x7f0000001f40)={&(0x7f0000001ec0)=@bridge_getneigh={0x4c, 0x1e, 0x200, 0x70bd2c, 0x25dfdbfe, {0x7, 0x0, 0x0, r1, 0x1, 0x10002}, [@IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x6}, @IFLA_CARRIER_CHANGES={0x8}, @IFLA_PHYS_SWITCH_ID={0xc, 0x24, "ccd0a7ff5797b9"}, @IFLA_NET_NS_FD={0x8, 0x1c, r2}, @IFLA_TXQLEN={0x8, 0xd, 0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000080}, 0x10)
close(r0)

12:54:10 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r2, 0x400c6615, &(0x7f0000000000)={0x0, @adiantum})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_misc(r3, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000480)={0x80, {{0xa, 0x4e23, 0x101, @loopback, 0x40}}, 0x0, 0x3, [{{0xa, 0x4e20, 0x0, @local, 0x20}}, {{0xa, 0x4e23, 0x7fff, @dev={0xfe, 0x80, [], 0x19}, 0x9}}, {{0xa, 0x4e24, 0x9, @loopback, 0x7}}]}, 0x210)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r3, 0x0, 0x100000000000a, 0x2)

12:54:10 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x40020000, @remote, 0x7}, 0x1c)

12:54:10 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:10 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2, 0x62, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0x12)

[  980.680838][T21681] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[  981.466828][T21791] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[  981.524360][T19051] Bluetooth: hci2: sending frame failed (-49)
[  981.888938][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[  981.896351][T19051] Bluetooth: hci0: sending frame failed (-49)
[  982.768817][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[  982.776246][T19051] Bluetooth: hci1: sending frame failed (-49)
[  983.568769][T18189] Bluetooth: hci2: command 0x1003 tx timeout
[  983.576108][T19051] Bluetooth: hci2: sending frame failed (-49)
[  983.968769][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[  983.974885][T19051] Bluetooth: hci0: sending frame failed (-49)
[  984.858883][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[  984.865185][T19051] Bluetooth: hci1: sending frame failed (-49)
[  985.658828][T18189] Bluetooth: hci2: command 0x1001 tx timeout
[  985.664981][T19051] Bluetooth: hci2: sending frame failed (-49)
[  986.048764][T18189] Bluetooth: hci0: command 0x1009 tx timeout
[  986.928813][T18189] Bluetooth: hci1: command 0x1009 tx timeout
[  987.738780][T18189] Bluetooth: hci2: command 0x1009 tx timeout
12:54:20 executing program 5 (fault-call:2 fault-nth:55):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:54:20 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:54:20 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:20 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYPTR64=&(0x7f0000000000)=ANY=[], @ANYRES16, @ANYRES32]], @ANYRES64], 0x43)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:54:20 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x48000000, @remote, 0x7}, 0x1c)

12:54:20 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket(0x5, 0x6, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
socket(0x5, 0xa, 0x40)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000080)={0x6, 'ip6gre0\x00', 0x4}, 0x18)
r5 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:54:20 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[  990.378952][T21808] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[  990.404734][T21808] FAULT_INJECTION: forcing a failure.
[  990.404734][T21808] name failslab, interval 1, probability 0, space 0, times 0
[  990.425009][T21808] CPU: 0 PID: 21808 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[  990.433717][T21808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  990.433725][T21808] Call Trace:
[  990.433753][T21808]  dump_stack+0x197/0x210
[  990.433777][T21808]  should_fail.cold+0xa/0x15
[  990.433795][T21808]  ? fault_create_debugfs_attr+0x180/0x180
[  990.433813][T21808]  ? ___might_sleep+0x163/0x2c0
[  990.433830][T21808]  __should_failslab+0x121/0x190
[  990.433846][T21808]  should_failslab+0x9/0x14
[  990.433863][T21808]  kmem_cache_alloc+0x2aa/0x710
[  990.462056][T21808]  ? __mutex_lock+0x45d/0x13c0
[  990.462081][T21808]  __kernfs_new_node+0xf0/0x6c0
[  990.462100][T21808]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  990.462115][T21808]  ? wait_for_completion+0x440/0x440
[  990.462137][T21808]  ? mutex_unlock+0xd/0x10
[  990.481255][T21808]  ? kernfs_activate+0x192/0x1f0
[  990.481277][T21808]  kernfs_new_node+0x96/0x120
[  990.481295][T21808]  __kernfs_create_file+0x51/0x340
[  990.481313][T21808]  sysfs_add_file_mode_ns+0x222/0x560
[  990.490907][T21808]  internal_create_group+0x359/0xc40
[  990.490931][T21808]  ? remove_files.isra.0+0x190/0x190
[  990.490951][T21808]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.490963][T21808]  ? kernfs_create_link+0x1cc/0x250
[  990.490983][T21808]  internal_create_groups.part.0+0x90/0x140
[  990.501872][T21808]  sysfs_create_groups+0x2a/0x50
[  990.501888][T21808]  device_add+0x80f/0x17a0
[  990.501908][T21808]  ? uevent_show+0x370/0x370
[  990.501936][T21808]  rfkill_register+0x1bf/0xb50
[  990.501960][T21808]  hci_register_dev+0x378/0x8f0
[  990.511307][T21808]  hci_uart_tty_ioctl+0x87e/0xc00
[  990.526440][T21808]  tty_ioctl+0xaf9/0x14f0
[  990.526457][T21808]  ? hci_uart_init_work+0x180/0x180
[  990.526473][T21808]  ? do_tty_hangup+0x30/0x30
[  990.543246][T21808]  ? tomoyo_path_number_perm+0x459/0x520
[  990.543268][T21808]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  990.543280][T21808]  ? tomoyo_path_number_perm+0x263/0x520
[  990.543297][T21808]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  990.559294][T21808]  ? __f_unlock_pos+0x19/0x20
[  990.568280][T21808]  ? do_tty_hangup+0x30/0x30
[  990.568297][T21808]  do_vfs_ioctl+0xdb6/0x13e0
[  990.568316][T21808]  ? ioctl_preallocate+0x210/0x210
[  990.582917][T21808]  ? __fget+0x384/0x560
[  990.582938][T21808]  ? ksys_dup3+0x3e0/0x3e0
[  990.582953][T21808]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  990.582971][T21808]  ? fput_many+0x12c/0x1a0
[  990.602679][T21808]  ? tomoyo_file_ioctl+0x23/0x30
[  990.602695][T21808]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.602711][T21808]  ? security_file_ioctl+0x8d/0xc0
[  990.602729][T21808]  ksys_ioctl+0xab/0xd0
[  990.614583][T21808]  __x64_sys_ioctl+0x73/0xb0
[  990.614604][T21808]  do_syscall_64+0xfa/0x760
[  990.614627][T21808]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  990.634235][T21808] RIP: 0033:0x45a639
[  990.634252][T21808] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  990.634260][T21808] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  990.634273][T21808] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[  990.634286][T21808] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[  990.654153][T21808] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  990.654162][T21808] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[  990.654170][T21808] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:54:22 executing program 3:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1)
close(0xffffffffffffffff)

12:54:22 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:22 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:22 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x4c000000, @remote, 0x7}, 0x1c)

12:54:22 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$VIDIOC_SUBDEV_G_EDID(r0, 0xc0285628, &(0x7f0000000040)={0x0, 0x4, 0xb37, [], &(0x7f0000000000)=0x8})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a27ee7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed78f31371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140eff6edc73312c50296e3c7e68d58f5a2a917458f4ebe9dc8cb1c00000000000000", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r0, 0x0, 0x100000000000a, 0x2)

[  992.858765][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[  992.864894][T12958] Bluetooth: hci0: sending frame failed (-49)
[  994.928820][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[  994.934948][T12958] Bluetooth: hci0: sending frame failed (-49)
[  997.008758][T18149] Bluetooth: hci0: command 0x1009 tx timeout
12:54:31 executing program 5 (fault-call:2 fault-nth:56):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:54:31 executing program 3:
r0 = request_key(&(0x7f0000000040)='user\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='/dev/ptmx\x00', 0xfffffffffffffff9)
r1 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'\x86yz'}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, r1)
r2 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'\x86yz'}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, r2)
r3 = add_key(&(0x7f00000001c0)='cifs.idmap\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, r2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$RTC_SET_TIME(r5, 0x4024700a, &(0x7f0000000300)={0x7, 0xb, 0x4, 0x1f, 0x7, 0x10001, 0x1, 0x72})
keyctl$restrict_keyring(0x1d, r3, &(0x7f00000002c0)='dns_resolver\x00', 0x0)
r6 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, r1)
keyctl$reject(0x13, r0, 0x400, 0xffff, r6)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000000)=0xf)
ioctl$KDADDIO(r7, 0x400455c8, 0x1)
close(r7)

12:54:31 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:31 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:31 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240))
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r3 = socket(0x1e, 0x4, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[@ANYRES16, @ANYBLOB="bf3291eba33ee115944b6e69f5de6072128a2c87e535466dfdb4d9ff527ac219596a0c653e8a2e23f03ba79009a10fff5f06e32320b9959f483742fee67072e55ceeab27166c4b1655eee154e83138d2b207e6e87e7d1bf30778a369bd250d92a531e881a328c91c6981d0589c39df395f590118ebd2c840eb2ee0aeafbf176a4a4168645de71ba638981f9041842703159dd7762a5bc879562bf89a4fc27180adfd4ed6c0edf5e7639f74fd678136e30b26a592c24dc1b87fc3c5f3e22ad7dd925bbd934b649d69", @ANYRESOCT=r3], 0x208)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x8, 0x1, 0x0, 0x7f}, 0x10)
r6 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r6, 0xc0406619, &(0x7f0000000140)={{0x1, 0x0, @reserved="60d196b54e330800474fcb88a61798d629b9d5199aa4bc28f3fc82a58f2c13b0"}})
splice(r0, 0x0, r5, 0x0, 0x100800000000a, 0x5)

12:54:31 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x5c000000, @remote, 0x7}, 0x1c)

[ 1001.178030][T21845] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1001.197687][T21842] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1001.221995][T21845] FAULT_INJECTION: forcing a failure.
[ 1001.221995][T21845] name failslab, interval 1, probability 0, space 0, times 0
[ 1001.265294][T21845] CPU: 1 PID: 21845 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1001.274207][T21845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1001.284386][T21845] Call Trace:
[ 1001.287703][T21845]  dump_stack+0x197/0x210
[ 1001.292066][T21845]  should_fail.cold+0xa/0x15
[ 1001.296679][T21845]  ? fault_create_debugfs_attr+0x180/0x180
[ 1001.302525][T21845]  ? ___might_sleep+0x163/0x2c0
[ 1001.307392][T21845]  __should_failslab+0x121/0x190
[ 1001.312384][T21845]  should_failslab+0x9/0x14
[ 1001.316905][T21845]  kmem_cache_alloc+0x2aa/0x710
[ 1001.321778][T21845]  ? memcpy+0x46/0x50
[ 1001.325781][T21845]  ? kstrdup+0x5a/0x70
[ 1001.329882][T21845]  __kernfs_new_node+0xf0/0x6c0
[ 1001.334757][T21845]  ? __lock_acquire+0x16f2/0x4a00
[ 1001.339816][T21845]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1001.345347][T21845]  ? find_held_lock+0x35/0x130
[ 1001.350170][T21845]  ? sysfs_do_create_link_sd.isra.0+0x82/0x140
[ 1001.356363][T21845]  kernfs_new_node+0x96/0x120
[ 1001.361089][T21845]  kernfs_create_link+0xd7/0x250
[ 1001.366045][T21845]  sysfs_do_create_link_sd.isra.0+0x90/0x140
[ 1001.372041][T21845]  sysfs_create_link+0x65/0xc0
[ 1001.376820][T21845]  device_add+0x75c/0x17a0
[ 1001.381267][T21845]  ? uevent_show+0x370/0x370
[ 1001.385902][T21845]  rfkill_register+0x1bf/0xb50
[ 1001.390711][T21845]  hci_register_dev+0x378/0x8f0
[ 1001.395600][T21845]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1001.400653][T21845]  tty_ioctl+0xaf9/0x14f0
[ 1001.404999][T21845]  ? hci_uart_init_work+0x180/0x180
[ 1001.410214][T21845]  ? do_tty_hangup+0x30/0x30
[ 1001.414828][T21845]  ? tomoyo_path_number_perm+0x459/0x520
[ 1001.420477][T21845]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1001.426732][T21845]  ? tomoyo_path_number_perm+0x263/0x520
[ 1001.432404][T21845]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1001.438221][T21845]  ? __f_unlock_pos+0x19/0x20
[ 1001.442942][T21845]  ? do_tty_hangup+0x30/0x30
[ 1001.447550][T21845]  do_vfs_ioctl+0xdb6/0x13e0
[ 1001.452158][T21845]  ? ioctl_preallocate+0x210/0x210
[ 1001.457278][T21845]  ? __fget+0x384/0x560
[ 1001.461453][T21845]  ? ksys_dup3+0x3e0/0x3e0
[ 1001.465879][T21845]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1001.472153][T21845]  ? fput_many+0x12c/0x1a0
[ 1001.476589][T21845]  ? tomoyo_file_ioctl+0x23/0x30
[ 1001.481543][T21845]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1001.487803][T21845]  ? security_file_ioctl+0x8d/0xc0
[ 1001.492936][T21845]  ksys_ioctl+0xab/0xd0
[ 1001.497107][T21845]  __x64_sys_ioctl+0x73/0xb0
[ 1001.501715][T21845]  do_syscall_64+0xfa/0x760
[ 1001.506235][T21845]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1001.512135][T21845] RIP: 0033:0x45a639
[ 1001.516038][T21845] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1001.535655][T21845] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1001.544091][T21845] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1001.552081][T21845] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1001.560063][T21845] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1001.568042][T21845] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
12:54:31 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:31 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
get_thread_area(&(0x7f0000000000)={0x36cbd80f, 0xec20c02b604edaf1, 0x2000, 0x1, 0x2, 0x1, 0x0, 0x1})
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

[ 1001.576022][T21845] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:54:31 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:31 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:31 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:31 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1003.648901][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1003.648987][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1003.655028][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1003.668847][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1005.728826][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1005.734999][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1005.747494][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1005.753642][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1007.808828][T18149] Bluetooth: hci1: command 0x1009 tx timeout
[ 1007.814943][T18149] Bluetooth: hci0: command 0x1009 tx timeout
12:54:42 executing program 5 (fault-call:2 fault-nth:57):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:54:42 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:42 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x68000000, @remote, 0x7}, 0x1c)

12:54:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:42 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r4 = accept4$packet(r3, 0x0, &(0x7f00000002c0), 0x800)
r5 = inotify_init()
splice(r4, &(0x7f0000001480)=0x8, r5, &(0x7f00000014c0)=0x100, 0x1, 0x6)

12:54:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x12083, 0x0)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req={0xa7f, 0x40, 0x5, 0x4}, 0x10)

12:54:42 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1012.098911][T21879] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1012.118784][T21880] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1012.139522][T21880] FAULT_INJECTION: forcing a failure.
[ 1012.139522][T21880] name failslab, interval 1, probability 0, space 0, times 0
[ 1012.162751][T21880] CPU: 1 PID: 21880 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1012.171487][T21880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1012.181557][T21880] Call Trace:
[ 1012.184871][T21880]  dump_stack+0x197/0x210
[ 1012.189228][T21880]  should_fail.cold+0xa/0x15
[ 1012.193837][T21880]  ? fault_create_debugfs_attr+0x180/0x180
[ 1012.199664][T21880]  ? ___might_sleep+0x163/0x2c0
[ 1012.204538][T21880]  __should_failslab+0x121/0x190
[ 1012.209490][T21880]  should_failslab+0x9/0x14
[ 1012.214004][T21880]  kmem_cache_alloc+0x2aa/0x710
[ 1012.218864][T21880]  ? __mutex_lock+0x45d/0x13c0
[ 1012.223656][T21880]  __kernfs_new_node+0xf0/0x6c0
[ 1012.228527][T21880]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1012.234048][T21880]  ? wait_for_completion+0x440/0x440
[ 1012.239356][T21880]  ? mutex_unlock+0xd/0x10
[ 1012.243787][T21880]  ? kernfs_activate+0x192/0x1f0
[ 1012.249700][T21880]  kernfs_new_node+0x96/0x120
[ 1012.254396][T21880]  __kernfs_create_file+0x51/0x340
[ 1012.259528][T21880]  sysfs_add_file_mode_ns+0x222/0x560
[ 1012.264922][T21880]  internal_create_group+0x359/0xc40
[ 1012.270232][T21880]  ? remove_files.isra.0+0x190/0x190
[ 1012.275532][T21880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1012.281786][T21880]  ? kernfs_create_link+0x1cc/0x250
[ 1012.287008][T21880]  internal_create_groups.part.0+0x90/0x140
[ 1012.292921][T21880]  sysfs_create_groups+0x2a/0x50
[ 1012.297869][T21880]  device_add+0x80f/0x17a0
[ 1012.302301][T21880]  ? uevent_show+0x370/0x370
[ 1012.306916][T21880]  rfkill_register+0x1bf/0xb50
[ 1012.311696][T21880]  hci_register_dev+0x378/0x8f0
[ 1012.316725][T21880]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1012.321784][T21880]  tty_ioctl+0xaf9/0x14f0
[ 1012.326251][T21880]  ? hci_uart_init_work+0x180/0x180
[ 1012.331487][T21880]  ? do_tty_hangup+0x30/0x30
[ 1012.336116][T21880]  ? tomoyo_path_number_perm+0x459/0x520
[ 1012.341775][T21880]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1012.348032][T21880]  ? tomoyo_path_number_perm+0x263/0x520
[ 1012.353691][T21880]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1012.359517][T21880]  ? __f_unlock_pos+0x19/0x20
[ 1012.364226][T21880]  ? do_tty_hangup+0x30/0x30
[ 1012.368827][T21880]  do_vfs_ioctl+0xdb6/0x13e0
[ 1012.373440][T21880]  ? ioctl_preallocate+0x210/0x210
[ 1012.378560][T21880]  ? __fget+0x384/0x560
[ 1012.382736][T21880]  ? ksys_dup3+0x3e0/0x3e0
[ 1012.387164][T21880]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1012.393421][T21880]  ? fput_many+0x12c/0x1a0
[ 1012.397864][T21880]  ? tomoyo_file_ioctl+0x23/0x30
[ 1012.402816][T21880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1012.409079][T21880]  ? security_file_ioctl+0x8d/0xc0
[ 1012.414211][T21880]  ksys_ioctl+0xab/0xd0
[ 1012.418386][T21880]  __x64_sys_ioctl+0x73/0xb0
[ 1012.422991][T21880]  do_syscall_64+0xfa/0x760
[ 1012.427512][T21880]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1012.433411][T21880] RIP: 0033:0x45a639
[ 1012.437344][T21880] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1012.457072][T21880] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1012.465498][T21880] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1012.473484][T21880] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1012.481468][T21880] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1012.489448][T21880] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1012.497432][T21880] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:54:42 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:42 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:42 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000480)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYBLOB="9869114e118c7f43b818a6d729cfe0121012d30ff17b2c908fa523399218b1c667281f3d2b141d16e68ea0acee0623daa41f6cbbb3f866d782ade623ea84b2d79cb96d10970ef525110a3165b173f1f98be160a7062ba4a79fdc5c0be874f92dead391ec2ba41fdfc10f9941817a31f376c9eb8df6b4dd7d941dfa3a94937c44bc4c1408df0c158654de5aa64045781482437aac57", @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0x43)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, &(0x7f0000000000)={0x3, [0x7, 0x80000000, 0x30000000000000]})
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r5, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x8000, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r6, 0xc0305615, &(0x7f00000000c0)={0x0, {0x5, 0xffffffff}})
ioctl$sock_inet6_tcp_SIOCINQ(r5, 0x541b, &(0x7f0000000040))
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:54:42 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x6c000000, @remote, 0x7}, 0x1c)

[ 1014.218766][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1014.224946][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1014.528814][   T12] Bluetooth: hci1: command 0x1003 tx timeout
[ 1014.534964][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1016.288824][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1016.294951][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1016.608922][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[ 1016.615086][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1018.368975][T18189] Bluetooth: hci0: command 0x1009 tx timeout
[ 1018.688839][T18189] Bluetooth: hci1: command 0x1009 tx timeout
12:54:52 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:52 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x8, 0x40)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xc}}, @in6={0xa, 0x4e23, 0xac, @local, 0x3ff}, @in6={0xa, 0x4e22, 0x1ff, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xb925}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e21, 0x6, @ipv4={[], [], @rand_addr=0xfffffffe}, 0x1}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e24, 0xff, @local, 0x4}], 0xa0)
ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, &(0x7f0000000000)={0x0, 0x0, {0x1000, 0x3, 0x3, 0x3ff}})
ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381)

12:54:52 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:52 executing program 5 (fault-call:2 fault-nth:58):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:54:52 executing program 1:
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000000)={0x39, 0x10, 0x13})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x82, 0x40)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000000))
close(r0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$USBDEVFS_CLAIMINTERFACE(r4, 0x8004550f, &(0x7f0000000000)=0x7)
pipe(&(0x7f0000000280)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
write$binfmt_misc(r8, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000480)=ANY=[@ANYPTR64, @ANYRESOCT, @ANYRES64, @ANYPTR, @ANYPTR, @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0x43)
write$binfmt_misc(r6, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000000040)={{0x2f, @loopback, 0x4e21, 0x1, 'nq\x00', 0x14, 0x9, 0x28}, {@loopback, 0x4e24, 0x2000, 0x81, 0x2, 0x5}}, 0x44)
splice(r5, 0x0, r8, 0x0, 0x100000000000a, 0x2)

12:54:52 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x74000000, @remote, 0x7}, 0x1c)

12:54:53 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
memfd_create(&(0x7f0000000080)='\x00', 0x753e5e4871b6d89a)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000040)='eth1:@md5sum.system&eth1\x00', 0x0, r3)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_misc(r4, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
syncfs(r0)
splice(r0, 0x0, r4, 0x0, 0x100000000000a, 0x2)

[ 1022.931017][T21909] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1022.968886][T21916] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1023.003800][T21916] FAULT_INJECTION: forcing a failure.
[ 1023.003800][T21916] name failslab, interval 1, probability 0, space 0, times 0
12:54:53 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1023.058923][T21916] CPU: 1 PID: 21916 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1023.067729][T21916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1023.077797][T21916] Call Trace:
[ 1023.081120][T21916]  dump_stack+0x197/0x210
[ 1023.085475][T21916]  should_fail.cold+0xa/0x15
[ 1023.090086][T21916]  ? fault_create_debugfs_attr+0x180/0x180
[ 1023.090108][T21916]  ? ___might_sleep+0x163/0x2c0
[ 1023.090126][T21916]  __should_failslab+0x121/0x190
[ 1023.090143][T21916]  should_failslab+0x9/0x14
[ 1023.090154][T21916]  kmem_cache_alloc+0x2aa/0x710
[ 1023.090169][T21916]  ? __mutex_lock+0x45d/0x13c0
[ 1023.090192][T21916]  __kernfs_new_node+0xf0/0x6c0
[ 1023.090214][T21916]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1023.090232][T21916]  ? wait_for_completion+0x440/0x440
[ 1023.100886][T21916]  ? mutex_unlock+0xd/0x10
[ 1023.100909][T21916]  ? kernfs_activate+0x192/0x1f0
[ 1023.100928][T21916]  kernfs_new_node+0x96/0x120
[ 1023.100948][T21916]  __kernfs_create_file+0x51/0x340
12:54:53 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1023.100966][T21916]  sysfs_add_file_mode_ns+0x222/0x560
[ 1023.100990][T21916]  internal_create_group+0x359/0xc40
[ 1023.101012][T21916]  ? remove_files.isra.0+0x190/0x190
[ 1023.175004][T21916]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1023.181359][T21916]  ? kernfs_create_link+0x1cc/0x250
[ 1023.186587][T21916]  internal_create_groups.part.0+0x90/0x140
[ 1023.192509][T21916]  sysfs_create_groups+0x2a/0x50
[ 1023.197457][T21916]  device_add+0x80f/0x17a0
[ 1023.197478][T21916]  ? uevent_show+0x370/0x370
[ 1023.197507][T21916]  rfkill_register+0x1bf/0xb50
[ 1023.197527][T21916]  hci_register_dev+0x378/0x8f0
[ 1023.197547][T21916]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1023.221644][T21916]  tty_ioctl+0xaf9/0x14f0
[ 1023.221664][T21916]  ? hci_uart_init_work+0x180/0x180
[ 1023.221678][T21916]  ? do_tty_hangup+0x30/0x30
[ 1023.221693][T21916]  ? tomoyo_path_number_perm+0x459/0x520
[ 1023.221713][T21916]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1023.221731][T21916]  ? tomoyo_path_number_perm+0x263/0x520
[ 1023.253999][T21916]  ? tomoyo_execute_permission+0x4a0/0x4a0
12:54:53 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1023.259835][T21916]  ? __f_unlock_pos+0x19/0x20
[ 1023.264562][T21916]  ? do_tty_hangup+0x30/0x30
[ 1023.271002][T21916]  do_vfs_ioctl+0xdb6/0x13e0
[ 1023.275846][T21916]  ? ioctl_preallocate+0x210/0x210
[ 1023.280974][T21916]  ? __fget+0x384/0x560
[ 1023.285160][T21916]  ? ksys_dup3+0x3e0/0x3e0
[ 1023.289609][T21916]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1023.295872][T21916]  ? fput_many+0x12c/0x1a0
[ 1023.300317][T21916]  ? tomoyo_file_ioctl+0x23/0x30
[ 1023.305273][T21916]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1023.311552][T21916]  ? security_file_ioctl+0x8d/0xc0
[ 1023.316965][T21916]  ksys_ioctl+0xab/0xd0
[ 1023.321152][T21916]  __x64_sys_ioctl+0x73/0xb0
[ 1023.321172][T21916]  do_syscall_64+0xfa/0x760
[ 1023.321193][T21916]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1023.336331][T21916] RIP: 0033:0x45a639
[ 1023.340234][T21916] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
12:54:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:54:53 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1023.340243][T21916] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1023.340258][T21916] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1023.340267][T21916] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1023.340275][T21916] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1023.340284][T21916] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1023.340293][T21916] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:54:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1023.712580][T21937] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1025.018761][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1025.024910][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1025.488849][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1025.495079][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1025.808763][T18189] Bluetooth: hci2: command 0x1003 tx timeout
[ 1025.815498][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1027.088842][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1027.094974][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1027.568862][   T12] Bluetooth: hci1: command 0x1001 tx timeout
[ 1027.574993][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1027.888807][   T12] Bluetooth: hci2: command 0x1001 tx timeout
[ 1027.894932][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1029.168877][   T12] Bluetooth: hci0: command 0x1009 tx timeout
[ 1029.648862][   T12] Bluetooth: hci1: command 0x1009 tx timeout
[ 1029.968794][   T12] Bluetooth: hci2: command 0x1009 tx timeout
12:55:03 executing program 5 (fault-call:2 fault-nth:59):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

[ 1033.777368][T21942] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1033.786607][T21942] FAULT_INJECTION: forcing a failure.
[ 1033.786607][T21942] name failslab, interval 1, probability 0, space 0, times 0
[ 1033.800644][T21942] CPU: 0 PID: 21942 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1033.809340][T21942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1033.819406][T21942] Call Trace:
[ 1033.822713][T21942]  dump_stack+0x197/0x210
[ 1033.827083][T21942]  should_fail.cold+0xa/0x15
[ 1033.831686][T21942]  ? fault_create_debugfs_attr+0x180/0x180
[ 1033.837523][T21942]  ? ___might_sleep+0x163/0x2c0
[ 1033.842409][T21942]  __should_failslab+0x121/0x190
[ 1033.847352][T21942]  should_failslab+0x9/0x14
[ 1033.851865][T21942]  kmem_cache_alloc+0x2aa/0x710
[ 1033.856723][T21942]  ? __mutex_lock+0x45d/0x13c0
[ 1033.861501][T21942]  __kernfs_new_node+0xf0/0x6c0
[ 1033.866365][T21942]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1033.871838][T21942]  ? wait_for_completion+0x440/0x440
[ 1033.877170][T21942]  ? mutex_unlock+0xd/0x10
[ 1033.881592][T21942]  ? kernfs_activate+0x192/0x1f0
[ 1033.886628][T21942]  kernfs_new_node+0x96/0x120
[ 1033.891312][T21942]  __kernfs_create_file+0x51/0x340
[ 1033.896435][T21942]  sysfs_add_file_mode_ns+0x222/0x560
[ 1033.901827][T21942]  internal_create_group+0x359/0xc40
[ 1033.907129][T21942]  ? remove_files.isra.0+0x190/0x190
[ 1033.912429][T21942]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1033.918671][T21942]  ? kernfs_create_link+0x1cc/0x250
[ 1033.923875][T21942]  internal_create_groups.part.0+0x90/0x140
[ 1033.929777][T21942]  sysfs_create_groups+0x2a/0x50
[ 1033.934729][T21942]  device_add+0x80f/0x17a0
[ 1033.939157][T21942]  ? uevent_show+0x370/0x370
[ 1033.943763][T21942]  rfkill_register+0x1bf/0xb50
[ 1033.948545][T21942]  hci_register_dev+0x378/0x8f0
[ 1033.953413][T21942]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1033.958451][T21942]  tty_ioctl+0xaf9/0x14f0
[ 1033.962785][T21942]  ? hci_uart_init_work+0x180/0x180
[ 1033.967987][T21942]  ? do_tty_hangup+0x30/0x30
[ 1033.972579][T21942]  ? tomoyo_path_number_perm+0x459/0x520
[ 1033.978219][T21942]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1033.984461][T21942]  ? tomoyo_path_number_perm+0x263/0x520
[ 1033.990101][T21942]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1033.995910][T21942]  ? __f_unlock_pos+0x19/0x20
[ 1034.000608][T21942]  ? do_tty_hangup+0x30/0x30
[ 1034.005197][T21942]  do_vfs_ioctl+0xdb6/0x13e0
[ 1034.009813][T21942]  ? ioctl_preallocate+0x210/0x210
[ 1034.014924][T21942]  ? __fget+0x384/0x560
[ 1034.020913][T21942]  ? ksys_dup3+0x3e0/0x3e0
[ 1034.025334][T21942]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1034.031577][T21942]  ? fput_many+0x12c/0x1a0
[ 1034.036004][T21942]  ? tomoyo_file_ioctl+0x23/0x30
[ 1034.040942][T21942]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1034.047192][T21942]  ? security_file_ioctl+0x8d/0xc0
[ 1034.052308][T21942]  ksys_ioctl+0xab/0xd0
[ 1034.056472][T21942]  __x64_sys_ioctl+0x73/0xb0
[ 1034.061067][T21942]  do_syscall_64+0xfa/0x760
[ 1034.065575][T21942]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1034.071469][T21942] RIP: 0033:0x45a639
[ 1034.075372][T21942] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1034.097066][T21942] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1034.105481][T21942] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1034.113476][T21942] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1034.121546][T21942] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1034.129517][T21942] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1034.137523][T21942] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:55:04 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r3, 0x400, 0x70bd2c, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}}, 0x4000)
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f00000000c0)="9584b0e1ca66b2bba1a3f4dc85d9fbb6a937141ed320e69b0d5b8929a9b253903618b02c6cab78c01546b5ed8e22f0ab53e0d0a3225c8608d03894f8056d59b80c896a223bcd8e9aefbb0acbe9da77c8d2bdef9ec208588a084160904265402662fa42af515e83f1e714fdfd90ea7e429c7c3529548d", 0x76)
mkdirat(r2, &(0x7f0000000000)='./file0\x00', 0x1e4)

12:55:04 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000810}, 0xc, &(0x7f00000001c0)={&(0x7f0000000040)={0x168, 0x33, 0x400, 0x70bd27, 0x25dfdbff, {0x19}, [@generic="9412764239c06947c7aa5d7f1b7f4e3de5cbdfe0700d5cd756ff595ff53be4355afb83f3046971f6d5fd63ba9eb46d35a6aac38fd574240466f37f167fad95f0e3ea88faf499e9d25b257dc5cff64213848130fb91e29daca8cd4e3feaf230f0cc7111cea6557b4117655a0fe4d3cbd205103bbfbafe7210ec2d879baf2d8295aecc88118b7b4d5bc48ea526e230bf64a9151595d2cc00a3907950b04eb0ba0fe65fb2827cccc228921a22737e4c6764258238f85b78e70d7b0900596cb3f274751fdbd9ec240ebc616d", @nested={0x88, 0x8, [@typed={0x4, 0x80}, @generic="cdbbc3663e0f8190906bc708d7eb7f1963c0956aec95c26ab30fda92995b770d74a8ad2073c568427ab913bb6ad600b07bacf9e7bd38fde511d5b3a71b0521f93f697c9d634fca691858ab9077d891230d5e4a142df45dc92707cc34ca189f4fd0906d22936ed96952dd76191b55c66d60973b765b12412b9910340a2f"]}]}, 0x168}, 0x1, 0x0, 0x0, 0x40}, 0x4045)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:55:04 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:04 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7a000000, @remote, 0x7}, 0x1c)

12:55:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2, 0x0)

12:55:04 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3, 0x0)

[ 1034.480106][T21952] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:55:04 executing program 4:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0)

12:55:04 executing program 4:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x5, 0x0)

[ 1035.275044][T21973] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1036.208864][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1036.216382][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1036.528830][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1036.536227][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1037.328783][T18149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1037.335237][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1038.288824][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1038.295053][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1038.608805][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1038.615972][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1039.408829][T18149] Bluetooth: hci2: command 0x1001 tx timeout
[ 1039.414954][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1040.368821][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1040.688945][T18149] Bluetooth: hci1: command 0x1009 tx timeout
[ 1041.488775][T18149] Bluetooth: hci2: command 0x1009 tx timeout
12:55:14 executing program 5 (fault-call:2 fault-nth:60):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

[ 1044.676861][T21976] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1044.685935][T21976] FAULT_INJECTION: forcing a failure.
[ 1044.685935][T21976] name failslab, interval 1, probability 0, space 0, times 0
[ 1044.707701][T21976] CPU: 0 PID: 21976 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1044.716507][T21976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1044.726569][T21976] Call Trace:
[ 1044.729880][T21976]  dump_stack+0x197/0x210
[ 1044.734229][T21976]  should_fail.cold+0xa/0x15
[ 1044.738827][T21976]  ? fault_create_debugfs_attr+0x180/0x180
[ 1044.744645][T21976]  ? ___might_sleep+0x163/0x2c0
[ 1044.749506][T21976]  __should_failslab+0x121/0x190
[ 1044.754455][T21976]  should_failslab+0x9/0x14
[ 1044.758960][T21976]  kmem_cache_alloc+0x2aa/0x710
[ 1044.763814][T21976]  ? __mutex_lock+0x45d/0x13c0
[ 1044.768593][T21976]  __kernfs_new_node+0xf0/0x6c0
[ 1044.773479][T21976]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1044.778946][T21976]  ? wait_for_completion+0x440/0x440
[ 1044.784252][T21976]  ? mutex_unlock+0xd/0x10
[ 1044.788673][T21976]  ? kernfs_activate+0x192/0x1f0
[ 1044.793622][T21976]  kernfs_new_node+0x96/0x120
[ 1044.798315][T21976]  __kernfs_create_file+0x51/0x340
[ 1044.803433][T21976]  sysfs_add_file_mode_ns+0x222/0x560
[ 1044.808820][T21976]  internal_create_group+0x359/0xc40
[ 1044.814117][T21976]  ? remove_files.isra.0+0x190/0x190
[ 1044.819420][T21976]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1044.825665][T21976]  ? kernfs_create_link+0x1cc/0x250
[ 1044.830877][T21976]  internal_create_groups.part.0+0x90/0x140
[ 1044.836781][T21976]  sysfs_create_groups+0x2a/0x50
[ 1044.841724][T21976]  device_add+0x80f/0x17a0
[ 1044.846155][T21976]  ? uevent_show+0x370/0x370
[ 1044.850770][T21976]  rfkill_register+0x1bf/0xb50
[ 1044.855548][T21976]  hci_register_dev+0x378/0x8f0
[ 1044.860414][T21976]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1044.865448][T21976]  tty_ioctl+0xaf9/0x14f0
[ 1044.869787][T21976]  ? hci_uart_init_work+0x180/0x180
[ 1044.874989][T21976]  ? do_tty_hangup+0x30/0x30
[ 1044.879584][T21976]  ? tomoyo_path_number_perm+0x459/0x520
[ 1044.885230][T21976]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1044.891474][T21976]  ? tomoyo_path_number_perm+0x263/0x520
[ 1044.897112][T21976]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1044.902928][T21976]  ? __f_unlock_pos+0x19/0x20
[ 1044.907638][T21976]  ? do_tty_hangup+0x30/0x30
[ 1044.912242][T21976]  do_vfs_ioctl+0xdb6/0x13e0
[ 1044.916837][T21976]  ? ioctl_preallocate+0x210/0x210
[ 1044.921952][T21976]  ? __fget+0x384/0x560
[ 1044.926119][T21976]  ? ksys_dup3+0x3e0/0x3e0
[ 1044.930539][T21976]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1044.936783][T21976]  ? fput_many+0x12c/0x1a0
[ 1044.941223][T21976]  ? tomoyo_file_ioctl+0x23/0x30
[ 1044.946164][T21976]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1044.952422][T21976]  ? security_file_ioctl+0x8d/0xc0
[ 1044.957540][T21976]  ksys_ioctl+0xab/0xd0
[ 1044.961733][T21976]  __x64_sys_ioctl+0x73/0xb0
[ 1044.966351][T21976]  do_syscall_64+0xfa/0x760
[ 1044.970891][T21976]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1044.976798][T21976] RIP: 0033:0x45a639
[ 1044.980699][T21976] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1045.000306][T21976] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1045.008718][T21976] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1045.016688][T21976] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1045.024667][T21976] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1045.032648][T21976] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1045.040620][T21976] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:55:15 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6, 0x0)

12:55:15 executing program 4:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)

12:55:15 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="4b2dbeab0c388d4dd0e7d2c8f67fbd2e4919c7aeff809018f9a424f2da5d8bb4210d360b87af23ee8e261d6a9facae759839371b182e17f1699dbb8ea2f573c0e79871be9f65e2118140daf6edc73312c502914b403060458f4ebe9dc8cb0c0004000000fe00000000000000000000000000000000130040e91d9086449c182549353adffdadf6ad7635bff257e9eef633c1dceb39f4307137b0efaf542f76c68d831d04bd01000000918cce813c7118a7e46c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
r3 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
pwritev(r3, &(0x7f00000027c0)=[{&(0x7f0000000340)="769cb26d2faa6fe4107ddd1fecc03d642ead5d049f3a3a0c17fbd7f430a5d88b44f7ef94c7d65430d3fff15ebce9bbdf4aaea2da8877d115e5205039982902b280b046ebdf979b3e035ac15a531f0af3107a469c8a96263c269073445df66de374dfc7400660782e76ca9a4f2506ae396170af04875abe05482ec433a42a9904726fe09bfc29bf57eabe536ab419d958d3e42b0ff7ac4f747d53980e292cf13278", 0xa1}, {&(0x7f0000000480)="629834ab69591a43c4e8502d4c8d75f329ee276ef69f988ef51dc5bee9dd25ae12994fe2a244b602f9daab9022e6825068aec1725556664a8dfe21a346711b47b246399fca3fa1852f313271cb803810693dfa064c36639f975181fd2cb25e5b23ac2fdb379481544b6a8776ea933c0f91ccdeedd25b1ef12175643a8af8e5e56beca08d2c042ddbb1bf25ea40e414a71cba9f48b50c32d5e45cbe73cba5f0fbb386de7fc990e7f4e0f6e4607ae0086c3767edf96f03b01807d38aedcdf5b643e651c3b96fca6f90472e15bc9c0483bdd6abb7296912b19731f0020ec189a2bb5c4416e3422a84058179cd8f7354c2850660e6b0d31b38c62a4d607a7208275303593b180f047532b638e893dcfa19fbc10a0acf5e7f67793b219beec974aeee08437bdf55f181ce196f53bd612b1e161b8d5aff504516d509096f19af1357acf2bb03903c1557de42c71cef3654ff966ba37d7bf1f70e7859bdc2fa5947d7db337bfdac62d2ad76c71b96891ea0c5953347f9b5a61e403d8a2f9598a7aa08afc93ecb63830afda880af192631bb1e9cae528bb431e460095c41edcc8d4117bfb597105efabe7fff4594e25c468e7572da222301a288425850c8985bfd2d4d3716a64bfd764c229cd94538b99b2bfa567e215ddab547bf9f351fb959b48b994b932adc8b295b706d81edd04cbc64632a322d59fc0392631c2e832b4d40ba40a21da19fe90a94758be6354170f5b9a5b2e92a9561a98249d229231c5c73a33a1f5b3a398199f9ce8d7fe95afd5e79793548c649c30e1a2525f9b374c52c41c71b40dbe445bda4b0caefe26243fedb224f58413081e4d524800a33fa948d0007612ea04ee6d40c3bd260aaeb0e87cf3b01ca5ae9f44bfb60a3948dd98066434fd82f83299bf95d21391836c0b87e29fb715e8ab021baea548aa7a15260974c02d0e3e7f156f4d369903a8eb3b84cc55180fdb09e5c945d5d1651c7910e0ea4e9981f09fe5b9623dc8dc2d73f83ee393cde04f4931e59943d43113d80c2b2801065431eaf89dfe322705f5b09f93ec832b506327292975b3054ca40619cf2ac6017b110ac238cea86441312e4a62d482677090b9a0eecbaad7d5f70230e66abfc8b03ace3042c181390003ee0b861f76010cb1264a2934a90007e82f71c860034d57a5faa8bed921fa69fc642e81aefc6cd7c268bb760f66ada184f5cd44c252e26a8945a3f865907dbb9f2c7d68ea6fbc96c386fad653c8576f3fc99b58335bd444445393fe5cdca7a12e74a3aac855a6b65898279e10f332a42884f70cbd6d6ed2d621bec3611c89652c39089b596e26e746063e34d024bc34efd890d0024a084fcfb5d012f42d42532e750b0afd43a1ddf19bfa479d66167bd576fe62df7e9051dd0581728573dbdf22b64b17dd01dbfb7cfd3e06e40ed7eb24d28963b5588e84d16916d51175b76e8ac9ca72b671f3b39d5124fabce43d60dac6de1d37b803d1e5509115b0f5686c3972abf3a60027aad6187994bebb848b0ba989444fa42f33ba89d8dfe03b811ed4fcfb480ea2b6702d35bad1e51af4d29cb1383a25a91e46f1b0f954cd681501059c0518df1d818503df603c1cf2b31ffd54f3a79c8c65703a5ba08a634ca05604ef9f72efc6b060b8d09475a0af3c32d86ad767c73a09a4649cf401d91d9220ca5cb4d4bee252f2f5de300c15b92d3c94d581e8abcf8100ec34738ef89d5ac6e3a0b11dc3b266adfe6efa9fc90e568b20c67b7f3ffac69a009b4b8019b10799d7d0fee1029694890cdf113017de2e45f458cfbfd80a101a7a825c7b3d8d1280d6505755c8dd68699eb7325cbaf2eac3d79bbab4c15003e453730a973885c05ae4c305c1b0f5a8432b27362a6995368c3435adc3f4ac645995ceb677c6d5c17a4b9b4d65d77b04826ad3a35e92f5883514febc160e101dc78aff7e898a495c3600d7141cbc9d29aef0a2afc50f954e1c1346826fd8a7ddcc43442231bd45f2c6fdf8eb131dad9916967484d5337344888586b80f863d1e566b519f7da7ab0928a706fc76542411dc0d1013036886cf172697917737915cec3899c6959c9364bc69023e6c5858664497e71ad747500c9a808ef8e47997f6ab01925d576c60af750fc47133c4e6a12f3238396c735c55302ededdbc4e71796aaacba2825ca1335a8efce4192dfef16610a8b72caff9c202596720699fc12d381f6eca2689fd460948e296b7f8732e05804dcaa7fd4f0195d1e335e53041577548aca9cb9e357469427f4d7ad5d097d146c3d5aa86aec0e65cc50f02ce660fd5fb71a8b4c44a54030edf61629801c3ab18afea3b6db7ba26fceef44bd4b06f0eff81b850ba77f1778ecf3a28700052a3d4ccd8d0ed31d0fe70874d2ab74cd143907f546510b492297570cec6a24cad3b9c163374889c8da5d9ef31121f727b138d0674d06b8d97d4b32bb07084b92660bba8d5e3885fa352116cb9daf8bdc8a0a048718e13e7b6017a2ff1e8bb39f8af8b9617fdf698a387efe73c387dde8b05bc363a128a057d2f8cd3b38caea1646f38dac7c83b79edd82000d58fe8bf0fdd9a9427bfc9fac0b5a31a84e42c067f1b9719fe9324d08876dfb451d6a2cf0d3e90cbcde458f4e8e966d0c4487bd4ca645469ecb199cc8b68b2023f1584e5eb0263933f1327992f9736b42ad7d036cf9e8d2dde63a7af0e3baeb98432b2abf6172e233712b13e129ef9f2a0a5418d039a3635bc11e5f0f435ad2c932ec4d459e8728b34afb6bebc2c99cded24a5cbcf4c2743dde75a98f9b7182196ccd6c004282b0aafbdbdd4c28e8cedfbfdbf49117bb63cdb7465b999bb1b359b9918627569b4edda83398b26a15afc7fd77881d46f25252da4f168703b88222f8815c98064011b13bfa90fb14a9edc5d906c9faa9825df399299592ca3b71e4afb2dfb8dad090f60645ba02646ea6e6d3de84ef3a7c4a56b7f1fc6855134abfefe8c12a180adf4615af3d455984b50f816cd43ee4f76ca383130be2507b8449d12b9e53f753ff6ec3962dd170a65a62b6d14765bfbab2acfdf0cf9ab790e671dbaa8fd6edefd57545850fdb8572e45718ca5e0a17654f8cb3461c2c3f4822fe7e0f6a8f24c46dff15a576a5a46b4faa7690f5cb590bc4825cb4e779508f1a8c0bb8aa591bacdd008a231beabf89689943eceaa7b2cd815361d65780bcf6d7139d0ae2e4810fd6e8d95ec5721288a455e0b996b065a368dbeb7c50a899738a827371459c574ee798a3e698391e5bc56f8c1c4c3052c8a349f9c5c26b58b29cffe7d02d7a337ae9aafa520313ddfcf678edfa4445c4945dee2f8c40f0247a3a43965ebb0efa3e036238f66c5d7ff713694ba2884c23d26b5e267e3a76c457f778975e55859aa75a0dcc246bdddb1eb7bd13bb41e44784007bf27a340a5370b4b36041c2453e68fd2ea99d9ddaf5e83835b39c1280905e8ebea7938e964980b702c144bb32f424222ed24394aac3ac5566853b5c10d46a623919b16d2c31c48e4102c5eea5f1933fb5b5d546e0edbbd1c7090e24a342ee89c33a0514ffa4ab22acc56dab4b1a9401f27f74b8816f5c21e168b5da1b88e56b9807386e09cde551d7412efe35378e57b3d65667137135515ccdcf2e395fcb8bc60e4d7534aaa174313cf91c8fb303729e25d712ea5327925bdbdc6244359647a1f055eb9fc49156b00a73229be012710621c73eab05d44237ba1f7c02004c90deb24e7d701602190beba83b8e8d3583a758b6794e1fb21dd17f6059ff07f79bf43762b735194c03666ff2741bb4d77b06c1ac7d9978f9578792e531fdc189bfb41fa605f2ee3fa8281d75c62a8b6fa5a46ee5d8e71afe90386e9682a02961c7a541dd26e52647f52692248f5364d4d925cf4683ddd28c2744124a2aae60a43f3da68470fe71d32cad7198e512931763cf4849e0997189023a772377c2b16921b5399ca1f7c9925a9ff1d245ffdff5e5803d7edd12741c8fc76737f95840fc10b368bed0b8a28bc25d14772949e53ccc15e9293734bd133bb71e26a0cf5d3457d3757c57cee12a3a2f66bdc0e3540c7f21ffb6c8fe2769e63769a124883e49ee5d827270d71e9056b5a9ffbbd350e8e534c44b879ccbdb71a62737d88e56307e7d6c1b21d200bbb105a1addb8c79f1a195463b75953210c5f061b43838b012c6ab93019da114b33dede64ef42b3cc5ecf7aa8c0385e901a8f4cba6c2eafcf7cdcb22a85b9c3e12772897c41c1c47836e94caadbb0103dd0408e1d308d7d7644fcba00450d64e86408886d58f69175dd2e9da435f65e7aa08e0498319757022d60b62d6e0291a288bc47f32556ce6d397f3f8ce4664a41ef9e0db4de31a6a412efe32abaa0fd7025d928d56ddebec7fb2c689af9fbd747353cb6c381b6b376fff061bfe28dce0dfc00025ca72ba635e27d6472efdc62b020ca3e541d949c8c0a487596ebf95e37841286668d75c1696fdc5b4ea85e10d70ec2385d7391b9fdcaff4813a7f323e400dae9f44c78c91c8cfa3547e0575f993178de103f21022c19392ea32da3a2688c0d064844f194b2118e872d1ada37556eaf70c6251f577cda39e4528fc1a88020c949c06344f1f809f26819cf77a4e5ce3f688f0c32414e278a6f681e2d44e064374fb56efbdaf536b10781d9ec9d0a50ed26db7d351f2d612f18fdf354da58fd2265610aea5e416c645f03abefb28ab61fa5b01d37fcdae79d9d11eb36cac9a448b046ba047ee4367fe44b5887d9bfe4770ddb8043e8f2cbc584bf9ad1090a121c464514aae839b3e4850fb979a65e21937249d8d242385136072e825c65886a2fe752a41b83eae40e205378033b27340a95f5fc018592749658384a3286dd0cd009bae211f576bf2991db96e3c4679f72cd53f1324c0e89c4420ab4de6a034c27e4aa2e7471ca1e29249b33001a30dc02971890c8e63397e9b5ae3a9cb33cc0c94f7c836a2de5d0168e9cdc4c7f6faa934cb74948b7f9efd0b41a36ff836006185a3637d3d15b578bfe16c1714e413f7a528338e9fcf75fefe1115bfb27c0e92f42162e20f16decdbc7d92651f4e4e839dcc18faaa9cb2e1e9ee4bd7fc0e9fd3f9be771e1a033b4344868c20b74ab1a3265e0d4278ac3d0f0703958cd604dc86cd466d211b9b6115979caa5e94ba99816a487ec7bbd059a6a01f3125b2c2f0a7986a7a0973f8bb780c2eb94dcae551667e4b5944abfa6dac728db04658361006cdff3d4aac970bedd2142241179cc09c3a38b61a598e57720d9746954f1b067a1df647fa7782e8bfe4721d7279e9add7a8c023ebb007c1293c0009481379e435269149e6222560fe3385e0c4b73c1ff0926b31e3d67e8d5183a26900030704a84878920026544f42518a4719698b4e8d428996749ffea84862f1bba63d9da4e45c29784dd9c1e85e71cfbfb8350967059f5772575adcba7d13e579aded225be220a401671a2b3bd96385e5c62658f2955bea819b32fd7be23ac669606ebe8e269e7c4ecbf1cb174d8725a15e5c7c12aef48519be13f1ae52a476d2f703248cbfd77af623abd1979f96dbdd2c4d5d24ea039a3df9d62271954a2ae226fa6429dc6be9eca032ef626cf027152de2567e80e385037bd9d9546338cbc233d2b8bd85008c83649df4cd9fc3092fe0fa32353e9eba836c1efc964932cc98e4ca008cab4dd201dc295e47a32e74813dfb87b98e958652613f496ec581b728083287091f8b408d513b4271266f3c11a5467cff307d888cb6c10ef09362fdd82eb99d4ecdd8e470dd9141", 0x1000}, {&(0x7f0000001480)="1622bc494a5ece56e63507b0134083b854798aeb0215fbfd678e1435b7de2267e0a940a4e7cb90ad94398de7b829471b07f5ddfd26ba7739bf67beb1e8763ac4a6dd7d4482b6334fd20bee9a67ca165f9ce554db6a0f07d0566728d5f2bf6bd037dcf14651a82a8cf075a1c05eb3808de2b3da3aed301da97ab958fc1266b61bd64a9a70ac07503b782c644c70fe6a6f85", 0x91}, {&(0x7f00000002c0)="bedd4cc750a71f173aeeebffe22a57ee6b3927cd7f533f35f79a6ebff42ee1a3ead9cea819c3f764d975a277eb1a62c91c66", 0x32}, {&(0x7f0000001540)="16add7970aba30debad9740b8d878dd2d0fff94a3640daa4f93fa4f2234458415be6df92b57ebdb5d160c14df71c26c5820439aacdd406806f52186675f68dfccf20e4526a1e3c9b5e35362e8085609fcc582c10117309991930c60bf2a8672f4b6593c20861c4d0e0ac48a890130940955fe136fa7ad263205e694bb4fc00cf3406bd5a30d92c7f4c1b1be966135dc71fe5af83c53be61e551b5d4270ae5f42aec1058f6fd3", 0xa6}, {&(0x7f0000001600)="c913a234c8ce8e578fccfc37160672a8d9332c828c072a16ec5678f4a07c8437b959ffd2a5cc8a431d3064be858f11e41069446dd2d1e00fbb11c58d9262d1da2e7c7b2b11a2c4a2ff10cc9631499d217c3fc7d5dc68e512991ad66ec0cd5a1215c6f3f8d2f4e246499c3903fbe2460c9d30f28c700d914daad84dae6f0c9cd8ccf8627824d0dca6f8daad327888ed96cb92f68b95d6a931a101cff300a19f643a52a411c3c98ed9f97f2cf59892bdd85abdf0bc150bb2000ca19bd6932b32a24bb7d02b7ee9f48087a704e9789ed576272947d80e9c96f7576dd1ca5c78aa91d9fcb818", 0xe4}, {&(0x7f0000001700)="acc5489f96c2ef4e3c96667ab7bcf992cfcff8ef067e905fa9411e733e6e16ed57e379e3b1d6b4fa8b88b1de32e15d071b3f47f643531dfb50a6ffeda4bc4c6fe9c8d4ccb2b84759027c3b0f322178d878de85fa7a1d227565bf7b784c3d283908e4add0305ec93ec3218024a5b80117", 0x70}, {&(0x7f0000001780)="c44d2313fd775b696fe57f57223d0fab808c8a9717f583c1ce43344a204793b99ba3738096333e5c0d3f53c1b4b064e5c639ae5237f3c637318a46a3231bdcef751bf26db6cf3ab66bc533ae9aa1967a77726bebbc022e56b9af0769df3bb09189e625774d974c664a774ae7dbb2f957d8dcb0382471473ddb1484c044da60195d82a72e703537742063fed31f9a30013ba5d1dce7fca93f71aea589b1919117b2bed35d4e8473c5e6ff175bc6ebfcdf09631018a990704c111ba59e6252eaa6814575a794a6d33141f23c22f366fc76417015b63d59baf1b4eaa48c8075a62305a5de3894751e65a1228fe997bd28614a36603c7791c302ec26ab80d6fa0e731da481a8ae08d6c4b4ed744759a6325f95da5396bcd6aa88ecfceda96e0e9387a020080fced14e82937410be8e3e77f87720338565a79c83cae01134d06fc22a73599c802c656f4163432c0a46222ca985a6658f8e330e028c482d18c133bb6ce9373fc5fed1c9214f8ba4eab029d7ea9484c96c83ebc73ff2bb84db35868b470548e84c10f06aa9b6ffe560673cb50d4cd60a94c43bc72effb63aa805c09b00f43b477141224f4e5034773462ab10bd0d4b509035a8416382fc0aca5cd38d97b59d8e42baf44740778f04991ee9faee8ffae44b1dbcd01a094f8fd2194bd4ce419ee9c0481755720a41cb153846bd46bac8942d752adb981c5d1c22b966b51768c9c6c0e6b8af36405b3d98d7ba73f125f4587b3336b9b5f7964b7b6299ee28a2e9f84ee762d6982ca8495c9337e2603a596762124a0c5eb4b5ece8376dc372729543a9eb252314cf08084a3db41d935bd122db434ee594e61c444470a980f0f6a9ba6206ea9d7ee70ba04f56d0df3bf874ce57bb8192976583d6c43144e3738d0805609fc248d57f467c388c9a6b5281b39a203fd6289b33fca2087c432c2a293e43c163fff233f33265d44a9b3b13725f2703736f7808fd589e576f123c9aa433c39e28820e8bdacce4e67c562a667365d5b3b401322355fb5048747e025771362854805530f17e0823ae6c4a4d1074137ad1bdf156c721afca7da7ca5d70048d25e2b1e8f0c19734b9e30eb546bf7a78e16f505605c152e6f99febc161f5379b9bed220768faa833b83fe25f0f2f99b89f36a7a2548a82d134c9d2395ae8051992fbd731afad80449e83a65fcf0ea8d3d2bb3bae27103b7b88df454b283b37dc7ad0e31a129a825a639deba20816cb49407638b173897ad5b50e5eea58805b00849d280903250b75426403a83c5a93c18d6b073b4512b5907a4ca84ec4deab1d34c785ae178cde6006e82ba8edb2d08fcdd2f572017e7c214b27080508244bb12526d43c91c793a1424e8147fcd11f6e9f4689efc101465fa8196c089d2fae5cb2e6a41eabe8223a5cb785298c4f2d7ccbec90488330a7b9b1296e084a424cbb84bcf30c40a7fc99e32c28b8876bbc541e5b8af24c72bea2fe16b69b4cfc5d09bb9b6497977c50567f1788e5b0f0ef1be6b8a9f222714a3705d28bb72d51ce8379e74dfc145ecb4ee76d0f908014b099460726b2c9cc0b9d6758ea5c7737d86f93b873eae4686c7813609ab93d4d2f8f57ae079dd00930ced6c637d9cbaaffc49827d90f4aa032c3314845404a92d9c36396e73467b8dbf75e79d1c71baef0d76b78902b50141abedbb700c6e11fb0cdf877156b43fea923a57691ac99e35b8af1d4bd92f0e88a1c71a2f8e74000991909e0a766d3f64a6966739264ba8ad925ce3e09d1c44047c29834b3d75a1ee3487cf1bccdb9dfe4c443d8fbb153b58d713e2feb827c77620d8dfbc5aa1bbda274bef72b6b143d009af1533f64522c9e7ff246dd997e273ea2887b6ce001c06233bc6f9d96bbec78a09ff3968b3c21271770670edae3a07a6de6711dd9c8a164485436d9a4c4360e96cb8e386d0084a2d67bf8f016746101c580750d301bf1b0b9dfe30e78ac364e6517ff22fbaf74e8cb7c7ab56f98783ce90db825460965639ffa3fc92d99cc71678d0382a02950ac6bbf3ac797e2e8fc7a7a05d8a1d6c481c292a627b73b8b90a39e2002290118fb2a9edc922705c5580dc191199ac2642d9c012a86311c6bbd3f2acf8d50679c011db731eaab8cdf6c8dce6a1ccebf4e4c6790d67a4ee37ad1c20f418378b6053b171002a0d459983feaad6e80e86324455b4433a1ec01f899ae349500cdcf676fc79a9334bd32a8df43e8729a3c35719a3dc67c369f9ac586e7bbf4830910b01c1419608d487edd27d458251d23da6a9df30400af910a8b592c97557a681b155de9054742194cc0cff2c2f346bfd9bcd9c03106ea3c89320300db36105a2c79fa6c55447ba5f5fc8dcd7da0e4d2ec9e90ce84256cd7e1e2b042bc99705398d7e8dc87483cde8c651b58d59d9302b5d9e9f273e5ed9164ee8564d264614fd9ae33147b06900b20a804a30438da3f7631a753d8a579623136932fd3f86be545c229c5c3da3ad0d14e2fef887010d7e3416065b49e65516367d6cb06a031377db025b7e02001cb63fe38ad791007649766d3348f256de3d303bce5613f1b1accbfaf372f01c692d58c140a502c7d41ce688178a842fa07b37d1246b77bd655c70f96687ccf4dfae0e2881e1b6fccdd28f3f99905d62d472763a26aac53d670d868dcdc22f0822b096d99e7275cff9625bd891ce130b357574d5ac145025899ec773ccc060fa06963c8d58c7b4816121a8eacb7dbf2da36926d9d2dc1142c21f413b6013592ff50785b5096b3d97238f5fd203d1261ed00159afbe6e60d0b948757af65ea63fc62f365b306d9df957d418a6713f8897f3c426e0d1ba2263389b45efd23cd8e1511db6e1fa1e8f93f744aa86123058d08d39d42b6bdf30a1039288fac1f9f7c36483a60e251d0df4108fbff72b85d07d83d56f3a2d6ce7c39097d93917110214d73a92b107d767bd9dd7ff95bb161b532e2fe93cb3fd9dd7de5decf8638a992ed86e61f0ae1b0d34a96a31376273ef71d3175b1a4975f9fe883e3640b099ba6ab87df674d4fd92d3b3a951dc3200fc4dd8424a21bce7d2829cefd958524af15ede6ff37904333e03f8d0a86b502483cae3a2eeaaf9180ff5126c236a2c617683a5913b941f652de37068c9207bb01e52409dcd288e7ec2e418e4d52e62585557b3ac1e58cbeda2dcde4516017e16cd5a08595f7658f3ce939c1f63cf6bd57732f7439cf3c8bbc87f91f28452d81493a66f7f48bb0db3a584cd74c3384e96c426c9438b89a8b5b870dc513118120058d0e9a36bfc4b4b6312f1ab62f14edbeee13f8e55a97a60ea8bcaf3a25e6691789847ea93c5be375e1601ea0a8bf1f8c9c8603312e8354b0eab560263e343bd60fe450eebdeb1181e20bc746c9ca574740c28130ae5e1ea7670480e9b6989b2e088a7e8a9c4daf8ff44707fa4554f322d657b31039ad6cfafa6af7377e0d2e66a91da163117d47be0a36069da1ef31d296378f1db608cb004ddd7a1abbcfa89c45af62bcb624ed49284f106f686e2aac84112e7675baaf43ebc4664bd76fc85638add2871ba6d2c033c6b95c8e2c1ef00c3f044d6a83e1d753fc5350a3f3d1af32aac1e1d7fcfd9fe8a8ed33df466314498bdf53442264b5ad9141d46d71974a5a43812e349f8198661b941dc2776c8301f00100eac69d934baf70a51e420c773d2b5566f3763acd4231710e3849b4f82c9b5fecc9de43dcb456abc602ccc5ad946f2346e7eb765ec023ddefd35dd4b70d581fb1d00ebbf0c3ea07c6b981275f207e1974d2842c9be17081137a27a9bd7c7c33aa9a19c32a68d2c60155f6b6a954b85647dc78874a78df48c7bdb6b7c0533004c16ef22d1b08a0da1914c82e29efc8ad41c24e686ae9d0c0de26c56a4f47cc8fc90a05fd1a8563e52d32887eef890835d0924437d86dbac2fcd1fb1edd441fac09175edab3ffc1d1401190755b9f476deefdfb04e12979bf8af3690b3aea8bbd7b23cd4edcd6ef34803b9b4748385367b1db2c0e92f63bdf94bb93f6edc5940466bbf27aaf654b6df434a4e342248785f866790287cd0da5ad9bdb9a80a6b16425a37e33c1c6625ab63cb992ee5e238feb9ca5189b288ca3df4beb38081929a8dbe17346fd6c8636ef71f36262c5a88edf7684c5ed1fdea036daa74016721863730b7893d55790aba7fae43e3241fa2670057e8ea58a86736ec17583522f58ea84ca302871ffd80686fcf88dc7a5a41fc1ac7f740f26d0e7a3e46b106feb71f85ba0e1f6cf6e69ba7776c1f373d9c6562b16b994f2628d5d2a8226aa54463d186e7efe3e314265f14109ff62c8fbe683be875f1de4e9065e733043620b932e6424f7c8fc51bfa3947b5a9c0550ea4c48739f1117772be65e9def6547cc5a66c9dd6c8a6ffa575d87b60383e92f9a981c200c8eb3ad751fa7fb215395ef8128d5f07c48515584215e49a16c8bcc2a68933c21a11d1b6ab49639fd9fcddc793d76d40d015ac62c6a601050e336924b9a57dc7b630bad1900a4f966de776452c7a878a51418109c9083bf79e61e7d41c77f56ea4646d607c89fe3f0aedc6bcea1e7f04e485a43fc364d753a872217c2539fd16f408fe995ddc8d9e4d0b09b1fc456efd0687038fa2d96a0250cca30ed04e5cae0cc7cd73ff07c359e1f7e6ff00d70f145dae4fdc5288fb32139d0ff0d9c84f4e70548b7118b2caff7c1c0b5f8ffa7f1b1b57a2685c31f723b5e6c52d3406f27735f32e5228082ba40c5ec4d1c7a1652799d2c9cdb111491256d54d1d48f375c21a363ddb41a5958b221612e4e47a2347fe641b36e4760b88c96af3436ef17d2eb80297bcf43ac51b2aca67557e8e3b70a707df40b9f35d1d445e8062fe1ef51001c9351020bfe1ca346d1fb27500113cff51271f887f5d99e4a219becd8c00ff2a79ce61e423d1f9b1366c52fa5ec22d51d070d38617fdb9d839d3b8f5d8c849567e383cf9f159961738f3c406b2f8044b63efb70cccd39cd47337643aea3cc7495558f179b63704765223c485078f14373a2d468eb977719dd52c06a167d756fd4806e8438975029a48cff58f7214e251077488f181228a88589655a18c1547126c5a0f66c6704dd4ccd58c3cc9c0f08692ea14fdcf7f87c3439c61373a62d0c0e8f8e2a393b97b8d0c29b0eedfeb55a60d5a542a65b635714ea5c14d10529939ccb2ab9ccba90fbefa242639b140e9be8d1e91e63be06eeb8fc90c2a05b82c822e8a9da693c24361c11426df9bf5bdc7016ebae89c2019f8d756b9443700ea182a388919f83162c3339a2c4c1c93c5744fd20077c8bdf8b26df912dc3e20ec3f33972c1ce9a7d7b6b5f177806319985f02d10ee30b0657d9706dad69847aae3506358fc14c6341844ac863eeb2748e08da6f1209b5add5766e36304c8a76337894aa99c07ce8725f64921615206ccbdca187ca5d1add2d84bbc4f53f7c8908fb4fa0c2657f1f7f95920a92ab00791bce15fbfce8c0d8c10a87cbb5ca9967cdc85406e91cb119618fba429d38364eb07f00c54b7b9ed5dd188cfcf3892e2e5bba317e7316f55532417cae35bbbc2b7de0dc250eed93ff6ef68417683d3c2886dcecef369a11efecbda05190ad8f2d51ff5bfc3baeffb62918bede5d2a455e0ff3f4dca0507e1742300bbc3b23677eff5e23611cff1580faddb687092db94b4bd81bfcc64b3ce3d8b329c3779107aed7f41e74411f79f6fc264718ef9685832b619412f1ced4c53ac4e932d2bd8ab17a0f6c15bdff1ed647e39e0985efefb1af07c73c4335ebaf5f0", 0x1000}, {&(0x7f0000002780)="09f1eb7d803f96820a1ce36b0bc331d87eed", 0x12}], 0x9, 0x1)
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmsg$TIPC_NL_MON_PEER_GET(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x100}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x10)

12:55:15 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x80040200, @remote, 0x7}, 0x1c)

12:55:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0)='team\x00')
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @loopback, @multicast2}, &(0x7f0000000140)=0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000040)={0x11, 0x0, r6}, 0x14)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r7, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r10=>0x0})
bind$packet(r9, &(0x7f0000000040)={0x11, 0x0, r10}, 0x14)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r11, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r12 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r12, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r12, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r13 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r13, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000440)=0xe8)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r17=>0x0})
bind$packet(r16, &(0x7f0000000040)={0x11, 0x0, r17}, 0x14)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r15, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r18, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={<r19=>0x0, @remote, @empty}, &(0x7f0000000500)=0xc)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000580)=0x14)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r23=>0x0})
bind$packet(r22, &(0x7f0000000040)={0x11, 0x0, r23}, 0x14)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r24=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r21, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r24, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000a80)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a40)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6c040000", @ANYRES16=r2, @ANYBLOB="00012abd7000fbdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="cc0002003c00010024d70100757365725f6c696e6b757000000000000000000000000000000000070000000008000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000000000008000600", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="240202003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r18, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r19, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000080000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000010000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000001000040062726f616463617374000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004006624000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400af0c000008000600", @ANYRES32=r20, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040001000000080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400a300000008000100", @ANYRES32=r24, @ANYBLOB="5001020064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000340004000700ff7faf000000030000cede0e000092000400170000000080b0fc00080000200000894669b64a030001020400000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040078ffffff38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004009800000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000600000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000100004006c6f616462616c616e636500"], 0x46c}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
close(r0)

12:55:16 executing program 4:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)

12:55:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x7, 0x0)

[ 1046.049052][T21988] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:55:16 executing program 4:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)

12:55:16 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x8, 0x0)

12:55:16 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1047.020243][T22006] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1047.088895][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[ 1047.095008][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1048.128817][   T12] Bluetooth: hci1: command 0x1003 tx timeout
[ 1048.135096][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1049.088976][   T12] Bluetooth: hci2: command 0x1003 tx timeout
[ 1049.096475][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1049.168877][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1049.175266][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1050.208883][   T12] Bluetooth: hci1: command 0x1001 tx timeout
[ 1050.215106][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1051.168917][   T12] Bluetooth: hci2: command 0x1001 tx timeout
[ 1051.175303][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1051.248860][   T12] Bluetooth: hci0: command 0x1009 tx timeout
[ 1052.288848][   T12] Bluetooth: hci1: command 0x1009 tx timeout
[ 1053.248800][   T12] Bluetooth: hci2: command 0x1009 tx timeout
12:55:25 executing program 5 (fault-call:2 fault-nth:61):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:55:25 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xa, 0x0)

12:55:25 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:25 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r3 = getpid()
sched_setscheduler(r3, 0x5, &(0x7f0000000380))
r4 = syz_open_dev$admmidi(0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0)
chown(&(0x7f0000000140)='./file0\x00', r5, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000000)={0x8, 0x80000001, r3, 0x0, r5, 0x0, 0x7fc0, 0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:55:25 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x84000000, @remote, 0x7}, 0x1c)

[ 1055.568165][T22010] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1055.582991][T22010] FAULT_INJECTION: forcing a failure.
[ 1055.582991][T22010] name failslab, interval 1, probability 0, space 0, times 0
[ 1055.599640][T22010] CPU: 1 PID: 22010 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1055.608356][T22010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1055.618435][T22010] Call Trace:
[ 1055.621761][T22010]  dump_stack+0x197/0x210
[ 1055.626126][T22010]  should_fail.cold+0xa/0x15
[ 1055.630756][T22010]  ? fault_create_debugfs_attr+0x180/0x180
[ 1055.636602][T22010]  ? ___might_sleep+0x163/0x2c0
[ 1055.641487][T22010]  __should_failslab+0x121/0x190
[ 1055.646444][T22010]  should_failslab+0x9/0x14
[ 1055.650958][T22010]  kmem_cache_alloc+0x2aa/0x710
[ 1055.655819][T22010]  ? __kasan_check_write+0x14/0x20
[ 1055.660954][T22010]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 1055.666531][T22010]  __kernfs_new_node+0xf0/0x6c0
[ 1055.671416][T22010]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1055.676898][T22010]  ? mutex_unlock+0xd/0x10
[ 1055.681354][T22010]  ? kernfs_activate+0x192/0x1f0
[ 1055.686312][T22010]  ? kernfs_add_one+0x131/0x4d0
[ 1055.691178][T22010]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1055.697435][T22010]  kernfs_new_node+0x96/0x120
[ 1055.702134][T22010]  kernfs_create_dir_ns+0x52/0x160
[ 1055.707284][T22010]  internal_create_group+0x7f4/0xc40
[ 1055.712597][T22010]  ? remove_files.isra.0+0x190/0x190
[ 1055.717915][T22010]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1055.724161][T22010]  ? kernfs_create_link+0x1cc/0x250
[ 1055.729377][T22010]  sysfs_create_group+0x20/0x30
[ 1055.734322][T22010]  dpm_sysfs_add+0x87/0x2a0
[ 1055.738831][T22010]  device_add+0x9df/0x17a0
[ 1055.743257][T22010]  ? uevent_show+0x370/0x370
[ 1055.747871][T22010]  rfkill_register+0x1bf/0xb50
[ 1055.752654][T22010]  hci_register_dev+0x378/0x8f0
[ 1055.757520][T22010]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1055.762568][T22010]  tty_ioctl+0xaf9/0x14f0
[ 1055.767062][T22010]  ? hci_uart_init_work+0x180/0x180
[ 1055.772374][T22010]  ? do_tty_hangup+0x30/0x30
[ 1055.776977][T22010]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1055.782473][T22010]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1055.787956][T22010]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1055.793250][T22010]  ? retint_kernel+0x2b/0x2b
[ 1055.797853][T22010]  ? trace_hardirqs_on_caller+0x6a/0x240
[ 1055.803499][T22010]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1055.808976][T22010]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1055.814614][T22010]  ? retint_kernel+0x2b/0x2b
[ 1055.819212][T22010]  ? do_tty_hangup+0x30/0x30
[ 1055.823814][T22010]  ? do_tty_hangup+0x30/0x30
[ 1055.828413][T22010]  do_vfs_ioctl+0xdb6/0x13e0
[ 1055.833015][T22010]  ? ioctl_preallocate+0x210/0x210
[ 1055.838133][T22010]  ? __fget+0x384/0x560
[ 1055.842309][T22010]  ? ksys_dup3+0x3e0/0x3e0
[ 1055.846732][T22010]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1055.852980][T22010]  ? fput_many+0x12c/0x1a0
[ 1055.857416][T22010]  ? tomoyo_file_ioctl+0x23/0x30
[ 1055.862364][T22010]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1055.868614][T22010]  ? security_file_ioctl+0x8d/0xc0
[ 1055.873738][T22010]  ksys_ioctl+0xab/0xd0
[ 1055.877904][T22010]  __x64_sys_ioctl+0x73/0xb0
[ 1055.882511][T22010]  do_syscall_64+0xfa/0x760
[ 1055.887027][T22010]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1055.892925][T22010] RIP: 0033:0x45a639
[ 1055.896830][T22010] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1055.916443][T22010] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1055.924873][T22010] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1055.932856][T22010] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1055.940833][T22010] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1055.948814][T22010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1055.956789][T22010] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:55:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xe, 0x0)

12:55:27 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:27 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
write$binfmt_misc(r3, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="53593b628d23f55deb7d77c94f5adf1c97db1e142e8f69ffed36274d19056c539eaf36c6ef8ab9688ddcbbb7197f081c94ebf318287a055ce8c58d0b9e6d789a13", @ANYPTR64=&(0x7f0000000000)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRESOCT=r2, @ANYRESDEC], @ANYRES16, @ANYRESOCT=r4, @ANYRES32=r1, @ANYRES32], @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000480)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYBLOB="ca24d1047f539a53f0928277a2383cddf35bf811aa010cf58097aef91def78b0d91ebcd7ef9e59d9959dbc0d8dd3dd2d88b01918", @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0x34)
ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead)
r5 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r6, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r7 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, 0x0, 0x0)
r8 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
write$binfmt_misc(r8, &(0x7f00000001c0)=ANY=[@ANYRES64=r0, @ANYRESHEX=0x0, @ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="20b05865fa5d6d3f89fa46edff1307166330b6bf71ee8cc81321edbbe42eeecb8bf0b95835bd5271c088212650dd337a89f9bb13767e3b1d262de6d6b63b1d008fc639540e937d2a56fda7a38bc807ac7d6edd77e566f1af3f9213553084f4333dfcec84f2b9cf4ce99bb31f2271966a7ad7c985a6c8dc5e0d96f38b3d6538ab51a337861691a55a148f4f7bd755f2fed804869bee51593c7f1a4678c9dcdd8571aa4a6d6717234bfba959c469d10cea1ef00d63a7b1b479f4d027c4816939cd322dc3e577c017aad4f7ce3937cfd2ec2c31677a6ec4f09370e518837ee42342103eac73"]], 0x22)
splice(r0, 0x0, r3, 0x0, 0x100000000000a, 0x2)

12:55:27 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x8dffffff, @remote, 0x7}, 0x1c)

12:55:27 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000100)={&(0x7f00000000c0)=[0x1, 0x6, 0xffff], 0x3, 0x7, 0xc7, 0xfffffffa, 0xfffffffc, 0x6, {0x0, 0x41d, 0x3ff, 0x200, 0x0, 0x530, 0x200, 0x182f, 0x8, 0x3, 0x1, 0x4, 0x7, 0x1000000, "d257f098b689dc091241d8c94ad4477474c7d6ea63e4dfc2ec4d21058d82a860"}})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$BLKRESETZONE(r3, 0x40101283, &(0x7f0000000180)={0x101, 0x100000000000})

12:55:27 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRES16, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT=r0, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000001480)=ANY=[]], @ANYRES64], 0x31)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000180), 0x4)
r3 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=<r4=>0x0], &(0x7f000095dffc)=0x8)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2b817b816a861496, @my=0x0}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r4}, 0x0)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x100, 0x0)
ioctl$VFIO_IOMMU_GET_INFO(r5, 0x3b70, &(0x7f0000000100)={0x10})
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
write$binfmt_aout(r6, &(0x7f0000001480)={{0x10b, 0x40, 0x6, 0xbb, 0x2db, 0x8, 0x19a, 0x10000}, "d9e2f41b3f65169b88dcbc87a0b3b02f54057999672e3fe232eaeaa3929e94dac04b8e9d6b8f83fe97996f1fab455e0c495eda831298b258bfdf4df584053c1dda8f8c9038a54bed369d1e25ce6a55dcf1008fe20ee228f25fc77e0e230eb7064bdcd9667516a52a0da9da0c39ed99074bbb6c2986655a1f869a6913325dac1e02fdc1cd29fcbf127e5512c9b50239f9e48f002fbf4654961044f685681b9c7d6ca0e89276c9d821e02ed55fe5adbbd02f26c782362c", [[]]}, 0x1d6)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f00000007c0)={r4, 0x3}, &(0x7f0000000800)=0x8)
fsetxattr(r2, &(0x7f0000000140)=@known='trusted.overlay.impure\x00', &(0x7f00000001c0)='.#/em1system\x00', 0xd, 0x1)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r4, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000000)=r4, 0x4)
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000480)="e44edee14f5eac56bd7d1353015c75eda14f632ad00b87bc13d4029b8df840d2ba5cd8fb96cf6c7f8a924128ab3826fd21325dc272f0c1fc79f34aefd4eafa4846adf50470bb8455ec4fa54c29e32545e117555686730ea4d4b7634be2779e89c6ef24d7b34344ba6cf6dbf4460c383294a95b3f900ed3254b7e9acaf1030e44e4c06241be31feff243d11a2d41c289fe0937b6123064e53e20c25d41a620bd058103d965327b015bb956d2065a70ad1c0962c269a74244c3339d58ba536cebc9014f0d82a5c784e8d2a8ecd4496fd3e298e8e9fe957699a7c70ea211a0a4f5f979813cf987fb51a0ce49b64dfee928d97073b1d7fcc9e12da955e0ac4b5a419d34a1568af0a609a5becf5a0977626cff7c590d80309bbec71c73a4b7b72119afbb0d9fd493f0dd23908b79276d703650c2e3a68f60a4d05a08c662ee7481d27b04a7aa06fd5b119ffe19af7056e654d737c2f88282246cc552d2c6fca884e845bcf57840a60dc705e34977981c6c556fe13ad00d2ac70dee92bc74260f2c224f351d3b834fe60f890dbed501ae2950e3a788db724cef93d62dbe83e6e6a5fdd79d803e36c3d7877c93570f991ddc860d4cf18f3ef23c9602414340437f389a955af63345300eeba38bf639fcaa2da9b6415daae7c3eefb37d9f505afee74ebb324764b135558484477cc5cad20e879a8db7f4abb328433be003c77415b9173e5338df911aa476a330b3c512465eebf081c363a99c792f319fda4090f38709a9469afdcdb5f764b3fd1cc84741fb09c093189f52ae235dc9aa28a6116c0b75bf72990117967fbb671de4a7c6a5703e9332b61c72540c07b74160d1362aec76499b525e7fe7d479034a68812dcc3f76f0d3befa288f921df04460d02472c2997fb2d70f44cf3f2bfa702a54737a86efe456511346a9f6fad9ecdbcbc23a142adbbc2f7dfe72a923e58c0727122293af41f5cf2e89577be14d2e2c8052702f668e50f8a7cb3734dd355700087b116f251e53b0eef34327253a39d38955a2d9e6be5bc75799e07b3e13f18e41247727862f4fada888b783a966916c50df2ddedee0abca4d48d2633dfed04d242c1b208bd8d57f5f7a063ef1aadd053f6a49151a7b05719b8d0514c7bc5b2da88426f0c63237d539e7251f92e124e73de351905aa158a7e837d2633d6aad458d86fffe980dc7adb781e4349195fd7bee6c7b4a8a11de481ecb7db4a762a3370069ad51bb6e0e2c2b6188a2c1ebca85b4fca0ddd972a0adbc44679c6456f8fcf346fc7627a5aded40064e1d44cc87d7593bbb98ada02ed0f1831b5a0ffabb87d3d0309f629e58ecb7a520b9767813b977f29b71180b114c5338ea34eb4082c5a60219358665a2fef87a77a812c7611f42696dd494196f276923f2a31fb6152723a43737e72137e97e7c67d9b8a0eedacdb08ed6040007529115c630fa729b0165e1bcf63fb3b0c3be3c6b9bc4621205525b1fa5cae18739b3b27af4f92a6941a4090c23b07f91e01f18ccf4c8455cac88a76b75acf8799c876e3ca9a4d95de9b20ff1d92ae7584d529b5f159e1d6d74b9a340173deb45a63fd2265bd8c249c28e35ca673a0bd442f1bb44ace6463de4c7f3f1b6fa02080cf9e159ed56be0793ccf5f8a99d6d8b3f006a67c5660e7f9f0d60527135993faf05d6850a8461b02e9effacf92ce0574a43468f2212515a8dbdfdbca7e8fef1b66b9e7a9abdc1e195e744311161ebca0b75e3ca07242fa152ea18c4b2b4393cb242c8b9a3a283f2b592bdef5db8ea6a836d1219ec7c0c91e0e95eb96213a350b4e7f1258bbf45a816ecef443e18facf35dce890a87d289f1c54d51122858fab578ef67049d11c621b8063cb45c41d92762df6d9a02e32fdf39647e2f3e20b47e87aff930a08bad49ed0ffcff2a5fba522253ef1e60f3646aec8e0eed0bad6b2a59525ff9d136f6b91a1d5c3ccf0136aa52145101705b5c7882cd74be5e2407c70d0f7cf0c694274e668eee3b7e931d842f31e00ebce7aa644761e85534af6147377d2cda52f13530c260d5fea7efd47f730e90a16a081dd9f9a1949370b0b297516c1fa3785b5895af76b4e7815f72a1c18f3413b858846959187210b830299874fdd7f2f5e1d2c9499e68eec5861277cb891e5fe6f2a5a4bf14e569dfde6bb5c06886d29e6389364b11afe1c016b8f085a08ab9c04d3ff200888605c492946236ec61c7ce8ffee451e6d0b9888288da4d2069e8310323ba485ee385f5e3344fb991f9af95744592198ce7fca1419f4c664e2d94baaf694a14e5ed6d4f3ac4e3738eb6eec58aa37ab9085d62d836a9970e201c1c4ff2675beedc07b8ead784c1e579c3909416ef66c9239fbfb6474209b889cec9852c5eefc8dd4648fb063ce5fb130c7a5c42c63595467f8b03ba244670fd7e76cc39d880daf67249cd6c4a487c95744e2d9e9446bd565818442e04d1a305a6de07dc299514de821497b1e0324fd71e097fa8c1b128b8a31bf780e4199f1b7a2e63dddbc39f4eb58c48698102c533d9b6a602058f84b9d48827e5531fea296ab7f7a41c551626ec1e61bf222fba7d5a2685de568e6643a99c2481434bc0639ce41ac8952d85ee320bfd1c4dad06c8ca9410702e7ce62744bf04ac8b6b10eb30c1606e825437f5131936d65cedcb78a6d9891520d8191929ceecec2e22a1fc993ec14f8c68c81a2a85cbc2ec22867534a92e06242f521b8053fab3fef7a15313c673b3f618db4752cdd07ab5c9b9b1ba6f4522663befb5dc7098b5685f39ea316d7db0adb2c394238b286ed48da8d0e74fbdc2f2f29e2733415b04169c5ccd96e4998a1727042204a64c4bf501d120067d723f1a8024030a00a7b5461f643fe5caf12a1d0923110dd7cb68d82b96bbf5dd2f991eae34654d6d7c1cd8f41155e543beb3dc0f31294d5538ea7ca47c09dcd3035049bbcbcb1e7d7de460f3aeee91127f0a37bf96e86451dc4e19b849985692c5ed81eecbfedd07921f8419261518a196b624ed91cb81249d60525bc3a7cdcf34f994dd65d7d6e33fffd6e29e46326716b90731509f2eee61715e551f13c457beb023ee5f98c3a30844ad2942e05d65bc41c07c7e359176373f03b8899af2b94ac9560fa5c343f41f7fc71c17d746751ebe6c8b11cd231bab6d98dbddf0d8f6f8113b66bb2106fbb1d1f5e2adb4ed2742251ed1cea5e01e18dfd5fc16106e3b0b88f0e05a93e1bafd8e55ad8b9fe98b99c11ee36d6a5c0516d49b313270aa421db76fa25fa29c1181ffaf59190532c2170829f994a6bf0ac9b665458985a412e2530a9965994181734dbc2fba12d7e4af2cf55e8a5ddfa62f6e16a0dabcf810bb30cb606839f45be2c067b8d3c3c6ba70a1a1113d717b25611312495d0fcbbeb3ac45b9977653a919e0704c853e5fb573415eab0441f64892621f816fe87cb8457d376d750a3b437fa4cd1ec8bbf7df1053edb9dc91a4c0bf55f1a3f21d847de5dacea693b2e4a612c29a1493ca6c6317cd1d8df4c8dc7ada7c6d8294bea0df9a4f8675a44b9c0ff7d9903ad8772f9a467489f380d5a6c2ceadf47c57d26e0b3d764470fd5ef9dac217c7775f29e6d1fef191cc37ad61c235a3480f6f460f3ebe000cfea939daf4ba7f33d51b63de2802cb6a2346732dc470567d482a0054f08509fab820c7e80a1ed052b213207a3d9cf98a0ecb6a3f8ddd684f9d4fb0905a13c9bd1961945e875b658d8ad0b087e93ad849ee717611bfc4caebfe74c990e6539f4fe5867aeef7424a1723af32538a729fab86d2e4cb9c938684fc4652015315bcfd1a6622bf742cf355be7ff0faebb27d2cde55d96c0781996d16b71f4ecdbc9232a9a8a99936d0437f27c90abf1b240ac8607214e77216652e6dbc6189915cacaa7355dbac1c6ab16efbd8c725c7889170e714c329fd81463eaf5e9cceee5a6a62e99c4478bf176bc7476ca5382a5cfde2b2a69ec53109c5d0510241e321ab44f1479f7ba18131fccf5fd6a5cb1ded1a9b2ecbcc558652435b11c5f46ac6493e2225545d7edf9676491b0d0737971593dbc95e00e600e9e4dc78d2715b75b68dd9d4a2ad252d0c2315db3d394c3a2b22ad2a83bda9656bf6a6b00b8af2a5a09a8aa9811d8793bf64140503b78ba7ee8d88d48c3585a8bda79f90b9534535dd7d29011024663eda4fb64f0f2e36a0800b1b877845d8eed243a4207b7801b62c8ded95184a354ed7f94230da7dd9bf6f6db3702b23df0a59f29ccc2794c972b779b45fd6d5cdf16296b1a39c1c170cd2ab57bec55c143e7e8a42ced4458f6b34c00ee5e14016a9a24e64f75b567bdf4238143f8b31153805091fc954e1132e052b9486759b34e803a3ea742b6eb4fafeb8c2f6006bf68bfdaf8f641e8775555d63903f6a57cc4d6fe28e2388f58ea14ac331a30b0b203d7d8ae290ed7b12651d6a04d91857eba828b15c2b92c9535a77585a0182046f5ad0543275113c77fa3a282146546ea263e4afcbc223d9a2f5610acdc11cbed207fa2cbc4e0558b810b1e935a9ac744f94790069a2c12390e22f678be47b4fa233a719ed05ffaf784a7a4d247d2bd6dd24545fde74e103514c8e766c6f1b2a09fa19c3e7c70a7b543d4ebf4339eb0a1b114461264bfe8b1f4c0262f0973492625187e782f7f5ad6f3cb9dfc5cdd174c04131c448b2cfcf3141e851ae54cf4d5798330f651c169a14287184e1ccd92467f58b8420e8c413fc4728cd8c16ab6d1d4b5d2201a6d5b5000197a92c28c1ac78613d5c9b583b344f0de6de5ab50294454d939e81ecc047e3d91badbccdf773ba37a944c25f4625956f52f01cbb67ed98e57df9125e7d85fafe9f689fe97d2395a157afa4092adc5a5514c546ed02b9e504b73fb191b68eafec339330122e9b8e687e3337b9453cffcda49da293ba8285397955794c241c994760093c3e91a07cae66ccf51a4f4bd9936d1767a83ac54c492afb1fda0fe3a8f1d7091ffd7ca2cdb96e3dc8eb7e961342bac793df6f60a2c8c8d401df9f43b0fcc93b7400bbaad13ca14e3692263c4dff37d5574e13aa539294d5f4b42ad1755dcfc5f6c6af049c3f8185403f89f049838624f50cf0b82eb1f81840587d9d86b3b0dd1d62ec795e7fe20ec5adb2ecb1e2bcff67e174e5eaf6eb702b7f9dbaaf73ddf5c44bf5193de79bf895ed333c2736113fdd480f1cbbcf30c90e173069439a8af7868256acc59c89686d3dcd2270f9a7626ea05573bf8350d713c290a021b7c8b504b134df0744e735634a97453ffabf75463b1d4ec90bf360d4153457920d37a966cafb963aadeac5711c05777710afca0abe4300fb5cf299420656b74603cb8e6dcc06dd2920e8f6cd33b3b2e90a0c94da3cac5eaac7d61a7bce4426a6d52bf0713053aef52bd92286c3032025e054551fef505dee88568e4436319e76b83c5c427314e0deb7f2735ad5b78c1e03c42c2501f0b90ea5f3794c4aaaee2d9842d95ed0170bc963231e544ed39ce99926b16451f54ecae6676506cb4b22297bb282bd396645372cbb2432fb4ecefc87d58c5a93895cb160f6f104ac87575498baf2fcb66c7712374361a1d22b3ca06c68171e21ef63f812be9b1f32f2dd341892d39b204cddd4ecefec2f4f06dfbe1886136a07458a2c9ae3792223928b1e4b987c334dbec7766250c5b01a4ad9c6f50d4464cea8848bb8a70d23ee92006616794fb387e1d8a2530ca6a26ce2a10c5ad9127b7075fbd1d060aa9873c2539f1cad4ca6f8c82ac7190b1dd3c10b43f45b62de942bc2d8d87e81426", 0x1000)

[ 1057.543548][T22133] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:55:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x10, 0x0)

[ 1058.058944][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1058.065088][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1058.333100][T22245] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1059.648885][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1059.655027][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1060.128844][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1060.135045][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1060.368780][T18149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1060.375004][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1061.728825][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1061.734942][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1062.218920][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1062.448841][T18149] Bluetooth: hci2: command 0x1001 tx timeout
[ 1062.454983][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1063.808893][T18149] Bluetooth: hci1: command 0x1009 tx timeout
[ 1064.528792][T18149] Bluetooth: hci2: command 0x1009 tx timeout
12:55:36 executing program 5 (fault-call:2 fault-nth:62):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:55:36 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:36 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)
ioctl$VFIO_CHECK_EXTENSION(r1, 0x3b65, 0x7)

12:55:36 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x48, 0x0)

12:55:36 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x91ffffff, @remote, 0x7}, 0x1c)

[ 1066.507420][T22259] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1066.524828][T22259] FAULT_INJECTION: forcing a failure.
[ 1066.524828][T22259] name failslab, interval 1, probability 0, space 0, times 0
[ 1066.555103][T22259] CPU: 1 PID: 22259 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1066.563834][T22259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1066.573915][T22259] Call Trace:
[ 1066.577239][T22259]  dump_stack+0x197/0x210
[ 1066.581599][T22259]  should_fail.cold+0xa/0x15
[ 1066.586218][T22259]  ? fault_create_debugfs_attr+0x180/0x180
[ 1066.592047][T22259]  ? ___might_sleep+0x163/0x2c0
[ 1066.596924][T22259]  __should_failslab+0x121/0x190
[ 1066.601880][T22259]  should_failslab+0x9/0x14
[ 1066.606394][T22259]  kmem_cache_alloc+0x2aa/0x710
[ 1066.611268][T22259]  ? __mutex_lock+0x45d/0x13c0
[ 1066.616063][T22259]  __kernfs_new_node+0xf0/0x6c0
[ 1066.620945][T22259]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1066.626416][T22259]  ? wait_for_completion+0x440/0x440
[ 1066.626441][T22259]  ? mutex_unlock+0xd/0x10
[ 1066.626461][T22259]  ? kernfs_activate+0x192/0x1f0
[ 1066.641098][T22259]  kernfs_new_node+0x96/0x120
[ 1066.645815][T22259]  __kernfs_create_file+0x51/0x340
[ 1066.645836][T22259]  sysfs_add_file_mode_ns+0x222/0x560
[ 1066.645857][T22259]  sysfs_merge_group+0x1a0/0x340
[ 1066.661267][T22259]  ? sysfs_init_fs_context+0x370/0x370
[ 1066.666744][T22259]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1066.672996][T22259]  ? kernfs_create_link+0x1cc/0x250
[ 1066.678227][T22259]  dpm_sysfs_add+0x257/0x2a0
[ 1066.682844][T22259]  device_add+0x9df/0x17a0
[ 1066.687284][T22259]  ? uevent_show+0x370/0x370
[ 1066.691914][T22259]  rfkill_register+0x1bf/0xb50
[ 1066.696687][T22259]  hci_register_dev+0x378/0x8f0
[ 1066.696709][T22259]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1066.696727][T22259]  tty_ioctl+0xaf9/0x14f0
[ 1066.710947][T22259]  ? hci_uart_init_work+0x180/0x180
[ 1066.716155][T22259]  ? do_tty_hangup+0x30/0x30
[ 1066.716172][T22259]  ? tomoyo_path_number_perm+0x459/0x520
[ 1066.716188][T22259]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1066.716205][T22259]  ? tomoyo_path_number_perm+0x263/0x520
[ 1066.738308][T22259]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1066.744134][T22259]  ? __f_unlock_pos+0x19/0x20
[ 1066.748855][T22259]  ? do_tty_hangup+0x30/0x30
[ 1066.753467][T22259]  do_vfs_ioctl+0xdb6/0x13e0
[ 1066.758079][T22259]  ? ioctl_preallocate+0x210/0x210
[ 1066.763216][T22259]  ? __fget+0x384/0x560
[ 1066.767402][T22259]  ? ksys_dup3+0x3e0/0x3e0
[ 1066.767418][T22259]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1066.767431][T22259]  ? fput_many+0x12c/0x1a0
[ 1066.767451][T22259]  ? tomoyo_file_ioctl+0x23/0x30
[ 1066.787454][T22259]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1066.793722][T22259]  ? security_file_ioctl+0x8d/0xc0
[ 1066.798853][T22259]  ksys_ioctl+0xab/0xd0
[ 1066.803028][T22259]  __x64_sys_ioctl+0x73/0xb0
12:55:36 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:36 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:36 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:36 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1066.807627][T22259]  do_syscall_64+0xfa/0x760
[ 1066.812141][T22259]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1066.818038][T22259] RIP: 0033:0x45a639
[ 1066.821952][T22259] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1066.841568][T22259] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1066.841582][T22259] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1066.841590][T22259] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1066.841598][T22259] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1066.841605][T22259] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1066.841613][T22259] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:55:39 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:39 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4c, 0x0)

12:55:39 executing program 1:
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r3}, 0x14)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
recvfrom(r0, &(0x7f0000000000)=""/210, 0xd2, 0x10000, &(0x7f0000000100)=@can={0x1d, r4}, 0x80)
write$binfmt_misc(r0, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x100000000000a, 0x2)

[ 1068.929283][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1068.935442][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1071.008813][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1071.014938][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1073.088775][T18189] Bluetooth: hci0: command 0x1009 tx timeout
12:55:47 executing program 5 (fault-call:2 fault-nth:63):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:55:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0x2, 0x0)
r2 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
pipe2(&(0x7f0000000340), 0x4c000)
ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000300)={r2, 0x0, 0x5, 0x80000001})
r3 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x88000, 0x0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000100)=@int=0xe2, 0x4)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
ioctl$sock_inet_SIOCGIFDSTADDR(r4, 0x8917, &(0x7f0000000140)={'bridge0\x00', {0x2, 0x4e24, @broadcast}})
accept4$alg(r4, 0x0, 0x0, 0x800)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r5 = socket(0x1e, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
r8 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dlm-monitor\x00', 0x800, 0x0)
ioctl$TIOCSLCKTRMIOS(r8, 0x5457, &(0x7f00000002c0))
ioctl$TCGETX(r7, 0x5432, &(0x7f0000000180))
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
r9 = socket(0x1e, 0x0, 0x0)
r10 = accept4$tipc(0xffffffffffffffff, 0x0, &(0x7f00000001c0), 0x40800)
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0xffff, 0x81, 0x7, 0x6}]}, 0x10)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, 0x0, 0x0)
ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0)
close(r0)

12:55:47 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:47 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff809018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312c502914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000000)={{{@in=@broadcast, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@empty}, 0x0, @in=@multicast1}}, &(0x7f0000000100)=0xe8)
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000140)={@ipv4={[], [], @multicast2}, r3}, 0x14)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:55:47 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xe02e0000, @remote, 0x7}, 0x1c)

12:55:47 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x50, 0x0)

[ 1077.333279][T22383] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1077.362828][T22390] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1077.380301][T22390] FAULT_INJECTION: forcing a failure.
[ 1077.380301][T22390] name failslab, interval 1, probability 0, space 0, times 0
[ 1077.414120][T22390] CPU: 1 PID: 22390 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1077.422857][T22390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1077.432926][T22390] Call Trace:
[ 1077.436239][T22390]  dump_stack+0x197/0x210
[ 1077.440601][T22390]  should_fail.cold+0xa/0x15
[ 1077.445308][T22390]  ? fault_create_debugfs_attr+0x180/0x180
[ 1077.451140][T22390]  ? ___might_sleep+0x163/0x2c0
[ 1077.456005][T22390]  __should_failslab+0x121/0x190
[ 1077.456031][T22390]  should_failslab+0x9/0x14
[ 1077.456044][T22390]  kmem_cache_alloc+0x2aa/0x710
[ 1077.456071][T22390]  __kernfs_new_node+0xf0/0x6c0
[ 1077.465510][T22390]  ? kernfs_find_and_get_ns+0x5a/0x70
[ 1077.465530][T22390]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1077.465543][T22390]  ? kernfs_find_and_get_ns+0x5a/0x70
[ 1077.465563][T22390]  ? __mutex_lock+0x45d/0x13c0
[ 1077.465580][T22390]  ? lock_downgrade+0x920/0x920
[ 1077.465599][T22390]  ? mutex_trylock+0x2d0/0x2d0
[ 1077.505826][T22390]  ? kernfs_activate+0x192/0x1f0
[ 1077.510785][T22390]  kernfs_new_node+0x96/0x120
[ 1077.515486][T22390]  __kernfs_create_file+0x51/0x340
[ 1077.520612][T22390]  sysfs_add_file_mode_ns+0x222/0x560
[ 1077.526000][T22390]  sysfs_merge_group+0x1a0/0x340
[ 1077.530960][T22390]  ? sysfs_init_fs_context+0x370/0x370
[ 1077.536430][T22390]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1077.542685][T22390]  ? kernfs_create_link+0x1cc/0x250
[ 1077.547907][T22390]  dpm_sysfs_add+0x257/0x2a0
[ 1077.552508][T22390]  device_add+0x9df/0x17a0
[ 1077.556944][T22390]  ? uevent_show+0x370/0x370
[ 1077.561554][T22390]  rfkill_register+0x1bf/0xb50
[ 1077.566330][T22390]  hci_register_dev+0x378/0x8f0
[ 1077.571209][T22390]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1077.576258][T22390]  tty_ioctl+0xaf9/0x14f0
[ 1077.580598][T22390]  ? hci_uart_init_work+0x180/0x180
[ 1077.585800][T22390]  ? do_tty_hangup+0x30/0x30
[ 1077.590408][T22390]  ? tomoyo_path_number_perm+0x459/0x520
[ 1077.596058][T22390]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1077.602308][T22390]  ? tomoyo_path_number_perm+0x263/0x520
[ 1077.607952][T22390]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1077.613767][T22390]  ? __f_unlock_pos+0x19/0x20
[ 1077.618481][T22390]  ? do_tty_hangup+0x30/0x30
[ 1077.623091][T22390]  do_vfs_ioctl+0xdb6/0x13e0
[ 1077.627699][T22390]  ? ioctl_preallocate+0x210/0x210
[ 1077.632817][T22390]  ? __fget+0x384/0x560
[ 1077.636991][T22390]  ? ksys_dup3+0x3e0/0x3e0
[ 1077.641414][T22390]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1077.647662][T22390]  ? fput_many+0x12c/0x1a0
[ 1077.652096][T22390]  ? tomoyo_file_ioctl+0x23/0x30
[ 1077.657039][T22390]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1077.663344][T22390]  ? security_file_ioctl+0x8d/0xc0
[ 1077.668469][T22390]  ksys_ioctl+0xab/0xd0
[ 1077.672638][T22390]  __x64_sys_ioctl+0x73/0xb0
[ 1077.677243][T22390]  do_syscall_64+0xfa/0x760
[ 1077.681762][T22390]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1077.687660][T22390] RIP: 0033:0x45a639
[ 1077.691564][T22390] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1077.711176][T22390] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1077.719593][T22390] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
12:55:47 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1077.727572][T22390] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1077.735550][T22390] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1077.743530][T22390] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1077.751506][T22390] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:55:47 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x68, 0x0)

12:55:47 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:48 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6c, 0x0)

12:55:48 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT=r2, @ANYRESDEC=r3, @ANYPTR=&(0x7f0000000200)=ANY=[], @ANYRES64], 0x43)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

[ 1078.102811][T22500] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
12:55:48 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xe8030000, @remote, 0x7}, 0x1c)

[ 1079.408832][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1079.416322][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1079.809096][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1079.815242][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1080.208862][T18149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1080.215129][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1081.489037][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1081.495164][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1081.888758][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1081.894886][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1082.288915][T18149] Bluetooth: hci2: command 0x1001 tx timeout
[ 1082.295083][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1083.568970][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1083.968791][T18149] Bluetooth: hci1: command 0x1009 tx timeout
[ 1084.368744][T18149] Bluetooth: hci2: command 0x1009 tx timeout
12:55:58 executing program 5 (fault-call:2 fault-nth:64):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

[ 1088.180120][T22517] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1088.189893][T22517] FAULT_INJECTION: forcing a failure.
[ 1088.189893][T22517] name failslab, interval 1, probability 0, space 0, times 0
[ 1088.203678][T22517] CPU: 0 PID: 22517 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1088.212588][T22517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1088.222775][T22517] Call Trace:
[ 1088.226087][T22517]  dump_stack+0x197/0x210
[ 1088.230450][T22517]  should_fail.cold+0xa/0x15
[ 1088.235060][T22517]  ? fault_create_debugfs_attr+0x180/0x180
[ 1088.240880][T22517]  ? ___might_sleep+0x163/0x2c0
[ 1088.245742][T22517]  __should_failslab+0x121/0x190
[ 1088.250774][T22517]  should_failslab+0x9/0x14
[ 1088.255279][T22517]  kmem_cache_alloc+0x2aa/0x710
[ 1088.260133][T22517]  ? __mutex_lock+0x45d/0x13c0
[ 1088.264913][T22517]  __kernfs_new_node+0xf0/0x6c0
[ 1088.269773][T22517]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1088.275621][T22517]  ? wait_for_completion+0x440/0x440
[ 1088.281024][T22517]  ? mutex_unlock+0xd/0x10
[ 1088.285715][T22517]  ? kernfs_activate+0x192/0x1f0
[ 1088.291141][T22517]  kernfs_new_node+0x96/0x120
[ 1088.295829][T22517]  __kernfs_create_file+0x51/0x340
[ 1088.301560][T22517]  sysfs_add_file_mode_ns+0x222/0x560
[ 1088.307033][T22517]  sysfs_merge_group+0x1a0/0x340
[ 1088.311983][T22517]  ? sysfs_init_fs_context+0x370/0x370
[ 1088.317468][T22517]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1088.323728][T22517]  ? kernfs_create_link+0x1cc/0x250
[ 1088.329221][T22517]  dpm_sysfs_add+0x257/0x2a0
[ 1088.334424][T22517]  device_add+0x9df/0x17a0
[ 1088.339124][T22517]  ? uevent_show+0x370/0x370
[ 1088.343739][T22517]  rfkill_register+0x1bf/0xb50
[ 1088.348537][T22517]  hci_register_dev+0x378/0x8f0
[ 1088.353420][T22517]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1088.358983][T22517]  tty_ioctl+0xaf9/0x14f0
[ 1088.363318][T22517]  ? hci_uart_init_work+0x180/0x180
[ 1088.368521][T22517]  ? do_tty_hangup+0x30/0x30
[ 1088.373116][T22517]  ? tomoyo_path_number_perm+0x459/0x520
[ 1088.378759][T22517]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1088.385090][T22517]  ? tomoyo_path_number_perm+0x263/0x520
[ 1088.390906][T22517]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1088.396742][T22517]  ? __f_unlock_pos+0x19/0x20
[ 1088.401737][T22517]  ? do_tty_hangup+0x30/0x30
[ 1088.406355][T22517]  do_vfs_ioctl+0xdb6/0x13e0
[ 1088.410964][T22517]  ? ioctl_preallocate+0x210/0x210
[ 1088.416083][T22517]  ? __fget+0x384/0x560
[ 1088.420338][T22517]  ? ksys_dup3+0x3e0/0x3e0
[ 1088.425270][T22517]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1088.431550][T22517]  ? fput_many+0x12c/0x1a0
[ 1088.435985][T22517]  ? tomoyo_file_ioctl+0x23/0x30
[ 1088.441022][T22517]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1088.447276][T22517]  ? security_file_ioctl+0x8d/0xc0
[ 1088.452415][T22517]  ksys_ioctl+0xab/0xd0
[ 1088.456668][T22517]  __x64_sys_ioctl+0x73/0xb0
[ 1088.461291][T22517]  do_syscall_64+0xfa/0x760
[ 1088.465810][T22517]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1088.471707][T22517] RIP: 0033:0x45a639
[ 1088.475608][T22517] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1088.495390][T22517] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1088.504242][T22517] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1088.512232][T22517] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1088.520224][T22517] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1088.528201][T22517] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1088.536366][T22517] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:55:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x410881, 0x0)
r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x0, 0x2)
r2 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r3}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000007c0)={r3, 0x3}, &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r3, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e20, 0xffffffff, @mcast2, 0x5}}}, 0x84)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:55:58 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:58 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:58 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x74, 0x0)

12:55:58 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xf4010000, @remote, 0x7}, 0x1c)

12:55:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00')
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40900012}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r3, 0xa77bf708cbefaa56, 0x70bd27, 0x25dfdbfe, {{}, 0x0, 0x410c, 0x0, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x10000000}, 0x8000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = msgget(0x1, 0x20)
msgctl$MSG_STAT(r5, 0xb, &(0x7f00000000c0)=""/165)
r6 = fcntl$dupfd(r4, 0x406, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$TUNGETIFF(r6, 0x800454d2, &(0x7f0000000000))
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:55:58 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:58 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:55:59 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x7a, 0x0)

12:55:59 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1089.012730][T22535] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:55:59 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1089.804623][T22547] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1090.609018][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[ 1090.615145][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1091.088776][   T12] Bluetooth: hci1: command 0x1003 tx timeout
[ 1091.094901][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1091.888858][   T22] Bluetooth: hci2: command 0x1003 tx timeout
[ 1091.894999][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1092.688915][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1092.695055][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1093.168881][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1093.175011][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1093.968789][   T22] Bluetooth: hci2: command 0x1001 tx timeout
[ 1093.974914][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1094.768906][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1095.248764][   T22] Bluetooth: hci1: command 0x1009 tx timeout
[ 1096.048785][   T22] Bluetooth: hci2: command 0x1009 tx timeout
12:56:09 executing program 5 (fault-call:2 fault-nth:65):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:56:09 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:56:09 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:56:09 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x98, 0x0)

12:56:09 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xf5ffffff, @remote, 0x7}, 0x1c)

[ 1099.105837][T22558] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1099.115202][T22558] FAULT_INJECTION: forcing a failure.
[ 1099.115202][T22558] name failslab, interval 1, probability 0, space 0, times 0
[ 1099.128485][T22558] CPU: 0 PID: 22558 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1099.137191][T22558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1099.137198][T22558] Call Trace:
[ 1099.137225][T22558]  dump_stack+0x197/0x210
[ 1099.137247][T22558]  should_fail.cold+0xa/0x15
[ 1099.137269][T22558]  ? fault_create_debugfs_attr+0x180/0x180
[ 1099.165317][T22558]  ? ___might_sleep+0x163/0x2c0
[ 1099.170185][T22558]  __should_failslab+0x121/0x190
[ 1099.175296][T22558]  should_failslab+0x9/0x14
[ 1099.175311][T22558]  kmem_cache_alloc+0x2aa/0x710
[ 1099.175328][T22558]  ? __mutex_lock+0x45d/0x13c0
[ 1099.175352][T22558]  __kernfs_new_node+0xf0/0x6c0
[ 1099.175371][T22558]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1099.175394][T22558]  ? wait_for_completion+0x440/0x440
[ 1099.199889][T22558]  ? mutex_unlock+0xd/0x10
[ 1099.199908][T22558]  ? kernfs_activate+0x192/0x1f0
[ 1099.199927][T22558]  kernfs_new_node+0x96/0x120
[ 1099.199947][T22558]  __kernfs_create_file+0x51/0x340
[ 1099.199962][T22558]  sysfs_add_file_mode_ns+0x222/0x560
[ 1099.199983][T22558]  sysfs_merge_group+0x1a0/0x340
[ 1099.219457][T22558]  ? sysfs_init_fs_context+0x370/0x370
[ 1099.229991][T22558]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1099.240363][T22558]  ? kernfs_create_link+0x1cc/0x250
[ 1099.240386][T22558]  dpm_sysfs_add+0x257/0x2a0
[ 1099.240402][T22558]  device_add+0x9df/0x17a0
[ 1099.240420][T22558]  ? uevent_show+0x370/0x370
[ 1099.251841][T22558]  rfkill_register+0x1bf/0xb50
[ 1099.251863][T22558]  hci_register_dev+0x378/0x8f0
[ 1099.251883][T22558]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1099.251901][T22558]  tty_ioctl+0xaf9/0x14f0
[ 1099.270255][T22558]  ? hci_uart_init_work+0x180/0x180
[ 1099.280236][T22558]  ? do_tty_hangup+0x30/0x30
[ 1099.280253][T22558]  ? tomoyo_path_number_perm+0x459/0x520
[ 1099.280273][T22558]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1099.280286][T22558]  ? tomoyo_path_number_perm+0x263/0x520
[ 1099.280301][T22558]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1099.280313][T22558]  ? __f_unlock_pos+0x19/0x20
[ 1099.280344][T22558]  ? do_tty_hangup+0x30/0x30
[ 1099.289864][T22558]  do_vfs_ioctl+0xdb6/0x13e0
[ 1099.289886][T22558]  ? ioctl_preallocate+0x210/0x210
[ 1099.289898][T22558]  ? __fget+0x384/0x560
[ 1099.289917][T22558]  ? ksys_dup3+0x3e0/0x3e0
[ 1099.289929][T22558]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1099.289942][T22558]  ? fput_many+0x12c/0x1a0
[ 1099.289962][T22558]  ? tomoyo_file_ioctl+0x23/0x30
[ 1099.300159][T22558]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1099.322596][T22558]  ? security_file_ioctl+0x8d/0xc0
[ 1099.322613][T22558]  ksys_ioctl+0xab/0xd0
[ 1099.322630][T22558]  __x64_sys_ioctl+0x73/0xb0
[ 1099.322649][T22558]  do_syscall_64+0xfa/0x760
[ 1099.322668][T22558]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1099.322680][T22558] RIP: 0033:0x45a639
[ 1099.322694][T22558] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1099.322708][T22558] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1099.336974][T22558] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1099.336983][T22558] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1099.336992][T22558] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
12:56:09 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xf0, 0x0)

[ 1099.337000][T22558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1099.337009][T22558] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
[ 1099.495647][T22555] debugfs: Directory 'loop0' with parent 'block' already present!
12:56:10 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

12:56:10 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:56:10 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x204, 0x0)

12:56:10 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
pread64(r1, &(0x7f0000000000)=""/3, 0x3, 0x3)
ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f00000000c0)=0xfd1)
close(r0)

12:56:10 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xfe800000, @remote, 0x7}, 0x1c)

12:56:10 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

[ 1100.362177][T22567] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1101.488793][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1101.496138][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1102.448834][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1102.455062][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1103.568788][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1103.574914][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1104.528795][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1104.534923][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1105.648839][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1106.608823][   T22] Bluetooth: hci1: command 0x1009 tx timeout
12:56:19 executing program 5 (fault-call:2 fault-nth:66):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:56:19 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:56:19 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x300, 0x0)

12:56:19 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

12:56:19 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xff000000, @remote, 0x7}, 0x1c)

12:56:20 executing program 4:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:56:20 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1109.984899][T22592] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1110.009463][T22592] FAULT_INJECTION: forcing a failure.
[ 1110.009463][T22592] name failslab, interval 1, probability 0, space 0, times 0
[ 1110.058651][T22592] CPU: 0 PID: 22592 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1110.067387][T22592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1110.077455][T22592] Call Trace:
[ 1110.080775][T22592]  dump_stack+0x197/0x210
[ 1110.085132][T22592]  should_fail.cold+0xa/0x15
[ 1110.089758][T22592]  ? fault_create_debugfs_attr+0x180/0x180
[ 1110.095593][T22592]  ? ___might_sleep+0x163/0x2c0
[ 1110.100464][T22592]  __should_failslab+0x121/0x190
[ 1110.105414][T22592]  should_failslab+0x9/0x14
[ 1110.109919][T22592]  kmem_cache_alloc+0x2aa/0x710
[ 1110.114787][T22592]  __kernfs_new_node+0xf0/0x6c0
[ 1110.119674][T22592]  ? kernfs_find_and_get_ns+0x5a/0x70
[ 1110.125414][T22592]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 1110.130876][T22592]  ? kernfs_find_and_get_ns+0x5a/0x70
[ 1110.136254][T22592]  ? __mutex_lock+0x45d/0x13c0
[ 1110.141053][T22592]  ? lock_downgrade+0x920/0x920
[ 1110.145925][T22592]  ? mutex_trylock+0x2d0/0x2d0
[ 1110.150698][T22592]  ? kernfs_activate+0x192/0x1f0
[ 1110.155651][T22592]  kernfs_new_node+0x96/0x120
[ 1110.160339][T22592]  __kernfs_create_file+0x51/0x340
[ 1110.165459][T22592]  sysfs_add_file_mode_ns+0x222/0x560
[ 1110.170862][T22592]  sysfs_merge_group+0x1a0/0x340
[ 1110.175810][T22592]  ? sysfs_init_fs_context+0x370/0x370
[ 1110.181305][T22592]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1110.187569][T22592]  ? kernfs_create_link+0x1cc/0x250
[ 1110.192788][T22592]  dpm_sysfs_add+0x257/0x2a0
[ 1110.197474][T22592]  device_add+0x9df/0x17a0
[ 1110.201919][T22592]  ? uevent_show+0x370/0x370
[ 1110.206536][T22592]  rfkill_register+0x1bf/0xb50
[ 1110.211317][T22592]  hci_register_dev+0x378/0x8f0
[ 1110.216187][T22592]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1110.221223][T22592]  tty_ioctl+0xaf9/0x14f0
[ 1110.225561][T22592]  ? hci_uart_init_work+0x180/0x180
[ 1110.230765][T22592]  ? do_tty_hangup+0x30/0x30
[ 1110.235366][T22592]  ? tomoyo_path_number_perm+0x459/0x520
[ 1110.241012][T22592]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1110.247286][T22592]  ? tomoyo_path_number_perm+0x263/0x520
[ 1110.252928][T22592]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1110.258739][T22592]  ? __f_unlock_pos+0x19/0x20
[ 1110.263440][T22592]  ? do_tty_hangup+0x30/0x30
[ 1110.268035][T22592]  do_vfs_ioctl+0xdb6/0x13e0
[ 1110.272637][T22592]  ? ioctl_preallocate+0x210/0x210
[ 1110.278297][T22592]  ? __fget+0x384/0x560
[ 1110.282469][T22592]  ? ksys_dup3+0x3e0/0x3e0
[ 1110.286890][T22592]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1110.293142][T22592]  ? fput_many+0x12c/0x1a0
[ 1110.297573][T22592]  ? tomoyo_file_ioctl+0x23/0x30
[ 1110.302513][T22592]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1110.308764][T22592]  ? security_file_ioctl+0x8d/0xc0
[ 1110.313928][T22592]  ksys_ioctl+0xab/0xd0
[ 1110.318140][T22592]  __x64_sys_ioctl+0x73/0xb0
[ 1110.322773][T22592]  do_syscall_64+0xfa/0x760
[ 1110.330448][T22592]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1110.336457][T22592] RIP: 0033:0x45a639
[ 1110.340360][T22592] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1110.360245][T22592] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1110.368662][T22592] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1110.376647][T22592] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1110.384620][T22592] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1110.392596][T22592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
12:56:20 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x402, 0x0)

12:56:20 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1110.400837][T22592] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:56:20 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000000))

12:56:20 executing program 4:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:56:20 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1110.622823][T22607] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1111.410117][T22610] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1112.448779][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1112.455008][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1112.688761][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1112.695086][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1113.488832][T18189] Bluetooth: hci2: command 0x1003 tx timeout
[ 1113.498155][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1114.528793][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1114.534993][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1114.768787][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[ 1114.774921][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1115.568789][T18189] Bluetooth: hci2: command 0x1001 tx timeout
[ 1115.575542][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1116.608909][T18189] Bluetooth: hci0: command 0x1009 tx timeout
[ 1116.848787][T18189] Bluetooth: hci1: command 0x1009 tx timeout
[ 1117.648880][T18189] Bluetooth: hci2: command 0x1009 tx timeout
12:56:30 executing program 5 (fault-call:2 fault-nth:67):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:56:30 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x500, 0x0)

12:56:30 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:56:30 executing program 4:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)

12:56:30 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xff0f0000, @remote, 0x7}, 0x1c)

12:56:30 executing program 4:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)

[ 1120.845088][T22621] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1120.854708][T22621] FAULT_INJECTION: forcing a failure.
[ 1120.854708][T22621] name failslab, interval 1, probability 0, space 0, times 0
[ 1120.868671][T22621] CPU: 1 PID: 22621 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1120.878070][T22621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1120.888224][T22621] Call Trace:
[ 1120.891539][T22621]  dump_stack+0x197/0x210
[ 1120.895984][T22621]  should_fail.cold+0xa/0x15
[ 1120.900613][T22621]  ? fault_create_debugfs_attr+0x180/0x180
[ 1120.906441][T22621]  ? ___might_sleep+0x163/0x2c0
[ 1120.911387][T22621]  __should_failslab+0x121/0x190
[ 1120.916424][T22621]  should_failslab+0x9/0x14
[ 1120.920931][T22621]  kmem_cache_alloc_trace+0x2d3/0x790
[ 1120.926313][T22621]  ? __kasan_check_write+0x14/0x20
[ 1120.931434][T22621]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 1120.936984][T22621]  ? device_pm_check_callbacks+0x112/0x3f0
[ 1120.942805][T22621]  kobject_uevent_env+0x387/0x1023
[ 1120.948110][T22621]  kobject_uevent+0x20/0x26
[ 1120.952626][T22621]  device_add+0xad8/0x17a0
[ 1120.957052][T22621]  ? uevent_show+0x370/0x370
[ 1120.961658][T22621]  rfkill_register+0x1bf/0xb50
[ 1120.966439][T22621]  hci_register_dev+0x378/0x8f0
[ 1120.971304][T22621]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1120.976336][T22621]  tty_ioctl+0xaf9/0x14f0
[ 1120.980691][T22621]  ? hci_uart_init_work+0x180/0x180
[ 1120.986157][T22621]  ? do_tty_hangup+0x30/0x30
[ 1120.990751][T22621]  ? tomoyo_path_number_perm+0x459/0x520
[ 1120.996391][T22621]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1121.002641][T22621]  ? tomoyo_path_number_perm+0x263/0x520
[ 1121.008291][T22621]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1121.014096][T22621]  ? __f_unlock_pos+0x19/0x20
[ 1121.018804][T22621]  ? do_tty_hangup+0x30/0x30
[ 1121.023664][T22621]  do_vfs_ioctl+0xdb6/0x13e0
[ 1121.028270][T22621]  ? ioctl_preallocate+0x210/0x210
[ 1121.033383][T22621]  ? __fget+0x384/0x560
[ 1121.037549][T22621]  ? ksys_dup3+0x3e0/0x3e0
[ 1121.041971][T22621]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1121.048218][T22621]  ? fput_many+0x12c/0x1a0
[ 1121.052649][T22621]  ? tomoyo_file_ioctl+0x23/0x30
[ 1121.057596][T22621]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1121.063850][T22621]  ? security_file_ioctl+0x8d/0xc0
[ 1121.068968][T22621]  ksys_ioctl+0xab/0xd0
[ 1121.073129][T22621]  __x64_sys_ioctl+0x73/0xb0
[ 1121.077740][T22621]  do_syscall_64+0xfa/0x760
[ 1121.082252][T22621]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1121.088148][T22621] RIP: 0033:0x45a639
[ 1121.092050][T22621] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1121.111662][T22621] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1121.120080][T22621] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1121.128052][T22621] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1121.136212][T22621] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
12:56:31 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1121.144304][T22621] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1121.152759][T22621] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:56:31 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x600, 0x0)

12:56:31 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:56:32 executing program 3:
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000000)='/dev/ptmx\x00', 0xa)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)
close(r1)

12:56:32 executing program 1:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:56:32 executing program 4:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)

[ 1122.145552][T22644] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1123.248826][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[ 1123.254977][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1124.208834][T19240] Bluetooth: hci1: command 0x1003 tx timeout
[ 1124.214997][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1125.328819][T19240] Bluetooth: hci0: command 0x1001 tx timeout
[ 1125.335037][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1126.288764][T19240] Bluetooth: hci1: command 0x1001 tx timeout
[ 1126.294982][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1127.408780][T19240] Bluetooth: hci0: command 0x1009 tx timeout
[ 1128.368826][T18149] Bluetooth: hci1: command 0x1009 tx timeout
12:56:41 executing program 5 (fault-call:2 fault-nth:68):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:56:41 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x700, 0x0)

12:56:41 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xffffff8d, @remote, 0x7}, 0x1c)

12:56:41 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0)='team\x00')
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @loopback, @multicast2}, &(0x7f0000000140)=0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000040)={0x11, 0x0, r6}, 0x14)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r7, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r10=>0x0})
bind$packet(r9, &(0x7f0000000040)={0x11, 0x0, r10}, 0x14)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r11, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r12 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r12, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r12, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r13 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r13, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000440)=0xe8)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r17=>0x0})
bind$packet(r16, &(0x7f0000000040)={0x11, 0x0, r17}, 0x14)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r15, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r18, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={<r19=>0x0, @remote, @empty}, &(0x7f0000000500)=0xc)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000580)=0x14)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r23=>0x0})
bind$packet(r22, &(0x7f0000000040)={0x11, 0x0, r23}, 0x14)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r24=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r21, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r24, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000a80)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a40)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6c040000", @ANYRES16=r2, @ANYBLOB="00012abd7000fbdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="cc0002003c00010024d70100757365725f6c696e6b757000000000000000000000000000000000070000000008000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000000000008000600", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="240202003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r18, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r19, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000080000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000010000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000001000040062726f616463617374000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004006624000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400af0c000008000600", @ANYRES32=r20, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040001000000080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400a300000008000100", @ANYRES32=r24, @ANYBLOB="5001020064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000340004000700ff7faf000000030000cede0e000092000400170000000080b0fc00080000200000894669b64a030001020400000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040078ffffff38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004009800000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000600000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000100004006c6f616462616c616e636500"], 0x46c}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
close(r0)

12:56:41 executing program 1:
r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:56:41 executing program 1:
r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:56:41 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xa00, 0x0)

[ 1131.722662][T22650] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1131.743464][T22650] FAULT_INJECTION: forcing a failure.
[ 1131.743464][T22650] name failslab, interval 1, probability 0, space 0, times 0
[ 1131.752722][T22653] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1131.789160][T22650] CPU: 1 PID: 22650 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1131.798148][T22650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1131.808310][T22650] Call Trace:
[ 1131.811747][T22650]  dump_stack+0x197/0x210
[ 1131.816131][T22650]  should_fail.cold+0xa/0x15
[ 1131.820739][T22650]  ? fault_create_debugfs_attr+0x180/0x180
[ 1131.826576][T22650]  ? ___might_sleep+0x163/0x2c0
[ 1131.831441][T22650]  __should_failslab+0x121/0x190
[ 1131.836584][T22650]  should_failslab+0x9/0x14
[ 1131.841108][T22650]  kmem_cache_alloc_trace+0x2d3/0x790
[ 1131.846500][T22650]  ? __kasan_check_write+0x14/0x20
[ 1131.851632][T22650]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 1131.857300][T22650]  ? device_pm_check_callbacks+0x112/0x3f0
[ 1131.863152][T22650]  kobject_uevent_env+0x387/0x1023
[ 1131.868385][T22650]  kobject_uevent+0x20/0x26
[ 1131.872900][T22650]  device_add+0xad8/0x17a0
[ 1131.877328][T22650]  ? uevent_show+0x370/0x370
[ 1131.881944][T22650]  rfkill_register+0x1bf/0xb50
[ 1131.887793][T22650]  hci_register_dev+0x378/0x8f0
[ 1131.892737][T22650]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1131.900324][T22650]  tty_ioctl+0xaf9/0x14f0
[ 1131.904691][T22650]  ? hci_uart_init_work+0x180/0x180
[ 1131.909926][T22650]  ? do_tty_hangup+0x30/0x30
[ 1131.914531][T22650]  ? tomoyo_path_number_perm+0x459/0x520
[ 1131.920182][T22650]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1131.926434][T22650]  ? tomoyo_path_number_perm+0x263/0x520
[ 1131.932087][T22650]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1131.938599][T22650]  ? __f_unlock_pos+0x19/0x20
[ 1131.943304][T22650]  ? do_tty_hangup+0x30/0x30
[ 1131.947905][T22650]  do_vfs_ioctl+0xdb6/0x13e0
[ 1131.952508][T22650]  ? ioctl_preallocate+0x210/0x210
[ 1131.957625][T22650]  ? __fget+0x384/0x560
[ 1131.961805][T22650]  ? ksys_dup3+0x3e0/0x3e0
[ 1131.966231][T22650]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1131.972479][T22650]  ? fput_many+0x12c/0x1a0
[ 1131.976932][T22650]  ? tomoyo_file_ioctl+0x23/0x30
[ 1131.981881][T22650]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1131.988134][T22650]  ? security_file_ioctl+0x8d/0xc0
[ 1131.993255][T22650]  ksys_ioctl+0xab/0xd0
[ 1131.997422][T22650]  __x64_sys_ioctl+0x73/0xb0
[ 1132.002026][T22650]  do_syscall_64+0xfa/0x760
[ 1132.006540][T22650]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1132.012455][T22650] RIP: 0033:0x45a639
[ 1132.016554][T22650] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1132.037215][T22650] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1132.045640][T22650] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1132.053615][T22650] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1132.061686][T22650] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1132.069664][T22650] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1132.077644][T22650] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:56:42 executing program 1:
r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:56:42 executing program 1:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

12:56:42 executing program 1:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

12:56:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xfffffffffffffffe)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e20, 0x6, @loopback, 0x40}, 0x1c)
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f00000000c0)=""/156, &(0x7f0000000000)=0x9c)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5}, 0x14)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r6, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=@getchain={0x48, 0x66, 0xf00, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x1, 0x7}, {0xfff1, 0x9}, {0xd, 0x1}}, [{0x8, 0xb, 0x9}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0x7f}, {0x8, 0xb, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x1)
close(r0)

12:56:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xe00, 0x0)

[ 1134.128854][T18149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1134.136450][ T1531] Bluetooth: hci2: sending frame failed (-49)
[ 1134.143471][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1134.155404][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1136.208881][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1136.214991][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1136.221661][T18149] Bluetooth: hci2: command 0x1001 tx timeout
[ 1136.227732][ T1531] Bluetooth: hci2: sending frame failed (-49)
[ 1138.288813][T18149] Bluetooth: hci2: command 0x1009 tx timeout
[ 1138.294902][T18149] Bluetooth: hci0: command 0x1009 tx timeout
12:56:52 executing program 5 (fault-call:2 fault-nth:69):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:56:52 executing program 1:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

12:56:52 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xf41, 0x0)

12:56:52 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xffffff91, @remote, 0x7}, 0x1c)

12:56:52 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:56:52 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0)='team\x00')
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @loopback, @multicast2}, &(0x7f0000000140)=0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000040)={0x11, 0x0, r6}, 0x14)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r7, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r10=>0x0})
bind$packet(r9, &(0x7f0000000040)={0x11, 0x0, r10}, 0x14)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r11, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r12 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r12, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r12, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r13 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r13, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000440)=0xe8)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r17=>0x0})
bind$packet(r16, &(0x7f0000000040)={0x11, 0x0, r17}, 0x14)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r15, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r18, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={<r19=>0x0, @remote, @empty}, &(0x7f0000000500)=0xc)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000580)=0x14)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r23=>0x0})
bind$packet(r22, &(0x7f0000000040)={0x11, 0x0, r23}, 0x14)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r24=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r21, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r24, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000a80)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a40)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6c040000", @ANYRES16=r2, @ANYBLOB="00012abd7000fbdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="cc0002003c00010024d70100757365725f6c696e6b757000000000000000000000000000000000070000000008000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000000000008000600", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="240202003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r18, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r19, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000080000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000010000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000001000040062726f616463617374000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004006624000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400af0c000008000600", @ANYRES32=r20, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040001000000080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400a300000008000100", @ANYRES32=r24, @ANYBLOB="5001020064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000340004000700ff7faf000000030000cede0e000092000400170000000080b0fc00080000200000894669b64a030001020400000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040078ffffff38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004009800000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000600000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000100004006c6f616462616c616e636500"], 0x46c}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
close(r0)

[ 1142.628415][T22787] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1142.656431][T22786] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:56:52 executing program 1:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

[ 1142.673870][T22790] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
12:56:52 executing program 1:
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req={0x5, 0xe, 0x0, 0x3}, 0x10)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff979018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312dc02914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000080)={'security\x00'}, &(0x7f0000000180)=0x54)
r4 = syz_open_dev$media(0x0, 0x0, 0x0)
ioctl$RTC_EPOCH_READ(r4, 0xc0287c02, &(0x7f0000000040))
socket$inet_udplite(0x2, 0x2, 0x88)
openat$cgroup_ro(r4, &(0x7f0000000580)='memory.current\x00', 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000a40)={{{@in6=@empty, @in=@remote}}, {{@in=@local}}}, 0x0)
ioctl$KVM_GET_PIT2(0xffffffffffffffff, 0x8070ae9f, &(0x7f0000000280))
socket$inet(0x10, 0x3, 0x0)
socket$inet(0x10, 0x3, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)
sysfs$2(0x2, 0x3, &(0x7f0000000340)=""/101)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x200000, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)}], 0x1}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@empty, @in=@remote}}, {{@in=@local}}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)
fallocate(r6, 0x0, 0x0, 0x110003)
write$P9_RXATTRCREATE(r6, &(0x7f0000000040)={0x7}, 0x7)
lseek(r6, 0x0, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)

12:56:52 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1f00, 0x0)

[ 1142.750418][T22790] FAULT_INJECTION: forcing a failure.
[ 1142.750418][T22790] name failslab, interval 1, probability 0, space 0, times 0
[ 1142.778651][T22790] CPU: 1 PID: 22790 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1142.787383][T22790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1142.797540][T22790] Call Trace:
[ 1142.800854][T22790]  dump_stack+0x197/0x210
[ 1142.805214][T22790]  should_fail.cold+0xa/0x15
[ 1142.810178][T22790]  ? fault_create_debugfs_attr+0x180/0x180
[ 1142.815998][T22790]  ? ___might_sleep+0x163/0x2c0
[ 1142.820864][T22790]  __should_failslab+0x121/0x190
[ 1142.825829][T22790]  should_failslab+0x9/0x14
[ 1142.830342][T22790]  kmem_cache_alloc_node_trace+0x274/0x750
[ 1142.836247][T22790]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1142.842351][T22790]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1142.848172][T22790]  __kmalloc_node_track_caller+0x3d/0x70
[ 1142.853819][T22790]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 1142.859462][T22790]  __alloc_skb+0x10b/0x5e0
[ 1142.863891][T22790]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[ 1142.869448][T22790]  ? __kasan_check_read+0x11/0x20
[ 1142.874484][T22790]  alloc_uevent_skb+0x83/0x1e2
[ 1142.879258][T22790]  kobject_uevent_env+0xaa3/0x1023
[ 1142.885578][T22790]  kobject_uevent+0x20/0x26
[ 1142.890095][T22790]  device_add+0xad8/0x17a0
[ 1142.894529][T22790]  ? uevent_show+0x370/0x370
[ 1142.899146][T22790]  rfkill_register+0x1bf/0xb50
[ 1142.903931][T22790]  hci_register_dev+0x378/0x8f0
[ 1142.908800][T22790]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1142.913842][T22790]  tty_ioctl+0xaf9/0x14f0
[ 1142.918179][T22790]  ? hci_uart_init_work+0x180/0x180
[ 1142.923388][T22790]  ? do_tty_hangup+0x30/0x30
[ 1142.927991][T22790]  ? tomoyo_path_number_perm+0x459/0x520
[ 1142.933637][T22790]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1142.939885][T22790]  ? tomoyo_path_number_perm+0x263/0x520
[ 1142.945529][T22790]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1142.951353][T22790]  ? __f_unlock_pos+0x19/0x20
[ 1142.956059][T22790]  ? do_tty_hangup+0x30/0x30
[ 1142.960657][T22790]  do_vfs_ioctl+0xdb6/0x13e0
[ 1142.965259][T22790]  ? ioctl_preallocate+0x210/0x210
[ 1142.970375][T22790]  ? __fget+0x384/0x560
[ 1142.974548][T22790]  ? ksys_dup3+0x3e0/0x3e0
[ 1142.978976][T22790]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1142.985234][T22790]  ? fput_many+0x12c/0x1a0
[ 1142.989702][T22790]  ? tomoyo_file_ioctl+0x23/0x30
[ 1142.994666][T22790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1143.000919][T22790]  ? security_file_ioctl+0x8d/0xc0
[ 1143.006043][T22790]  ksys_ioctl+0xab/0xd0
[ 1143.010475][T22790]  __x64_sys_ioctl+0x73/0xb0
[ 1143.015099][T22790]  do_syscall_64+0xfa/0x760
[ 1143.019612][T22790]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1143.025520][T22790] RIP: 0033:0x45a639
[ 1143.029425][T22790] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1143.049034][T22790] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1143.058232][T22790] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1143.066249][T22790] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1143.074230][T22790] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1143.082214][T22790] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1143.090212][T22790] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:56:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2000, 0x0)

12:56:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xfffffff5, @remote, 0x7}, 0x1c)

12:56:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3f00, 0x0)

[ 1144.768844][ T3015] Bluetooth: hci0: command 0x1003 tx timeout
[ 1144.768852][   T12] Bluetooth: hci1: command 0x1003 tx timeout
[ 1144.775402][T22906] Bluetooth: hci1: sending frame failed (-49)
[ 1144.788829][T22906] Bluetooth: hci0: sending frame failed (-49)
[ 1145.168828][   T12] Bluetooth: hci2: command 0x1003 tx timeout
[ 1145.176276][T22906] Bluetooth: hci2: sending frame failed (-49)
[ 1145.498777][ T3015] Bluetooth: hci3: command 0x1003 tx timeout
[ 1145.505231][T22906] Bluetooth: hci3: sending frame failed (-49)
[ 1146.848851][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1146.854979][T22906] Bluetooth: hci0: sending frame failed (-49)
[ 1146.861539][   T12] Bluetooth: hci1: command 0x1001 tx timeout
[ 1146.867804][T22906] Bluetooth: hci1: sending frame failed (-49)
[ 1147.248811][   T12] Bluetooth: hci2: command 0x1001 tx timeout
[ 1147.254934][T22906] Bluetooth: hci2: sending frame failed (-49)
[ 1147.568860][   T12] Bluetooth: hci3: command 0x1001 tx timeout
[ 1147.575199][T22906] Bluetooth: hci3: sending frame failed (-49)
[ 1148.928816][   T12] Bluetooth: hci1: command 0x1009 tx timeout
[ 1148.939122][   T12] Bluetooth: hci0: command 0x1009 tx timeout
[ 1149.328775][   T12] Bluetooth: hci2: command 0x1009 tx timeout
[ 1149.648808][   T12] Bluetooth: hci3: command 0x1009 tx timeout
12:57:03 executing program 5 (fault-call:2 fault-nth:70):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:57:03 executing program 1:
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req={0x5, 0xe, 0x0, 0x3}, 0x10)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff979018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312dc02914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000080)={'security\x00'}, &(0x7f0000000180)=0x54)
r4 = syz_open_dev$media(0x0, 0x0, 0x0)
ioctl$RTC_EPOCH_READ(r4, 0xc0287c02, &(0x7f0000000040))
socket$inet_udplite(0x2, 0x2, 0x88)
openat$cgroup_ro(r4, &(0x7f0000000580)='memory.current\x00', 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000a40)={{{@in6=@empty, @in=@remote}}, {{@in=@local}}}, 0x0)
ioctl$KVM_GET_PIT2(0xffffffffffffffff, 0x8070ae9f, &(0x7f0000000280))
socket$inet(0x10, 0x3, 0x0)
socket$inet(0x10, 0x3, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)
sysfs$2(0x2, 0x3, &(0x7f0000000340)=""/101)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x200000, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)}], 0x1}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@empty, @in=@remote}}, {{@in=@local}}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)
fallocate(r6, 0x0, 0x0, 0x110003)
write$P9_RXATTRCREATE(r6, &(0x7f0000000040)={0x7}, 0x7)
lseek(r6, 0x0, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)

12:57:03 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4000, 0x0)

12:57:03 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x7e}, 0x7}, 0x1c)

12:57:03 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0)='team\x00')
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @loopback, @multicast2}, &(0x7f0000000140)=0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000040)={0x11, 0x0, r6}, 0x14)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r7, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r10=>0x0})
bind$packet(r9, &(0x7f0000000040)={0x11, 0x0, r10}, 0x14)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r11, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r12 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r12, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r12, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r13 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r13, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000440)=0xe8)
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r17=>0x0})
bind$packet(r16, &(0x7f0000000040)={0x11, 0x0, r17}, 0x14)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r15, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r18, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={<r19=>0x0, @remote, @empty}, &(0x7f0000000500)=0xc)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000580)=0x14)
r21 = socket$nl_route(0x10, 0x3, 0x0)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r23=>0x0})
bind$packet(r22, &(0x7f0000000040)={0x11, 0x0, r23}, 0x14)
getsockname$packet(r22, &(0x7f0000000100)={0x11, 0x0, <r24=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r21, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r24, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000a80)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a40)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6c040000", @ANYRES16=r2, @ANYBLOB="00012abd7000fbdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="cc0002003c00010024d70100757365725f6c696e6b757000000000000000000000000000000000070000000008000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000000000008000600", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="240202003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r18, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r19, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000080000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000010000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000001000040062726f616463617374000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004006624000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400af0c000008000600", @ANYRES32=r20, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040001000000080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400a300000008000100", @ANYRES32=r24, @ANYBLOB="5001020064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000340004000700ff7faf000000030000cede0e000092000400170000000080b0fc00080000200000894669b64a030001020400000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040078ffffff38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004009800000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000600000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000100004006c6f616462616c616e636500"], 0x46c}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
close(r0)

12:57:03 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000000)={0x9, 0x1000})
read$usbfs(r1, &(0x7f00000000c0)=""/233, 0xe9)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x1)
close(r2)

12:57:03 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x410f, 0x0)

12:57:03 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

[ 1153.557209][T22923] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1153.591670][T22930] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1153.620218][T22931] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1153.683142][T22931] FAULT_INJECTION: forcing a failure.
[ 1153.683142][T22931] name failslab, interval 1, probability 0, space 0, times 0
[ 1153.708823][T22931] CPU: 1 PID: 22931 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1153.717564][T22931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1153.727720][T22931] Call Trace:
[ 1153.731053][T22931]  dump_stack+0x197/0x210
[ 1153.735413][T22931]  should_fail.cold+0xa/0x15
[ 1153.740041][T22931]  ? fault_create_debugfs_attr+0x180/0x180
[ 1153.745869][T22931]  ? ___might_sleep+0x163/0x2c0
[ 1153.750741][T22931]  __should_failslab+0x121/0x190
[ 1153.755700][T22931]  should_failslab+0x9/0x14
[ 1153.760215][T22931]  kmem_cache_alloc+0x2aa/0x710
[ 1153.765109][T22931]  ? refcount_dec_and_mutex_lock+0x90/0x90
[ 1153.770941][T22931]  ? __kmalloc_node_track_caller+0x4e/0x70
[ 1153.776767][T22931]  skb_clone+0x154/0x3d0
[ 1153.781029][T22931]  netlink_broadcast_filtered+0x8dc/0xb90
[ 1153.786778][T22931]  netlink_broadcast+0x3a/0x50
[ 1153.791557][T22931]  kobject_uevent_env+0xad4/0x1023
[ 1153.797380][T22931]  kobject_uevent+0x20/0x26
[ 1153.801894][T22931]  device_add+0xad8/0x17a0
[ 1153.806321][T22931]  ? uevent_show+0x370/0x370
[ 1153.811096][T22931]  rfkill_register+0x1bf/0xb50
[ 1153.815878][T22931]  hci_register_dev+0x378/0x8f0
[ 1153.821977][T22931]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1153.827032][T22931]  tty_ioctl+0xaf9/0x14f0
[ 1153.831475][T22931]  ? hci_uart_init_work+0x180/0x180
[ 1153.836694][T22931]  ? do_tty_hangup+0x30/0x30
[ 1153.841313][T22931]  ? tomoyo_path_number_perm+0x459/0x520
[ 1153.847034][T22931]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1153.853313][T22931]  ? tomoyo_path_number_perm+0x263/0x520
[ 1153.859065][T22931]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1153.864886][T22931]  ? __f_unlock_pos+0x19/0x20
[ 1153.869615][T22931]  ? do_tty_hangup+0x30/0x30
[ 1153.874232][T22931]  do_vfs_ioctl+0xdb6/0x13e0
[ 1153.878855][T22931]  ? ioctl_preallocate+0x210/0x210
[ 1153.883992][T22931]  ? __fget+0x384/0x560
[ 1153.888167][T22931]  ? ksys_dup3+0x3e0/0x3e0
[ 1153.892609][T22931]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1153.898871][T22931]  ? fput_many+0x12c/0x1a0
[ 1153.903318][T22931]  ? tomoyo_file_ioctl+0x23/0x30
[ 1153.908269][T22931]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1153.914537][T22931]  ? security_file_ioctl+0x8d/0xc0
[ 1153.919671][T22931]  ksys_ioctl+0xab/0xd0
[ 1153.923851][T22931]  __x64_sys_ioctl+0x73/0xb0
[ 1153.928453][T22931]  do_syscall_64+0xfa/0x760
[ 1153.932974][T22931]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1153.938870][T22931] RIP: 0033:0x45a639
[ 1153.942776][T22931] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1153.962395][T22931] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1153.970817][T22931] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1153.978794][T22931] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1153.986774][T22931] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1153.994749][T22931] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1154.002721][T22931] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:57:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4800, 0x0)

12:57:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4c00, 0x0)

12:57:04 executing program 1:
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req={0x5, 0xe, 0x0, 0x3}, 0x10)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYPTR64, @ANYRES64=0x0, @ANYRES32, @ANYPTR, @ANYBLOB="5d3453f301d2d6a2d0e7d2c8f67fbd2e5227feda4456e9a017056a52fd4919c7aeff979018f9a424f2da5d8bb421c33e0b87af23ee8e1d6a9facaed79531371b182e22f1699dbbcfa2f573c0e79871be9f65e2118140daf6edc73312dc02914b403060177496e3c7e68d58f5a2a917458f4ebe9dc8cb1c", @ANYRES64, @ANYRES16, @ANYRES32]], @ANYRES64], 0xfffffd62)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000080)={'security\x00'}, &(0x7f0000000180)=0x54)
r4 = syz_open_dev$media(0x0, 0x0, 0x0)
ioctl$RTC_EPOCH_READ(r4, 0xc0287c02, &(0x7f0000000040))
socket$inet_udplite(0x2, 0x2, 0x88)
openat$cgroup_ro(r4, &(0x7f0000000580)='memory.current\x00', 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000a40)={{{@in6=@empty, @in=@remote}}, {{@in=@local}}}, 0x0)
ioctl$KVM_GET_PIT2(0xffffffffffffffff, 0x8070ae9f, &(0x7f0000000280))
socket$inet(0x10, 0x3, 0x0)
socket$inet(0x10, 0x3, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)
sysfs$2(0x2, 0x3, &(0x7f0000000340)=""/101)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x200000, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)}], 0x1}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@empty, @in=@remote}}, {{@in=@local}}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)
fallocate(r6, 0x0, 0x0, 0x110003)
write$P9_RXATTRCREATE(r6, &(0x7f0000000040)={0x7}, 0x7)
lseek(r6, 0x0, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x\x11k4\xd3\x1b\x05\xaf\xf0\x1eyRN\xc9\xc6V\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x275a, 0x0)

12:57:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x5000, 0x0)

[ 1155.728748][    T5] Bluetooth: hci1: command 0x1003 tx timeout
[ 1155.728881][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[ 1155.734972][T22906] Bluetooth: hci1: sending frame failed (-49)
[ 1155.752527][T22906] Bluetooth: hci0: sending frame failed (-49)
[ 1156.048757][T19240] Bluetooth: hci2: command 0x1003 tx timeout
[ 1156.054909][T22906] Bluetooth: hci2: sending frame failed (-49)
[ 1156.448761][    T5] Bluetooth: hci3: command 0x1003 tx timeout
[ 1156.455098][T22906] Bluetooth: hci3: sending frame failed (-49)
[ 1157.808819][    T5] Bluetooth: hci0: command 0x1001 tx timeout
[ 1157.814933][T22906] Bluetooth: hci0: sending frame failed (-49)
[ 1157.821554][    T5] Bluetooth: hci1: command 0x1001 tx timeout
[ 1157.827624][T22906] Bluetooth: hci1: sending frame failed (-49)
[ 1158.128772][    T5] Bluetooth: hci2: command 0x1001 tx timeout
[ 1158.134893][T22906] Bluetooth: hci2: sending frame failed (-49)
[ 1158.528787][    T5] Bluetooth: hci3: command 0x1001 tx timeout
[ 1158.543517][T22906] Bluetooth: hci3: sending frame failed (-49)
[ 1159.888792][    T5] Bluetooth: hci1: command 0x1009 tx timeout
[ 1159.894956][    T5] Bluetooth: hci0: command 0x1009 tx timeout
[ 1160.208817][    T5] Bluetooth: hci2: command 0x1009 tx timeout
[ 1160.608813][    T5] Bluetooth: hci3: command 0x1009 tx timeout
12:57:14 executing program 5 (fault-call:2 fault-nth:71):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:57:14 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x2]}, 0x7}, 0x1c)

12:57:14 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6800, 0x0)

12:57:14 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:57:14 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1164.394783][T23063] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1164.419723][T23060] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1164.443823][T23063] FAULT_INJECTION: forcing a failure.
[ 1164.443823][T23063] name failslab, interval 1, probability 0, space 0, times 0
[ 1164.460612][T23063] CPU: 0 PID: 23063 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1164.469322][T23063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1164.479387][T23063] Call Trace:
[ 1164.482709][T23063]  dump_stack+0x197/0x210
[ 1164.487058][T23063]  should_fail.cold+0xa/0x15
[ 1164.491680][T23063]  ? fault_create_debugfs_attr+0x180/0x180
[ 1164.497513][T23063]  ? ___might_sleep+0x163/0x2c0
[ 1164.502389][T23063]  __should_failslab+0x121/0x190
[ 1164.507345][T23063]  should_failslab+0x9/0x14
[ 1164.511855][T23063]  kmem_cache_alloc_node_trace+0x274/0x750
[ 1164.517753][T23063]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1164.523744][T23063]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1164.529615][T23063]  __kmalloc_node_track_caller+0x3d/0x70
[ 1164.535259][T23063]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 1164.540648][T23063]  __alloc_skb+0x10b/0x5e0
[ 1164.545085][T23063]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[ 1164.550641][T23063]  ? __kasan_check_read+0x11/0x20
[ 1164.555676][T23063]  alloc_uevent_skb+0x83/0x1e2
[ 1164.560453][T23063]  kobject_uevent_env+0xaa3/0x1023
[ 1164.565583][T23063]  kobject_uevent+0x20/0x26
[ 1164.570094][T23063]  device_add+0xad8/0x17a0
[ 1164.574522][T23063]  ? uevent_show+0x370/0x370
[ 1164.579133][T23063]  rfkill_register+0x1bf/0xb50
[ 1164.583912][T23063]  hci_register_dev+0x378/0x8f0
[ 1164.588786][T23063]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1164.593830][T23063]  tty_ioctl+0xaf9/0x14f0
[ 1164.598170][T23063]  ? hci_uart_init_work+0x180/0x180
[ 1164.603379][T23063]  ? do_tty_hangup+0x30/0x30
[ 1164.607976][T23063]  ? tomoyo_path_number_perm+0x459/0x520
[ 1164.613620][T23063]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1164.619874][T23063]  ? tomoyo_path_number_perm+0x263/0x520
[ 1164.625523][T23063]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1164.631342][T23063]  ? __f_unlock_pos+0x19/0x20
[ 1164.636056][T23063]  ? do_tty_hangup+0x30/0x30
[ 1164.640659][T23063]  do_vfs_ioctl+0xdb6/0x13e0
[ 1164.645274][T23063]  ? ioctl_preallocate+0x210/0x210
[ 1164.650393][T23063]  ? __fget+0x384/0x560
[ 1164.654570][T23063]  ? ksys_dup3+0x3e0/0x3e0
[ 1164.658994][T23063]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1164.665243][T23063]  ? fput_many+0x12c/0x1a0
[ 1164.669681][T23063]  ? tomoyo_file_ioctl+0x23/0x30
[ 1164.674628][T23063]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1164.680885][T23063]  ? security_file_ioctl+0x8d/0xc0
[ 1164.686011][T23063]  ksys_ioctl+0xab/0xd0
[ 1164.690187][T23063]  __x64_sys_ioctl+0x73/0xb0
[ 1164.694793][T23063]  do_syscall_64+0xfa/0x760
[ 1164.699312][T23063]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1164.705212][T23063] RIP: 0033:0x45a639
[ 1164.709129][T23063] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1164.728739][T23063] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1164.737191][T23063] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1164.745177][T23063] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1164.753153][T23063] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1164.761131][T23063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1164.769111][T23063] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:57:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000000c0)={0x0, {0x2, 0x4e22, @loopback}, {0x2, 0x4e21, @empty}, {0x2, 0x4e24, @empty}, 0x23b, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x100, 0x9})

12:57:14 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x3]}, 0x7}, 0x1c)

12:57:14 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6c00, 0x0)

12:57:14 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:57:15 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x4]}, 0x7}, 0x1c)

[ 1164.992971][T23175] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
12:57:15 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x5]}, 0x7}, 0x1c)

12:57:15 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x7400, 0x0)

[ 1166.849011][   T12] Bluetooth: hci1: command 0x1003 tx timeout
[ 1166.849121][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[ 1166.855126][T22906] Bluetooth: hci1: sending frame failed (-49)
[ 1166.868352][T22906] Bluetooth: hci0: sending frame failed (-49)
[ 1167.008820][T19240] Bluetooth: hci2: command 0x1003 tx timeout
[ 1167.016259][T22906] Bluetooth: hci2: sending frame failed (-49)
[ 1167.808768][   T12] Bluetooth: hci3: command 0x1003 tx timeout
[ 1167.814994][T22906] Bluetooth: hci3: sending frame failed (-49)
[ 1168.928830][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1168.934965][T22906] Bluetooth: hci0: sending frame failed (-49)
[ 1168.948748][   T12] Bluetooth: hci1: command 0x1001 tx timeout
[ 1168.954859][T22906] Bluetooth: hci1: sending frame failed (-49)
[ 1169.088818][   T12] Bluetooth: hci2: command 0x1001 tx timeout
[ 1169.094971][T22906] Bluetooth: hci2: sending frame failed (-49)
[ 1169.888759][   T12] Bluetooth: hci3: command 0x1001 tx timeout
[ 1169.894886][T22906] Bluetooth: hci3: sending frame failed (-49)
[ 1171.008837][   T12] Bluetooth: hci1: command 0x1009 tx timeout
[ 1171.014946][   T12] Bluetooth: hci0: command 0x1009 tx timeout
[ 1171.168825][   T12] Bluetooth: hci2: command 0x1009 tx timeout
[ 1171.968902][   T12] Bluetooth: hci3: command 0x1009 tx timeout
12:57:25 executing program 5 (fault-call:2 fault-nth:72):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:57:25 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x6]}, 0x7}, 0x1c)

12:57:25 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:57:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:57:25 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x7a00, 0x0)

[ 1175.266337][T23197] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1175.285769][T23197] FAULT_INJECTION: forcing a failure.
[ 1175.285769][T23197] name failslab, interval 1, probability 0, space 0, times 0
[ 1175.313702][T23197] CPU: 1 PID: 23197 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1175.322425][T23197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1175.332503][T23197] Call Trace:
[ 1175.335817][T23197]  dump_stack+0x197/0x210
[ 1175.340169][T23197]  should_fail.cold+0xa/0x15
[ 1175.344783][T23197]  ? mark_held_locks+0xa4/0xf0
[ 1175.349568][T23197]  ? fault_create_debugfs_attr+0x180/0x180
[ 1175.355385][T23197]  ? __kasan_check_read+0x11/0x20
[ 1175.360431][T23197]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1175.366694][T23197]  __should_failslab+0x121/0x190
[ 1175.371639][T23197]  should_failslab+0x9/0x14
[ 1175.376147][T23197]  kmem_cache_alloc_node_trace+0x5a/0x750
[ 1175.381882][T23197]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1175.387867][T23197]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1175.393706][T23197]  __kmalloc_node_track_caller+0x3d/0x70
[ 1175.399385][T23197]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 1175.404772][T23197]  __alloc_skb+0x10b/0x5e0
[ 1175.409202][T23197]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[ 1175.414769][T23197]  ? do_raw_read_unlock+0x70/0x70
[ 1175.419819][T23197]  hci_sock_dev_event+0xf3/0x580
[ 1175.424773][T23197]  hci_register_dev+0x57f/0x8f0
[ 1175.429638][T23197]  hci_uart_tty_ioctl+0x87e/0xc00
[ 1175.434675][T23197]  tty_ioctl+0xaf9/0x14f0
[ 1175.439018][T23197]  ? hci_uart_init_work+0x180/0x180
[ 1175.444223][T23197]  ? do_tty_hangup+0x30/0x30
[ 1175.448818][T23197]  ? tomoyo_path_number_perm+0x459/0x520
[ 1175.454460][T23197]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1175.460705][T23197]  ? tomoyo_path_number_perm+0x263/0x520
[ 1175.466342][T23197]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1175.472152][T23197]  ? __f_unlock_pos+0x19/0x20
[ 1175.476853][T23197]  ? do_tty_hangup+0x30/0x30
[ 1175.481456][T23197]  do_vfs_ioctl+0xdb6/0x13e0
[ 1175.486058][T23197]  ? ioctl_preallocate+0x210/0x210
[ 1175.491176][T23197]  ? __fget+0x384/0x560
[ 1175.495346][T23197]  ? ksys_dup3+0x3e0/0x3e0
[ 1175.499766][T23197]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1175.506010][T23197]  ? fput_many+0x12c/0x1a0
[ 1175.510440][T23197]  ? tomoyo_file_ioctl+0x23/0x30
[ 1175.515387][T23197]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1175.521636][T23197]  ? security_file_ioctl+0x8d/0xc0
[ 1175.526755][T23197]  ksys_ioctl+0xab/0xd0
[ 1175.530926][T23197]  __x64_sys_ioctl+0x73/0xb0
[ 1175.535523][T23197]  do_syscall_64+0xfa/0x760
[ 1175.540039][T23197]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1175.545942][T23197] RIP: 0033:0x45a639
[ 1175.549853][T23197] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1175.569461][T23197] RSP: 002b:00007fa5b237ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1175.577878][T23197] RAX: ffffffffffffffda RBX: 00007fa5b237ac90 RCX: 000000000045a639
[ 1175.585858][T23197] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1175.593833][T23197] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1175.601807][T23197] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5b237b6d4
[ 1175.609781][T23197] R13: 00000000004c3634 R14: 00000000004d77e8 R15: 0000000000000004
12:57:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x8, 0x101000)
r1 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x3, 0x18840)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x9)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:57:25 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x7]}, 0x7}, 0x1c)

12:57:25 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x9800, 0x0)

12:57:25 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:57:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

[ 1175.882452][T23306] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:57:26 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x8]}, 0x7}, 0x1c)

12:57:26 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xa087, 0x0)

[ 1177.648811][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1177.654963][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1177.969041][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1177.975384][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1179.728762][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1179.734894][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1180.048873][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1180.055392][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1181.808808][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1182.128809][   T22] Bluetooth: hci1: command 0x1009 tx timeout
12:57:36 executing program 5 (fault-call:2 fault-nth:73):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:57:36 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:57:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:57:36 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x9]}, 0x7}, 0x1c)

12:57:36 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xf000, 0x0)

12:57:36 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:57:36 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0xa]}, 0x7}, 0x1c)

[ 1186.156087][T23332] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1186.185322][T23334] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:57:36 executing program 4:
socket$alg(0x26, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r0, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r1=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:57:36 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0xe]}, 0x7}, 0x1c)

12:57:36 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x10]}, 0x7}, 0x1c)

[ 1186.344316][T23343] debugfs: Directory 'loop0' with parent 'block' already present!
12:57:36 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:57:36 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12815, 0x0)

[ 1186.932557][T23360] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1188.208821][T19240] Bluetooth: hci0: command 0x1003 tx timeout
[ 1188.216215][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1188.288768][T19240] Bluetooth: hci1: command 0x1003 tx timeout
[ 1188.294963][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1189.008762][T18149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1189.015021][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1190.288781][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1190.294923][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1190.368858][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1190.374982][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1191.088812][T18149] Bluetooth: hci2: command 0x1001 tx timeout
[ 1191.094966][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1192.368775][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1192.449043][T18149] Bluetooth: hci1: command 0x1009 tx timeout
[ 1193.168789][T18149] Bluetooth: hci2: command 0x1009 tx timeout
12:57:46 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

12:57:46 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x11]}, 0x7}, 0x1c)

[ 1196.393435][T23365] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:57:47 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:57:47 executing program 4:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000300)='/de\x8d/nullb0\x00', 0x5c1820, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x20, 0x4, "d0c52eb5a56b17acc0b031ce82dfbde4e5acaaa7ab1051ba299b3f295b73502525974b6da9a33cbfb22da77478f9e64c3beb4c4c5fe0b6d9db1cedd8b2a2adb9", "11961e0851bad6a06b505ae3a6fb94fdb805d8615786dcf15feb3e8cbf238781bea46ff17439e695f38ce41a06cdd68d9dfac71a0b31ea9f3e23f60be8f0ec5d", "6aee23c135be79d35db8c0a7a91370995c28de3fcb77841c1b9b047a9ffbf576", [0xfffffffffffffffe, 0x5]})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x2004, 0x0, 0x2}, 0x3dd)
r4 = socket(0x1e, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/185, 0xb9}], 0x1)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r5}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f00000007c0)={r5, 0x3}, &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r5, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f00000000c0)={r5, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x7}}}, 0x84)
ioctl$KDADDIO(r2, 0x400455c8, 0x2)
close(r2)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)
close(r1)
r6 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x1, 0x400)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r6, 0x10e, 0x8, &(0x7f0000000180)=0x8, 0x4)

12:57:47 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12816, 0x0)

12:57:47 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x48]}, 0x7}, 0x1c)

12:57:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = openat$cgroup_ro(r3, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f00000000c0))
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000180)=@req={0x36, 0xff}, 0x262)
ioctl$sock_TIOCOUTQ(r5, 0x5411, &(0x7f0000000100))
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
fstat(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
r9 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = semget(0x2, 0x2, 0x6fe)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8)
lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0})
semctl$IPC_SET(r10, 0x0, 0x1, &(0x7f0000000740)={{0x81, r11, r12, r13, r14, 0x20, 0xc760}, 0x3, 0xfffffffffffff1d7, 0xfffffffffffffff7})
setgroups(0x4, &(0x7f00000003c0)=[r6, r7, r8, r14])
close(r1)
ioctl$KDADDIO(r1, 0x400455c8, 0xffffffffffffffff)
close(r0)
r15 = socket$inet6_tcp(0xa, 0x1, 0x0)
r16 = fcntl$dupfd(r15, 0x0, r15)
ioctl$PERF_EVENT_IOC_ENABLE(r16, 0x8912, 0x400200)
ioctl$KDGKBTYPE(r16, 0x4b33, &(0x7f0000000140))

12:57:47 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12817, 0x0)

12:57:47 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x4c]}, 0x7}, 0x1c)

12:57:47 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$dupfd(r10, 0x0, r9)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:57:47 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12818, 0x0)

12:57:47 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x5c]}, 0x7}, 0x1c)

[ 1198.448769][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1198.454963][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1200.528820][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1200.534955][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1202.608827][   T12] Bluetooth: hci0: command 0x1009 tx timeout
12:57:56 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x2, 0x1)

12:57:56 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x68]}, 0x7}, 0x1c)

12:57:56 executing program 4:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000300)='/de\x8d/nullb0\x00', 0x5c1820, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x20, 0x4, "d0c52eb5a56b17acc0b031ce82dfbde4e5acaaa7ab1051ba299b3f295b73502525974b6da9a33cbfb22da77478f9e64c3beb4c4c5fe0b6d9db1cedd8b2a2adb9", "11961e0851bad6a06b505ae3a6fb94fdb805d8615786dcf15feb3e8cbf238781bea46ff17439e695f38ce41a06cdd68d9dfac71a0b31ea9f3e23f60be8f0ec5d", "6aee23c135be79d35db8c0a7a91370995c28de3fcb77841c1b9b047a9ffbf576", [0xfffffffffffffffe, 0x5]})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x2004, 0x0, 0x2}, 0x3dd)
r4 = socket(0x1e, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/185, 0xb9}], 0x1)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r5}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f00000007c0)={r5, 0x3}, &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r5, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f00000000c0)={r5, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x7}}}, 0x84)
ioctl$KDADDIO(r2, 0x400455c8, 0x2)
close(r2)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)
close(r1)
r6 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x1, 0x400)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r6, 0x10e, 0x8, &(0x7f0000000180)=0x8, 0x4)

12:57:56 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
accept4$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0}, &(0x7f0000000100)=0x14, 0x1400)
sendmmsg(r1, &(0x7f0000004440)=[{{&(0x7f0000000140)=@xdp={0x2c, 0x1, r2, 0x2b}, 0x80, &(0x7f0000000480)=[{&(0x7f00000001c0)="aa528402bae734f61ff16add6b4b0373a41ecaac9d99725b61363e0383e362c662bbb31ec8bf8ec0047f91103465767842e8642f6b1296b233e380395be4a2a18c9251c1ad757732404d91bde1472f1b0adcf0282364ea1cd51d99d177924275f41e8320335c05005a6d2ebc2816c7ca53b3dd413e809bb992e7cff30a1c0cb128cef949b07631a9aa7849ac157ef737", 0x90}, {&(0x7f0000000280)="20eac2af8cf49787d54b2537bf9e6b0f433607af306b5e4bd81ced5a9420fa99d69af0aea94ed40f61b951fa8ce8f436421f21fdcc0c0a35ba5fe51903847697c873c35c65615b116afbed44a66c8e370ab7569ff429fbdf3bbc45d6dd103d50f4fb3fa7334828a112ea43a5b4ff17cbf4", 0x71}, {&(0x7f0000000300)="ed318f71394629d280e6102b8d27f7cffdbb53311af7629c5909febe6e2d421e44c6961d3a57f4f1a7290ce4ca72f490870b03852c0d3a4091fe42ae0f8dbd4093f9c5c6a108cb5afba83f9bf35430ef138b689f81864b1c0c327e667a24255734979a3a1b7a148a55", 0x69}, {&(0x7f0000000380)="9f49447d2b301091eb6e5e0d433ea3c88d19dbf569fc5c5d9339876899153771b9ec10335563d44d2229daffbd6b55ee82fd678506d9e715f12823d6a8bd4bbd0d203ce36e197fe81483a42c525ba2e193c9dcb2409840df4977ecd26edd5ac60fad1234b372fe3e0eeb41e01cb2752210c0d5daa8511f66df46c4f4da56db32a9cb94ce3a153e4e8bb963625b345619a6edc9bc1f47dddc18ddad9f01de42a18db11d48f9fe8c04c4da679a6bb2d3953480eef4b5932c9aa04df7eefe3757e28bf430336610deca9bde0758279b97803d09270a1b8cc668cc70daf07f60e689dbd09ea84f", 0xe5}], 0x4, &(0x7f00000004c0)=[{0x20, 0xff, 0xffffff7f, "04f5450acc8abfc02bfc2b04149680"}, {0xb0, 0x1, 0x80, "ad5ed80482aac221c651e5d7502ba2d2349faf8d294c7c96b977dc28f42c66f81f2e644274a3f4922e6a59f509995b7d11e6e8835a2472b88d846a98cbc6406bf169263c3edc473b112a4a6e7f0638e32013659544286734e966839dfa3cd6a47786dfbcdf2bbbab548ce378d70623950dd37061ce40d8f4b1057d849346651f69b07ac4399960176a7814f78255cd2cb3979c730af3573f9669d83988f51484"}, {0xb8, 0x12e, 0x20, "96968d919e5b8c6e6299e194245c62ef1a86e0b5e56865eb8c7b7db05a52432ed8530f168ff0962bdba1893a8cdadfe2c76e04a1b9421578ba6a4daa85e263360f3c6c68e4c8bfe96a594632db474f8810f4b2f08404faf5d812a1ef600f852fee2f009176d693dab15ff1e04387ef131d9e84d2d7d034c7594d4f1e78cddc4275187a8666288800d6a1363d1d1bf45e8e33a20fc0f34dacdfb535e7516d4f6d32aa7038"}, {0xb8, 0x116, 0x1, "85fb6e71ce1db231ae8f9187b9341fb479ded42e8ca0e42cf4a6937458763ab556ca1dd5dc2541de04723fa594e9deb981759a0ea56752243761f69049dd0b4ad3a1b6823c4617e2bc2432d3e3625c54424132a58b101c94045a5dded285a4767783dd5a826cf436be182d2eb0cf399bb07bd4e942101abf7f917a4439d0a2302046b600af176d3338b88dbed2338a67e4a7a2d59e0d6c15abad3b58425f190efe"}, {0x70, 0x115, 0x0, "897a99eb261923effc0a17209c7a33e139ab0aecd5eefc5f09f111d6bd1cb682fe9a30b51617eeecd7e0d725fd771d33d6762e7dc3214c42a239479124b404ea38b7f688f0921c8d107dfcd101ed593e8e3969fc2f703383904788ba4ff503"}, {0x1010, 0x29, 0x7, "99c349192acdbef5ca2ed81346a8482d24953a40aa058c7bf8b29bad6ee34f876da7ec814af5dc66e2d3c525f592a0e57d256d8b0857755b268e05727ebd073a203782ed8734aa118fc28e18ff96cd151d6216402a122ecd40a1c57d6a29895adf16b2595528c9a8f3ea689ab21bf4e9e0c566e8eb322816b743c3fa70b6b08e3a370d82b7f9673ba72837beae48529640beefb6b1b5a518ac9871bda59464eed1b6f389833b57f3add6fbdb41a003a4e2737d0b29f5b09294fe4d1aae410b7699e1a80298bd40bc8a740f97de85f28e9022ed9eb8e16bdd5c5891b3d35eb9ab8602067b8f0d4a1c14ff46110187ce7e9582f6c6d900fa2eee49ef2c1ea03415061e1b940055f545f110232f2cd6c345226af71072771ddc6e980a1a895e22cf934d1e3a164b3cca9913a7f93ba1865f4760f59861002ac4b84f2233589f02d8732b483c5106537e2ab82f8b6eec2ed657d369317d18bc6446ae7708f6d4c55ab6028f0be6bd8786437a571c4888fe658020f5b7cc95cd5e92d1a3ea0f4c2a995033e99d49e2c272f3c38d969b2639ecd45119caa6e9cc4a9e047c79ffe0eddda65c52f4110e93789e510ee94182efe65bc6ecb2a2b16a07c2e771ab57158946b5fc33fc9da33ae962362e6e616542bb8d0614e0bb257b13ef15dcf43f805a919bfc37994bf43aad3d75678f8a30911412a223a8f0ee97c4b500256034f083d996b51f71fabb39a638db1fde287daa2527dddb384b83539075a6273a1e19aea31d48686f2da64d930aeb5b2c66cc015b162571d33e0084f4c122043915c8b2045c1862e3f2a08e632eb57e9266dc304a612d7a3d40b7b3dcb246c767cae137c799a0ec93fe3b0d86921ec2bdb03f01eaf0f142391172397f39de27c600970f6c0d6da23faca9fcaf3157f6987cb031a8bfbdbef2f4be3ee800f8360c53a3615923573fa0fe50fb5b0d2d1c7b10cdf60b3fbd9d7d073fdcd31a64ce7912caddcefc0e1f42da6c595df12b8124c74bfe6a0b1be41f2fc6baf22c26309e2411f37cf29b88ccd92261233b27d38a3d91169b4f8bb3e94ef10ce745af330c23ee1f63ca062ca6e447e2449bb1db66003895654d13c14867aa4dcea486f6ce2034f44307cfdf74f58b3fde05853d05c010a73ec60be621519884a9ec9c9f2e8a1f77885e1ca000e1891d98f3083305c0e446478753df3ce3edce7cad1de19d329af236687dc27b9335fda4edd576f43e8d275a3291b15f0b1b187b1e9d384c1cd30e95370e2c59854e3dd393e0d8636886f757cd0206033fd66eb4ff538a4e387f89a5d307fa10f8473d69a13083a4f98179b92d8c88bcb8bab4410a8435124fd527ad0ecfc8833a8ec61f4e71801601112f5deef1c5ecd7a8caeb2e95159170f1e54f9df5b82d01f139adb5babcccc55efec8cd0c652eb6a66d0027b7a1d36a2b6ebcf7a27fc5f8e269aa385498748f13d47a29b7b8ce584e4ea52b0d5d337c8a7e4a62800f5feca194b004d3f4573362ef82491cb09b9a719e2ff3e17a7c851ba2433bfda532158c45c21f532c295f1c338a2a81c590ef784ed398196867f643bddcfda6c4d9f71d930757ccfc091addc0191444b50dfee6c6724b140f940dec3144a29b01de0659af226779c99f191d2f24bba9e26b5a0942fef59719ee2c1a8a53702fe5f8a4cd3a9c697ee6f12b68caebd34d453ac7ac24efaf69984e8531491359192087f8c6404760cd41e65151c0179f5108daf6740dfffe763780ae117d3dca90317195d457fc43242d9241a299a50c5ce7adec3fda39a6ebc7106f27b7221f0dad647fb1027a2e4333b1a06137ae7a951f8605d4b6840e06ceaa3f6ce1d18849f9933ab2ab40d0ad31247f7bf48965469f3e26a693c0d63572196926dfe11dd1e88abefc95d956c66bb70e9cb6f2ceefe7f32322738b71526050177e80fe905628a9d8d1bce984748069a08ba90bf0beef2b8445eb388d4e9a1c3e0e20c7e9f4b8ab993ec4cbf88919cfa5b42bf75089bc52778a039bbf06a853be90a68d415ba9c3f477a23606289dd9d2726212a6506bc8e5734ae7ba4a1b198b1d9f336896c8d870c45111c4255dd6dcac8b7ca50b792ba311425fe4991a5eb960e7f726cbaa8e283348a1dfd7d9a006a5684a3fd09470480388574fce736612ca476cac066ce0f529a87c692a8fc092e9e0e4aea8ca661f34f30dff64568387c80f457d43185a14ccf404f58f1dd0bc6fc9cfc24d35d13b059ed9d5e63ea21665ca927e1d74a1305f54497a9301387768eeacee83009f302bfdbc91f899d6e37c59ae944db5e0d68dccabe009c6ef63ecf8aab5492580f82777e8f7e2a7fdf31ed50b8c001ddccc18f6f00c82a5cd7e2d9169e3998f531c376db8ac73059feb47f867f5f5bbd1dfbd4c22efeb300770f21ad10f07ec993b424b3a4f6f90931d904f5fb86a2963e6797aa2b4b65436f64b36b3771ea4c7bf36379c26d4b96ac30df12e17a6e97f855233aad9ae38337ce885a2a0083604976a323d38f9c505ba91f8d97a25c9393e82a0f2d536bf9ecedcb51abaf141338d191858e5017815f2dcfc39fecf2fc32d607b54da404aa8d548e0ae96861d0fcf22cbf37a2d0fcce139ac9460f4becba59301e1fe03788044af0ad7ee66cb60e10b98fa3442a4715f2f8a0eba9be77f5032a62b00c4a93a381a2ad343b4d4bbb48c12dbb2aeb4065b44bd80f3aedc6032a368489528062778e7a83b522b3f448260d8cd257f9c0ff35d0fae3bcc234d4fb111c47e182b133ca13ac656dde9dff45249be74503b4885f0f1ab2837b1c46bf82cd0afd0d8301fc79c401da895aea9d1b108f04ed2924516131fa730ca3d058402302540a45e1fee0541b7d3f9610a88eef3b08102f7c42275c6fe4acc2b7c3aa13966d6d398781ca39e29e6eeaeac896a5a3df04f4bbb6e101eb083cab1f8de2bdd7d42d854c27d58a14478fad2d46fbf60edf59f0408bd3f06794115454317c4abca54cd16724a84ec65f56406cf2eea51b071698b4a8c1cb6de5a47c08a8a870225c402375a3f1439b6840107b4443fa58f57483102475fa8165c0ee987a991076ad07f7075251480ce29801765d07d3e2ed4cb1c8c427a2659c6cd6fa3d7aa536027b81477e20afd313c6b54794c6ea2bc18ee0e90954fce140cbdbf6dc0fe29c83b409e347e9aa6f44db8a9ece2e024b257cdcb4ef5d228403b8462c6a0c1be8b961b51c0d680f7b93683e774733cafa32be08fa61755fb3773a5d81e57abdedee08972eadff385cdeae4086ec874f0a8f66af029c87b5c09534ad428272b1e1091264597f221883d544a89e82f7b52b137ad9c62b3ac70482ef77f250819980e25281bec8d5fe00fb046adb07555fca4905988a76b24ff112e2ea3896f20c0877010386700a7d7a81f8ed4daa2e26c049ddaf41357791308e6472e672f991ae6daff1d79e3f5f62f336bde0c539c0c35799c60aa21ba75748cf425ab67b27b41a75410cc961a688d2427ae7b3cd2de950598174402f0c49919bbbc861f786f6766522728bb699283e8c7724c7f9cb0d87d429ce2f2fe8e55d0adeb4d542b764db97e45b3f63025547f7f07c39f6de63d27a50faecf84bbc3dc84d3998537bbc7ce3f1c30e0deacd92052992a6815202e19290f62db8a1cbc7faf50009a9824c1802689b8c50899049f01f4a5da2f1c6ce2246c5cab12c8b80792500eea5fa1925596cc8a68f563444190010813fbca1a101ded3d62545e2bdcdbc3e751afbbd37729d1a54b0a4de5ffdddb2df3c95db0d7bccca6781e585a72d186b3067f60aeddf29c726cf9be8b03b91b9e2690861085de07dab9ea6f374479aef6d0fe676003900eab2f0e1f6ad993c45395b863edab329f9ce94df8c3d4e4b239023ef7a3983cf357583ba7499b207001c6c507c6af97556e88647fee92d14e1bdd87078057eeb7c1f773ccb7d5e813bbca92594a18d60a882d1d89ec21ef23de6df2ce0ef53c1df1b9cdb6f82f31fd200828f3d3b6dcd0b180aff2b896e0c05a2891dd5b6eb85e8dfd817e6974289b32e1bf4b7b8e4c757e8aee49d58901c7946698bbb28834e442dca2cbff3cef06c34a9903cc72e53ce4e0632cd6e919af58b3f2d9aba38207cc31e7224910e4498b5b4257b13d68539a21a713a130d305025912d9eed71c53bec8005cada5fcb9b52f5831985b7954501edc41ed8382de24b8be9fac39a0ca953a9af9207ef129244bcda2f8b98b3779cf2e1f4e997d1c33745640d3fde49a9f43c1f51752a9bf541b6e42947e8d504ad06c438d91ca879f9ae1abe1c5cd1138647f94b35a70dea1b8e9bc811db898d97c6ce759acfb937a6e46d3009f28a3a1a396aaad14d06a5fb04c88d3a60d801fe27e66d0b4ecb81d98778f5a26dd058b1a1332da7f092c3ff7d96a5a9d0b9b508c8bd74f165f75ef5e580c04f9d4006baeb042c85590c567014dd6e25898e2b3c69866a8840f888cfb0560d10c8e161dc28c3c4d298343176ed320f3d4b2e5e2564da4a1f860e4e4248003d8d8c62019a2baacb2a22478df32757fbc134378fed090b9633ff60aa315d0eb872e2804bc468221827d858bf21f82d9afc926de2de999c5d6fb41d87ad306a01a228b3182831c141e2b74aa10fcd107178fc98b12bd9c1b68e9d85dc5d47c1d1f861b00bc448ff74647ac68ae3021f131c0cda8ca23d4b7d92c0866ae9f1f49bf112c63c8e79bd6c1ed704f2933d1337f333ec48cee9b597f92c6096c9da8f021109a64d95a89c702f024ed7ee29f3d3ef17b4c8eef9a01c4accecba180240ac7fe5ac24855cd92c45942ad382a1b4082b7a324db045d2d89389c64b8786f325acf5bcc1f768a9c817d9096d9823090b4efd917aedc4096ccb445d32de9de6ca94c2f8fab3240e264d5b718c99493c6a36ffb91254d45ab07ec9035b46ab8df78ed2808f0f78655a19c90f55246ba553c189d5d6c6b0de41f73580b9c2cde3ee4f92e7c32d0f210150be2d5ba45cc34bc2ab8dd827525522a97bd44f131770323d6c0de34e38853121a49c164a28e8c1d06157999db6c1f99867c7ac925d0206dcfcd2ad28a62e2641df435cb552cb27b4218034b49a632f706ea703e09a3c37f74a53163cddd084de3b3ab29521b25dbe03c6eaf60e535459e1758cc78c487608e81030c03b4b00d844d5c358a6fdcf48380777ae12e49feacb3efa8cba48a8756b8424c7ea500c334e6b03422d81f7ee2a302d99f956c1be84d4482919fc8074449fff4b4685aa9ff8fc4dc5a29d64614a6cd9a4683cc6d3b25ce783f83f11eaf74f46625b9f35b4ab4e5c679d1ba2c4ed080a0d3ab4ced08441405dbd3b55b9deaa9ec8288d0715cc1828ee0444c1205ec022f18b3495eb9adda359e29f0b4bf0391a4a28ec80dd64960686a11aa79a293d322ade259e4cb7d89b86f45a45c088d43a29d97b2a1ba08fa005418f0a3467f9750b0b84c7c2af3ef76a3d0ffb81c5c3a8f7ccb2a4f0b2516e5e91aa095868c35fbeee09ba5694c9c848617efa2f800c38aaf1d29c43ce45e053426f4a951c041d1b4cdd784c45d7a649c390ffc3e4391a4deaa16e4d56da060f8f5d75cbbd5eb80110b939b1db478763e8f75c76f04b39c3e78f0f5e3ea3e696f10826745833b7b404258f5abc43c930165f1d4a0d6ef2267d84826b0e85df8948006a8c1d44ff9c353432cf7ae6c5e35ab2b8a881beff72a702cca7e9e1e97356b88a434b498862d195584b62fee6c6d4ced98419598356ffa171e15d2766ec864cd60b05128dee94d96"}, {0x110, 0x111, 0x279f, "c5a526de93fde9d1c2b16843c0cd585e00ad3543d88d2a71f9dfafb4cff6c10d5017475ded3d765665c0188341f2b5ef2bb13e121235f5b772999ff6cfb6af40b7ae84d65594c3767c92cc349732f479fa28d0914eb55215418fda4a11a11dce45acaa03bc744c01ec39b95e1a59774fc9ddca91636a5604deb3138273bd8e0c3cb6b62df77011e9498f3e30f14fdc4207f9c703dd5975541851d151b0d7f4d9a091289c1e075c610321ce9ec3177712a7e28f36552a0e2d8af58f8d968b1517c320af37fd73cced34a94cee87c254147b0c49964392013f0f2fdeb93b685243e34bb6f2b9837dd4a5b74d98dda8e06983d2779cdb76d969224b"}, {0x28, 0x204, 0x3, "e77c54856b2aa502d5d4f1c91b8c1f860539354c"}, {0xe0, 0x114, 0x1000, "0b6db881590766e00929886efbdc25be3378e42084b76f3e83fb143636a97071b83ab7029cc6f9da430dcd428580135ce76971cca09107d1af4fd00ca67460ac42e42a96c4a451fad836e82899fabfc3c3ec4d63e281056356c8686330ab38fa736b41ebdd21a1c2d12b1a430c08761439bc6c950012da97b8e6bc2f7b6895ac627900891d747ac2314c8432d9315f342b8b1e201eac1d9a12e02733077d8c6eff552c90c0ba65b94f29afe98e467d6d18500e0dae871833d82f3297b70161193ba1dcdf36f8624451249e7ba1"}], 0x14d8}}, {{0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f00000019c0)="0823c765fef4581975c7a3bf6f2a5820fc172bcc54d33f2a80968d04aa44d6e9c2d258c3e7976d0a60c432ab34597ba7feb12c943e9e56e187cfd53279da0938d9cbe3a0078b8df530717ed29a80044856e5067369a57daac4b8eed06b375d61959699afcb9df475100352d8715c959eb4a52dbc78ca8eff85db9c366efc592c8783021aa860984f6c6a8cb0aeee742a60761777bdd5ef675f32e75b79b121ef184171e5173e64f74fda3efcef0e618dfee3b565f0d948c006411c8564f20e23044692c07caf6b05e34d33a8aefe0956af8489022278c6f4a9a7c50c99aab60c59", 0xe1}, {&(0x7f0000001ac0)="4f02de67dfdbde22bf75111811eb07fc6d4b290084488ef63ab9ccca78fe3e55c34872f23c3eb8521b477165185e4dd59289e9e7a60c53b8d7334a0858fa8af8ba887c8b180859e11925501f7f06645a02f6c74cc49c2c84ee18a4329ab834aa68e355a47a6477b69cfdad80d4b541bc0929d6e56b26620a0c2447b0eb7e05251a0cf8fae344ab02b7e88ce3cdc03b9c859f8fbe909c23d9ddaa92e1fde8327aea7b680f3e03b76a41dcb5db868fe9e224d2e8074a48904be327d395ae17e556fab8ea269e08a35914b469", 0xcb}, {&(0x7f0000001bc0)="3a4c28250ba77ccfed9be4587f2d2d8fea86143fa954667ba2c9c7491ca5e8a8988d98b297939edd0df66c9a4b6c38308aed59ebe02a2555dfbf8005eca1e97b29f29d7a1d2173e751f35c7ce1a71824c69fb55307597cecde3b58b4ba56e8ed79008610cca5cc6e9eec7ea6659184c47be7e873b01def2499c1b72c5fdbc812604447e338661a5f85c7f96a345dce061e983231295f03c5fe46c090f48469931a78fb8d81d045556d174472dfb5a39c1a40b161434cad0ee6d134644544c8174a5af859367891704855468ed14eb526832334f3aaf082c347573359529192", 0xdf}, {&(0x7f0000004500)="18415defdf133631444a148fa6692ff06eb2c71978c91a2acbe86f297bb48b4efb7863aede8dd80e907216ffba268f06e91d9b1cabcfa85ff77af734d25b4c6351a23e2f2f03b110c62176a428eac340ed310203fd2a8dbce5e1c5ace250a747c349523f5d0cb05971a1f404e35b6141", 0x70}, {&(0x7f0000001d40)="6cfcb2e44101bd09df8ace89b678fd130e9a9872432d67d7be9c7aaef5aff115b0f2ff174cea87fc15160ec79d5faf685ac5b430336c6d39b963f9deaf46264a1841f981453c0b824548d5028be35c32ada892bc39ff8c5a6d82a7e8dec06e80be0ffda8895fb6d8f713f171adc99a49e958", 0x72}, {&(0x7f0000001dc0)="047f6c9d3f530f04e275e54f81ea52627b97ad50541a80861afb3f6e8caf483670d78ced49c6d4e5546ee5d85356c9d22ef1cae944e826381a4497323fdad4274f13995ba781daa55bf37346f28a9090f61d55e3c0f6c214a678dc2cb9cea9850a8a5bf41d05d636dfbab27c33e76ef2ec7cfcfc3412cde712d5394c4c8d7571e3b87674c4c8a6a2ffad6ff1480166c40ddac680e31ea78a663da9ee3cea4dc99a81eb376f75559ef522517a893c62398c4a0cc066340747a84785b48d00", 0xbe}], 0x6, &(0x7f0000001f00)=[{0xf0, 0x102, 0x4, "8dafa473b038580f22358dec7c296447be0093ecddc21eb29a6a0e74b8dfebb5ae9a86cd14edb9e3425bfba76fee8d134c2cadea272fc5485dbc8fd95a217ab8390df2c27eeb645a34af9f9757e71bdcffae06b14bccaff47b5773b2b3b8435b43348bf508c6655bf581643fd073d53f2b2dc16e0e440da76e855f29d79a5d90454126ac098b94586173f2dbd2ff926c04b73be0d71ec86c0a094319f60850685fef0126dcdf5c1bee1e9976ee773da991906918b23d010ba36664023b9ad9eeb11667b8415a53e1f1294f16a11a635c4e7f200ff73623da81"}, {0x1010, 0x108, 0x5, "49444391b6be93bbd9a6413451817e3a4c285b02ef35ab2975f479aa4a82df1bbcda64ade3d786eee7be69db7f379a5ffee5522c5df27d97ce1d7e9bd14470e5d5ed9bccfe3d69f4c4ecb5f2f950470cc9fb7cc57880bc09f15761043d064c43fad5ae2cdb5e6b832c390989d47ded3e252eec241ebe2e8e4ede7d32331ef9304ced574ef53d515afe9510eaf103d6f0c4f59521d2de9c6a42ff3ef3944f29d64acec41d05bb5ff70df272e447e94508e4b188f73197b482f6be48e4e1eeee099d5b6ecc18c0248aca34f247bef50e373896b36b4a65b4f37fca5d5d15fde85a3b47a408eb508c8c9d1d80320c2e8cea8e0755f3af897303f571958daa4ed80fb106148c069a776987ca09842e1322686a53cf9f86d3c369f2b860f3b18568ec2d39a458ff2347781187cab2f7970f558da093db21a79f2c90e76bd9cdc83800240bbf19ad41102422355b278a0e2ebdae6f6f86036eb3be92ba0e076d828ca94656458985dfb5c451999ee6b9cb0642c7e20ca36221fe66a3b579e316832261ef5d87fc46534c1a0a7842c5f133b1e50e0e0c0ae95f4cc612dd81c5998b89a305b2af78632ed944da318d5240c0fc13fd7a940c7bc14a38522e6d2a1e55db0886d015e32ce1364cd9ded924e490f49f556a0a63487034d73d82774d8bf3800440fffb0f61cbc9f4c3f3a09c8843bf576880544b7671afb663387b11774d5538f3199bad54227c4ed6f4030291618ab8e6d0ce809610de91608f1b72e31d1448444ab0ea8da46d3a586af60a8541ee819e6b3bb0fc65884ab4ac61b9640dffc797e7f374cd4bf6b5ceab4ac8274ce848f75b2f9a9a54b435b5ca36b57c49f27702f2002644972a8c65d3ee6089ebbdd9d2a15934be30092ab9ca43e96898e6c21d2c90ef7ae80fe5250d91f91ab0e32046418ae4eec4ea1a3788141309611887d3a9da0a47525311b2c8d07a16e097539f817728f92037ca9b3b35ca588c04f7e9aca76f6ae64477715bb741a70b93013773f433a25a6f852a56110d42ddc0418dacb8ffa199ca336d4e6d685061e344fad520ceedfd360cf301e635ecb11909262d9e5906d669bca9d51cc2fabd553ae97c11cd4409a4730c1ed9e5f0806a2814559ce741bb9aa8c553d7da68f2554ddff8b6fa504297ec05b5c70b086d9b2ac84373270089f1256835de6ee7f0f78dcfecdaa2fe404eeb276438f516005c9a4e0be8363411be3cffbf4f65c89fb15dcbd19286f908001c45c6c7a0e5f1d8eb1376f9585805a91ab2837c3b8178ee7363b007b2961a15a0cd91e75fc152b0082b065a3725ffe90d4f92b09f22371fc7f64230de79fb10e6cbc1cf3efda28adda9e40afd07aee488643a22ef955fcfccdaf5500991694de82ceb3fcdc4c96d825ebe6f3a87ee7579fe6c1c0241f4c2ce4f9ab6a25fed5fdd10ee1406f3da05e8f7aa4e84fcc742103e815326f6e9c51783ba39191a510fbbeb16ff3a18d6c5dc0aff603eae7b557e51e643bd75e520bf921eb8e4587592d82b3da062cde8f7964cdb0817c61a365bdfa6524f4ec7c504aa1d8eea98b03f555de34655bb3d28eba76a992fc47a8e24e02b66ca56a1b9426a1d8c7e4613a31ecb1a323382dde8f6a87bbc1f2b664258863cd04ce2d47376564f27f6bee1505ec7133ce0488040855b5625d5fd8dd0e34b18590eabaa9aa8645aa0f48cd9349fd786472ce814af22baf7687475a38875b9ba22582abb7c5c7e0219c82e10d89d53a7248b877c22ecf86ae5cbf2a04e72f6bee4597ea8e9b4c4e9a25eff7209ad02128025645a7b95772aa4fef4b3fe12a5e1682ae68b2da46a6ed247a43492de4c744bacb3fbe0aec42b29a4005fc88117a257a746acd7fc50fe3302991e017fd563f3859b3626ae6c4b1e597e22a8ff2698a5f1c4b12df16b6daaf515fc272a5cc6db3e0168d0eb31497795c1026de82b7aa6401211771267b937dd3969ed9b43b910564bc1c9cd970704cd3ae1bb6972a3f49a25d82ac7ee5e760d62c353480e4e47d9ba7efe3cbaca76287faf06b893a58124d1400d0f7236f824154b79f748840d700f0744e9b34c91d5064a15345e26eb10cb99727bf44c7e627d76bfcd3b815a084a02a690d3785b72ced82b8b21d0e3a50476f0859c001c7ce507411c03dd1da6ac2fb015ba1f20c75ee87f593fb3b1a25d842172d8a8081df9059acad4742065cd7068d788746cd9f689bdf6186e63e10b83c7bba41434ba0e4d48f56c56701c70b42e36babf39baf10e98ffecf166347a5d04764822ed7e46dd00b9ee3a9e99ccc999249cbaf1a6bd570d65abb0edd127c68054a56b6292e7d0bd58fe2bb5be17d8ee8112c7f7e6598ee73f818676863c6b815cec50eb5d43cdb9e6a61306c2831d6e77a3f7753c27991e33ee609e96a07f82a95949b50fd8be05649bd9fa3d61f92bb57a0b65bd9ea4705922ae4f6411c84aaf0640cbd7e8aa69e14f915a6eeeb3901af6b06caac8c0cf46090ccd3ddcbe79fddffa6e19531f36f29e5db12b2544fc4bdbc2d5190ab5eb8c345cecc95147d714705b14aca1928756df87e09ab70da6db69411c7ec1827b5385f6cd4a2149cde7daa23d9beace26109e3cfaeb5d2d6fc0258adf265b5dc03eb351b0eec45a68f31f5d1e382cfbbb9a126c16cb8ff6f37ca0ed21e23145f0a59b56648524fa6d04936e0295db4f3559d9f75ca1cc08754480cf1062f1af51d4fb55d2fc6aefd53e8045ca91045a0ebca2750b12bc6219eda80aa9697feccce07f4c04ca73b10fdae44dec8a394ec37bfaca9f9ffe716bb4f2d1df761146a730df411a0d4fd80c936eb1e99e268c3fb31233059a25db96e1b60b0e05b8a413db85432c7f46197b7e796cbdce6e1c08dd9451e588bbdafa33c85622eec959d7ca972081826b33546e81d4e6eb6583ac331041ccfbd095308b6101311af7b7c7e67dcb98ac342a889a28e8a39af48050b6d5e0fe174cc7d9a06035140c73155947e181e2fe614db20cc14206c52e9c79c31bd1f85c1d756f231240257c20ab54fb4ec40f744fb068cc24a80b1be7cc10c41abbbc31f68cd1f6790048f81e98454ec83dd8672494c31a59b48a1eaf3aa4be2b6b7143b099268ffeb9ffbc9f9c5afaad09aa866fc1d862109589f04780a5bb1a1de5d1930dd6ab95d5f3a9e246b46f2be79bc7667fc610205463c647cf9ea55b940031e53e5a1e5b6697432d0dccc13989ba4106a6388232a26851d2728bb9ee8b06af9db5901e76efa9e5678c4ff73e33e786073d83537c7d65fbadcebe73a3925ee27c97e9ce79e791858fd5ddcfe25fa5dec41b4537cb2cd819c560981677d739865fc4457f4b94926c5ac3c75ac3a21ddad6c5c5b99acf4f672baa08f8a592ac08435e998dce965b117a1929ad20079a49a3f489e07f26edc60fa80233832e5ec681f68cd20d4126cc9d622095bae805dd7bc374ac98b69b32c745a9e38ac22836949354e9a439dbe57b70785810db5a369d188d46ed1df12bb75b376d67c4d4397c633e784f3178bb36382640117fa30acb01116919976bcff8179f8e66878868cfdcc346e030b7557598a49afb2e906a21bb7dda6326f79c9e3cca6f37459b77a41f94e08ddb0ce83d9f520a05f2557960ac8f756b627ae2342a0849c1ddd3e6f772f276245bf4774154ff9db5bda0adbb882a57806385b811cf88f003e7facbb95afdfb42d93291bed83b1d59a35780a0db43beec0962008863a15caba82ad8b5d0f98d0fbcbd18c102749f192714183c97cc1a62b582c094274c3aeeed036bdfd47febe1b041e57dd68e80ff1bda93f10991b4bab1dc1a4ced19f575b90052a55563d4e2acc30e47208d8b646dc08a8446a0152babfe0982f4349429083877ab0d3c9f87129912d70c578532763924eae42f63215a4c5f8746fc40fcceb199969df78a6961908a683e6567cb3eefadfd93f61dfb6a4f678f1a57cf056d714004474a7b9363e29738f8367878e1cb0b387d82a47616cc5468e35a6d28ebc4e9863658254b5f0c5c28e89a34315ca43966bd8312ca88213b47e0f95b32b5ef86ec15a785bd18a6b3c6dd91c279bd290072f1dc2f9eab2b0403499229a95f53f43530fab9ad95eeca8dd85adf8f932f32163924750a75b76ae77f751732770a90af25664601f43a119671f62e9a94ccc786240b4b17bac9064516ec065738a23a573689dc484c1d36de1447dc979393d6186a0efea33113eeb84f19321d107504e81dd46fac86bc7823aba2559bc351dc6c35edbbc674d8a8bbda40dab3913dba1a76b63da54826eac2a7dcb72902ac2d5d0b499041049457cf1221f029f4758341517c9b57d750cbd7077267ab5fa30f59918d3799858f9af270669e3d4d1a476f77f6d1d6eed1028c8f246ceccbf58fea97a072bcb62e0574c77600bcbac574152a04644281dd97d4eb7af589c220114169ef0babb5b444ef914cc8071534ce2006d26a0aaa9369a45553981cffd9b4a1c5a6651c287723f596221bbd627a26a508af49d1feedf9bfe61d2ad5d225c519da7ce6a987ac4be11f61f916945f862183204e25494c88df803446aaafb942159af575e6ab4da6998070f385c26b49a611f71eba604ad4f12def32593229b19bb53836242e4751a06fe690429f2e30b0ec20cf6b0859567f4a5a3ff68e242fc4ac2b71ee816373d7dc9c527029545182c1df2b3c0413db785c9d855eea7ff9cae167a74755e1d3bf0b9c9c6fe4d74f1c9631144a329867a64af599157671042c9eda172c234e584888cf203a9e658c2ce2220ad44d409643da2f423fab67c2070c47ffcf91e86db12bbb8062fb0324588be4836e8e4ced3d2609c5a9d2206d4ba2aa4880d6fefc4cffc27c83e0e85febf9ebf1c52884a00b8fca5478629ce0e4291a7ad1f33a34d9b9414fe0c55811dbc15f3afe503b732972e1dbb73f94d177feb2bef9504e4fd171a9dda6fea4ef731053a30ad575db7ff45f0086b4f48182ca87029372cb3154674422aa64c2d9d602fb3a2a5e40dec3969e80250f66b555bc373889350f9f6d6b50b27899c87b654d8874bd0cb841871fb934e504ff6cbc91bf825d50f3cc2b918fba96d3ee67169e50142e04ce047f6260385fc1c144840951f78922db5341e624a92a53308c7be3dc805f520d10ff2540f922e7cbc3977672630f68a410a964ca5936b42fa81484a79ed61f5cbf75249367e0060a5db6e6c37e08fe293f5da4c44612c41a90e44273803652d98a8b706baf47786fd3f78b6ba7a7f42ef968818f860e3dd6b10ae88d5cfcaf8a0e1f54aecb1100d6997acacc0bf0b3942a04763ae8f0eb0eb5d74a68bd698db9f3a5250ac6dc7fb246b51a756fcb82f86a71a10f1d6301db9a8932135801806c8a1871911af4d029dcb353e8a5c1d7aa21fd2590b41484958838750a5c82d6bdee1fa1b1fb6231dcde155ac26e1f0bb251c1f8123ef6504da67eb4af7ae3a724e4f91ac4e9ecbf858a1c4fd5744376556e7465f2a3d78ef17131a5d9bc00e3795b9d9b261b374e82f538a654ca01c2c6e5ec9c77b02277384e8476a1af6822431c6d46ea2943b5adf98a7c2ceef4b7f31ccb11c0034bb75526f3e7fb0db0a165d089523dd9bd83c8472fbf599fa484aa22135b91a64ead059cb51a963ff5e88b72d397c4ce327500debe52e85ceee41c3c3adad411c615252f255f4e3b9a3ca0d1500d3be3bb115859578292e994678906f268a18da6c5df9d3fa00b3b98502303f93bf5877fffe1bfc3a3ace44b3bb545435ac072e04de2049d138ee7"}, {0xc0, 0x88, 0x2, "560d86eb3403add0258e60c97f57f906204fee69fdcd4494e6314521f998f3ebd1d07005b643edaed9794b3e3c6f4daf985c8c188900d38454180512e518b23d43462e69dd63f20f82e6c6ee4e9eb400cae742c11a12d6b9044e04a6d05cb422e4f4df44f9ffff5bef6faefd0080fc321dc498da905af2c2bc727e2b4920c40cfcda3044df84308cf5a6b7aefc672ced10442a0b3fb9f2b195aa475354b48d1a719c12287ea5a799f9"}, {0x78, 0x84, 0x0, "65f1be7c4ba49160cd42b417d172db16e9dd5739c37cfd7615544da7d6a13d9bcb03c83b6df115765e18e9061698d629ab48b32fc7498b8588c204c556b1eca85000a893d64ad499f125d172b7e75dcf6a1f7e9a8a274e4acec7f133035e2e57efa8"}, {0x60, 0xf0e6c5cb48c7e47e, 0x0, "d56964d9c9503cff57d3553e5c99cf855b02845db8c35939f2eadd583140778b4bb075bd4bd87ea5523e96c7fa9c47c57cbc38c65f39affea28878eab0cf90dfe04205303a1d890bc64716e4"}, {0xb8, 0x112, 0x5, "2440e88a73e6ed4082bd3a136e4fd4d1483130d871cf20afb67e2d7f0901df68aae79242ddca34b6afe348ea7ed5417cb9968246be03772bc668f513b4d7e6c8ebb6667ac1c734b0305ba8908f54e576706870a220d08d6c6df765c211f78ef89e930650b3ef11d1701dd0fcf56ba74de68f0571080466960bb24ef0bfeb3d9bba3e90adef8db01284af6e03ece797e70dbd1da5b9bb3a5b785c85b28300"/167}, {0x30, 0x100, 0x1, "6db63355f83522b6498c75759f7219733ff893c8dcbe5b7b8f49"}, {0x38, 0x101, 0xcb64, "7c295f3e5cb34823523a313edebca3f3544c67f13b73305e3e5f6c08cfe4b6f0e0cd"}], 0x13b8}}, {{0x0, 0x0, &(0x7f0000004400)=[{&(0x7f00000032c0)="ba51e7", 0x3}, {&(0x7f0000003300)="b27ed239675fd2ac8b819d8b26c6e3349dd8df49539d6f225826613743bd89815ef2fdac965d6cf4efeb90ae81907b7e34809726090590acfa81079b28171ab8990fbb483a0cb4d742b75a65637b42c466cef4f48321e947a832e2e79beb41959a684828aaa196281bed444bb54c1a1cffe1b447dc3caf5e59e290d758c6bc928107a8c5776e6593d694ee11ba1344d95798d998d52f4f2a3b32417352f1221bbd5972fdf79b74df7d3738d28eb1d35a59a5caf881b4b213abf730e4144c3eff4cbb8c7337bd28cf3962fec58156cca1140d68379aff57fd", 0xd8}, {&(0x7f0000003400)="396e727cc2f066804b947ebdf73d70719c08f93012bf0122ab3b108eccdaf42af2cafb64a79003c54a32230923b0ce5b8ea6269c49a737d9d5bdc5189505c47387697ff823ac28248fbf10e947a1fe789fcd0ab726c8236fb9e45cbda5a3ee8d19266c414a0f1361d92b393fae3506474eb20dddc7ba627264d7f8e95bfb82a0e4d84a68824623080863d2f5bb8fda63bb596a0cf04b1896c832ac81ffd2038087287f80d1cbe2299fc6b17d2c17ef65d7955c3de758e9fdbb7a4f552d7e8dfb69d38147f509b34169272a15c69aa4a2e394227f8e88b5bf350fee296d7d113e88857dc2a4ca7776c7eeec5cfff93bfca1ec19b2d50afe0a7d3323fac48a737f210ed84b4667497ca6c847efe5ad92c3fda7715e6359d7733d693937783299e9ce22bb7c339f1cb7d395144d93e648ab5e48c331865dda8f3bbfd2952397f0c7ef5683e4f8c53681d884266e0c0fa440c032b8b97746285283ce1bc4326af338aadeabc75b1a1d6fd6aa20d0ee04e24dfa21f650f73befe1ab1affae0fb2f0572f8e61e68f458d9bdac3a9a474dc980dc7abbb7f055b256d5ba6d2f54de1f111a679e3ec6ae348c52d269fa070ea63b20217a3fdb452620933a5565e78ae1e8b8eeeaf14d7f7143237c82e2697e5d9f25ee41545aec3fea7c48b1071bdf97c8b3ecfd5b819f7d1dd6ad7a517455bc25cf3d4a09ac2857fbf52039e4ab5e28a125467a9ab34ddb3c481ec98b6d1597885393553b2a3df40e152d618712a17ee0515efca8c1cbdccd46ad8de19b4b06a6b787ff515d6d9691538874727f98a162dbfaa86c27d42ea4ec7f9e7a1cf8595b549452325f9052d6e1bd8dc24ee4b5ddeaf32ae7aa9dec674e6028b1301a3dc8f41a30ebe875d3cc8abe739edabe32fd518f5869de1fb013913ce24225edd0d7efe562bab8dc71e62599fdc3faa3950207647a4df2b2e7fb52c6c8f1a964c5990deb1300ab58d5202aa89e345445e787cd86e58ee0cc8b33c356de404947ff66d3d9bcc77cf396a780930b18a211985becba94d988cd2cc070a9780cc01975c38e5a9dbc503328d99101658a4e949db498472547165a5ae1e850481ca61a54862a7b1a590041ddb6e3fd041c6355f54e258bb7d48bc5620aa087cecdf0bcfb9d299386f5915d17d01e359024c96c5eef2f0f64299df4e4f300325e446213487b819d85d5ccd7c4c6781eaf4ac2b4305b7c421916a8c4382d43763c7c1d1800e5b85219112d4815104de203904459b8caab2fc1f425da3140f5ebf35cdd4f38e8d1ddc270dfabb8b3cf8e56447b94ea5fcd5823b2370c449f7e77f0ee84e4f7a10522f001c25538103834830c1848984046e8a788c24d2fd29adcb5ad24a27ac729dcfbe5029fca95e56341bf4b684d725fb9f815cbc5dd5443cb3d52667ba274c6a862853f3b24027addd8cceadf2a803b1c89545a84cf8babfafb7c98f4cfbdd61277009c3c7aee1c4dc62fa788030d65057c57c88195013366ef7d8ac0f51b3c66e012b0cbafee43519eea9d8885bf7a16ef08950e6afe7d9897048a75922e2c79090041f5f0da134a26f9929ac46dc1fc38491398141cd531aa1c605a4c83eec17d4344acd25d4ab4fd5f2d9c086234a50aeadcfa056bcdcbc39eeb4af06052aa711f61bc6b94d97a5e62e58eb204d37a49fa54fe4095236e08733cd4f04ee42f9a735289e3364cfc4a3fc34ab2d294200a9a9faebc868060e5c32656119c5a77c49ffe9609ba810e7b805b579fcc568236c9f4c2a35bc2d7a5779d1c403d57c274a0f24dbbf2ee318f27f5fb7da9e930e65538173676d943df7231a078387b4e2d24ad3fb4fa244a3f4fb2807c8d44bba167dd17604e34fa9e1f7796eed6e711dce95b6f2915a43e7f818f231cd1c5c13068efed8c2097cb6e5f04135c140a07d34f4bbde80bffe312e5a9182a3a6551b02f5aacd7e93a6b56cd13e710eed8dc55489af14ef819e95e1d6255a8620fa6960908a6a772e51972ee1c192921f5cbaa9c37e4ca23916df08d0b4a3a2f7fb6c41f1446af7bc727beb0862dfa33a2694006c229b4c8b3d2a8cb276d207c810d3643478ab726bc89686757d4206b34ad3137e2a4cefa6883f12a1cdf10cccc2c7bfa6a3fd70f96745b48cf943061aa18f30675bd7672da191c210c877c1d958b84abbd46dd2a7adf10141cfd9c72ccd932b8ba70376eab6c5ff7cad9f0bf1122d6ef61cd124fc6e9e753e23d57966a30a0a3f797ad55a176a9d987c5094e90df3798af28b36cd0d180d5fd2197e38a38466f9403e0070e6088593e3ea38720935c3dd41b4993f6fb5fabda68d6004cec525c5bd58af427009afe5516f475f455341dca2ff2725ef966e8de5760d4d8ffc956c4b884fad483f41076a1c8a338e4c43f9aa2e347bc38627b02ad68569878b716050520c2b5ee11415b5a8bbc3fdab253aed6469a0a5def191573f11f4e0e407ae019e7f1dba9d895f3504665103f881e21f8009cc63c22ec751d4f63674d3bdda6d5c4b079e4e740c771a913dbe4035804c64299d0d29c58f60cc6503d3ffed735a07d2a26c51ee35ecfc020a2d773d2576706b7cf912f864ddc765b26e5b2d5757b87935e426a42ab71f9ae18a10a9576aae3702d56ee36e5d7f26111058029d66b2b91ae6ff986c17adb7114709d8e86da7ab94adde2ca09a6672ed54db8096d99056dde263b123c46f61acbfe443f63cc13cfeeb510029543eddb97c13e8f7cf34596b0de7ae60bfb3936a60958a93450d91cb642d30823c2b5d2ab0c341ffd82aee32adf1e0b932cd7dda8589801c2ecfe5b2e1cbb25386c39648885135d54edde5083587b516ecde5f0c5e4074921979ccd1b5e97e4af1c723c30bacbcff2fc1ba1fab6c93e36af3cbf1a3b5c502446419bd838a57d6ec1b55b8d2bead581b98f067c89adb3b61689575d73734661ecc729a39f2c76c78f3af4ddd40f568726616f4bc0cb4c656e993277a2e02d055c7b1e17b98b39e6ebe393b71bb77052ed1dcd993977face61e597ec95a14d60b395a670ce7416746ded985a572947febe392615aad5ad93fa558841bc2d29d67fd8dc57c58a2d4f83ed504b6ca24bc71111c546988ea7c79e927eaacf69edb82060166841b47817a3deb37efc78fcad1457e78d4e9c1136d759d666074a182b371695de7a8ae874693d24ba0aa4f3d75de1155bb91b104c2cd22db9cc92ed8d47603d49ea4149b8dfa2bef08f4adc01a68261411f6f1e9677bfbb2104fa6662e633d7ea6d31cbdbaf05d537c151616545090789f989f0c7fa8de5364f8f89bbc85399646b92c337a735c7559dee535049eea2d37c251fd70df45b3465e2314e97b327ab6ebd3059a4d2007fb37086f2da0cf4f2fefa52ab800fcf87ca73bc46a586fea025827e0794b222c7eb7ce6ededddbc6b9fa1d2e6448e807fce3970bef57608c74521238a0a558c7e0481a2a55e13371eb21835af3921f5f1460218e6ba913f1c34cf747fca0fb3743af94058d3c20e7661d885e2f324f3241c8b0fc727dda2c5600895b79df63f242e00a7a130a4e4cc098cb73f7a73f912fe3a18bffb1ddfda7bbba0642a0879fef84c1fe0c2ee211bc4d04d34e21648c849287f2ceac348a4241792e14c4a6ac76514e7e901c95ea6f878c4f8b37cbe2ddfd3145e53903714452eb25cf16f066a599cd4778a18d6e1dfbd01812da7fbbb6ce70feaed070a017b60d43c594a2515f025e52d6a49adee64acf3ef9653ec4bdc13a4cd4465e52da86c691450eb8ceb629ff575c5abf3884de9488480ec0f964b21ded3a517714b8806695211496c647f24b0a71064b1d982818682134cdd2f5e21970f206c2ae0a9ebff1182dce911b8c654f604782a68942f9dd66551ec49257869f3ee7a32ccfa785ce3d09b7f4a5d6489be004df34d9b1dac901d2647eb5147d7278a1cfcba4626cc3b1ccabf55b539f139c1b054685913734ef6a8a33958e5f44040e94672c04cf7f103a585453145d59384c2508740354e6a3b22a062018d401effa797c921e0ed3e25d826b8d2c3ba624f78fbe03f556aef3f2f28c30d371a1be7c762c1232965d123dca87af648e8b67d5e5819608a074bfc047b2a006698cb5142241b10308892f56b9bbd9d4d78e9d64bffdeb7993463924611dc7afc4bbdc95f005f2b1110ffca5841ad84ae8218b257fafd70a7dd67467c7dd256b073585a48002096c2db3b5423bc90afd524611c156f29eafc978f214254a385650cfa7cf3284ffb023722988829d7b60c5647d19ad5c27ecd5e9172510b4d73ce138f341905387ebe97b6f5a9945c6d03fd353ab12baec27bc6056d12cc0557ce20bbcb00dc8937dd934d4eaa1cee32a93ed8025f6fb84b562feb15f6d9a1c0311cfd712787c09fd5fcec606a46ce72b92e70c3e4639155e91057a21efb24f2eb83a5701f43779befb994e7a92e111f2d27ecfa18d327a1705e57f77ca4f1a36575d389b6027c21036b438656dbd04ee84faa94bfe92c83e5293c0fa3996b90b19bdc8a0d60350d69f635d2a8b06b794f73d5d6a040d01c2c924ea7b603be9494997f2fcc59666e44d426a17b827df84bdddd92082674cd8ab2718f406f98a444a268d6f14317965410f86abe3dc7438adad296608b66393396b81e982e650984d00b6f52e66dd8d82f7fdaeec58a62346533e3e5f297b9f540baf3c2d8e27df4031d9165a1c59ac19d58e2462474cbbcb42523e56960b8c5b3f8af3af342569cad1d42452c5a30983a00768541270649ff1d4b647522de3c760a02a845a81659d0b88db0aeb9c822143d226174a06ef4154565d487ac8b1f3eb03d9ae28707137d68c6408b93749961620d8cc1e6377908fa95ea4d42b17f7da67636c8ed5d8f074f422c891b1d71135f14366c7c3f4b13db5575fd9f8a68593554fb7bbda2936b5b9d397173f9820dc61b4020fa078d5b06dd77d5c9f06580c03b1ca592d491173f2fb61346b5561da7ed2b0e0cd61d3e88a4c6dffaa0cab7b33e7c8aa8c39f38a431a6cfa6875a3351006045a3039bad92635a405705b64f75fc58b11c3ad58ccf7bf416895a9520a4deb05388c7a2651f33008f9cc22240beab46f9b9e9d8a731284c356462eff84c80c912a95eace47eb828179b279f39bc5181c2c4f529c9333640ace3d165e36bb3a6f4b2ac038f1b79b96f71259e37814ffe76dc7e8fafd046326dbf8a2e6c8d5a5a79152035eb8fc82608c6e9a4847768d72e822744667a221daadd28ae6bde10ccf54b968c0fcb33b5cddf042dd8c57e0f5b6f67b2f093faa8ed998f43fd40de831c9aeaca706564606112e457da0542b031d45f7d50e4ccdff406dd6bb9172716fce48b244babef08e2972bee822d4b76869ebe71f9b896150bdd64a6f09a6beee7f3f837751f547276ebd31998db07142eda479d0acd5ebcc0beabe9ecf0e18ec6b95818b32ec7a278e4140d06bfe54e48f7cd7a0b4c10761815e0e32abb6cd90e4d34c4ab4da1a3b26ea7f9a816e4af3e1c3e3eb843c19e95e073471f049b170c25096a5dbd1928e866e92210e73e8c9972b6af2120711b8efa32b2e719c76473428932b4d3c5bfa326853e270bb85d9cdfa1cd433dc4e480396f23a50afcb9fe24dc1661b1ee973089199ea87e8666650b9577348d8bd27f9601185afb36f2bfba538d085678724578b8bdf43aebc10a13ae583336a5f003e5ac55c9d7820496794d6877f6cf0a12a5864b122f4deff45a6392739dc87823f0084f3da653b7f2c5e9d24d4f3e83b49635bddc5585e7ac8", 0xfc74}], 0x2}}], 0x3, 0x101d0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0xff)

12:57:56 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$dupfd(r10, 0x0, r9)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:57:56 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12819, 0x0)

12:57:56 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x6c]}, 0x7}, 0x1c)

[ 1206.633869][T23508] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:57:56 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x10, 0x1)

12:57:56 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1281a, 0x0)

12:57:56 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x74]}, 0x7}, 0x1c)

12:57:56 executing program 4:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000300)='/de\x8d/nullb0\x00', 0x5c1820, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x20, 0x4, "d0c52eb5a56b17acc0b031ce82dfbde4e5acaaa7ab1051ba299b3f295b73502525974b6da9a33cbfb22da77478f9e64c3beb4c4c5fe0b6d9db1cedd8b2a2adb9", "11961e0851bad6a06b505ae3a6fb94fdb805d8615786dcf15feb3e8cbf238781bea46ff17439e695f38ce41a06cdd68d9dfac71a0b31ea9f3e23f60be8f0ec5d", "6aee23c135be79d35db8c0a7a91370995c28de3fcb77841c1b9b047a9ffbf576", [0xfffffffffffffffe, 0x5]})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x2004, 0x0, 0x2}, 0x3dd)
r4 = socket(0x1e, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/185, 0xb9}], 0x1)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r5}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f00000007c0)={r5, 0x3}, &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r5, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f00000000c0)={r5, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x7}}}, 0x84)
ioctl$KDADDIO(r2, 0x400455c8, 0x2)
close(r2)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)
close(r1)
r6 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x1, 0x400)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r6, 0x10e, 0x8, &(0x7f0000000180)=0x8, 0x4)

12:57:56 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x7a]}, 0x7}, 0x1c)

12:57:57 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$dupfd(r10, 0x0, r9)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:57:57 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x4c01, 0x1)

12:57:57 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x84]}, 0x7}, 0x1c)

[ 1207.416920][T23751] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1208.688771][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1208.696104][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1209.489004][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1209.495146][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1210.768753][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1210.774867][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1211.569073][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[ 1211.575204][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1212.848764][T18189] Bluetooth: hci0: command 0x1009 tx timeout
[ 1213.648942][T18189] Bluetooth: hci1: command 0x1009 tx timeout
12:58:08 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = fcntl$dupfd(r10, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
r12 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r12, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:58:08 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1281b, 0x0)

12:58:08 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

12:58:08 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x4c80, 0x1)

12:58:08 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = socket$bt_hidp(0x1f, 0x3, 0x6)
fsetxattr$security_selinux(r1, &(0x7f0000000000)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:ipmi_device_t:s0\x00', 0x23, 0x1)

12:58:08 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="48010000", @ANYRES16=r2, @ANYBLOB="10002609000000dbdf250a000000080005000000008008000600060000005400010008000b0073697000080001000200000014000300e0000002000000000000000000000000080005000200000008000800010000000c0007004200000039000000080005000100000008000600777272002c00020008000d005200000008000e004c23000008000900af00000008000d000100000008000b000a00000054000200140001007f0000010000000000000000000000000800030003000000080006000100000008000500040000000800030003000000080005000000000014000100ff01000000000000000000000000000148000200080002004e12323cab6d6d08540490da3334200000080009000200000008000e004e200000080002004e21000008000600ff010000080008000100010014000100fe8000000000000000000000000000250800060001000000"], 0x148}, 0x1, 0x0, 0x0, 0xee88dfbeb8b0d86a}, 0x4000000)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r3, 0x400455c8, 0x2)
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
getsockopt$inet_tcp_buf(r4, 0x6, 0x1a, &(0x7f0000000200)=""/66, &(0x7f0000000540)=0x42)
close(r3)
ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f0000000100)=""/206)
close(r0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r5, 0x800448d3, &(0x7f0000000300)={{0x5, 0x7f, 0x0, 0xff, 0x20, 0x4}, 0x8, 0x5, 0x70c9, 0x5, 0xe32, "5d91ccace1e007bec31ae4f5d748e18f8d5c7b675d33f51118ffb0238435df64f704e7b2dc102e7a087ad3c50e74258f375d40456a9a3af6d54d1f830c52131aad7578bf4a564401a3c5d1a52c250e699c0b46717b6b8c5a871a5bb4f57f587e2d7c2278fefee909f9a15c93d7a9bcd2ae7719865e280835169c1e9b3b95fcbc"})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'hsr0\x00', <r6=>0x0})
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000005c0)={{{@in6=@empty, @in=@multicast1, 0x4e22, 0x0, 0x4e24, 0x80, 0x0, 0x20, 0x40, 0x3e, r6, 0xee01}, {0x2, 0x1000, 0x3, 0x1, 0x1f, 0x1ff, 0x7}, {0x2, 0x80000000, 0x4b, 0x3}, 0x6, 0x6e6bb7, 0x0, 0x0, 0x0, 0x3}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d3, 0x2b}, 0x2, @in=@local, 0x3500, 0x1, 0x3, 0x4, 0x3f, 0x24, 0x77a9}}, 0xe8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r5, 0x84, 0xf, &(0x7f00000006c0)={<r7=>0x0, @in6={{0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, [], 0x26}, 0x13ca}}, 0x1ff, 0x1, 0x3, 0x2, 0x8001}, &(0x7f0000000780)=0x98)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r4, 0x84, 0x70, &(0x7f00000007c0)={r7, @in={{0x2, 0x4e20, @empty}}, [0x36, 0x30d7, 0x4, 0x1f, 0x1, 0xed7, 0xffffffff, 0x5, 0x1, 0x806, 0xfffffffffffffff7, 0xe91, 0xfffffffffffffff8, 0x3, 0x6]}, &(0x7f00000008c0)=0x100)

[ 1218.156592][T23757] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:58:08 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1281c, 0x0)

12:58:08 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x4c81, 0x1)

[ 1218.230785][T23768] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:58:08 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = fcntl$dupfd(r10, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
r12 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r12, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:58:08 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x4c82, 0x1)

12:58:08 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1281d, 0x0)

12:58:08 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5409, 0x1)

12:58:08 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xee1, 0x1, 0x3, 0x7fffffff, <r3=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={r3, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000140)=0x84)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r5, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r6, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f00000001c0)='bond0\x00')
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x3d1003, 0x0)
pipe(&(0x7f0000000200))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="ee8b24c2494294665027425970632324fab030fb", @ANYRESDEC=r7, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYBLOB="82755edb3554fb0e70905311d6975d0e5c1b437f961452932a5e8a00d8fe1782950dc8c2104f482176e2dd33be69138239006d5957568a6597b857c306000000000000003c13caa96055973f0be14718138cca5dd673b30b028961af1681b47cff4d43e9d4236d318500"/119], 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = fcntl$dupfd(r10, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
r12 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r12, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

12:58:08 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x540b, 0x1)

12:58:09 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x2]}, 0x7}, 0x1c)

12:58:09 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1281e, 0x0)

[ 1219.009426][T24100] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1220.218910][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[ 1220.225046][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1220.288757][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1220.294882][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1221.088757][   T12] Bluetooth: hci2: command 0x1003 tx timeout
[ 1221.095018][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1222.288796][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1222.294912][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1222.368902][   T12] Bluetooth: hci1: command 0x1001 tx timeout
[ 1222.375021][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1223.168768][   T12] Bluetooth: hci2: command 0x1001 tx timeout
[ 1223.174880][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1224.368797][   T12] Bluetooth: hci0: command 0x1009 tx timeout
[ 1224.448812][   T12] Bluetooth: hci1: command 0x1009 tx timeout
[ 1225.248732][   T12] Bluetooth: hci2: command 0x1009 tx timeout
12:58:18 executing program 1:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r5 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r2], 0x14)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r6, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
recvfrom$unix(r6, &(0x7f0000000000)=""/25, 0x19, 0x40020020, &(0x7f0000000040)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:58:19 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='\t\x00', 0x575d00, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = openat$cgroup_int(r3, &(0x7f0000000000)='memory.high\x00', 0x2, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x400)
poll(&(0x7f0000000080)=[{r1}, {r4, 0xb66bda073315017}, {r5, 0x420}], 0x3, 0x1)
ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x5)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000100)=0x1f)
getsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000140), &(0x7f0000000180)=0x4)

12:58:19 executing program 4:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r5 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r2], 0x14)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0xfecb)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r6, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
recvfrom$unix(r6, &(0x7f0000000000)=""/25, 0x19, 0x40020020, &(0x7f0000000040)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
splice(r0, 0x0, r2, 0x0, 0x100000000000a, 0x2)

12:58:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x540c, 0x1)

12:58:19 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x3]}, 0x7}, 0x1c)

12:58:19 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1281f, 0x0)

12:58:19 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:58:19 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x4]}, 0x7}, 0x1c)

12:58:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x540d, 0x1)

12:58:19 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:58:19 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12820, 0x0)

12:58:19 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:58:19 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$KDADDIO(r5, 0x400455c8, 0x4)
close(r0)

12:58:19 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x5]}, 0x7}, 0x1c)

12:58:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x540e, 0x1)

12:58:20 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TIOCSERGETLSR(r1, 0x5459, &(0x7f0000000000))
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:58:20 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x6]}, 0x7}, 0x1c)

12:58:20 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12821, 0x0)

12:58:20 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x540f, 0x1)

12:58:20 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:58:20 executing program 1:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:58:20 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x7]}, 0x7}, 0x1c)

[ 1230.126609][T24258] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:58:20 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5410, 0x1)

12:58:20 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x8]}, 0x7}, 0x1c)

12:58:20 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12822, 0x0)

12:58:20 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5412, 0x1)

12:58:20 executing program 4:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1230.843301][T24387] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1232.208833][T19053] Bluetooth: hci0: command 0x1003 tx timeout
[ 1232.214979][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1232.928825][T19053] Bluetooth: hci1: command 0x1003 tx timeout
[ 1232.934953][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1234.288865][T19053] Bluetooth: hci0: command 0x1001 tx timeout
[ 1234.295015][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1235.008764][T19053] Bluetooth: hci1: command 0x1001 tx timeout
[ 1235.014921][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1236.368753][T19053] Bluetooth: hci0: command 0x1009 tx timeout
[ 1237.088779][T19053] Bluetooth: hci1: command 0x1009 tx timeout
12:58:31 executing program 3:
syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x1c81, 0x4001)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000000)=0x80000001)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:58:31 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x9]}, 0x7}, 0x1c)

12:58:31 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x401, 0x1, 0x2024, 0x3, 0xb, 0x8}})
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x200c0, 0x0)
ioctl$KDENABIO(r2, 0x4b36)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r3, 0x400455c8, 0x1)
close(r3)

12:58:31 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5413, 0x1)

12:58:31 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12823, 0x0)

12:58:31 executing program 4 (fault-call:1 fault-nth:0):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1241.167466][T24396] FAULT_INJECTION: forcing a failure.
[ 1241.167466][T24396] name failslab, interval 1, probability 0, space 0, times 0
[ 1241.184335][T24391] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1241.218450][T24396] CPU: 0 PID: 24396 Comm: syz-executor.4 Not tainted 5.4.0-rc8-syzkaller #0
[ 1241.227181][T24396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1241.227189][T24396] Call Trace:
[ 1241.227214][T24396]  dump_stack+0x197/0x210
[ 1241.227237][T24396]  should_fail.cold+0xa/0x15
[ 1241.227264][T24396]  ? fault_create_debugfs_attr+0x180/0x180
[ 1241.255300][T24396]  ? ___might_sleep+0x163/0x2c0
[ 1241.260165][T24396]  __should_failslab+0x121/0x190
[ 1241.260185][T24396]  should_failslab+0x9/0x14
[ 1241.260196][T24396]  __kmalloc+0x2e0/0x770
[ 1241.260211][T24396]  ? mark_held_locks+0xf0/0xf0
[ 1241.260231][T24396]  ? mark_lock+0xc2/0x1220
[ 1241.283065][T24396]  ? _parse_integer+0x190/0x190
[ 1241.283086][T24396]  ? tomoyo_realpath_from_path+0xcd/0x7b0
[ 1241.283103][T24396]  tomoyo_realpath_from_path+0xcd/0x7b0
[ 1241.283121][T24396]  ? tomoyo_path_number_perm+0x193/0x520
[ 1241.289513][T24405] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1241.293678][T24396]  tomoyo_path_number_perm+0x1dd/0x520
[ 1241.293700][T24396]  ? tomoyo_path_number_perm+0x193/0x520
[ 1241.305000][T24396]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1241.305019][T24396]  ? __f_unlock_pos+0x19/0x20
[ 1241.305064][T24396]  ? __fget+0x384/0x560
[ 1241.334752][T24396]  ? ksys_dup3+0x3e0/0x3e0
[ 1241.334767][T24396]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1241.334781][T24396]  ? fput_many+0x12c/0x1a0
[ 1241.334802][T24396]  tomoyo_file_ioctl+0x23/0x30
[ 1241.334821][T24396]  security_file_ioctl+0x77/0xc0
[ 1241.349614][T24396]  ksys_ioctl+0x57/0xd0
12:58:31 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0xa]}, 0x7}, 0x1c)

[ 1241.349633][T24396]  __x64_sys_ioctl+0x73/0xb0
[ 1241.349650][T24396]  do_syscall_64+0xfa/0x760
[ 1241.349668][T24396]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1241.349685][T24396] RIP: 0033:0x45a639
[ 1241.358835][T24396] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1241.358844][T24396] RSP: 002b:00007f99531dfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
12:58:31 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0xe]}, 0x7}, 0x1c)

12:58:31 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5414, 0x1)

[ 1241.358858][T24396] RAX: ffffffffffffffda RBX: 00007f99531dfc90 RCX: 000000000045a639
[ 1241.358866][T24396] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003
[ 1241.358873][T24396] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1241.358882][T24396] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99531e06d4
[ 1241.358895][T24396] R13: 00000000004c4080 R14: 00000000004d8418 R15: 0000000000000004
[ 1241.433872][T24396] ERROR: Out of memory at tomoyo_realpath_from_path.
12:58:31 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12824, 0x0)

12:58:31 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5415, 0x1)

12:58:31 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x10]}, 0x7}, 0x1c)

[ 1242.026203][T24406] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1243.568780][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1243.568807][    T5] Bluetooth: hci1: command 0x1003 tx timeout
[ 1243.581032][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1243.595403][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1244.048753][    T5] Bluetooth: hci2: command 0x1003 tx timeout
[ 1244.055120][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1245.648807][    T5] Bluetooth: hci1: command 0x1001 tx timeout
[ 1245.654937][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1245.661517][    T5] Bluetooth: hci0: command 0x1001 tx timeout
[ 1245.667647][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1246.128804][    T5] Bluetooth: hci2: command 0x1001 tx timeout
[ 1246.134920][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1247.728813][    T5] Bluetooth: hci0: command 0x1009 tx timeout
[ 1247.734918][    T5] Bluetooth: hci1: command 0x1009 tx timeout
[ 1248.208794][    T5] Bluetooth: hci2: command 0x1009 tx timeout
12:58:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x80000)
syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x2, 0x2)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x7fff, 0x118000)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000140)={0x1, r2})
close(r0)

12:58:42 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5416, 0x1)

12:58:42 executing program 4 (fault-call:1 fault-nth:1):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:58:42 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x11]}, 0x7}, 0x1c)

12:58:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12825, 0x0)

12:58:42 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x401, 0x1, 0x2024, 0x3, 0xb, 0x8}})
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x200c0, 0x0)
ioctl$KDENABIO(r2, 0x4b36)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r3, 0x400455c8, 0x1)
close(r3)

[ 1252.701589][T24434] FAULT_INJECTION: forcing a failure.
[ 1252.701589][T24434] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1252.714841][T24434] CPU: 0 PID: 24434 Comm: syz-executor.4 Not tainted 5.4.0-rc8-syzkaller #0
[ 1252.723521][T24434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1252.727574][T24429] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1252.733579][T24434] Call Trace:
[ 1252.733606][T24434]  dump_stack+0x197/0x210
[ 1252.733629][T24434]  should_fail.cold+0xa/0x15
[ 1252.733651][T24434]  ? fault_create_debugfs_attr+0x180/0x180
[ 1252.759723][T24434]  ? lock_downgrade+0x920/0x920
[ 1252.764599][T24434]  should_fail_alloc_page+0x50/0x60
[ 1252.769811][T24434]  __alloc_pages_nodemask+0x1a1/0x900
[ 1252.775192][T24434]  ? __kasan_check_read+0x11/0x20
[ 1252.780221][T24434]  ? mark_lock+0xc2/0x1220
[ 1252.780239][T24434]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1252.780252][T24434]  ? __kasan_check_read+0x11/0x20
[ 1252.780275][T24434]  ? fault_create_debugfs_attr+0x180/0x180
[ 1252.780297][T24434]  cache_grow_begin+0x90/0xd20
[ 1252.801229][T24434]  ? tomoyo_realpath_from_path+0xcd/0x7b0
[ 1252.801244][T24434]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1252.801262][T24434]  __kmalloc+0x6b2/0x770
[ 1252.811711][T24434]  ? mark_held_locks+0xf0/0xf0
[ 1252.811726][T24434]  ? mark_lock+0xc2/0x1220
[ 1252.811743][T24434]  ? tomoyo_realpath_from_path+0xcd/0x7b0
[ 1252.811761][T24434]  tomoyo_realpath_from_path+0xcd/0x7b0
[ 1252.811774][T24434]  ? tomoyo_path_number_perm+0x193/0x520
[ 1252.811795][T24434]  tomoyo_path_number_perm+0x1dd/0x520
[ 1252.826998][T24434]  ? tomoyo_path_number_perm+0x193/0x520
[ 1252.827017][T24434]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1252.827034][T24434]  ? __f_unlock_pos+0x19/0x20
[ 1252.848347][T24434]  ? __fget+0x384/0x560
[ 1252.848367][T24434]  ? ksys_dup3+0x3e0/0x3e0
[ 1252.870011][T24434]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1252.870028][T24434]  ? fput_many+0x12c/0x1a0
[ 1252.870051][T24434]  tomoyo_file_ioctl+0x23/0x30
[ 1252.870067][T24434]  security_file_ioctl+0x77/0xc0
[ 1252.870084][T24434]  ksys_ioctl+0x57/0xd0
[ 1252.878663][T24434]  __x64_sys_ioctl+0x73/0xb0
[ 1252.907845][T24434]  do_syscall_64+0xfa/0x760
[ 1252.912369][T24434]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1252.918263][T24434] RIP: 0033:0x45a639
[ 1252.922161][T24434] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1252.941768][T24434] RSP: 002b:00007f99531dfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
12:58:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5418, 0x1)

[ 1252.950190][T24434] RAX: ffffffffffffffda RBX: 00007f99531dfc90 RCX: 000000000045a639
[ 1252.958166][T24434] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003
[ 1252.966143][T24434] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1252.974117][T24434] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99531e06d4
[ 1252.982093][T24434] R13: 00000000004c4080 R14: 00000000004d8418 R15: 0000000000000004
12:58:43 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x48]}, 0x7}, 0x1c)

[ 1253.038100][T24440] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
12:58:43 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12826, 0x0)

12:58:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x541b, 0x1)

12:58:43 executing program 4 (fault-call:1 fault-nth:2):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:58:43 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x4c]}, 0x7}, 0x1c)

[ 1253.200452][T24452] FAULT_INJECTION: forcing a failure.
[ 1253.200452][T24452] name failslab, interval 1, probability 0, space 0, times 0
[ 1253.238918][T24452] CPU: 0 PID: 24452 Comm: syz-executor.4 Not tainted 5.4.0-rc8-syzkaller #0
[ 1253.247639][T24452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1253.257704][T24452] Call Trace:
[ 1253.261012][T24452]  dump_stack+0x197/0x210
[ 1253.265368][T24452]  should_fail.cold+0xa/0x15
[ 1253.269972][T24452]  ? fault_create_debugfs_attr+0x180/0x180
[ 1253.275795][T24452]  ? ___might_sleep+0x163/0x2c0
[ 1253.280666][T24452]  __should_failslab+0x121/0x190
[ 1253.285622][T24452]  should_failslab+0x9/0x14
[ 1253.290132][T24452]  __kmalloc+0x2e0/0x770
[ 1253.294383][T24452]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1253.300625][T24452]  ? d_absolute_path+0x11b/0x170
[ 1253.305563][T24452]  ? __d_path+0x140/0x140
[ 1253.309901][T24452]  ? tomoyo_encode2.part.0+0xf5/0x400
[ 1253.315435][T24452]  tomoyo_encode2.part.0+0xf5/0x400
[ 1253.320657][T24452]  tomoyo_encode+0x2b/0x50
[ 1253.325085][T24452]  tomoyo_realpath_from_path+0x1d3/0x7b0
[ 1253.330750][T24452]  tomoyo_path_number_perm+0x1dd/0x520
[ 1253.336217][T24452]  ? tomoyo_path_number_perm+0x193/0x520
[ 1253.342002][T24452]  ? tomoyo_execute_permission+0x4a0/0x4a0
[ 1253.347821][T24452]  ? __f_unlock_pos+0x19/0x20
[ 1253.352546][T24452]  ? __fget+0x384/0x560
[ 1253.356719][T24452]  ? ksys_dup3+0x3e0/0x3e0
[ 1253.361147][T24452]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1253.367673][T24452]  ? fput_many+0x12c/0x1a0
[ 1253.372122][T24452]  tomoyo_file_ioctl+0x23/0x30
[ 1253.376908][T24452]  security_file_ioctl+0x77/0xc0
[ 1253.381872][T24452]  ksys_ioctl+0x57/0xd0
[ 1253.386042][T24452]  __x64_sys_ioctl+0x73/0xb0
[ 1253.390643][T24452]  do_syscall_64+0xfa/0x760
[ 1253.395159][T24452]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1253.401055][T24452] RIP: 0033:0x45a639
[ 1253.404968][T24452] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1253.424575][T24452] RSP: 002b:00007f99531dfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1253.432998][T24452] RAX: ffffffffffffffda RBX: 00007f99531dfc90 RCX: 000000000045a639
[ 1253.440981][T24452] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003
[ 1253.448956][T24452] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1253.456931][T24452] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99531e06d4
[ 1253.464909][T24452] R13: 00000000004c4080 R14: 00000000004d8418 R15: 0000000000000004
[ 1253.500039][T24452] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1255.009243][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1255.015440][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1255.088773][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1255.096143][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1257.089104][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1257.095219][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1257.168819][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1257.174941][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1259.169102][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1259.248791][T18149] Bluetooth: hci1: command 0x1009 tx timeout
12:58:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0xa0800, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='trusted.overlay.opaque\x00', &(0x7f0000000140)='y\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x7ff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x6)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x1ff)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
fsetxattr$trusted_overlay_opaque(r3, &(0x7f0000000180)='trusted.overlay.opaque\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

12:58:53 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x401, 0x1, 0x2024, 0x3, 0xb, 0x8}})
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x200c0, 0x0)
ioctl$KDENABIO(r2, 0x4b36)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r3, 0x400455c8, 0x1)
close(r3)

12:58:53 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x541d, 0x1)

12:58:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x5c]}, 0x7}, 0x1c)

12:58:53 executing program 4 (fault-call:1 fault-nth:3):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:58:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12827, 0x0)

12:58:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x68]}, 0x7}, 0x1c)

12:58:53 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x541e, 0x1)

12:58:53 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

12:58:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12828, 0x0)

[ 1263.654214][T24473] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1263.666086][T24470] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:58:53 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x541f, 0x1)

12:58:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x6c]}, 0x7}, 0x1c)

[ 1264.420527][T24495] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1265.728787][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1265.735132][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1265.742903][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1265.754749][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1266.448838][T18149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1266.455099][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1267.808820][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1267.814956][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1267.828301][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1267.834448][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1268.528745][T18149] Bluetooth: hci2: command 0x1001 tx timeout
[ 1268.534883][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1269.888756][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1269.894954][T18149] Bluetooth: hci1: command 0x1009 tx timeout
[ 1270.608783][T19240] Bluetooth: hci2: command 0x1009 tx timeout
12:59:05 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/110})
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
close(r1)

12:59:05 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5420, 0x1)

12:59:05 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x2, 0x0)

12:59:05 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12829, 0x0)

12:59:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x74]}, 0x7}, 0x1c)

12:59:05 executing program 1 (fault-call:4 fault-nth:0):
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1275.065443][T24501] FAULT_INJECTION: forcing a failure.
[ 1275.065443][T24501] name failslab, interval 1, probability 0, space 0, times 0
12:59:05 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x10, 0x0)

12:59:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x7a]}, 0x7}, 0x1c)

[ 1275.128841][T24501] CPU: 1 PID: 24501 Comm: syz-executor.1 Not tainted 5.4.0-rc8-syzkaller #0
[ 1275.137751][T24501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1275.147835][T24501] Call Trace:
[ 1275.151166][T24501]  dump_stack+0x197/0x210
[ 1275.155542][T24501]  should_fail.cold+0xa/0x15
[ 1275.160171][T24501]  ? fault_create_debugfs_attr+0x180/0x180
[ 1275.166015][T24501]  ? ___might_sleep+0x163/0x2c0
[ 1275.170904][T24501]  __should_failslab+0x121/0x190
[ 1275.175879][T24501]  should_failslab+0x9/0x14
[ 1275.180408][T24501]  kmem_cache_alloc+0x2aa/0x710
[ 1275.185295][T24501]  ? __kasan_check_write+0x14/0x20
[ 1275.190622][T24501]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 1275.196349][T24501]  ? rcu_read_lock_bh_held+0xb0/0xb0
[ 1275.201815][T24501]  getname_flags+0xd6/0x5b0
[ 1275.206353][T24501]  getname+0x1a/0x20
[ 1275.210285][T24501]  do_sys_open+0x2c9/0x5d0
[ 1275.214937][T24501]  ? filp_open+0x80/0x80
[ 1275.219214][T24501]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1275.224699][T24501]  ? do_syscall_64+0x26/0x760
12:59:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x84]}, 0x7}, 0x1c)

[ 1275.229397][T24501]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1275.235608][T24501]  ? do_syscall_64+0x26/0x760
[ 1275.240310][T24501]  __x64_sys_open+0x7e/0xc0
[ 1275.244851][T24501]  do_syscall_64+0xfa/0x760
[ 1275.249388][T24501]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1275.255304][T24501] RIP: 0033:0x4143d1
[ 1275.259224][T24501] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1275.279022][T24501] RSP: 002b:00007f49fee957a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1275.280183][T24510] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1275.287667][T24501] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1275.287675][T24501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f49fee95850
[ 1275.287682][T24501] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1275.287689][T24501] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f49fee966d4
12:59:05 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5421, 0x1)

[ 1275.287696][T24501] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
12:59:05 executing program 1 (fault-call:4 fault-nth:1):
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:59:05 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1282a, 0x0)

[ 1275.517367][T24525] FAULT_INJECTION: forcing a failure.
[ 1275.517367][T24525] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1275.530727][T24525] CPU: 0 PID: 24525 Comm: syz-executor.1 Not tainted 5.4.0-rc8-syzkaller #0
[ 1275.539427][T24525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1275.549504][T24525] Call Trace:
[ 1275.552828][T24525]  dump_stack+0x197/0x210
[ 1275.557209][T24525]  should_fail.cold+0xa/0x15
[ 1275.561829][T24525]  ? fault_create_debugfs_attr+0x180/0x180
[ 1275.567660][T24525]  ? __kasan_check_read+0x11/0x20
[ 1275.572711][T24525]  ? __lock_acquire+0x16f2/0x4a00
[ 1275.577783][T24525]  should_fail_alloc_page+0x50/0x60
[ 1275.583008][T24525]  __alloc_pages_nodemask+0x1a1/0x900
[ 1275.588413][T24525]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1275.594076][T24525]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1275.599814][T24525]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1275.605532][T24525]  ? fault_create_debugfs_attr+0x180/0x180
[ 1275.611364][T24525]  cache_grow_begin+0x90/0xd20
[ 1275.616421][T24525]  ? getname_flags+0xd6/0x5b0
[ 1275.621121][T24525]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1275.627388][T24525]  kmem_cache_alloc+0x64e/0x710
[ 1275.632343][T24525]  ? __kasan_check_write+0x14/0x20
[ 1275.637492][T24525]  getname_flags+0xd6/0x5b0
[ 1275.642200][T24525]  getname+0x1a/0x20
[ 1275.646202][T24525]  do_sys_open+0x2c9/0x5d0
[ 1275.650642][T24525]  ? filp_open+0x80/0x80
[ 1275.654914][T24525]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1275.660592][T24525]  ? do_syscall_64+0x26/0x760
[ 1275.665543][T24525]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1275.671978][T24525]  ? do_syscall_64+0x26/0x760
[ 1275.676687][T24525]  __x64_sys_open+0x7e/0xc0
[ 1275.681227][T24525]  do_syscall_64+0xfa/0x760
[ 1275.685767][T24525]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1275.691675][T24525] RIP: 0033:0x4143d1
[ 1275.695592][T24525] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1275.715303][T24525] RSP: 002b:00007f49fee957a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1275.723740][T24525] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1275.731733][T24525] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f49fee95850
[ 1275.739730][T24525] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1275.747738][T24525] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f49fee966d4
[ 1275.755729][T24525] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
[ 1277.408818][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[ 1277.415269][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1279.489317][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1279.495799][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1281.568787][   T12] Bluetooth: hci0: command 0x1009 tx timeout
12:59:15 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c01, 0x0)

12:59:15 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

12:59:15 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5422, 0x1)

12:59:15 executing program 1 (fault-call:4 fault-nth:2):
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:59:15 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1282b, 0x0)

12:59:15 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x2000, 0x0)
ioctl$BLKSECDISCARD(r1, 0x127d, &(0x7f00000000c0)=0x3)
r2 = shmget(0x1, 0x3000, 0x10, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_STAT(r2, 0xd, &(0x7f0000000340)=""/149)
shmctl$SHM_LOCK(r2, 0xb)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

[ 1285.963469][T24536] FAULT_INJECTION: forcing a failure.
[ 1285.963469][T24536] name failslab, interval 1, probability 0, space 0, times 0
[ 1285.999823][T24536] CPU: 1 PID: 24536 Comm: syz-executor.1 Not tainted 5.4.0-rc8-syzkaller #0
[ 1286.008538][T24536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1286.018605][T24536] Call Trace:
[ 1286.021914][T24536]  dump_stack+0x197/0x210
[ 1286.026278][T24536]  should_fail.cold+0xa/0x15
[ 1286.030878][T24536]  ? fault_create_debugfs_attr+0x180/0x180
[ 1286.036697][T24536]  ? ___might_sleep+0x163/0x2c0
[ 1286.041563][T24536]  __should_failslab+0x121/0x190
[ 1286.046515][T24536]  should_failslab+0x9/0x14
[ 1286.051021][T24536]  kmem_cache_alloc+0x2aa/0x710
[ 1286.055884][T24536]  ? stack_trace_save+0xac/0xe0
[ 1286.060745][T24536]  ? stack_trace_consume_entry+0x190/0x190
[ 1286.066561][T24536]  __alloc_file+0x27/0x340
[ 1286.070980][T24536]  alloc_empty_file+0x72/0x170
[ 1286.075753][T24536]  path_openat+0xef/0x46d0
[ 1286.080174][T24536]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1286.085978][T24536]  ? kasan_slab_alloc+0xf/0x20
[ 1286.090741][T24536]  ? kmem_cache_alloc+0x121/0x710
[ 1286.095767][T24536]  ? getname_flags+0xd6/0x5b0
[ 1286.100466][T24536]  ? getname+0x1a/0x20
[ 1286.102634][T24544] Unknown ioctl 4733
[ 1286.104541][T24536]  ? do_sys_open+0x2c9/0x5d0
[ 1286.104554][T24536]  ? __x64_sys_open+0x7e/0xc0
[ 1286.104571][T24536]  ? __kasan_check_read+0x11/0x20
[ 1286.104590][T24536]  ? mark_lock+0xc2/0x1220
[ 1286.127141][T24536]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1286.132807][T24536]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1286.138208][T24536]  ? __alloc_fd+0x487/0x620
[ 1286.142753][T24536]  do_filp_open+0x1a1/0x280
[ 1286.147281][T24536]  ? may_open_dev+0x100/0x100
[ 1286.151974][T24536]  ? lock_downgrade+0x920/0x920
[ 1286.156840][T24536]  ? rwlock_bug.part.0+0x90/0x90
[ 1286.164831][T24536]  ? do_raw_spin_unlock+0x178/0x270
[ 1286.170042][T24536]  ? _raw_spin_unlock+0x2d/0x50
[ 1286.174902][T24536]  ? __alloc_fd+0x487/0x620
[ 1286.179604][T24536]  do_sys_open+0x3fe/0x5d0
[ 1286.184039][T24536]  ? filp_open+0x80/0x80
[ 1286.188291][T24536]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1286.193758][T24536]  ? do_syscall_64+0x26/0x760
[ 1286.198438][T24536]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1286.204524][T24536]  ? do_syscall_64+0x26/0x760
[ 1286.209218][T24536]  __x64_sys_open+0x7e/0xc0
[ 1286.213733][T24536]  do_syscall_64+0xfa/0x760
[ 1286.218250][T24536]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1286.224145][T24536] RIP: 0033:0x4143d1
[ 1286.228045][T24536] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1286.247654][T24536] RSP: 002b:00007f49fee957a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1286.256075][T24536] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1286.264051][T24536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f49fee95850
[ 1286.272024][T24536] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1286.279998][T24536] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f49fee966d4
[ 1286.287970][T24536] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
12:59:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5423, 0x1)

12:59:16 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c80, 0x0)

12:59:16 executing program 1 (fault-call:4 fault-nth:3):
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:59:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1282c, 0x0)

[ 1286.343298][T24543] Unknown ioctl 4733
[ 1286.361395][T24544] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1286.412040][T24549] FAULT_INJECTION: forcing a failure.
[ 1286.412040][T24549] name failslab, interval 1, probability 0, space 0, times 0
[ 1286.427916][T24549] CPU: 1 PID: 24549 Comm: syz-executor.1 Not tainted 5.4.0-rc8-syzkaller #0
[ 1286.436635][T24549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1286.446712][T24549] Call Trace:
[ 1286.450024][T24549]  dump_stack+0x197/0x210
[ 1286.454382][T24549]  should_fail.cold+0xa/0x15
[ 1286.458989][T24549]  ? fault_create_debugfs_attr+0x180/0x180
[ 1286.464819][T24549]  ? ___might_sleep+0x163/0x2c0
[ 1286.469694][T24549]  __should_failslab+0x121/0x190
[ 1286.474655][T24549]  should_failslab+0x9/0x14
[ 1286.479169][T24549]  kmem_cache_alloc+0x2aa/0x710
[ 1286.484038][T24549]  ? kmem_cache_alloc+0x364/0x710
[ 1286.489093][T24549]  security_file_alloc+0x39/0x170
[ 1286.494130][T24549]  __alloc_file+0xde/0x340
[ 1286.498555][T24549]  alloc_empty_file+0x72/0x170
[ 1286.503344][T24549]  path_openat+0xef/0x46d0
[ 1286.507772][T24549]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1286.513583][T24549]  ? kasan_slab_alloc+0xf/0x20
[ 1286.518359][T24549]  ? kmem_cache_alloc+0x121/0x710
[ 1286.523392][T24549]  ? getname_flags+0xd6/0x5b0
[ 1286.528073][T24549]  ? getname+0x1a/0x20
[ 1286.532147][T24549]  ? do_sys_open+0x2c9/0x5d0
[ 1286.537699][T24549]  ? __x64_sys_open+0x7e/0xc0
[ 1286.542391][T24549]  ? __kasan_check_read+0x11/0x20
[ 1286.547428][T24549]  ? mark_lock+0xc2/0x1220
[ 1286.551853][T24549]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1286.557683][T24549]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1286.563076][T24549]  ? __alloc_fd+0x487/0x620
[ 1286.567599][T24549]  do_filp_open+0x1a1/0x280
[ 1286.572118][T24549]  ? may_open_dev+0x100/0x100
[ 1286.576811][T24549]  ? lock_downgrade+0x920/0x920
[ 1286.581674][T24549]  ? rwlock_bug.part.0+0x90/0x90
[ 1286.586628][T24549]  ? do_raw_spin_unlock+0x178/0x270
[ 1286.591843][T24549]  ? _raw_spin_unlock+0x2d/0x50
[ 1286.596698][T24549]  ? __alloc_fd+0x487/0x620
[ 1286.601223][T24549]  do_sys_open+0x3fe/0x5d0
[ 1286.605652][T24549]  ? filp_open+0x80/0x80
[ 1286.609905][T24549]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1286.615367][T24549]  ? do_syscall_64+0x26/0x760
[ 1286.620055][T24549]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1286.626127][T24549]  ? do_syscall_64+0x26/0x760
[ 1286.630817][T24549]  __x64_sys_open+0x7e/0xc0
[ 1286.635332][T24549]  do_syscall_64+0xfa/0x760
[ 1286.639841][T24549]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1286.645738][T24549] RIP: 0033:0x4143d1
[ 1286.649641][T24549] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1286.669249][T24549] RSP: 002b:00007f49fee957a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1286.677670][T24549] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1286.685643][T24549] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f49fee95850
[ 1286.693625][T24549] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1286.701598][T24549] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f49fee966d4
[ 1286.709568][T24549] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
12:59:16 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c82, 0x0)

12:59:16 executing program 1 (fault-call:4 fault-nth:4):
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:59:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5424, 0x1)

[ 1286.822111][T24559] FAULT_INJECTION: forcing a failure.
[ 1286.822111][T24559] name failslab, interval 1, probability 0, space 0, times 0
[ 1286.842025][T24559] CPU: 1 PID: 24559 Comm: syz-executor.1 Not tainted 5.4.0-rc8-syzkaller #0
[ 1286.850750][T24559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1286.860813][T24559] Call Trace:
[ 1286.864112][T24559]  dump_stack+0x197/0x210
[ 1286.868451][T24559]  should_fail.cold+0xa/0x15
[ 1286.873075][T24559]  ? fault_create_debugfs_attr+0x180/0x180
[ 1286.878917][T24559]  ? ___might_sleep+0x163/0x2c0
[ 1286.883798][T24559]  __should_failslab+0x121/0x190
[ 1286.888749][T24559]  should_failslab+0x9/0x14
[ 1286.893267][T24559]  __kmalloc+0x2e0/0x770
[ 1286.897525][T24559]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 1286.903693][T24559]  ? tomoyo_realpath_from_path+0xcd/0x7b0
[ 1286.909429][T24559]  tomoyo_realpath_from_path+0xcd/0x7b0
[ 1286.915261][T24559]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1286.921530][T24559]  tomoyo_check_open_permission+0x2a8/0x3f0
[ 1286.927440][T24559]  ? __check_heap_object+0x44/0xb3
[ 1286.932560][T24559]  ? tomoyo_path_number_perm+0x520/0x520
[ 1286.938224][T24559]  ? __kasan_check_read+0x11/0x20
[ 1286.943694][T24559]  ? mark_lock+0xc2/0x1220
[ 1286.948147][T24559]  ? lock_downgrade+0x920/0x920
[ 1286.953032][T24559]  ? rwlock_bug.part.0+0x90/0x90
[ 1286.957999][T24559]  tomoyo_file_open+0xa9/0xd0
[ 1286.962700][T24559]  security_file_open+0x71/0x300
[ 1286.967653][T24559]  do_dentry_open+0x37a/0x1380
[ 1286.972429][T24559]  ? __kasan_check_read+0x11/0x20
[ 1286.977478][T24559]  ? chown_common+0x5c0/0x5c0
[ 1286.982169][T24559]  ? inode_permission+0xb4/0x560
[ 1286.987121][T24559]  vfs_open+0xa0/0xd0
[ 1286.991112][T24559]  path_openat+0x10e9/0x46d0
[ 1286.995709][T24559]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1287.001516][T24559]  ? kasan_slab_alloc+0xf/0x20
[ 1287.006291][T24559]  ? kmem_cache_alloc+0x121/0x710
[ 1287.011327][T24559]  ? getname_flags+0xd6/0x5b0
[ 1287.016065][T24559]  ? getname+0x1a/0x20
[ 1287.020151][T24559]  ? do_sys_open+0x2c9/0x5d0
[ 1287.024778][T24559]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1287.030170][T24559]  ? __alloc_fd+0x487/0x620
[ 1287.034693][T24559]  do_filp_open+0x1a1/0x280
[ 1287.039212][T24559]  ? may_open_dev+0x100/0x100
[ 1287.043909][T24559]  ? do_raw_spin_unlock+0x178/0x270
[ 1287.049118][T24559]  ? _raw_spin_unlock+0x2d/0x50
[ 1287.053973][T24559]  ? __alloc_fd+0x487/0x620
[ 1287.058499][T24559]  do_sys_open+0x3fe/0x5d0
[ 1287.062922][T24559]  ? filp_open+0x80/0x80
[ 1287.067175][T24559]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1287.072644][T24559]  ? do_syscall_64+0x26/0x760
[ 1287.077322][T24559]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.083393][T24559]  ? do_syscall_64+0x26/0x760
[ 1287.088079][T24559]  __x64_sys_open+0x7e/0xc0
[ 1287.092592][T24559]  do_syscall_64+0xfa/0x760
[ 1287.097106][T24559]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.103005][T24559] RIP: 0033:0x4143d1
[ 1287.106904][T24559] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1287.126518][T24559] RSP: 002b:00007f49fee957a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1287.134974][T24559] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1287.143310][T24559] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f49fee95850
[ 1287.151286][T24559] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1287.159264][T24559] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f49fee966d4
12:59:17 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x2]}, 0x7}, 0x1c)

[ 1287.167241][T24559] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
[ 1287.180952][T24559] ERROR: Out of memory at tomoyo_realpath_from_path.
12:59:17 executing program 1 (fault-call:4 fault-nth:5):
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:59:17 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x5421, 0x0)

12:59:17 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1282d, 0x0)

[ 1287.322229][T24570] FAULT_INJECTION: forcing a failure.
[ 1287.322229][T24570] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1287.335488][T24570] CPU: 1 PID: 24570 Comm: syz-executor.1 Not tainted 5.4.0-rc8-syzkaller #0
[ 1287.344168][T24570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1287.354230][T24570] Call Trace:
[ 1287.357540][T24570]  dump_stack+0x197/0x210
[ 1287.361893][T24570]  should_fail.cold+0xa/0x15
[ 1287.366496][T24570]  ? __kasan_check_read+0x11/0x20
[ 1287.371540][T24570]  ? fault_create_debugfs_attr+0x180/0x180
[ 1287.377361][T24570]  ? is_bpf_text_address+0xac/0x170
[ 1287.382577][T24570]  ? find_held_lock+0x35/0x130
[ 1287.387362][T24570]  should_fail_alloc_page+0x50/0x60
[ 1287.392575][T24570]  __alloc_pages_nodemask+0x1a1/0x900
[ 1287.397958][T24570]  ? lock_downgrade+0x920/0x920
[ 1287.402819][T24570]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1287.408549][T24570]  ? __kasan_check_read+0x11/0x20
[ 1287.413594][T24570]  ? fault_create_debugfs_attr+0x180/0x180
[ 1287.419416][T24570]  cache_grow_begin+0x90/0xd20
[ 1287.424193][T24570]  ? tomoyo_realpath_from_path+0xcd/0x7b0
[ 1287.429919][T24570]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1287.436172][T24570]  __kmalloc+0x6b2/0x770
[ 1287.440429][T24570]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 1287.446594][T24570]  ? tomoyo_realpath_from_path+0xcd/0x7b0
[ 1287.452327][T24570]  tomoyo_realpath_from_path+0xcd/0x7b0
[ 1287.457881][T24570]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1287.464139][T24570]  tomoyo_check_open_permission+0x2a8/0x3f0
[ 1287.470048][T24570]  ? __check_heap_object+0x44/0xb3
[ 1287.475169][T24570]  ? tomoyo_path_number_perm+0x520/0x520
[ 1287.480824][T24570]  ? __kasan_check_read+0x11/0x20
[ 1287.485857][T24570]  ? mark_lock+0xc2/0x1220
[ 1287.490304][T24570]  ? lock_downgrade+0x920/0x920
[ 1287.495161][T24570]  ? rwlock_bug.part.0+0x90/0x90
[ 1287.500115][T24570]  tomoyo_file_open+0xa9/0xd0
[ 1287.504798][T24570]  security_file_open+0x71/0x300
[ 1287.509749][T24570]  do_dentry_open+0x37a/0x1380
[ 1287.514519][T24570]  ? __kasan_check_read+0x11/0x20
[ 1287.519558][T24570]  ? chown_common+0x5c0/0x5c0
[ 1287.524242][T24570]  ? inode_permission+0xb4/0x560
[ 1287.529192][T24570]  vfs_open+0xa0/0xd0
[ 1287.533178][T24570]  path_openat+0x10e9/0x46d0
[ 1287.537772][T24570]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1287.543578][T24570]  ? kasan_slab_alloc+0xf/0x20
[ 1287.548343][T24570]  ? kmem_cache_alloc+0x121/0x710
[ 1287.553375][T24570]  ? getname_flags+0xd6/0x5b0
[ 1287.558056][T24570]  ? getname+0x1a/0x20
[ 1287.562123][T24570]  ? do_sys_open+0x2c9/0x5d0
[ 1287.566734][T24570]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1287.572120][T24570]  ? __alloc_fd+0x487/0x620
[ 1287.576635][T24570]  do_filp_open+0x1a1/0x280
[ 1287.581145][T24570]  ? may_open_dev+0x100/0x100
[ 1287.585837][T24570]  ? do_raw_spin_unlock+0x178/0x270
[ 1287.591081][T24570]  ? _raw_spin_unlock+0x2d/0x50
[ 1287.595949][T24570]  ? __alloc_fd+0x487/0x620
[ 1287.600501][T24570]  do_sys_open+0x3fe/0x5d0
[ 1287.604935][T24570]  ? filp_open+0x80/0x80
[ 1287.609190][T24570]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1287.614656][T24570]  ? do_syscall_64+0x26/0x760
[ 1287.619335][T24570]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.625409][T24570]  ? do_syscall_64+0x26/0x760
[ 1287.630101][T24570]  __x64_sys_open+0x7e/0xc0
[ 1287.634615][T24570]  do_syscall_64+0xfa/0x760
[ 1287.639127][T24570]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.645021][T24570] RIP: 0033:0x4143d1
[ 1287.648924][T24570] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1287.668537][T24570] RSP: 002b:00007f49fee957a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1287.676952][T24570] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1287.684930][T24570] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f49fee95850
[ 1287.692908][T24570] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1287.700894][T24570] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f49fee966d4
[ 1287.708874][T24570] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
[ 1288.448808][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1288.455034][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1290.528787][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1290.534903][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1292.608862][   T22] Bluetooth: hci0: command 0x1009 tx timeout
12:59:26 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5425, 0x1)

12:59:26 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x3]}, 0x7}, 0x1c)

12:59:26 executing program 1 (fault-call:4 fault-nth:6):
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:59:26 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x5450, 0x0)

12:59:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x12000, 0x0)
ioctl$KDSKBLED(r1, 0x4b65, 0x2f)
r2 = socket(0x1e, 0x4, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r3, 0x400455c8, 0x2)
close(r3)
ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f00000000c0)={0xfffffe40, 0x2550})
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)

12:59:26 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1282e, 0x0)

12:59:26 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

12:59:26 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x5451, 0x0)

12:59:26 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x4]}, 0x7}, 0x1c)

[ 1296.881606][T24587] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:59:27 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5427, 0x1)

12:59:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1282f, 0x0)

12:59:27 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x5452, 0x0)

12:59:27 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x5]}, 0x7}, 0x1c)

12:59:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='\\dev/loop#\x00', 0x0, 0x0)

12:59:27 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5428, 0x1)

12:59:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12830, 0x0)

[ 1299.008739][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1299.014872][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1301.088784][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1301.094906][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1303.168861][   T22] Bluetooth: hci0: command 0x1009 tx timeout
12:59:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='\x85x\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xd)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$KDADDIO(r1, 0x400455c8, 0x8)
close(r0)

12:59:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x6]}, 0x7}, 0x1c)

12:59:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x5460, 0x0)

12:59:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5429, 0x1)

12:59:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='ndev/loop#\x00', 0x0, 0x0)

12:59:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12831, 0x0)

12:59:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='\x92dev/loop#\x00', 0x0, 0x0)

12:59:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x6364, 0x0)

12:59:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x7]}, 0x7}, 0x1c)

12:59:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12832, 0x0)

12:59:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/#ev/loop#\x00', 0x0, 0x0)

12:59:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5437, 0x1)

12:59:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x466066b183a2dc44, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = syz_open_dev$midi(&(0x7f0000000300)='.d^V\x10m\x06!\x99\xfe[', 0x3ff, 0x80)
ioctl$VIDIOC_S_FREQUENCY(r4, 0x402c5639, &(0x7f0000000340)={0x4, 0x2, 0xe058})
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x0, 0x10000, 0x1}, 0x1c)
getrlimit(0x6, 0x0)
write$P9_RWRITE(0xffffffffffffffff, &(0x7f0000000000)={0xb, 0x77, 0x2}, 0xb)
write$UHID_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000013c0)=""/4096, 0x1000, 0x8, 0xfffffffffffffd34, 0x8, 0x6c25}, 0x120)
r5 = accept$alg(r3, 0x0, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000007b00)=[{{&(0x7f00000026c0)=@hci, 0x80, &(0x7f0000002740)}, 0x49bf}, {{&(0x7f0000002780)=@ethernet={0x0, @link_local}, 0x80, 0x0, 0x0, &(0x7f0000002980)=""/97, 0x61}, 0x4}, {{&(0x7f0000002a00)=@xdp, 0x80, &(0x7f0000002c00)=[{&(0x7f0000002a80)=""/47, 0x2f}, {&(0x7f0000002ac0)=""/250, 0xfa}], 0x2, &(0x7f0000002c40)=""/167, 0xa7}}, {{0x0, 0x0, &(0x7f0000003080)=[{&(0x7f0000002d80)=""/59, 0x3b}, {&(0x7f0000002dc0)=""/235, 0xeb}, {&(0x7f0000002ec0)=""/13, 0xd}, {&(0x7f0000002f00)=""/199, 0xc7}, {&(0x7f0000003000)=""/102, 0x66}], 0x5}, 0x2}, {{0x0, 0x0, &(0x7f0000004440)=[{&(0x7f0000003180)=""/227, 0xe3}, {&(0x7f0000003280)=""/117, 0x75}, {&(0x7f0000003300)=""/4096, 0x1000}, {&(0x7f0000004300)=""/207, 0xcf}, {&(0x7f0000004400)}], 0x5, &(0x7f00000044c0)}, 0x3}, {{0x0, 0x0, &(0x7f0000006040)=[{&(0x7f0000005a40)=""/89, 0x59}, {&(0x7f0000005ac0)=""/223, 0xdf}, {&(0x7f0000005bc0)=""/245, 0xf5}, {&(0x7f0000005cc0)=""/128, 0x80}, {&(0x7f0000005d40)=""/170, 0xaa}, {0x0}, {0x0}, {&(0x7f0000005f80)=""/183, 0xb7}], 0x8, &(0x7f00000060c0)=""/230, 0xe6}, 0x9}, {{0x0, 0x0, &(0x7f00000076c0)=[{&(0x7f00000061c0)=""/202, 0xca}, {&(0x7f00000062c0)=""/167, 0xa7}, {&(0x7f0000006380)=""/4096, 0x1000}, {&(0x7f0000007400)=""/20, 0x14}, {&(0x7f0000007440)=""/128, 0x80}, {&(0x7f00000074c0)=""/184, 0xb8}, {&(0x7f0000007580)=""/89, 0x59}, {&(0x7f0000007600)=""/46, 0x2e}, {&(0x7f0000007640)=""/98, 0x62}], 0x9}, 0x4}], 0x7, 0x2060, 0x0)
recvmmsg(r5, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r6 = fcntl$dupfd(r2, 0x80c, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$KDADDIO(r6, 0x400455c8, 0x1)
r7 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x8000)
write$binfmt_script(r6, &(0x7f0000000380)=ANY=[@ANYBLOB="2321202e2f66696c65302073797a31002073797a3000202727626465762d706f7369785f61636c5f616363657373237b62646576202020726e670020647262675f70725f686d61635f73686131002073797a30000a1018be8bb2283f7cffce7beda35461d04522c98a5db2e7db68472b647fa60982d3fad23008e80824be1599c60993b533648a46d55b4c7bb22679a97fba5171c7586202d8b6769f755f34b7dc47c143951f7b2b4af2107bfcc9ecc46ebb507f699fb372be832762ffa4cf1eabbcf127b00e249878711767284a1e3fb31f1d9828065042684d90b103af87a9fe6723ec95"], 0xe2)
ioctl$PERF_EVENT_IOC_REFRESH(r7, 0x2402, 0x1)
close(r0)
ioctl$TIOCSIG(r0, 0x40045436, 0x25)

12:59:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x8912, 0x0)

12:59:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x8]}, 0x7}, 0x1c)

12:59:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/%ev/loop#\x00', 0x0, 0x0)

12:59:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x8933, 0x0)

12:59:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x9]}, 0x7}, 0x1c)

12:59:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5441, 0x1)

12:59:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12833, 0x0)

12:59:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x400454ca, 0x0)

12:59:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5450, 0x1)

12:59:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0xa]}, 0x7}, 0x1c)

12:59:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/*ev/loop#\x00', 0x0, 0x0)

12:59:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$P9_RCREATE(r2, &(0x7f0000000000)={0x18, 0x73, 0x1, {{0x30, 0x0, 0x2}, 0xfffffffc}}, 0x18)

12:59:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12834, 0x0)

12:59:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0xe]}, 0x7}, 0x1c)

12:59:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/+ev/loop#\x00', 0x0, 0x0)

12:59:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5451, 0x1)

12:59:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x40049409, 0x0)

[ 1307.795107][T24692] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:59:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x10]}, 0x7}, 0x1c)

12:59:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/-ev/loop#\x00', 0x0, 0x0)

12:59:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4020940d, 0x0)

12:59:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5452, 0x1)

12:59:38 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12835, 0x0)

12:59:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/.ev/loop#\x00', 0x0, 0x0)

[ 1309.888753][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1309.894957][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1311.968752][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1311.975010][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1314.048757][T18149] Bluetooth: hci0: command 0x1009 tx timeout
12:59:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x89be63ab9193fcbb, 0x0)
recvfrom$rxrpc(r1, &(0x7f0000000100)=""/161, 0xa1, 0x8040, &(0x7f00000001c0)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e24, @local}}, 0x24)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f0000000000))
ioctl$KVM_SET_NR_MMU_PAGES(r3, 0xae44, 0x8)

12:59:47 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x11]}, 0x7}, 0x1c)

12:59:47 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x800454d2, 0x0)

12:59:47 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='//ev/loop#\x00', 0x0, 0x0)

12:59:47 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x545d, 0x1)

12:59:47 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12836, 0x0)

12:59:48 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/0ev/loop#\x00', 0x0, 0x0)

12:59:48 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x5460, 0x1)

12:59:48 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x48]}, 0x7}, 0x1c)

[ 1318.007256][T24737] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
12:59:48 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x80086301, 0x0)

12:59:48 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x4c]}, 0x7}, 0x1c)

12:59:48 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/Xev/loop#\x00', 0x0, 0x0)

[ 1318.785794][T24759] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1320.048901][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1320.055188][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1320.848807][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1320.855028][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1322.128908][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1322.135015][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1322.928846][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1322.934968][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1324.208892][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1325.008769][T18149] Bluetooth: hci1: command 0x1009 tx timeout
12:59:59 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12837, 0x0)

12:59:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x6364, 0x1)

12:59:59 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0xc0045878, 0x0)

12:59:59 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/\\ev/loop#\x00', 0x0, 0x0)

12:59:59 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x5c]}, 0x7}, 0x1c)

12:59:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x4f0b80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$alg(r2, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha384\x00'}, 0x58)
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x21800, 0x0)
ioctl$KDSETMODE(r2, 0x4b3a, 0x1f)
ioctl$KDSKBMODE(r3, 0x4b45, &(0x7f00000000c0)=0x200)
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
timer_create(0x5, &(0x7f0000000400)={0x0, 0x17, 0xfaa58e80093fb4b0, @thr={&(0x7f0000000840)="7c579404110c32e7296e50e26c5d2ea49f5fbfae6c55997fe0f112f4753d49ae5e8626b1dc53c919fd3369526444381aa1b68f1035afe35870816b3acd7faac0e0ca9b75ddc40c7db31b792743798c0905de736acc38d4e79bae710e135d55aa66d2f74fedd3671243304a6dd18125d7ee9ddff85a4ca21b0dbd3f10735ec0941584f31c80085e9e0904cb494de2a78543b2297894b08674f26b3916e959c002f6456ff59326cd99b0e9508e4ea92228d30a09c42713ec55add94adc44c2379c762d27e09a30efc8850e782abd41afecf3be90012d74d6b398c0646546321df9c62951cf8ac0591b60d40736cbb95896ce314d3f121d7cb5fe3498058aca16e24d86f181a95f83614e5aa1009f0e1768a2b03f51be25cd10e06b37a580b8a3ac9131fd3f680bccf69ee431a2f45dabb64c9ba4b6cff52a0dc1d5f0e693d62416486f714a5729acca2c462297d1eb4936a628737c83bb65c49001eeecffe5dd37ea70fc18e820e262995035b84594cbec686d46552c36ee0c1d9e140e27e2acbfa988e7b035fc0a9d9c37bd1debd8fd7fdc36489ca7942c7af889aedb4d3b5b1c1528ea2e3a4f53d7562f220a91a79d447ad9628bfe3800766550203c0b385155aa3e7adc42a00471ecc2b519d751292a7c44ab35d09f36b3be779b1c7cc70df509019dd7c946316a6ee086dcffc013049de3e9d200ed99314d3b41938c606bd0a55adb7bf50eb930662b24119fb5415e4b9d18b347763cc91f04467bee897fc13b9e063c21b0d8ff8f858ff0c295270822f761410331f2a3ac9d11ec87fb13e8561dc5cb8bc4d2e0aa56de545ce411533f87a5c57777d62240acffb56a088ec58e3a2c8489b6a38f33e0e45b4a2d8a7c97aa1e696e819fc354ac45abf68f4229738f1f22a8f54feb4087f179535ffc4e7538981c6019547a1f08728a9d9698dd4978ab2560b312df9672b1f154d94560fa8993b7660e37ee86c73e3668e65104177228505f654b44a6afbdf1be300f40f28937d529e4bb122f2bd3297898e53eae6f612b3d2e3e40b88ac1e9ff234d51a7337a31874fba23d6a8f76f35c0c209490dd97df8ce874a1b9eca8f3dae893fdbae1f038fe2636709b10768d3d752b78b727eb2e4373ec2d7972e04bd9d76737fcb9f34b1f86470bff3ead523e08fee3274c6ec025c4d5377b4d4dda5df92e219a35dd7e9087ad014425c691e72c65fda31094e24fbd9257de1ac9ec482713176ce8cebaa57c783fa6a866413edda1bad94e987753a773ea8854f3a08a2458fc51746ef18d30211c1306e844f787644bee782f0460ce480c141a04476e6cd3f05bcf52fe1c678a2e1855eb0d732112fd0f6a27bd84971d03fbc8084cb33d3ba725dc854864d7169e2bbbee4d46bf0b8c8d9396cd13382584aec49bf017618c274f70c08c069a937ca66650e245a3f637a9261b481da271053f9b38817d3043de3ac99d7b6f944ec9a3bdbd5c78e03337d558b61a39454502abfcbdfbafc01cefc37a84e521aeafd3973b4abcbcb927f751ca3687ae262d35046cfea9536e42dd11b46c7d99b8e9b8fb947603d11b0373df51f53e6a238e0fb3954fc1f60d112fcf3e450c460c4f829c45d9b274343acd07c0aad9b825656088a5b49f93bf6fc130fd5edb868de24dcba72d6351c8a9bad8ae2d2b3eab4ad689f84ca6861ccb6cc63acfa681d2f242cc0f70a4c05ab5b7a32417ee58455ac83c5e0a8de61aea8daef6010fd770cc57d846776130d5c47499180704ad638b1f0d3341244d0b966f161f6998625aea161bc77e7559a54613a201c6cbcd2483fa97b58bae869ba3aed0d49c7c3b8c9add8912f1b6f68d81cb00bfcf83c013deb9c582d9906d7cff6bcb42ab4465fa6837cfde844789f3bb03d5d63e57c905ba287fb5cb3ce181c3ab2f04e2ab83506387c47b605aa58402e3baa983f9560e6a9395948850fc7508be55cf8af364a0a429203a227d371185d857ba6c98702229c9058c81a389db7c2776fb0bca600f2164af35f7f2989292970d9fbd84a05bb56d8b19718b6c8fea43f0a62cbda2dbac8efc508a33d2fc0a6e7d5b1d1f64142ac06d95ebb8cbd372129061debd5ad0750170a2af396b87d5c3cc377d54b75b6b44bccbf6f19589d225e8f8098444de7f9e25f57838aba15774d74513da56aa66fe30101eecd22da5a1e2f4ffd33357529c5082c30ecfa998b318f892111348909695816fa4e43224a7a78608245ae6a20a65b3c0105f69097d0f521fbe7c8b8f06fc5bceaba9061b0a74a66234e25c82509ed09810d0e7c96cc13a4cf05df455a312fd0cdd9af9524dbd4814e39da4d81e5142e101412facee171bd9c448a9a34015ee35c24d53f14942dc9f8e472005c10440393e6cb1d2ddf1ad82b9e08d4435c1adef5b60eb6fb45b7a1d473d8a14b0f2011d52967ff3b995f5d486e120eb60244c128030e42bd9acc267632ba396c70637586ffcf6a079e34b4b96d2c0310da7353242e8db4906b12b0303e2999936ebda2f48ba3f44aac41613482f8fa50996729c0e45671e1dbfa6eb95bd58fd330db0c4df3797d548c5fae358188e1f9efa5b00a929ba2747a919f87991df9068ed0cf2908ab8a6cdbfbe9ab597e605bf3da6d81d1be5c81f9c78fa721966a19ade7ad12840ef29cd0c3b623f6976571a162a7f2ebc84869a416db6787cf8c1eec614a4035b1cc4630d7ccbe5077c5e9d912ae35e7e308b7830c2504fbea0d1632e9a25cfc60857d72f71245893f1588586df8d2ac0205d01d2d459060a541508a131f894ef73df2a5def737355a82daa457a5209c7af3e597910e93927855a1baa46c95991b6bc7384095ae795557cac5397ead23b792e2774ff05aba5f434d033af27dad58b6256a66eafb36f97f724406d559bd8a4734540e0d3c623dc1ea16a20a67f0a4fd59b68dcc65fb9d8195ac8f97990b2a9ba75aaa4a84e289d9f903199947c210f8df37f267ebfc50d245d24d40e882a5cde9fc5b932ef8417842ba4b5ef73ce636aaf64b043512c8064e1baed57a355e6810cc20c1e9596cc12b7acd9394ec85537af82d38ed9b10d8f676025c988358fb46bf905a126cbb976c451613b32b777bd8ada4080dcdb4db7ddcefd35dec5d102dc7d91b616b52641f7562ee05e12898d2e4c1fd4b6fa6ff737f5be0f938e41b18c6272c301182dc67efd367ba339748d457552e521e2cad56ff9d01906bd82f00f401397a2079b2670fc9cd647941e472fd507b8f638ea2a068e130a98b6453fcdd0b3b5ed4d7458f9256dbffc0bdc5e193b2567b4f70f4c42ed8ca0d7532619725dc03fe1f350af2f92115966875323adb0f63b7b1e699b46c573dc8d477a063f2e822a51596e441027542cc8b76ef7a2a5e901627f29112a9e40c424eadc812a465045f0aa29b362a28fcc8f4b3b3f56f7b5643723b65b0d02bd7252f8ff9ce0c98b5d20a951667c7452b64440ec4d741a83bb391cd178b46b297e57288f9749f3c4c2aa337ce89648901586bdefae1f07efc12f8d1c305821d54dacd2a923de9bf29841afcc4ebd4ca9b16ab052a4bf092e67da7d76cb57a9d084f9d3c4ecbe17c59293d2b43df40a1fafdf0f056a2f80747c3b936010ad4079b7a667f11019f42e0db34a4de2db3876a7ea0c956f9dad44271b956b1e9e638777879b4a35d73a246e8f4a412ae699a6d6328e1f999d7bb8a7d5377ffcf2c77cf394dfb58aa89cb691d17f4349def5ed4eb208b9d0bcadce3589f95082847d8ceff57d3aa4488379af254e9dca7b5b34bfce74b067e9f71ca00fd8c3748c5c1c108f38f5a0d9fb9ff39cc4c3469ca6a729a36276f31c07384b123dddbe9b4082dad0911f7c033d5d734f4090fd1d7a5aad4cca932efbfa4725ff2a986e9383a0437b7d4efc602b268557eb9fc3ed315b1415f21a48a6b21adc595f3f33aed30621e6ea64be9dc4ba552393f43b1cc8d5134c61815fc70ea8a26de19a81fce14fee65b011e1d7b1368b3151e56776cc30d7ca2ff51f5c29d8e508233185e889381a362bce21c21070554f495bea0bd4ef2aa0fc189fab2a1f46415a1fb114c6a2bd93c58e1ee9b1135abf606de0e98f9db497a316d55fa045accacba949c7f1f085f4f74877a17063bb72fe4249b7f23d78fbc1cb53df7dfb3e96348ad0b807fc0c12f49e22c5ba36fe935077f306adb572a7e26c9361d0371b0206600a0c008324712d78b6119e2199948071edd5ef6d5b924f98b221ec3ecfe26861cb9b6e3e7f98194bbd754c4037d018de0b0123403f8ea6ac95e4158f5db91e46acd69ab3be0d159efb02320f4b85bac5aba801995a62d337e8d9218ff362050cb8a646473c4bcbf8db539bc142e5eaca20da9d06d6ac555e20f9c77256084d924d894c19ddba6353c3ab5ec22a94d461fec2824a92ca88d07d3af0784ad2b614b383ec59d90e65e8d6a770ccb329058813cb346671bca93fadaf5e2d4efe2f810b215347342c88c330d98dbe08f718be84724ea9ea829a56e614f5977f40ee0ce0bd3f69b50435f7a28df3ec8a78e75f716a5eee3e9a328e3bae8e620c36035d7aba83a14a525d6d05302862189a55403efff94f353d2afe2563efd3ab92e503066b62df62c8dce3e145ab9b541e7032ed16d02dfcf4488135b481ec4010939d6a671d33df688457869184191c227c54d3438db457108418aaf24a7d1179536950fc3aec79fb824f4b162694cf4403022a22f0f383f6defaf4c59ab1c06d8e495da47ad08243eb41ce5c104cda4198117f7ee4502fcfc4bc0a75c62b1b79c40810c1d8b4218d3f477e41e545abdec6f1217c690fa64a9fc5afd540132a94b39785050b22dc21de8b175ed5d95e90d38707c7623b116421a81f6aa262c62c289ea70dba58d01650bc28f6854ae6c89cd818b59c5a1ab12cc5a2ccad4a3de4989864480d0c7204185177ecc1e9217c93f4470a584838fd7922bca585c53cd433af1820f07f443c75a2af95c7ab5699e52ebaf898dbcb349420c36f30ea2188a950eae512ec30e1827b56ffeb808fa0989694081c9fdbb1d527c956c8af2b22928650e3d6a22574994a2a3913d401a1eb413f4059867eb99444713754f67727a5ce9d8851708bad329c704115d281d94b895a80f4aa6f38e08135e3db6e05e88834f80a22a26d455ebfbe3c8501a0c64f7fb0126b3326f4b518109fc1d8b7a0db7f9777c3955b72436b193ba682f9155ee462221bd1cf31800f74ded13bd1ac23211043d13fe584b7f5437e2cccf79a8e176129485d2368e6dde7196ed01d9cdd406c051f75688099f37d13995073336cbc63a8be8ec91b33b5f0c61a00d740fdaf259a518c74b1b0a9fc3a538ecc4592b82166cadb01ee835bc7953d46ec34a6c5dbfa524de0013c36bec74bcb6318e81abb49c35176737fce29d551e7c692fe034127a956f2392eda67e1c8d1398062c1865a330bdf5072beae1a1ccf76f6a4e1aca21fcc4f5b9d758a2cc2b904f76a92e57da65e64d42e7840f22d55e32566a5e077b4d412f3906712c9fcf790724d5b8875be89c2f15e09b1f8b9a68b042fa06beafed52eb943f03e4734812cbaa2f5a2886b479c3a6d3830a3fd66f0776ebc98ed029e15ba734e5b852bbb7d79cd929ff4a4010faa30b27b19a94836cba2aee939ed79da52b0651fdc6f0aaee48e0eccc504c5bff84649d8bd26b3f536caf1b16ecb8aa0a7964b14d69f78a1bad7f57687c562f09659c0049ead19bae4d439c5dbcfaaf1529abc525ce0141f891ccf8b78546d0f0cd6def35", &(0x7f0000000340)="ffbb14c62c85635558ec4e7baebbe73545a97451da96fd2446b5beb8fedb6f5b56d2f8af276c987385503125475b563595c256fea357deaf0d37c60e4cb06f431ae484577f859e74ff74f75683c82bd067bbc0abdfd079095f81b59cdeb69281a2308ae4f5f27e40e5c3b8832d5dccb4876456ee0c5717d8eb2fdc527834dabb8c289408df3f8f6e4dec6dd7946867f404c00b93d8d9761c7063"}}, &(0x7f0000000440)=<r5=>0x0)
timer_getoverrun(r5)
r6 = socket(0x1, 0x180003, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r7=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r7}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYRES32=r7, @ANYBLOB="030000009bb3b12df079992b7747685092c2c6cddd45bdb601daedea71a9d2fb55fcd0f2b2327ea424b91d156f647566"], &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r7, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f00000001c0)={r7, 0xbb, "47f4fce7d3d5a12b961ec98ce648a9e00edea1b8134ed272d7a263abe06a1ea47d53a98eb2b5864737806d97be07735ddc481aa50a5be4c4b9102a9ad29949d13ca1bdfb812affdeda649ebe4820c3a98b14231c5980aa0f03ed787490e53704c1bba251e23db7d07abd448478e21d1b08a5daa8cc9f36ec7deaa732816a6fd37d78f1849714dbcffb0d66f2dfce7e0def0505c4f6f28da45209cc461d0ede47c818bc93ba47c6789a7ae0e7a41cbf803163d9d832da6c8c5595b1"}, &(0x7f00000002c0)=0xc3)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$TCSETXF(r3, 0x5434, &(0x7f0000000180)={0xae9, 0x7, [0x20, 0x99d, 0x4, 0x2, 0x8000], 0x8})
ioctl$TCXONC(r2, 0x540a, 0x4a5)

12:59:59 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/cev/loop#\x00', 0x0, 0x0)

12:59:59 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0xc0045878, 0x0)

12:59:59 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x68]}, 0x7}, 0x1c)

12:59:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x8912, 0x1)

12:59:59 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/iev/loop#\x00', 0x0, 0x0)

12:59:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='erI\xcfimx\x00', 0xa02, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x2)
close(r2)
ioctl$KDSIGACCEPT(r2, 0x4b4e, 0x3b)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)
close(r0)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000100), 0x1000000, &(0x7f0000000240))

12:59:59 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12838, 0x0)

12:59:59 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0xc0189436, 0x0)

12:59:59 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x6c]}, 0x7}, 0x1c)

12:59:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x8933, 0x1)

12:59:59 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/lev/loop#\x00', 0x0, 0x0)

12:59:59 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0xc020660b, 0x0)

12:59:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/\x8f\xb6\x8f\x8f\x1e\x8bS\xcb\x00', 0x801, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f0000000440)={{0x7, 0x2}, 0x1, 0x1, 0xb2, {0x5, 0x93}, 0xbe, 0x7})
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r3 = add_key(&(0x7f0000000080)='rxrpc\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)="417274f84bc03434cdb3d1cde6942cef77092fb4f7eac7b650cdf9d0427c30e3db93b8cba21e79a983abb07e5dcecf0101ee2f25fea76114ac8263edb6b8706bd7c2530786dec148e36350abae94bf0e427eb747e8fc2c8f30e702540e3022e4c5a8053513448c739703c4348c5ea74aadda4512a1bd116e6c5cedc2ef97341ff97b9f5510d652294294c4b444a5b6f83dee2482a11fbe100c8ba91818888d4bd7b730fb9381a4941418da0bff27cd9128496c15b4484a46df4b25bfbdaa6e8759e93144c4cdb66b8f34fc932859d150c986fafc47d20adbff17155eb66902731170f6f6bd0d58e5409b36c20448ae2f586076db235b4d4005a0b8e905", 0xfd, 0xfffffffffffffffa)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000200)={r3, 0x46, 0xf8}, &(0x7f0000000240)={'enc=', 'pkcs1', ' hash=', {'sha3-224-generic\x00'}}, &(0x7f00000002c0)="5771dc2de3a1c31fa48172e604e6cd2489460e4dd4b2e3276b69de9d64e4daafbd250ec4068bd55d802e51e26af7582be07507bc291b5dbab5b2427af070b1772873673ed443", &(0x7f0000000340)=""/248)
close(r0)

12:59:59 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12839, 0x0)

12:59:59 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/nev/loop#\x00', 0x0, 0x0)

12:59:59 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x74]}, 0x7}, 0x1c)

13:00:00 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x40045431, 0x1)

13:00:00 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/oev/loop#\x00', 0x0, 0x0)

13:00:00 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='ol\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \b', 0x204440, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:00:00 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
syz_open_pts(r0, 0x501002)
ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000000)={0x6, 0x7})

13:00:00 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x7a]}, 0x7}, 0x1c)

13:00:00 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x40045436, 0x1)

13:00:00 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1283a, 0x0)

13:00:00 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/pev/loop#\x00', 0x0, 0x0)

13:00:00 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0xc80, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3)
r3 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
getsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0xb)
ioctl$BLKTRACESTART(r3, 0x1274, 0x0)

[ 1330.169847][T24834] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:00:00 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/sev/loop#\x00', 0x0, 0x0)

13:00:00 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x84]}, 0x7}, 0x1c)

13:00:00 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400454ca, 0x1)

13:00:00 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/uev/loop#\x00', 0x0, 0x0)

13:00:00 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1283b, 0x0)

13:00:00 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

[ 1330.931462][T24968] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1332.208743][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1332.214891][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1333.008743][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1333.015871][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1334.288814][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1334.294929][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1335.088756][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1335.094868][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1336.368765][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1337.168762][   T22] Bluetooth: hci1: command 0x1009 tx timeout
13:00:11 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x951001, 0x0)
sendmsg$inet6(r1, &(0x7f0000000400)={&(0x7f00000000c0)={0xa, 0x4e20, 0x200, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000100)="f71f762afd5c16c4054d35698a5c47345ae23ef4799e112562332a4a5e45b141542590937d07a96edeb4c1c2e920854d4c6302b04b2ca4cd31472b852aa6bdd76d31e969802e5ed1c9d5f12605102e5717c340ab95057508e8ebf28e5a6dd4d480dedc537b81abe59bf87811beb4553ca75b8094ac495f16", 0x78}], 0x1, &(0x7f00000001c0)=[@dstopts={{0x38, 0x29, 0x37, {0x33, 0x3, [], [@padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x200}, @padn={0x1, 0x2, [0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x80}, @ra={0x5, 0x2, 0x2}]}}}, @rthdr={{0x48, 0x29, 0x39, {0x0, 0x6, 0x3, 0xff, 0x0, [@remote, @initdev={0xfe, 0x88, [], 0x1, 0x0}, @mcast2]}}}, @dstopts={{0xf8, 0x29, 0x37, {0x3a, 0x1b, [], [@enc_lim={0x4, 0x1, 0x5}, @jumbo={0xc2, 0x4, 0x5}, @pad1, @calipso={0x7, 0x30, {0x2e4c4575, 0xa, 0x20, 0x1, [0x7, 0x4, 0xc246, 0x7013, 0x80]}}, @pad1, @jumbo={0xc2, 0x4, 0x5}, @generic={0x18, 0x96, "faba6e3d4003d1d3cbf6f790775a755cdbbcddb45d2e06536805eea517a6e80c61d0d73362ba9e49b8b1b0fe0d481373d09188474da9698c4ba90f5518f171372dad36f684b5e5ecf154abafd454458745634f37957173921edbcc5b1f2d7f1b9262654d1ef6a70c73cf36966b3fd5230809572a13f7b347651116eea055b692cb7fb107ce81ebea81c829a1b3f700213ba4c661a7cc"}]}}}, @hopopts={{0x50, 0x29, 0x36, {0x11, 0x7, [], [@padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x2bf}, @calipso={0x7, 0x18, {0x6, 0x4, 0xf9, 0xd3, [0xa64, 0x8]}}, @jumbo={0xc2, 0x4, 0xff}, @enc_lim={0x4, 0x1, 0x91}, @pad1, @padn={0x1, 0x1, [0x0]}]}}}, @rthdr={{0x58, 0x29, 0x39, {0x2, 0x8, 0x2, 0x6, 0x0, [@mcast1, @remote, @mcast2, @remote]}}}], 0x220}, 0x80000)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:00:11 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x181000, 0x4)
ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0xd)

13:00:11 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/xev/loop#\x00', 0x0, 0x0)

13:00:11 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1283c, 0x0)

13:00:11 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455cb, 0x1)

13:00:11 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2]}, 0x7}, 0x1c)

13:00:11 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/\x92ev/loop#\x00', 0x0, 0x0)

13:00:11 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3]}, 0x7}, 0x1c)

13:00:11 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x40049409, 0x1)

[ 1341.683379][T24984] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:00:11 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1283d, 0x0)

13:00:11 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4]}, 0x7}, 0x1c)

13:00:11 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/d%v/loop#\x00', 0x0, 0x0)

[ 1342.454291][T25107] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1343.809034][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1343.815312][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1344.528808][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1344.534934][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1345.888949][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1345.895073][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1346.608793][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[ 1346.614903][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1347.969013][T18189] Bluetooth: hci0: command 0x1009 tx timeout
[ 1348.688751][T18189] Bluetooth: hci1: command 0x1009 tx timeout
13:00:23 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x40086602, 0x1)

13:00:23 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440)='/dev/snapshot\x00', 0x2e08e0fabaa06ba3, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000a00)={'filter\x00', 0x7, 0x4, 0x558, 0x140, 0x358, 0x0, 0x470, 0x470, 0x470, 0x4, &(0x7f0000000480), {[{{@arp={@multicast1, @dev={0xac, 0x14, 0x14, 0xa}, 0xffffff00, 0x0, @mac=@dev={[], 0x14}, {[0x101, 0x101, 0x101, 0x101, 0xff]}, @mac=@remote, {[0x0, 0x0, 0x0, 0x0, 0xff, 0xff]}, 0x0, 0x1928, 0x100, 0x8, 0x3a85, 0x5, 'rose0\x00', 'rose0\x00', {}, {0xff}, 0x0, 0x200}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @multicast2, @multicast2, 0xabf01ff6198620e1, 0xffffffff}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0xd}, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffff00, 0xff, @mac=@remote, {[0xff, 0xff, 0x0, 0x7794dba63e2d1c20, 0x0, 0x101]}, @empty, {[0xff, 0xff, 0xff, 0x1fe, 0x80]}, 0xee, 0x81, 0x0, 0x1, 0x75e, 0x7f, 'nr0\x00', 'dummy0\x00', {0x1fe}, {0x7f}, 0x0, 0xa2}, 0xf0, 0x218}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x200, 'system_u:object_r:unconfined_exec_t:s0\x00'}}}, {{@uncond, 0xf0, 0x118}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0xfffd}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x5a8)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x6c, r3, 0xd0f, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @local, 0x2}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="88000000", @ANYRES16=r3, @ANYBLOB="000426bd7000ffdbdf250500ec59526001005400020008000400acbf0000080001000f0000000800020008000000080002005f7b0000080002000100000008000100110000000800020008000000080002000900000008000400040000000800030048fcffff1c0009000800010006000000084001000100000008000200004bf9f2"], 0x88}, 0x1, 0x0, 0x0, 0x40008000}, 0x4000000)
r4 = shmget(0x1, 0x3000, 0x10, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_STAT(r4, 0xd, &(0x7f0000000340)=""/149)
shmctl$SHM_STAT(r4, 0xd, &(0x7f0000000200)=""/245)
r5 = getpid()
sched_setscheduler(r5, 0x5, &(0x7f0000000380))
capget(&(0x7f0000000300)={0x19980330, r5}, &(0x7f0000000400)={0xaa4, 0x40, 0x2, 0x3, 0x8, 0x6})
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:00:23 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x5]}, 0x7}, 0x1c)

13:00:23 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1283e, 0x0)

13:00:23 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x40000000000, 0x80)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100)={<r2=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000240)={0x4, 0x8, 0xfa00, {r2, 0x420a}}, 0x10)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000180)=""/187, &(0x7f0000000000)=0x3a1)
close(r0)

13:00:23 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/d\\v/loop#\x00', 0x0, 0x0)

[ 1353.164115][T25112] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1353.173753][T25121] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
13:00:23 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dnv/loop#\x00', 0x0, 0x0)

13:00:23 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x6]}, 0x7}, 0x1c)

[ 1353.226044][T25121] capability: warning: `syz-executor.4' uses 32-bit capabilities (legacy support in use)
13:00:23 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1283f, 0x0)

13:00:23 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x4020940d, 0x1)

13:00:23 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/d\x92v/loop#\x00', 0x0, 0x0)

[ 1353.296098][T25121] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
13:00:23 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x7]}, 0x7}, 0x1c)

13:00:23 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x80044326, 0x1)

13:00:23 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/de\\/loop#\x00', 0x0, 0x0)

[ 1353.944109][T25251] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1355.248821][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1355.256774][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1355.968803][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1355.976252][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1357.328896][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1357.335367][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1358.048830][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1358.055060][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1359.408827][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1360.128819][   T22] Bluetooth: hci1: command 0x1009 tx timeout
13:00:34 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f00000000c0)="4b151379329ea3f3831c58f3d9cd60834d21d5de8aa9325ff0bd7cfe0bd74de491661a771b027d7bb99c9cc785b713d0d65d0fbe534d1742809ae51b235d40f8b78d04bd8b87c6126287e7a82f3c2d428bb8faafa64740667a40e686a2ee303dcdd298c3f016505074225712bc950ffeec571d400507456df3c7174549b25a4611233765cb61c3747832cd3fe4f050fb0566aad3de803a431d6de3508f9846a9b13f65b188dda77d1b4beb67e5e2b05fc40caa6a7405ac4825030481e94ba2ae86881fba824f377348bcc4b2f1a8337f", 0xd0}, {&(0x7f00000001c0)="e771ae2c2df9ae482d2aade9244d59f2a9061d71df7a2b226d83d412dd80db34ff292a38c5509e2df4ec2e9b5bf9653e83d87ff44cba8cc270c00f6d75185d1486072f4c50247d06d1565420607ce1a803699d568152671af80db51c0e51c149", 0x60}, {&(0x7f0000000240)="20f41d8e994e15d36c272c8ef7b42cef7a0e84e97f00bcfefe48d450f5431c71440a09077bee66d1d3d1d1e26be0ffd7d3f4d6d031f25244078a8354f18bb190ff91054d21e76acf77a1e12b65a0d06574b618197087bf8684047db1ac291f6f7581679caaa00937b8", 0x69}], 0x3)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x2, 0x200101)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

13:00:34 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x200, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket(0xa, 0x80000, 0x7)
r2 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f00000003c0))
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f00000002c0)={0x0, r3, 0x3, 0x0, 0x100, 0xda58})
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@initdev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@local}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xfffffde4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip_vti0\x00', r4})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mountinfo\x00')
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f0000000180)='vmnet0{ppp0#][\x00', 0x0, r0)
r6 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x3, 0x2)
ioctl$EVIOCGLED(r6, 0x80404519, &(0x7f0000000080)=""/163)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x6c, r8, 0xd0f, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @local, 0x2}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2008c80}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)={0x134, r8, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x24, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x800}]}, @TIPC_NLA_BEARER={0x6c, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x0, @empty, 0x1000}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x54, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xd}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8fd9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK={0x1c, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2de5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}]}]}, 0x134}, 0x1, 0x0, 0x0, 0x40}, 0x1)

13:00:34 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12840, 0x0)

13:00:34 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x8]}, 0x7}, 0x1c)

13:00:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x80045430, 0x1)

13:00:34 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/de\x92/loop#\x00', 0x0, 0x0)

13:00:34 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev\\loop#\x00', 0x0, 0x0)

13:00:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x80045432, 0x1)

13:00:34 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x9]}, 0x7}, 0x1c)

[ 1364.114223][T25268] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:00:34 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x408400, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2002, 0x0)

13:00:34 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/devnloop#\x00', 0x0, 0x0)

13:00:34 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12841, 0x0)

[ 1364.889832][T25490] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1366.208762][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1366.215970][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1366.928748][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1366.934962][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1368.288804][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1368.294923][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1369.008753][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1369.014870][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1370.368798][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1371.088796][   T22] Bluetooth: hci1: command 0x1009 tx timeout
13:00:45 executing program 3:
sync_file_range(0xffffffffffffffff, 0x195, 0x0, 0x3)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:00:45 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0xa]}, 0x7}, 0x1c)

13:00:45 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev\x92loop#\x00', 0x0, 0x0)

13:00:45 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x20800, 0x0)
ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000040))
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
openat(r3, &(0x7f0000000080)='./file0\x00', 0x1, 0x28)
r4 = semget$private(0x0, 0x3, 0x240)
semctl$IPC_RMID(r4, 0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f00000000c0)=[0xfffc, 0x4], 0x2)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r8 = dup3(r2, r7, 0x80000)
sendmsg$IPVS_CMD_GET_DEST(r8, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x138, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x38, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@broadcast}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x4}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8001}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x4}]}, @IPVS_CMD_ATTR_DEST={0x50, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xffffb74d}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x555}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x1f}}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7fffffff}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x81}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x543a}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xff}]}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x4}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x4001}, 0x4000001)

13:00:45 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x80045438, 0x1)

13:00:45 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12842, 0x0)

13:00:45 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0xe]}, 0x7}, 0x1c)

13:00:45 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/%oop#\x00', 0x0, 0x0)

[ 1375.624031][T25505] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:00:45 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12843, 0x0)

13:00:45 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x80045439, 0x1)

13:00:45 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x10]}, 0x7}, 0x1c)

13:00:45 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/.oop#\x00', 0x0, 0x0)

[ 1377.728747][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1377.735008][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1379.808876][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1379.814986][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1381.888750][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:00:55 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x11]}, 0x7}, 0x1c)

13:00:55 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x80045440, 0x1)

13:00:55 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12844, 0x0)

13:00:55 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev//oop#\x00', 0x0, 0x0)

13:00:55 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = dup(0xffffffffffffffff)
ftruncate(r0, 0x5)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
accept4(r2, &(0x7f0000000140)=@xdp={0x2c, 0x0, <r3=>0x0}, &(0x7f00000001c0)=0x80, 0x80000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'vxcan1\x00', r3})
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:00:55 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r0 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000000))
dup3(r0, r0, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r3 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r1, 0x0)
write$P9_RLOPEN(r1, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r4)
r5 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r7 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r6, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r5, 0x0)
write$P9_RLOPEN(r5, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r6, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r8 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, r8)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
r12 = fcntl$dupfd(r11, 0x0, r11)
ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200)
r13 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r12, 0x4c81, r13)

13:00:55 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x48]}, 0x7}, 0x1c)

13:00:55 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/\\oop#\x00', 0x0, 0x0)

13:00:55 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12845, 0x0)

13:00:55 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x800454d2, 0x1)

[ 1385.892157][T25707] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:00:55 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000000)=0x3)
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1)

13:00:56 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/noop#\x00', 0x0, 0x0)

13:00:56 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4c]}, 0x7}, 0x1c)

13:00:56 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/\x92oop#\x00', 0x0, 0x0)

13:00:56 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x800455c9, 0x1)

13:00:56 executing program 4:
r0 = socket(0x1e, 0x4, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TIOCSCTTY(r1, 0x540e, 0x100000001)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x40, 0x9, 0x200, 0x7, 0x6, 0x81, 0x100, 0x3}, &(0x7f0000000040)=0x20)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x80, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x103000, 0x0)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0)

[ 1386.658173][T25707] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1387.968795][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1387.975001][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1388.688914][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1388.695196][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1390.048815][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1390.054932][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1390.768895][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[ 1390.775015][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1392.128820][T18189] Bluetooth: hci0: command 0x1009 tx timeout
[ 1392.848927][T18189] Bluetooth: hci1: command 0x1009 tx timeout
13:01:07 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x5c]}, 0x7}, 0x1c)

13:01:07 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12846, 0x0)

13:01:07 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/l%op#\x00', 0x0, 0x0)

13:01:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x800455ca, 0x1)

13:01:07 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r2=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r2}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000007c0)={r2, 0x3}, &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r2, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={<r3=>r2, 0xca, "7570385e47d016006b64be7e31f76a6e021350717e5e402f6f9d10946c8002031c49667a5cf9cfdf660cb63405dfce63cb3b55e18b254e88a9bf16a8e18f6e511fd58eedc1d73bc289d102c0163933e975c39275236e9bb81e9b43793463db928453e8e8a64547fb85d3913ad29244f51a41ff3d83a983de8a7624b9db41c58fc8aa477b2f0cc61d825af1899f990e73c09b0cfe085d016aaa12dc98086b3e351ed82602434616bdca83723b1079be73e74c50570ae33f5871114d7bb33392499da0b2ab463a84891bff"}, &(0x7f0000000100)=0xd2)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r3, 0x1f}, &(0x7f0000000180)=0x8)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:01:07 executing program 3:
r0 = socket$inet(0x2, 0xc6774f4894226345, 0x0)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000001c0)=@gcm_256={{0x303}, "bb85876c8fcbb21d", "0f80b4c941853e0e1107aacd19734ff2809630e33ad19c318775d4eaca681b98", "6fe3a190", "7fe09df560537109"}, 0x38)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000000c0))
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/mixer\x00', 0x0, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r5, 0x111, 0x2, 0x0, 0x4)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000280)=0x1)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
connect$pptp(r4, &(0x7f0000000180)={0x18, 0x2, {0x2, @multicast1}}, 0x1e)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f00000002c0)={0x3, 0x1, 0x6})
splice(r0, &(0x7f0000000200)=0x8, r6, &(0x7f0000000240)=0x8, 0x5, 0x6)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r3, 0x400455c8, 0x1)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000100)=0x100, &(0x7f0000000140)=0x2)
close(r3)

13:01:07 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x68]}, 0x7}, 0x1c)

13:01:07 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/l\\op#\x00', 0x0, 0x0)

[ 1397.377786][T25990] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:01:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x800455cc, 0x1)

13:01:07 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12847, 0x0)

13:01:07 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x6c]}, 0x7}, 0x1c)

13:01:07 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/l\x92op#\x00', 0x0, 0x0)

13:01:07 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000040)={0x1})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x3, 0x0)
prctl$PR_SET_PDEATHSIG(0x1, 0x6)

13:01:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x80086301, 0x1)

13:01:07 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/lo%p#\x00', 0x0, 0x0)

13:01:07 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x74]}, 0x7}, 0x1c)

13:01:07 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12848, 0x0)

[ 1398.153767][T26226] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1399.488773][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1399.494905][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1400.208806][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1400.214930][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1401.568844][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1401.574983][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1402.288873][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1402.294995][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1403.648840][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1404.368759][T18149] Bluetooth: hci1: command 0x1009 tx timeout
13:01:18 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'\x86yz'}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, r1)
r2 = syz_open_dev$admmidi(0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0)
chown(&(0x7f0000000140)='./file0\x00', r3, 0x0)
getgroups(0x1, &(0x7f0000000200)=[<r4=>0x0])
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r5, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
ioctl$FS_IOC_GETFLAGS(r5, 0x80086601, &(0x7f0000000000))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r6=>0x0}, &(0x7f00000003c0)=0xc)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = semget(0x2, 0x2, 0x6fe)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8)
lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
semctl$IPC_SET(r8, 0x0, 0x1, &(0x7f0000000740)={{0x81, r9, r10, r11, r12, 0x20, 0xc760}, 0x3, 0xfffffffffffff1d7, 0xfffffffffffffff7})
setresgid(r4, r6, r10)
keyctl$chown(0x4, r1, r3, r10)

13:01:18 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0xc0045878, 0x1)

13:01:18 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x7a]}, 0x7}, 0x1c)

13:01:18 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/lo\\p#\x00', 0x0, 0x0)

13:01:18 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12849, 0x0)

13:01:18 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r2 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r3}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000007c0)=ANY=[@ANYRES32=r3, @ANYBLOB="03b04410"], &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r3, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000000)={r3, 0x5}, &(0x7f00000000c0)=0x8)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$IP_VS_SO_SET_EDIT(r4, 0x0, 0x483, &(0x7f0000000100)={0x33, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x2, 'nq\x00', 0xa, 0x400, 0x62}, 0x2c)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r5 = dup3(0xffffffffffffffff, r0, 0x80000)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x0, 0x0)
write$vnet(r6, &(0x7f0000000300)={0x1, {&(0x7f0000000180)=""/232, 0xe8, &(0x7f0000000280)=""/106, 0x1, 0x4}}, 0x68)
ioctl$SCSI_IOCTL_DOORUNLOCK(r5, 0x5381)

13:01:18 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x84]}, 0x7}, 0x1c)

13:01:18 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/lo\x92p#\x00', 0x0, 0x0)

13:01:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0xc0045878, 0x1)

[ 1408.913593][T26242] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:01:19 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1284a, 0x0)

13:01:19 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo##\x00', 0x0, 0x0)

13:01:19 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

13:01:19 executing program 4:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

13:01:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0xc0189436, 0x1)

13:01:19 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo%#\x00', 0x0, 0x0)

13:01:19 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3)

13:01:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0xc020660b, 0x1)

[ 1409.687548][T26305] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1411.008750][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1411.014977][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1411.728762][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1411.734888][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1413.088815][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1413.095046][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1413.808829][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1413.814952][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1415.168800][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1415.888790][   T22] Bluetooth: hci1: command 0x1009 tx timeout
13:01:30 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1284b, 0x0)

13:01:30 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo*#\x00', 0x0, 0x0)

13:01:30 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xf8, 0x8}, 0xc)

13:01:30 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2)

13:01:30 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x2]}, 0x7}, 0x1c)

13:01:30 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r2, 0x5386, &(0x7f0000000000))

13:01:30 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo+#\x00', 0x0, 0x0)

13:01:30 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3]}, 0x7}, 0x1c)

[ 1420.415067][T26493] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:01:30 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1284c, 0x0)

13:01:30 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x200140, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:01:30 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo-#\x00', 0x0, 0x0)

13:01:30 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4]}, 0x7}, 0x1c)

13:01:30 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x3)

13:01:30 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo.#\x00', 0x0, 0x0)

13:01:30 executing program 4:
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x40, 0x113881)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000040)={0x0, 0x2, 0x7f, 0x80, 'syz1\x00', 0x7ff})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x1, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:01:30 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1284d, 0x0)

13:01:30 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x5]}, 0x7}, 0x1c)

[ 1421.207487][T26730] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1422.448762][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1422.454901][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1423.248767][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1423.254900][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1424.528825][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1424.534950][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1425.328818][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[ 1425.334935][T12958] Bluetooth: hci1: sending frame failed (-49)
[ 1426.608795][T18189] Bluetooth: hci0: command 0x1009 tx timeout
[ 1427.408772][T18189] Bluetooth: hci1: command 0x1009 tx timeout
13:01:41 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo0#\x00', 0x0, 0x0)

13:01:41 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)

13:01:41 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x6]}, 0x7}, 0x1c)

13:01:41 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1284e, 0x0)

13:01:41 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/\x01\x00\x00\x00\x00\x00\x00\x00\xff\xff\xffl\x00', 0xf5adcfedf5492ecd, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:01:41 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x189280, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r2 = accept4(r1, &(0x7f0000000100)=@sco, &(0x7f0000000080)=0x80, 0x80000)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getpeername$packet(r3, &(0x7f0000000780)={0x11, 0x0, <r4=>0x0}, &(0x7f00000007c0)=0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000800)={'ip6_vti0\x00', r4})
r5 = dup(r1)
ioctl$VIDIOC_G_OUTPUT(r5, 0x8004562e, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x19)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
prctl$PR_GET_SECUREBITS(0x1b)

13:01:41 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000040)={0x0, <r3=>0x0})
setpriority(0x0, r3, 0x8)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
fcntl$F_SET_FILE_RW_HINT(r4, 0x40e, &(0x7f0000000000))

[ 1431.887809][T26740] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:01:41 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7]}, 0x7}, 0x1c)

13:01:42 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/looX#\x00', 0x0, 0x0)

[ 1431.940048][T18922] Bluetooth: hci0: Frame reassembly failed (-84)
13:01:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1284f, 0x0)

13:01:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x2, 0x0)
getsockopt$SO_J1939_PROMISC(r1, 0x6b, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x2)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x0)
close(r2)
ioctl$GIO_UNIMAP(r2, 0x4b66, &(0x7f00000000c0))

13:01:42 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x8]}, 0x7}, 0x1c)

13:01:42 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo\\#\x00', 0x0, 0x0)

[ 1432.124858][T26859] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1432.894722][T26869] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1433.968947][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1433.975167][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1434.208768][T18189] Bluetooth: hci1: command 0x1003 tx timeout
[ 1434.214901][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1434.928769][T18149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1434.934903][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1436.049067][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1436.055174][T19051] Bluetooth: hci0: sending frame failed (-49)
[ 1436.288762][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1436.294864][T19051] Bluetooth: hci1: sending frame failed (-49)
[ 1437.008809][T18149] Bluetooth: hci2: command 0x1001 tx timeout
[ 1437.014917][T19051] Bluetooth: hci2: sending frame failed (-49)
[ 1438.129132][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1438.368761][T18149] Bluetooth: hci1: command 0x1009 tx timeout
[ 1439.088769][T18149] Bluetooth: hci2: command 0x1009 tx timeout
13:01:52 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x5)

13:01:52 executing program 4:
syz_open_dev$vcsa(&(0x7f0000000080)='/dev\x00', 0x20000000020, 0x404000)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:01:52 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x9]}, 0x7}, 0x1c)

13:01:52 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/looc#\x00', 0x0, 0x0)

13:01:52 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12850, 0x0)

13:01:52 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/lood#\x00', 0x0, 0x0)

13:01:52 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xa]}, 0x7}, 0x1c)

13:01:52 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x6)

13:01:52 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12851, 0x0)

13:01:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x1a1403)
getsockopt$inet6_dccp_int(r1, 0x21, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
close(r0)

13:01:53 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/looi#\x00', 0x0, 0x0)

13:01:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xe]}, 0x7}, 0x1c)

13:01:53 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x7)

13:01:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12852, 0x0)

13:01:53 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r2 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r0, 0x0)
write$P9_RLOPEN(r0, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, r3)
r4 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r5 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x101, 0x40000)
r6 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r7=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r7}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f00000007c0)={r7, 0x3}, &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r7, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={r7, 0x9}, &(0x7f0000000140)=0x8)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r9 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r8, 0x3, r9, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r8, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r4, 0x0)
write$P9_RLOPEN(r4, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r8, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r10 = ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, r10)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
r12 = fcntl$dupfd(r11, 0x0, r11)
ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200)
ioctl$LOOP_CTL_REMOVE(r12, 0x4c81, r10)

13:01:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x10]}, 0x7}, 0x1c)

13:01:53 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/\x00a\x00\x00\x00\x00\x00\x00\x00\x00\xe7\xff\xff\xff\x00', 0x1d1580, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:01:53 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/lool#\x00', 0x0, 0x0)

[ 1443.445600][T27012] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:01:53 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8)

13:01:53 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12853, 0x0)

13:01:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x11]}, 0x7}, 0x1c)

[ 1444.232277][T27016] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1445.568748][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1445.574865][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1446.288765][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1446.294922][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1447.648806][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1447.655024][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1448.368768][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1448.374891][T15043] Bluetooth: hci1: sending frame failed (-49)
[ 1449.728883][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1450.448800][T18149] Bluetooth: hci1: command 0x1009 tx timeout
13:02:04 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0x6, 0x2, 0x1, 0xffffffff, 0x1b, 0x0, 0x0, 0x5, 0x6, 0xfffffffb, 0xa74d, 0x8})
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:02:04 executing program 4:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

13:02:04 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/looo#\x00', 0x0, 0x0)

13:02:04 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)

13:02:04 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x48]}, 0x7}, 0x1c)

13:02:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12854, 0x0)

13:02:05 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
accept$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000380)=0x14)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000080)=0x3)
sendmsg$nl_route_sched(r1, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xcb05d1a319ff9304}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@gettfilter={0x40, 0x2e, 0x10, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd, 0xd}, {0x14, 0xfff1}, {0x7, 0xa}}, [{0x8, 0xb, 0x30000}, {0x8}, {0x8, 0xb, 0xffffffec}]}, 0x40}, 0x1, 0x0, 0x0, 0x880}, 0x20)

[ 1454.937111][T27037] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:02:05 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loos#\x00', 0x0, 0x0)

13:02:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4c]}, 0x7}, 0x1c)

[ 1454.983368][T27048] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
13:02:05 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12855, 0x0)

13:02:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x5c]}, 0x7}, 0x1c)

13:02:05 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loou#\x00', 0x0, 0x0)

[ 1455.757404][T27049] debugfs: Directory 'hci2' with parent 'bluetooth' already present!
[ 1457.008829][   T22] Bluetooth: hci0: command 0xfc11 tx timeout
[ 1457.014984][ T1531] Bluetooth: hci0: Entering manufacturer mode failed (-110)
[ 1457.088838][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1457.094960][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1457.808862][T18189] Bluetooth: hci2: command 0x1003 tx timeout
[ 1457.815089][ T1531] Bluetooth: hci2: sending frame failed (-49)
[ 1459.168798][T18189] Bluetooth: hci1: command 0x1001 tx timeout
[ 1459.174910][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1459.888828][T18189] Bluetooth: hci2: command 0x1001 tx timeout
[ 1459.894944][ T1531] Bluetooth: hci2: sending frame failed (-49)
[ 1461.248747][T18189] Bluetooth: hci1: command 0x1009 tx timeout
[ 1461.968791][T18189] Bluetooth: hci2: command 0x1009 tx timeout
13:02:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/\"e\xf0{\x84\xbf\xec\xb5\t', 0x40000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000000)={0x5, 0xffffffffffffff1e, 0x7ff, 0x2, 0xffff})
ioctl$KDADDIO(r0, 0x400455c8, 0x1ff)
close(r0)

13:02:16 executing program 4:
r0 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="fc00000001000000a4b5d12113fca107a593afd3bf26a83e21cbc9433d911c5f6cff68fee86e151052ccafbb658b8243a18c85911d13b557a30b72eab1d9d22d08f0aef34d897beb7142951dde06f567c6ac7462bcae809cab5c5044ef3000654766939af66ce721a8a9d8ddfb214220a36beb85e874bbdde8d90e63bdf65bd3b50e461c4171719a996b37fb1171d56d72d39fd327bd7ee9e5f0e7e2ffa2bdb6f491c8f2e79cc7a8c789be693eb626180bdb7e3e0c69b0b34c168d5598c72c704e7429d7b94eecfbb898859d4bcfabe0cda4766912b241341bcf8520b4323739676e8f58bc13de22f9e9a2c905f7a0648936c31bc6a835af6b8a6d23"], 0x163004)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x8000, 0x0)
ioctl$USBDEVFS_DISCSIGNAL(r2, 0x8010550e, &(0x7f0000000080)={0x7fff, &(0x7f0000000040)="5750ade63124cf5b47dee59105ade1b926483127fd92b8a6a948edd0"})

13:02:16 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x68]}, 0x7}, 0x1c)

13:02:16 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loox#\x00', 0x0, 0x0)

13:02:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12856, 0x0)

13:02:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xa)

13:02:16 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x6c]}, 0x7}, 0x1c)

13:02:16 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo\x92#\x00', 0x0, 0x0)

13:02:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xb)

13:02:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12857, 0x0)

13:02:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x6, 0x7, 0x7f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:02:16 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x74]}, 0x7}, 0x1c)

13:02:16 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo\xa1#\x00', 0x0, 0x0)

[ 1466.677456][T27297] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:02:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xf)

13:02:16 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7a]}, 0x7}, 0x1c)

13:02:16 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loopn\x00', 0x0, 0x0)

13:02:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12858, 0x0)

13:02:16 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x84]}, 0x7}, 0x1c)

13:02:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x10)

13:02:17 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop\x92\x00', 0x0, 0x0)

13:02:17 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

13:02:17 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x02', 0x0, 0x0)

[ 1467.441846][T27335] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1468.771809][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1468.777953][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1469.568816][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1469.574948][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1470.848833][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1470.854943][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1471.648825][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1471.654944][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1472.928791][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1473.728764][   T22] Bluetooth: hci1: command 0x1009 tx timeout
13:02:27 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00')
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000030}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x100, 0x70bd2b, 0x25dfdbfc, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040015}, 0x0)
close(r0)

13:02:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12859, 0x0)

13:02:27 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x11)

13:02:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:02:27 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x7}, 0x1c)

13:02:27 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x7f, 0x200100)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$VIDIOC_G_CROP(r3, 0xc014563b, &(0x7f0000000100)={0x2, {0x7, 0x12, 0x9c, 0x101}})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x0, <r4=>0x0, 0x7, 0x7fff})
openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x2, 0x0)
prctl$PR_SET_PDEATHSIG(0x1, 0x1d)
ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000080)={0xfffffffffffffff9, r4})

13:02:28 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x04', 0x0, 0x0)

13:02:28 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x7}, 0x1c)

13:02:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x25)

[ 1477.996536][T27351] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:02:28 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1285a, 0x0)

13:02:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x5a)

13:02:28 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={<r2=>0x0, 0x400}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000000c0)={r2, 0x3f, 0x2, [0x8a, 0x29dc]}, 0xc)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, &(0x7f0000000000)=0x1, 0x2)

[ 1478.769669][T27396] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1480.128915][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1480.136312][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1480.848813][   T22] Bluetooth: hci1: command 0x1003 tx timeout
[ 1480.855023][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1482.208844][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1482.214989][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1482.928794][   T22] Bluetooth: hci1: command 0x1001 tx timeout
[ 1482.934902][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1484.289083][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1485.008759][   T22] Bluetooth: hci1: command 0x1009 tx timeout
13:02:39 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x8c000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$VIDIOC_S_STD(0xffffffffffffffff, 0x40085618, &(0x7f0000000100))
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$KDSETMODE(r1, 0x4b3a, 0x5)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
lookup_dcookie(0x2, &(0x7f0000000000)=""/61, 0x3d)
r2 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f00000002c0)={'bcsh0\x00', {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}})
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={0x1, &(0x7f0000000140)="32ff6ef484a5d80bec3702a74412aa22203ba5226112ea4647eb44180098f9769b8f85d17ddbf57634a26374598451eac2a05e1159a9dfc51f02f8bbb2915145daff0e84", &(0x7f00000001c0)=""/122, 0x4}, 0x20)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$KVM_TPR_ACCESS_REPORTING(r6, 0xc028ae92, &(0x7f0000000340)={0x4, 0x15fb})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f0000000280)=0x1000)
syz_genetlink_get_family_id$devlink(&(0x7f0000000300)='devlink\x00')
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:02:39 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x7}, 0x1c)

13:02:39 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x05', 0x0, 0x0)

13:02:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x63)

13:02:39 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1285b, 0x0)

13:02:39 executing program 4:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x402, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000040)={0x9887, 0x9})

13:02:39 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x7}, 0x1c)

13:02:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x300)

13:02:39 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x06', 0x0, 0x0)

13:02:39 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1285c, 0x0)

[ 1489.614122][T27589] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:02:39 executing program 4:
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/d\xff\xff/looBCr>ntrol\x00', 0x2, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff})
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x0, 0x1, 0x1}}, {{0x1, 0x1, 0x1}, {0x0, 0x0, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x3, 0x0, 0x1}}, {{}, {0x2, 0x0, 0x0, 0x1}}, {{0x4, 0x0, 0x1}, {0x2, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1}}, {{0x1, 0x0, 0x1}, {0x0, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x1, 0x1}}], 0x40)

13:02:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x393)

[ 1490.341908][T27809] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1491.648796][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1491.654925][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1492.368738][T18149] Bluetooth: hci1: command 0x1003 tx timeout
[ 1492.375145][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1493.728878][T18149] Bluetooth: hci0: command 0x1001 tx timeout
[ 1493.735021][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1494.448787][T18149] Bluetooth: hci1: command 0x1001 tx timeout
[ 1494.454898][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1495.808870][T18149] Bluetooth: hci0: command 0x1009 tx timeout
[ 1496.528801][T18149] Bluetooth: hci1: command 0x1009 tx timeout
13:02:50 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\a', 0x0, 0x0)

13:02:50 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x7}, 0x1c)

13:02:50 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={<r2=>0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @dev}]}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={r2, @in={{0x2, 0x0, @empty}}}, 0x98)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:02:50 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1285d, 0x0)

13:02:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x398)

13:02:51 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x890000)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="504f6575b18020d47e8d4c0bbe945dcb6f01ccf57974690d146344821cd15303a37105c3b35d1636492f2d9d34e90658ca3e386ce586d0abe0c448cbe9bf564b06a54d1ed709647ed055f136c0c0d83a76f2a49e49fa0f67651a3bd512f324f0f618766bfe5c26218ec1f3d349d9b9423d491438bf257becc2c6cc9b0e34af436f289d56870609556857aefb07e47f0994f387f455c8f530aad56f4db8cee21b20b5ec033e05e14d96ce025551fe61f9452ea9770627c3ebe3e742a79fa548772e075de37b88c82d3e6db8e25d24423e9c36a7400b8f53102638c30836ed5b5093a9fdc03061c6b561e67a27e6d518dda3f11b18d90223dd6f23d6091a84b1865c213d3b755d13f128bf1c2be8a0f4cc19ea4e2af78438e84ecdb59b8d6c49ace7ee09c363ddb6272f81a5b4d168587085d0fda7fb6062ef87c0effe3c14440bb42b66acd683a394f490cc1762b4144249c4b304fdaa9cc3ce8357a65b3e47a2f9dbf90f9ecef674a1061e2fd088666d2dc8afebf0b0df481389eda258a8fd8611675cf4629197ef68cf6fde4f9470e1f53566994007d92b953cc42fa3e45fa4deb487b59cb034d6e300faf6e43b79911fefade238bded8a17b67633044fb670335d44f81149d82285797f55db5a144cda061b57707317e7a587ad0fd4dd9d82a3490de4f445a1c9042b85e7e94aed90f035cc19b0cc7173bf31e06b32425142cdef25362a35f5002b236d9888c5fd34853fbbec6809d27af924e4d3510c128b4f5b0403b71eb28a3a59ed976ea5e01a807e806d224c70ec79291d4d7cb188bc05f7e46d626688594ddf9071f3b728887b0e38491d12b6cd6264c75d070fa06591af3965841d7f1a501a8f153ab809b7a4c5d1728408db0bd7e6883b00238b0ade338b634906e728784127218b5f00c8c449d3427b323c77b3b09b589da6df778742543ea2a486aa81867385f07b1ed5978353d0b0ab1799f11ed50dea092b70a9965aac3e5fde7b4c0b89c00dbd91f4b94796041e8d359be951148e898b9e8374775ca25e7ac87f3e5483b4f453e631762a3e62ace9764c9e74783eb6cc660d46dc380b1e921a0742c1863169943c977177662b5dee21d8e76dca0d3ed13c2b3be3233674313710e7b20642f8944aafc1f69c0f930a2fd8c3fe622484c9f573c37e3eb1cfe801d1d3f4510423948e2bae2110be6f8543f77d24e8abf5a43d85aab849ada73003de8c7f90b0fefcdcba50e0da31e9bc06cde706b61d828365f1a5ad89354f3a300b8c7d9a5aa4599411dadcda87c3acf66ee967406336cf6bb5f42bf5a9c51ec7310880c8fe0db2e8293b3a4651e83e67542ed82ccec3371e18b19092f29fa720b99f104ea6955176593859814b5c1da7f2053aaee2690a44a25b163bf895b57d9e6b592f6422fa6c93b8db109caa38a55dbc0384269954f8c5e6fddfdb13e0c0594c996b5d792f5d85fdf4be71c80b1d32bdb8f58a8120046ff5b57078743611a65167c3a668521d1631563b94a98b18dd9894c2db1f9516edf8cfda905535d3340348e54c6e725ae6a99097ef7e405bc003b45f834675d75c1ad3573af365856f1bebbc7170f3d9c3c565a4b2b779aafd037053e1bc11872b1654e3914f9b464127d49d24c2629de66f261bab81c027a934aacb160b2c159a08be493ced4b05434d79d8341a5f58e6c32c7513bc7beb2996cfded00dad1779d875a0cb6f6758b86fbeed6787cdeec2de820217fa7ab2f79f284c4eca215b548cc4bccb51434520342c5b39416ad309ec2f58b62bd22d304f06b1cd0a0171f3d60c1ab24030e226e42f8874a1b82990483ace90872b79b17822a75566a59f071c58a0fcd0a787693d477902481214beb68bba8e06aad1faf866f54d3106d5928e8ef99a0e710b57321b49b72f06c78d173731877acb8172a97c879b18d480a1c2e19cb58198479d8289e6c917830c48d481ffb428153d6ddce6f8fb43ad1e14a6e89b19e4ee8a92b009b34b7606c04922b264779b7f740a3f89f822edb8d66164aed7ea938392fb9d85aeeeab9a58c3bb187db9c2314383683624ced858e4039e0dd91c43bf5a77a9277fdccce9676859b2a68a87763540be25db70eaecbe937068b752522a863f753982f0a75e323631674c807748b12f87748f9209ac1fc734e2d91ed5f20435b11804be80f32bad2e1c5e02f1a88410ff11fe4cabc0d0db20db2c6d37a7e419c2c6c83ca7dcfed7609ea3fd1a78998ca3eb29e20d8db570d5f2844f4383483c5328cb17479e9a8e6e9e2aa3d2b4cfc75bb641e20b28ccad8bf71245683a24ce0c14d900ca755a7d95815265c19eca0556771467e91cf201fe44f974eb39bb8fd4a08c614d61c4506be27c44a5fdcb222772e4d3e18df4b918fc42b9ad6fb4785225d56794489e7ff1fb9e552bef4495b0fd09f56382f672971353701e47a15f6e25a795c1b11baa6842c09196eebd5ee8fc093bee53157dbc3d44f625ceb85c145c499dd288d22eba8b1339127ad4baea404f8e1dbdf83bf57aa43acc7d8bffa960a9aaf26292e3f3a9f5959ac01c9b048fe8126c976c0322cfe8ce6a4960f3cfed7886199a82af5d22f327e8ea9e83420e14925d02318a9c1d69f5406098cdb9ff256b4de196a29f2da9af2271b4984305f5d519b991709b88516bd3b4dab4f7e32ae39b35b814e759879970e1ec9cf0b36a3fa56a7d76d6367e230c4808084dcf7a5d7afedba98cb8d2001ebc34b4f6c9edbd6723f452de647c8ab6b054fd3d702914d9a91a0cf04a84bc842ee15df4dac1ee3c14e961608db11fee738dc71f96c6217870cbcbf496c87c865cb47e456720eb42e0c6c292045ca47f20806d679b487f42ae9d372f20b5df769ad8f7e60d7e3755a8e937dd9276a7bda5757240992efa287680b4547234666b0f01f435ce2e8102d76531f1cdc63955f538c6c2846cb4fbd400c6b6c9596f459f891f19aa5d6372d82ef217157545526e2914bcc4ffbcf1903962f2e89de13df28f204248922e176ca8ca85784b7ea226a665b047c476c84466c08dfa8b421458c5dac5f630d6a36c10d8ef14c7bf4054fbae62b9ef111ca442dd147933989ba5d5acf476b288ea306eb09b1108168367f988dcc1e1345b02b162f009084e3e8678afb47f53343ca557a503028fecf6a8fcee71cdda8c6396927ee2b3f273beb878e33f34fdb03d6b71c90fed0bb3b642ec891ed1c86d4c073032a40e4902a14b42a7e04c6e2a0c3767b53472d9624e2a122b1dbb74137ff428da337be7a297013b2670498e927d1fe918c8a7e353ae0d6f6f19dd63ef331d81ce74b15e5c27125320c2cbbf5a081152bc04fac07f3efdfc9e7b62472fec4507e87e2b4e88bf272914540b531d79eacb2edd9622695fc9f23880ebf38490aa509c747b0de63ebfc1abf5985a310e3548898f75c8f68c744c94c73e7c4970261b6dfbe23bafa9dfd83dbd774c4d144d2fdefb7e6f74f933738fac19e1ff6980d20ddd44c12a8838003d8ed297faeded724deb4174db03193a7093df63ee6af4ba3fff8b9c00cee344eda1dc0d80f6e00d68b560d6febbc7c1c5b3b99278ae1914fe82e2ed2970ebf6e2520b8f309140590f96219900b2f6497f17096048d327435800b82f5e9130880605dea9b02869558968e49bd61524c85bbc366a070248eaddaf902469b0638bb4d639c8a6d0fadf13d2d055de7ca77fbabc0b4b0209a54882ddbada361917f5e2abfa9a9dd8d57de47af5d20c2d359969ad83067b93fa9e1fa012fd8e7960bd2706ae6df55bf6db41693ab462db7685842f614d56050efcff53e8e40e961694653e24a1ef229f19328270288e1ed3f39402bd333ddd4db021c69860ad678953b5d83e48f96c124b578529c263502f9db0855348603f54aeff4777838933c9f3ff66c3b5075a7accaa53c64add54ca92a7a691ed292438be22e2e8f972a49173b53c65427ca81cc9b00f8bf971916973d3a33440eb3243a349189e6fd8862ba5fdff6b3e9cee2bcc475b8fa426068e1ef9d4e06a0d47bae8383c5a575a8f8e08088fbae6a8727412f9cbba43daab9ceca9859fa715ad002c84221cd2f72abf4e5f072b36583a715b7cf4b71d29602b42129e200d1a9100b0b06062976a0e695b09b23c16839a7c1266c78365ab9be8cfd7056a9ea112dcc44ff3c897db752e97484fefbc566757ca01fa1368230b92b40fc786538e342987985dd1f8e8b547e748a055dbac27a97c8db8e901bf7659c1d4a1cbc3d9a4bcaebfd2930f012312da9248df84569688dd3e74106d10fd805dba3ee20d262d76e8c78d8f76f3bc2c074f1ef2de02765316b9a1515cf3a6172120ce1e64acfd7a2aa7f4d1b581a991a602a53b2f2ed9a4908e8b8d7a73f2c09c39dc625aa890a86accd3f78f73094b7bbfd5e16061ee55239d99135913215054bbc1223294c1877394dcb9e4b4c5a27f3fb515cf3855060fc3a5bc1d85ed733e66696873097f7dc95b352315ae59e93248f148d13683e7891895fb38ad8ed7c418401d4319cb845ac1f7ebed160e269ca610ce106f9bf2f0972049a61383f4e954539bf2c5fbafdaa8bbd449813a0174600962232c63b10e028d30dd261e4eb094cca6d16fa6c6c91c9fb5787b1f3481c8830fc01ecf7ffe18fa87f5eb78a8960af49635896493873027591e032691e59cdfe0d130c546a86b38b51d94c6b0c10a0d5130bc502675dd5201fec47cfacdf95e1718d1be48d2b0d1b73406b147422c55ee9b6e8388a4d7050f16ae3ce5c002fd9269b4235d53bd921ed4e43d9bf32251c30a8599ad7805859286fda595059021049edab18b378320d62a761e39752373f600027bf95028621594a3b193713ed2a80462344cc524ebda4a1c3c78e206285c5518f16b1fc673ed55c73b97df54d226c5b68edd7e257c3bc598b2fbd02245b8e3be6fc87712b3f240d0d2d254f07f89f32c36572cce5fd8fdaaad7d141281177cb52c14626e64259beb8f7a5863d0e2296cecb82d90a005611364ee0b873222b1d3fb93cff2e191626a190ff0e6fab0ec9ce12f9481448f7c2a96daa1ad23336e065a4ddf063d319ed2dcaef96160e9fe5766ccb42dc754c0751d3ece6fc422f0bc8e6d08a543e1b857198bda8b0bd94531f661c618e8721f142e9aa0ffe50bb9972b0b24e04c0812911144eb111530c681d8b0671956e2852c15c6b5d4af86b09c55db322b54d558d407c53b1b5ea225daa60c87dcb6dc8886644dcc4ea02c51950b9f18981c7b4d5367b838b8e889bd446e1408b8dacd0076188f53a07604bb873d01725bde60ef8b3b313a863815f039c47f8b1dced1782e441138be58f39372aa00b261f275875793dfc6055a524eff9db62df7699dd229c35492998114fbf4f1467a247c8d1b703a01951c5543914dc6ec2bef3b87a4e55f03634481ec75e84bbbd850558d10b72b0a3bab0f475fd2b8684f6c371b57bc218d42c5073258a41e2fe954e33fcfdfa99f06517f8541bf3c8d86022c39cc3100b096ce214063aac47e92ee72067645a613377fdfb73b7fded4765d966a9dd942d24ff96345ed16a84d8eb91b55a60226e3c014ebc7576fe5278b03e389dc091c4af19009f911a8624be48cebcd8bc46c2550cae10ae174f25e5cabb6f15f8aee5ada897cf20e56f1e6198d4b60cba60c1d2074a515df6c127485923108d60dc4b054ae7c39176c3215a8ee32637429c1b64f0b675d55c8bf6f259d3b3c91c3cf76e6ee61b06b3f6abd7da0e4bf650dc1a2a864bf47cb89d2706bf6", 0x1000)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$VIDIOC_S_MODULATOR(r4, 0x40445637, &(0x7f0000001140)={0x5, "34f430d839ec07ce2f579231e927d91aa90924abefd5599ad568a3a846ed8f33", 0x1000, 0x10001, 0x2a, 0x2, 0x2})
r5 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$PIO_UNIMAPCLR(r5, 0x4b68, &(0x7f00000000c0)={0xf829, 0x20, 0x7fff})
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
fsetxattr$security_evm(r2, &(0x7f00000011c0)='security.evm\x00', &(0x7f0000001300)=ANY=[@ANYBLOB="05021300000008000033ab8bcfcf5fe37599d1b97a535463018d0800000000000000999514c8d05fc18c52f7807093bae4b9bd3de73f6d3590782c6a5f149716857337b335fc824c962c822a951781d6bce257c14208066554a38b987df2b3d99707d75aade23c7e5989311f4136c01e03796659ea7efaee52ff0be02af7b55d179fd7af193fd21b3b30ced3ddbab2d45d0e48e428f3a82bb2f87b0f4c486856f22ac57619229f13cd0fc31046710f314a7a0ab68a6337dde3e92b8fcbe831127c"], 0x3d, 0x2)
ioctl$DRM_IOCTL_GEM_CLOSE(0xffffffffffffffff, 0x40086409, &(0x7f0000000000))
close(r0)

13:02:51 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\b', 0x0, 0x0)

13:02:51 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x7}, 0x1c)

13:02:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xff00)

[ 1501.074583][T27825] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:02:51 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1285e, 0x0)

13:02:51 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x22880, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x40)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
write$P9_RXATTRCREATE(r3, &(0x7f00000000c0)={0x7, 0x21, 0x1}, 0x7)
futimesat(r1, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={{0x77359400}, {0x0, 0x7530}})

13:02:51 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\n', 0x0, 0x0)

13:02:51 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x7}, 0x1c)

13:02:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28483)

13:02:51 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#H', 0x0, 0x0)

13:02:51 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x14000, 0x0)
r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x100800)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x2000, 0x0)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000540)=ANY=[@ANYBLOB="030000000000000002004e247f000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000500000002004e24ac1414aa000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e26ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e210000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2ffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e240000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018927f8241c03d42bb170279d26ad250d692d687dd73bb4cfbcf361e8157eecd853777542e089a91ea423f5171dee0600d493a80bac6207e2ff8d39149068cde5bd78736d27068923adb9178e6feb0122957f7234e0efef5addc16fd8d6fad51526c29266abb381b06f5f2c14349693eb2731c14c3e3ce821db200"/906], 0x310)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @remote, <r2=>0x0}, &(0x7f00000000c0)=0xc)
r3 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000280))
ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000002c0)=0x2)
ioctl$BLKRRPART(r5, 0x125f, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x83, "88a9789b772b45411a607c7b8025300a246a3e969ae19baa09a030d30bb9584556e141cadefd5f7650a36af2df04c16b00d526fea4287352986436e5f179f6ebcc3bf7766c26325a1dd26502701ca8fb3eb9a27b0dc5ee1caae9529ad61aacedf93227a872c4e8313a8a0518a87cb91319d05cb789ebe536ceff987b0c33086232a8b9"}, &(0x7f0000000240)=0xa7)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'gre0\x00', r2})

13:02:51 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x7}, 0x1c)

[ 1503.168793][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1503.174992][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1505.248765][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1505.254866][T15043] Bluetooth: hci0: sending frame failed (-49)
[ 1507.328813][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:03:01 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, 0x7}, 0x1c)

13:03:01 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#L', 0x0, 0x0)

13:03:01 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28484)

13:03:01 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1285f, 0x0)

13:03:01 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:01 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$VT_WAITACTIVE(r1, 0x5607)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x2)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r4 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0xfffffffffffffffc, 0x20040)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x50000, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x20000, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x5, 0xde, 0x9, 0xfffffffa}, {0x6a, 0x2, 0x20, 0x4}, {0x4, 0x2, 0x6, 0x5}]}, 0x10)
openat$cgroup_ro(r4, &(0x7f00000003c0)='cpuset.effective_mems\x00', 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-vsock\x00', 0x2, 0x0)
r5 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
r6 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, 0x0, 0x0)
socket$bt_bnep(0x1f, 0x3, 0x4)
clone3(&(0x7f0000000380)={0x28280000, &(0x7f00000001c0)=<r7=>0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000240), 0x14, 0x0, &(0x7f0000000280)=""/8, 0x8, &(0x7f00000002c0)=""/190}, 0x207)
close(r7)
ioctl$TIOCMBIS(r2, 0x5416, &(0x7f0000000000)=0x8)

13:03:01 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x7}, 0x1c)

13:03:01 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28485)

13:03:01 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#P', 0x0, 0x0)

[ 1511.319642][T28076] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:03:01 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12860, 0x0)

13:03:01 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2000, 0x0)
ioctl$USBDEVFS_CONNECTINFO(r1, 0x40085511, &(0x7f0000000040))

13:03:01 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x7}, 0x1c)

13:03:01 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#`', 0x0, 0x0)

13:03:01 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28486)

13:03:01 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, 0x7}, 0x1c)

[ 1511.581856][T13437] Bluetooth: Invalid header checksum
[ 1511.587446][T13443] Bluetooth: Invalid header checksum
13:03:01 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12861, 0x0)

13:03:01 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#h', 0x0, 0x0)

[ 1511.689058][T13443] Bluetooth: Invalid header checksum
[ 1511.799067][T13437] Bluetooth: Invalid header checksum
[ 1511.909156][T13437] Bluetooth: Invalid header checksum
[ 1512.019078][T13437] Bluetooth: Invalid header checksum
[ 1512.243924][T28076] debugfs: Directory 'hci1' with parent 'bluetooth' already present!
[ 1513.418826][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1513.424948][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1514.288805][   T12] Bluetooth: hci1: command 0x1003 tx timeout
[ 1514.296214][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1515.488825][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1515.494942][ T1531] Bluetooth: hci0: sending frame failed (-49)
[ 1516.368804][   T12] Bluetooth: hci1: command 0x1001 tx timeout
[ 1516.374927][ T1531] Bluetooth: hci1: sending frame failed (-49)
[ 1517.568783][   T12] Bluetooth: hci0: command 0x1009 tx timeout
[ 1518.448751][   T12] Bluetooth: hci1: command 0x1009 tx timeout
13:03:12 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x8c000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$VIDIOC_S_STD(0xffffffffffffffff, 0x40085618, &(0x7f0000000100))
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$KDSETMODE(r1, 0x4b3a, 0x5)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
lookup_dcookie(0x2, &(0x7f0000000000)=""/61, 0x3d)
r2 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f00000002c0)={'bcsh0\x00', {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}})
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={0x1, &(0x7f0000000140)="32ff6ef484a5d80bec3702a74412aa22203ba5226112ea4647eb44180098f9769b8f85d17ddbf57634a26374598451eac2a05e1159a9dfc51f02f8bbb2915145daff0e84", &(0x7f00000001c0)=""/122, 0x4}, 0x20)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$KVM_TPR_ACCESS_REPORTING(r6, 0xc028ae92, &(0x7f0000000340)={0x4, 0x15fb})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f0000000280)=0x1000)
syz_genetlink_get_family_id$devlink(&(0x7f0000000300)='devlink\x00')
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:03:12 executing program 4:
syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket(0x1e, 0x2, 0x2)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
pwrite64(r1, &(0x7f0000000040)="20a721f4e31f55f2ad031f12c4e316408541212810405454469a453f6500451c75916f3d4880173c1cbda004dd0147b85287cbbdc7cbe9a5847afd6eb176043f4a3b1be2ecd2e95d6354f3251590", 0x4e, 0x80000001)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:12 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x48]}, 0x7}, 0x1c)

13:03:12 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28487)

13:03:12 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#l', 0x0, 0x0)

13:03:12 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12862, 0x0)

13:03:12 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4c]}, 0x7}, 0x1c)

13:03:12 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#p', 0x0, 0x0)

13:03:12 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28488)

13:03:12 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12863, 0x0)

13:03:13 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#t', 0x0, 0x0)

13:03:13 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
io_uring_register$IORING_UNREGISTER_EVENTFD(r2, 0x5, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1522.960826][T28229] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1525.098749][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1525.104885][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1527.168825][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1527.174958][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1529.248768][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:03:23 executing program 3:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1284a, 0x0)

13:03:23 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x5c]}, 0x7}, 0x1c)

13:03:23 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28489)

13:03:23 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#x', 0x0, 0x0)

13:03:23 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12864, 0x0)

13:03:23 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = syz_open_dev$media(0xffffffffffffffff, 0x3ff, 0x474c6b694570e141)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x1e, "076d4d5ec5d9b3d89bf78c56be8b3672966b78107bfc8307b6d1f4c0011d"}, &(0x7f0000000240)=0x26)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:23 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#z', 0x0, 0x0)

13:03:23 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x68]}, 0x7}, 0x1c)

13:03:23 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2848a)

13:03:23 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12865, 0x0)

13:03:23 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

13:03:23 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0xa0800, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='trusted.overlay.opaque\x00', &(0x7f0000000140)='y\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x7ff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x6)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x1ff)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
fsetxattr$trusted_overlay_opaque(r3, &(0x7f0000000180)='trusted.overlay.opaque\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
close(r0)

13:03:23 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x92', 0x0, 0x0)

13:03:23 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, 0x7}, 0x1c)

13:03:23 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2848b)

13:03:23 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12866, 0x0)

13:03:24 executing program 4:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
tkill(r0, 0x19)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:03:24 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x74]}, 0x7}, 0x1c)

13:03:24 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xa0', 0x0, 0x0)

[ 1534.046008][T28634] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:03:24 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2848c)

13:03:24 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12867, 0x0)

13:03:24 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xe0', 0x0, 0x0)

13:03:24 executing program 4:
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000000))
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

[ 1536.128736][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1536.134942][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1538.208769][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1538.214888][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1540.288756][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:03:34 executing program 3 (fault-call:2 fault-nth:0):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:34 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7a]}, 0x7}, 0x1c)

13:03:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2848d)

13:03:34 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xf0', 0x0, 0x0)

13:03:34 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12868, 0x0)

13:03:34 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2848e)

13:03:34 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#@', 0x0, 0x0)

[ 1544.590926][T28826] FAULT_INJECTION: forcing a failure.
[ 1544.590926][T28826] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.618952][T28826] CPU: 1 PID: 28826 Comm: syz-executor.3 Not tainted 5.4.0-rc8-syzkaller #0
[ 1544.627714][T28826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1544.637811][T28826] Call Trace:
[ 1544.641133][T28826]  dump_stack+0x197/0x210
[ 1544.645497][T28826]  should_fail.cold+0xa/0x15
[ 1544.650100][T28826]  ? fault_create_debugfs_attr+0x180/0x180
[ 1544.655922][T28826]  ? ___might_sleep+0x163/0x2c0
[ 1544.660790][T28826]  __should_failslab+0x121/0x190
[ 1544.665749][T28826]  should_failslab+0x9/0x14
[ 1544.670263][T28826]  kmem_cache_alloc+0x2aa/0x710
[ 1544.675551][T28826]  ? __kasan_check_write+0x14/0x20
[ 1544.680667][T28826]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 1544.686223][T28826]  ? rcu_read_lock_bh_held+0xb0/0xb0
[ 1544.691526][T28826]  getname_flags+0xd6/0x5b0
[ 1544.696040][T28826]  getname+0x1a/0x20
[ 1544.699940][T28826]  do_sys_open+0x2c9/0x5d0
[ 1544.704366][T28826]  ? filp_open+0x80/0x80
[ 1544.708614][T28826]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1544.714090][T28826]  ? do_syscall_64+0x26/0x760
[ 1544.718764][T28826]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1544.724845][T28826]  ? do_syscall_64+0x26/0x760
[ 1544.729545][T28826]  __x64_sys_open+0x7e/0xc0
[ 1544.734059][T28826]  do_syscall_64+0xfa/0x760
[ 1544.738591][T28826]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1544.744490][T28826] RIP: 0033:0x4143d1
[ 1544.748393][T28826] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1544.768006][T28826] RSP: 002b:00007ff6a9d557a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1544.776434][T28826] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
13:03:34 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#D', 0x0, 0x0)

13:03:34 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x84]}, 0x7}, 0x1c)

13:03:34 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x200000, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000080)=0x10001)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$VIDIOC_ENCODER_CMD(r3, 0xc028564d, &(0x7f0000000000)={0x37c3d64ed28dda03, 0x0, [0x80000001, 0x400, 0x81, 0x9, 0x56, 0x4, 0x1800, 0x2]})
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x2, 0x2)
r5 = fcntl$dupfd(r3, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
r8 = ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
r12 = fcntl$dupfd(r11, 0x0, r11)
ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200)
ioctl$LOOP_CTL_REMOVE(r12, 0x4c81, r8)

[ 1544.784416][T28826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ff6a9d55850
[ 1544.792396][T28826] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1544.800399][T28826] R10: 0000000000000064 R11: 0000000000000293 R12: 00007ff6a9d566d4
[ 1544.808384][T28826] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
13:03:34 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#P', 0x0, 0x0)

13:03:35 executing program 3 (fault-call:2 fault-nth:1):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:35 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

13:03:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2848f)

13:03:35 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x24200, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x40040, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r6 = fcntl$dupfd(r5, 0x80c, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r6, 0x10f, 0x83, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r7)
r8 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff}, 0x111, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r9, 0xc}}, 0x10)

13:03:35 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x12869, 0x0)

13:03:35 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#T', 0x0, 0x0)

13:03:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28490)

13:03:35 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1286a, 0x0)

13:03:35 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000100)={0x9, 0x0, [{0xa00, 0x0, 0x5}, {0xae93cebb81f59fa6, 0x0, 0x427}, {0x0, 0x0, 0xfffffffffffff604}, {0x4000009f}, {0xc59, 0x0, 0x1a1d5491}, {0x48, 0x0, 0x7}, {0xbb8, 0x0, 0x7}, {0x173}, {0x83d, 0x0, 0x9}]})
ioctl$PPPIOCGIDLE(r2, 0x8010743f, &(0x7f0000000000))
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0x4f, "460630901e5b0f3dd12d27a25498475b0e995aab32e14a3bc8cb39de3407448634ebd0795ee3ac6b3de7588fde49316e32e7d1f700bd52e80b7bd35c63a36e0b30f4eec2df04fc1387487dceaf8f5c"}, &(0x7f00000000c0)=0x57)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:35 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#f', 0x0, 0x0)

13:03:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28491)

[ 1545.373622][T28985] FAULT_INJECTION: forcing a failure.
[ 1545.373622][T28985] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1545.387419][T28985] CPU: 1 PID: 28985 Comm: syz-executor.3 Not tainted 5.4.0-rc8-syzkaller #0
[ 1545.396106][T28985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1545.406179][T28985] Call Trace:
[ 1545.409497][T28985]  dump_stack+0x197/0x210
[ 1545.413848][T28985]  should_fail.cold+0xa/0x15
[ 1545.418452][T28985]  ? fault_create_debugfs_attr+0x180/0x180
[ 1545.424270][T28985]  ? __kasan_check_read+0x11/0x20
[ 1545.429310][T28985]  ? __lock_acquire+0x16f2/0x4a00
[ 1545.434355][T28985]  should_fail_alloc_page+0x50/0x60
[ 1545.439572][T28985]  __alloc_pages_nodemask+0x1a1/0x900
[ 1545.444958][T28985]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1545.450605][T28985]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1545.456334][T28985]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1545.461990][T28985]  ? fault_create_debugfs_attr+0x180/0x180
[ 1545.467820][T28985]  cache_grow_begin+0x90/0xd20
[ 1545.472598][T28985]  ? getname_flags+0xd6/0x5b0
[ 1545.477292][T28985]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1545.483556][T28985]  kmem_cache_alloc+0x64e/0x710
[ 1545.488421][T28985]  ? __kasan_check_write+0x14/0x20
[ 1545.493578][T28985]  getname_flags+0xd6/0x5b0
[ 1545.498103][T28985]  getname+0x1a/0x20
[ 1545.502008][T28985]  do_sys_open+0x2c9/0x5d0
[ 1545.506439][T28985]  ? filp_open+0x80/0x80
[ 1545.510694][T28985]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1545.516159][T28985]  ? do_syscall_64+0x26/0x760
[ 1545.516177][T28985]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1545.516194][T28985]  ? do_syscall_64+0x26/0x760
[ 1545.516212][T28985]  __x64_sys_open+0x7e/0xc0
[ 1545.526937][T28985]  do_syscall_64+0xfa/0x760
[ 1545.526959][T28985]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1545.526975][T28985] RIP: 0033:0x4143d1
[ 1545.550495][T28985] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
13:03:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28492)

[ 1545.570103][T28985] RSP: 002b:00007ff6a9d557a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1545.578519][T28985] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1545.586495][T28985] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ff6a9d55850
[ 1545.594477][T28985] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1545.602455][T28985] R10: 0000000000000064 R11: 0000000000000293 R12: 00007ff6a9d566d4
[ 1545.610448][T28985] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
13:03:35 executing program 3 (fault-call:2 fault-nth:2):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1545.788058][T29078] FAULT_INJECTION: forcing a failure.
[ 1545.788058][T29078] name failslab, interval 1, probability 0, space 0, times 0
[ 1545.801588][T29078] CPU: 0 PID: 29078 Comm: syz-executor.3 Not tainted 5.4.0-rc8-syzkaller #0
[ 1545.810290][T29078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1545.820348][T29078] Call Trace:
[ 1545.823651][T29078]  dump_stack+0x197/0x210
[ 1545.827994][T29078]  should_fail.cold+0xa/0x15
[ 1545.832595][T29078]  ? fault_create_debugfs_attr+0x180/0x180
[ 1545.838412][T29078]  ? ___might_sleep+0x163/0x2c0
[ 1545.843720][T29078]  __should_failslab+0x121/0x190
[ 1545.848664][T29078]  should_failslab+0x9/0x14
[ 1545.853166][T29078]  kmem_cache_alloc+0x2aa/0x710
[ 1545.858028][T29078]  ? stack_trace_save+0xac/0xe0
[ 1545.862884][T29078]  ? stack_trace_consume_entry+0x190/0x190
[ 1545.868693][T29078]  __alloc_file+0x27/0x340
[ 1545.873125][T29078]  alloc_empty_file+0x72/0x170
[ 1545.877894][T29078]  path_openat+0xef/0x46d0
[ 1545.882312][T29078]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1545.888113][T29078]  ? kasan_slab_alloc+0xf/0x20
[ 1545.892880][T29078]  ? kmem_cache_alloc+0x121/0x710
[ 1545.897910][T29078]  ? getname_flags+0xd6/0x5b0
[ 1545.902610][T29078]  ? getname+0x1a/0x20
[ 1545.906677][T29078]  ? do_sys_open+0x2c9/0x5d0
[ 1545.911351][T29078]  ? __x64_sys_open+0x7e/0xc0
[ 1545.916030][T29078]  ? __kasan_check_read+0x11/0x20
[ 1545.921227][T29078]  ? mark_lock+0xc2/0x1220
[ 1545.925645][T29078]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1545.931210][T29078]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1545.936592][T29078]  ? __alloc_fd+0x487/0x620
[ 1545.941104][T29078]  do_filp_open+0x1a1/0x280
[ 1545.945613][T29078]  ? may_open_dev+0x100/0x100
[ 1545.950292][T29078]  ? lock_downgrade+0x920/0x920
[ 1545.955143][T29078]  ? rwlock_bug.part.0+0x90/0x90
[ 1545.960096][T29078]  ? do_raw_spin_unlock+0x178/0x270
[ 1545.965306][T29078]  ? _raw_spin_unlock+0x2d/0x50
[ 1545.970156][T29078]  ? __alloc_fd+0x487/0x620
[ 1545.974677][T29078]  do_sys_open+0x3fe/0x5d0
[ 1545.979102][T29078]  ? filp_open+0x80/0x80
[ 1545.983355][T29078]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1545.988815][T29078]  ? do_syscall_64+0x26/0x760
[ 1545.993491][T29078]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1545.999566][T29078]  ? do_syscall_64+0x26/0x760
[ 1546.004248][T29078]  __x64_sys_open+0x7e/0xc0
[ 1546.008759][T29078]  do_syscall_64+0xfa/0x760
[ 1546.013269][T29078]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1546.019163][T29078] RIP: 0033:0x4143d1
[ 1546.023059][T29078] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1546.042756][T29078] RSP: 002b:00007ff6a9d557a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1546.051180][T29078] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1546.059153][T29078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ff6a9d55850
[ 1546.067130][T29078] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1546.075104][T29078] R10: 0000000000000064 R11: 0000000000000293 R12: 00007ff6a9d566d4
[ 1546.083169][T29078] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
13:03:36 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x7}, 0x1c)

13:03:36 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1286b, 0x0)

13:03:36 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x94', 0x0, 0x0)

13:03:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28493)

13:03:36 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0xd4, 0x400000)
r0 = socket(0x40000000002, 0x3, 0x80000000002)
setsockopt$inet_int(r0, 0x0, 0x16, 0x0, 0xfffffffffffffea3)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r2 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0xc0406618, &(0x7f0000000140)={{0x7, 0x0, @reserved="f9acfe4ea65721c0c56def7aaa50517e41e4770b5b0f671bc8a49cf03ee4d235"}})
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r5 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
ioctl$BLKGETSIZE64(r7, 0x80081272, &(0x7f00000000c0))
write$P9_RLOPEN(r2, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r8 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, r8)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r8)

13:03:36 executing program 3 (fault-call:2 fault-nth:3):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1546.216586][T29089] FAULT_INJECTION: forcing a failure.
[ 1546.216586][T29089] name failslab, interval 1, probability 0, space 0, times 0
13:03:36 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x9e', 0x0, 0x0)

13:03:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28494)

[ 1546.269018][T29089] CPU: 0 PID: 29089 Comm: syz-executor.3 Not tainted 5.4.0-rc8-syzkaller #0
[ 1546.277749][T29089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1546.287821][T29089] Call Trace:
[ 1546.291140][T29089]  dump_stack+0x197/0x210
[ 1546.295494][T29089]  should_fail.cold+0xa/0x15
[ 1546.300116][T29089]  ? fault_create_debugfs_attr+0x180/0x180
[ 1546.305947][T29089]  ? ___might_sleep+0x163/0x2c0
[ 1546.310835][T29089]  __should_failslab+0x121/0x190
[ 1546.315797][T29089]  should_failslab+0x9/0x14
[ 1546.320317][T29089]  kmem_cache_alloc+0x2aa/0x710
[ 1546.325177][T29089]  ? kmem_cache_alloc+0x364/0x710
[ 1546.330217][T29089]  security_file_alloc+0x39/0x170
[ 1546.335254][T29089]  __alloc_file+0xde/0x340
[ 1546.339675][T29089]  alloc_empty_file+0x72/0x170
[ 1546.344448][T29089]  path_openat+0xef/0x46d0
[ 1546.348868][T29089]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1546.354676][T29089]  ? kasan_slab_alloc+0xf/0x20
[ 1546.359439][T29089]  ? kmem_cache_alloc+0x121/0x710
[ 1546.364481][T29089]  ? getname_flags+0xd6/0x5b0
[ 1546.369162][T29089]  ? getname+0x1a/0x20
[ 1546.373234][T29089]  ? do_sys_open+0x2c9/0x5d0
[ 1546.377826][T29089]  ? __x64_sys_open+0x7e/0xc0
[ 1546.382509][T29089]  ? __kasan_check_read+0x11/0x20
[ 1546.387541][T29089]  ? mark_lock+0xc2/0x1220
[ 1546.391964][T29089]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1546.397525][T29089]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1546.403031][T29089]  ? __alloc_fd+0x487/0x620
[ 1546.407550][T29089]  do_filp_open+0x1a1/0x280
[ 1546.412062][T29089]  ? may_open_dev+0x100/0x100
[ 1546.416748][T29089]  ? lock_downgrade+0x920/0x920
[ 1546.421609][T29089]  ? rwlock_bug.part.0+0x90/0x90
[ 1546.426556][T29089]  ? do_raw_spin_unlock+0x178/0x270
[ 1546.431766][T29089]  ? _raw_spin_unlock+0x2d/0x50
[ 1546.436623][T29089]  ? __alloc_fd+0x487/0x620
[ 1546.441149][T29089]  do_sys_open+0x3fe/0x5d0
[ 1546.445575][T29089]  ? filp_open+0x80/0x80
[ 1546.449828][T29089]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1546.455297][T29089]  ? do_syscall_64+0x26/0x760
[ 1546.460005][T29089]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1546.466120][T29089]  ? do_syscall_64+0x26/0x760
[ 1546.470807][T29089]  __x64_sys_open+0x7e/0xc0
[ 1546.475329][T29089]  do_syscall_64+0xfa/0x760
[ 1546.479839][T29089]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1546.485730][T29089] RIP: 0033:0x4143d1
[ 1546.489630][T29089] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1546.509241][T29089] RSP: 002b:00007ff6a9d557a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1546.517667][T29089] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1546.525642][T29089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ff6a9d55850
[ 1546.533615][T29089] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1546.541587][T29089] R10: 0000000000000064 R11: 0000000000000293 R12: 00007ff6a9d566d4
[ 1546.549560][T29089] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
13:03:36 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x2, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:36 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1286c, 0x0)

13:03:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28495)

13:03:36 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xb4', 0x0, 0x0)

13:03:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x7}, 0x1c)

13:03:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
dup(0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$VIDIOC_ENCODER_CMD(r2, 0xc028564d, &(0x7f0000000000)={0x2, 0x0, [0x10005, 0x3, 0x0, 0x14000000, 0x8, 0x10000, 0x3, 0x80040001]})

13:03:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xe0', 0x0, 0x0)

13:03:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28496)

13:03:37 executing program 3 (fault-call:2 fault-nth:4):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1286d, 0x0)

[ 1547.165068][T29219] FAULT_INJECTION: forcing a failure.
[ 1547.165068][T29219] name failslab, interval 1, probability 0, space 0, times 0
13:03:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28497)

[ 1547.210516][T29219] CPU: 1 PID: 29219 Comm: syz-executor.3 Not tainted 5.4.0-rc8-syzkaller #0
[ 1547.219252][T29219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1547.229326][T29219] Call Trace:
[ 1547.232644][T29219]  dump_stack+0x197/0x210
[ 1547.237011][T29219]  should_fail.cold+0xa/0x15
[ 1547.241652][T29219]  ? fault_create_debugfs_attr+0x180/0x180
[ 1547.247483][T29219]  ? ___might_sleep+0x163/0x2c0
[ 1547.252366][T29219]  __should_failslab+0x121/0x190
13:03:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x04', 0x0, 0x0)

13:03:37 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/\x05\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x48a, 0x200)
r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x319000)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x9, 0x11c585)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000001c0)=@v2={0x2, @aes128, 0x16f03694422e6627, [], "ffc0cf4171d6f6c4b11e814c65d872aa"})
ioctl$VIDIOC_S_PRIORITY(r1, 0x40045644, 0x1)
ioctl$VIDIOC_TRY_EXT_CTRLS(r4, 0xc0205649, &(0x7f0000000180)={0x760000, 0x0, 0x800, [], &(0x7f0000000140)={0x4c84b3, 0x2c4, [], @string=&(0x7f0000000100)=0x80}})
r5 = fcntl$dupfd(r3, 0x0, r3)
r6 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r6, 0x40106614, &(0x7f00000002c0))
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r7 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
clock_gettime(0x0, &(0x7f0000000200)={<r8=>0x0, <r9=>0x0})
nanosleep(&(0x7f0000000240)={r8, r9+10000000}, 0x0)

[ 1547.257330][T29219]  should_failslab+0x9/0x14
[ 1547.261856][T29219]  __kmalloc+0x2e0/0x770
[ 1547.266120][T29219]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 1547.272294][T29219]  ? tomoyo_realpath_from_path+0xcd/0x7b0
[ 1547.278036][T29219]  tomoyo_realpath_from_path+0xcd/0x7b0
[ 1547.283597][T29219]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1547.289862][T29219]  tomoyo_check_open_permission+0x2a8/0x3f0
[ 1547.295788][T29219]  ? __check_heap_object+0x44/0xb3
[ 1547.301013][T29219]  ? tomoyo_path_number_perm+0x520/0x520
[ 1547.306689][T29219]  ? __kasan_check_read+0x11/0x20
[ 1547.311744][T29219]  ? mark_lock+0xc2/0x1220
[ 1547.316209][T29219]  ? lock_downgrade+0x920/0x920
[ 1547.321070][T29219]  ? rwlock_bug.part.0+0x90/0x90
[ 1547.326027][T29219]  tomoyo_file_open+0xa9/0xd0
[ 1547.330721][T29219]  security_file_open+0x71/0x300
[ 1547.335674][T29219]  do_dentry_open+0x37a/0x1380
[ 1547.340450][T29219]  ? __kasan_check_read+0x11/0x20
[ 1547.345493][T29219]  ? chown_common+0x5c0/0x5c0
[ 1547.350181][T29219]  ? inode_permission+0xb4/0x560
[ 1547.355136][T29219]  vfs_open+0xa0/0xd0
[ 1547.359135][T29219]  path_openat+0x10e9/0x46d0
[ 1547.363735][T29219]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1547.369541][T29219]  ? kasan_slab_alloc+0xf/0x20
[ 1547.374310][T29219]  ? kmem_cache_alloc+0x121/0x710
[ 1547.379342][T29219]  ? getname_flags+0xd6/0x5b0
[ 1547.384024][T29219]  ? getname+0x1a/0x20
[ 1547.388097][T29219]  ? do_sys_open+0x2c9/0x5d0
[ 1547.392715][T29219]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1547.398150][T29219]  ? __alloc_fd+0x487/0x620
[ 1547.402668][T29219]  do_filp_open+0x1a1/0x280
[ 1547.407180][T29219]  ? may_open_dev+0x100/0x100
[ 1547.411875][T29219]  ? do_raw_spin_unlock+0x178/0x270
[ 1547.417086][T29219]  ? _raw_spin_unlock+0x2d/0x50
[ 1547.421945][T29219]  ? __alloc_fd+0x487/0x620
[ 1547.426467][T29219]  do_sys_open+0x3fe/0x5d0
[ 1547.430899][T29219]  ? filp_open+0x80/0x80
[ 1547.435152][T29219]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1547.440615][T29219]  ? do_syscall_64+0x26/0x760
[ 1547.445298][T29219]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1547.451369][T29219]  ? do_syscall_64+0x26/0x760
[ 1547.456060][T29219]  __x64_sys_open+0x7e/0xc0
[ 1547.460577][T29219]  do_syscall_64+0xfa/0x760
[ 1547.465097][T29219]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1547.470994][T29219] RIP: 0033:0x4143d1
[ 1547.474898][T29219] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1547.494508][T29219] RSP: 002b:00007ff6a9d557a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1547.502927][T29219] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1547.510902][T29219] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ff6a9d55850
[ 1547.518879][T29219] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1547.526857][T29219] R10: 0000000000000064 R11: 0000000000000293 R12: 00007ff6a9d566d4
[ 1547.534837][T29219] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
[ 1547.550179][T29219] ERROR: Out of memory at tomoyo_realpath_from_path.
13:03:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#0', 0x0, 0x0)

13:03:37 executing program 3 (fault-call:2 fault-nth:5):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1286e, 0x0)

[ 1547.758540][T29344] FAULT_INJECTION: forcing a failure.
[ 1547.758540][T29344] name failslab, interval 1, probability 0, space 0, times 0
[ 1547.779706][T29344] CPU: 1 PID: 29344 Comm: syz-executor.3 Not tainted 5.4.0-rc8-syzkaller #0
[ 1547.788429][T29344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1547.798502][T29344] Call Trace:
[ 1547.801812][T29344]  dump_stack+0x197/0x210
[ 1547.806160][T29344]  should_fail.cold+0xa/0x15
[ 1547.810764][T29344]  ? fault_create_debugfs_attr+0x180/0x180
[ 1547.816583][T29344]  ? ___might_sleep+0x163/0x2c0
[ 1547.821458][T29344]  __should_failslab+0x121/0x190
[ 1547.826401][T29344]  ? bdev_free_inode+0x30/0x30
[ 1547.831171][T29344]  should_failslab+0x9/0x14
[ 1547.835685][T29344]  kmem_cache_alloc+0x2aa/0x710
[ 1547.840545][T29344]  ? _raw_spin_unlock+0x2d/0x50
[ 1547.845400][T29344]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1547.851664][T29344]  ? ilookup5_nowait+0xaa/0xc0
[ 1547.856433][T29344]  ? bdev_free_inode+0x30/0x30
[ 1547.861198][T29344]  ? set_init_blocksize+0x260/0x260
[ 1547.866415][T29344]  bdev_alloc_inode+0x1c/0x50
[ 1547.871094][T29344]  alloc_inode+0x68/0x1e0
[ 1547.875425][T29344]  iget5_locked+0x63/0xe0
[ 1547.879757][T29344]  ? bdev_test+0x90/0x90
[ 1547.884009][T29344]  bdget+0x97/0x550
[ 1547.887824][T29344]  ? blkdev_writepage+0x30/0x30
[ 1547.892690][T29344]  bd_acquire+0xff/0x2c0
[ 1547.896945][T29344]  blkdev_open+0x113/0x290
[ 1547.901374][T29344]  do_dentry_open+0x4e6/0x1380
[ 1547.906141][T29344]  ? __kasan_check_read+0x11/0x20
[ 1547.911169][T29344]  ? bd_acquire+0x2c0/0x2c0
[ 1547.915703][T29344]  ? chown_common+0x5c0/0x5c0
[ 1547.920406][T29344]  ? inode_permission+0xb4/0x560
[ 1547.925383][T29344]  vfs_open+0xa0/0xd0
[ 1547.929389][T29344]  path_openat+0x10e9/0x46d0
[ 1547.933990][T29344]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1547.939804][T29344]  ? kasan_slab_alloc+0xf/0x20
[ 1547.944575][T29344]  ? kmem_cache_alloc+0x121/0x710
[ 1547.949606][T29344]  ? getname_flags+0xd6/0x5b0
[ 1547.954286][T29344]  ? getname+0x1a/0x20
[ 1547.958361][T29344]  ? do_sys_open+0x2c9/0x5d0
[ 1547.962975][T29344]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1547.968365][T29344]  ? __alloc_fd+0x487/0x620
[ 1547.972884][T29344]  do_filp_open+0x1a1/0x280
[ 1547.977402][T29344]  ? may_open_dev+0x100/0x100
[ 1547.982103][T29344]  ? do_raw_spin_unlock+0x178/0x270
[ 1547.987310][T29344]  ? _raw_spin_unlock+0x2d/0x50
[ 1547.992166][T29344]  ? __alloc_fd+0x487/0x620
[ 1547.996684][T29344]  do_sys_open+0x3fe/0x5d0
[ 1548.001109][T29344]  ? filp_open+0x80/0x80
[ 1548.005360][T29344]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1548.010844][T29344]  ? do_syscall_64+0x26/0x760
[ 1548.015531][T29344]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1548.021606][T29344]  ? do_syscall_64+0x26/0x760
[ 1548.026297][T29344]  __x64_sys_open+0x7e/0xc0
[ 1548.030808][T29344]  do_syscall_64+0xfa/0x760
[ 1548.035320][T29344]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1548.041223][T29344] RIP: 0033:0x4143d1
13:03:38 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x7}, 0x1c)

13:03:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28498)

13:03:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#T', 0x0, 0x0)

[ 1548.045125][T29344] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1548.064744][T29344] RSP: 002b:00007ff6a9d557a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1548.073178][T29344] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1548.081161][T29344] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ff6a9d55850
[ 1548.089145][T29344] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1548.097569][T29344] R10: 0000000000000064 R11: 0000000000000293 R12: 00007ff6a9d566d4
[ 1548.105555][T29344] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
13:03:38 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1286f, 0x0)

13:03:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xc1', 0x0, 0x0)

13:03:38 executing program 3 (fault-call:2 fault-nth:6):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x28499)

13:03:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xde', 0x0, 0x0)

[ 1548.301628][T29361] FAULT_INJECTION: forcing a failure.
[ 1548.301628][T29361] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1548.314884][T29361] CPU: 0 PID: 29361 Comm: syz-executor.3 Not tainted 5.4.0-rc8-syzkaller #0
[ 1548.323572][T29361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1548.333640][T29361] Call Trace:
[ 1548.336953][T29361]  dump_stack+0x197/0x210
[ 1548.341312][T29361]  should_fail.cold+0xa/0x15
[ 1548.345938][T29361]  ? fault_create_debugfs_attr+0x180/0x180
[ 1548.351764][T29361]  ? rcu_read_unlock+0x16/0x60
[ 1548.356552][T29361]  ? find_held_lock+0x35/0x130
[ 1548.361341][T29361]  should_fail_alloc_page+0x50/0x60
[ 1548.366551][T29361]  __alloc_pages_nodemask+0x1a1/0x900
[ 1548.371940][T29361]  ? lock_downgrade+0x920/0x920
[ 1548.376811][T29361]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1548.382558][T29361]  ? rcu_read_unlock+0x33/0x60
[ 1548.387340][T29361]  cache_grow_begin+0x90/0xd20
[ 1548.392121][T29361]  ? bdev_alloc_inode+0x1c/0x50
[ 1548.396992][T29361]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1548.403249][T29361]  kmem_cache_alloc+0x64e/0x710
[ 1548.408115][T29361]  ? _raw_spin_unlock+0x2d/0x50
[ 1548.412979][T29361]  ? bdev_free_inode+0x30/0x30
[ 1548.417748][T29361]  ? set_init_blocksize+0x260/0x260
[ 1548.422956][T29361]  bdev_alloc_inode+0x1c/0x50
[ 1548.427641][T29361]  alloc_inode+0x68/0x1e0
[ 1548.431980][T29361]  iget5_locked+0x63/0xe0
[ 1548.436312][T29361]  ? bdev_test+0x90/0x90
[ 1548.440558][T29361]  bdget+0x97/0x550
[ 1548.444369][T29361]  ? blkdev_writepage+0x30/0x30
[ 1548.449229][T29361]  bd_acquire+0xff/0x2c0
[ 1548.453476][T29361]  blkdev_open+0x113/0x290
[ 1548.457902][T29361]  do_dentry_open+0x4e6/0x1380
[ 1548.462674][T29361]  ? __kasan_check_read+0x11/0x20
[ 1548.467708][T29361]  ? bd_acquire+0x2c0/0x2c0
[ 1548.472223][T29361]  ? chown_common+0x5c0/0x5c0
[ 1548.476909][T29361]  ? inode_permission+0xb4/0x560
[ 1548.481864][T29361]  vfs_open+0xa0/0xd0
[ 1548.485862][T29361]  path_openat+0x10e9/0x46d0
[ 1548.490455][T29361]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1548.496272][T29361]  ? kasan_slab_alloc+0xf/0x20
[ 1548.501038][T29361]  ? kmem_cache_alloc+0x121/0x710
[ 1548.506064][T29361]  ? getname_flags+0xd6/0x5b0
[ 1548.510740][T29361]  ? getname+0x1a/0x20
[ 1548.514809][T29361]  ? do_sys_open+0x2c9/0x5d0
[ 1548.519423][T29361]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 1548.524809][T29361]  ? __alloc_fd+0x487/0x620
[ 1548.529328][T29361]  do_filp_open+0x1a1/0x280
[ 1548.533856][T29361]  ? may_open_dev+0x100/0x100
[ 1548.538550][T29361]  ? do_raw_spin_unlock+0x178/0x270
[ 1548.543762][T29361]  ? _raw_spin_unlock+0x2d/0x50
[ 1548.548717][T29361]  ? __alloc_fd+0x487/0x620
[ 1548.553238][T29361]  do_sys_open+0x3fe/0x5d0
[ 1548.557666][T29361]  ? filp_open+0x80/0x80
[ 1548.561916][T29361]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1548.567376][T29361]  ? do_syscall_64+0x26/0x760
[ 1548.572060][T29361]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1548.578153][T29361]  ? do_syscall_64+0x26/0x760
[ 1548.582852][T29361]  __x64_sys_open+0x7e/0xc0
[ 1548.587378][T29361]  do_syscall_64+0xfa/0x760
[ 1548.591901][T29361]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1548.597796][T29361] RIP: 0033:0x4143d1
[ 1548.601700][T29361] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1548.621311][T29361] RSP: 002b:00007ff6a9d557a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 1548.629729][T29361] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004143d1
[ 1548.637704][T29361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ff6a9d55850
[ 1548.646460][T29361] RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000
[ 1548.654436][T29361] R10: 0000000000000064 R11: 0000000000000293 R12: 00007ff6a9d566d4
[ 1548.662412][T29361] R13: 00000000004ca1c0 R14: 00000000004e1f58 R15: 0000000000000003
13:03:38 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2849a)

13:03:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:38 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x20000, 0x0)

13:03:39 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x7}, 0x1c)

13:03:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2849b)

13:03:39 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#@', 0x0, 0x0)

13:03:39 executing program 3 (fault-call:2 fault-nth:7):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:39 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000040)={'filter\x00', 0x0, 0x0, 0x0, [], 0x3, &(0x7f0000000000)=[{}], 0x0, [{}, {}, {}]}, 0xa8)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:39 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x40000, 0x0)

13:03:39 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#`', 0x0, 0x0)

13:03:39 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2849c)

13:03:39 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xf0ffff, 0x0)

13:03:39 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x400)
r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x7, 0xc00801)
renameat2(r1, &(0x7f0000000040)='./file0\x00', r2, &(0x7f00000000c0)='./file0\x00', 0x0)

13:03:39 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#p', 0x0, 0x0)

13:03:39 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x7}, 0x1c)

13:03:39 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='\\dev/loop#\x00', 0x0, 0x0)

13:03:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2849d)

13:03:39 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xb0', 0x0, 0x0)

13:03:39 executing program 4:
r0 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r1=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r1}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYBLOB="01000000bb428981989dddfbf20131e4d9"], &(0x7f0000000800)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r1, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000000)={r1, @in={{0x2, 0x4e24, @empty}}, 0x67e7, 0xd1b}, 0x90)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0)

13:03:39 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1000000, 0x0)

13:03:40 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xc0', 0x0, 0x0)

13:03:40 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/.ev/loop#\x00', 0x0, 0x0)

13:03:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2849e)

13:03:40 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2000000, 0x0)

13:03:40 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xd0', 0x0, 0x0)

13:03:40 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:03:40 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='//ev/loop#\x00', 0x0, 0x0)

13:03:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x7ffffff2)

13:03:40 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2040000, 0x0)

13:03:40 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xd4', 0x0, 0x0)

13:03:40 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x7}, 0x1c)

13:03:40 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r3 = socket(0x1e, 0x2, 0x0)
r4 = syz_open_dev$media(&(0x7f00000003c0)='/dev/media#\x00', 0x8, 0x100)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000400)=ANY=[@ANYPTR, @ANYRES32=<r5=>0x0], &(0x7f000095dffc)=0x2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r5}, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r7, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r8 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r9 = socket(0x4, 0xa, 0x20)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r9, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r10 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r10, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r10, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r11 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r11, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000280)=ANY=[@ANYRES32=r5, @ANYPTR64=&(0x7f00000006c0)=ANY=[]], &(0x7f0000000800)=0x2)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r5, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x3ff, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, &(0x7f0000000200), &(0x7f0000000240)=0x30)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000000)={<r12=>r5, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f00000000c0)=0x84)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={r12, 0x100}, &(0x7f0000000140)=0x8)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r13 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x4040, 0x0)
ioctl$BLKRAGET(r13, 0x1263, &(0x7f00000001c0))

13:03:41 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xe4', 0x0, 0x0)

13:03:41 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/\\ev/loop#\x00', 0x0, 0x0)

13:03:41 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x7ffffff8)

13:03:41 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3000000, 0x0)

13:03:41 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)

13:03:41 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xf0', 0x0, 0x0)

13:03:41 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/d%v/loop#\x00', 0x0, 0x0)

13:03:41 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x7ffffff9)

13:03:41 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/d\\v/loop#\x00', 0x0, 0x0)

13:03:41 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4000000, 0x0)

13:03:41 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x7}, 0x1c)

13:03:41 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x02', 0x0, 0x0)

13:03:41 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/de\\/loop#\x00', 0x0, 0x0)

13:03:41 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x7ffffffc)

13:03:41 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x5000000, 0x0)

13:03:41 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x40282, 0x0)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r1 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r3 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r1, 0x0)
write$P9_RLOPEN(r1, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r4)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r4)

13:03:42 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:42 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev\\loop#\x00', 0x0, 0x0)

13:03:42 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff8880961fd498)

13:03:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6000000, 0x0)

13:03:42 executing program 4:
socket$bt_rfcomm(0x1f, 0x1, 0x3)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x668401, 0x0)
r2 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x6, 0x2687c1)
ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000000140)={0x1, 0x0, [{}]})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000040)={0x4, 0x4, 0x7, 'queue1\x00', 0x3})

13:03:42 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/%oop#\x00', 0x0, 0x0)

13:03:42 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x7}, 0x1c)

13:03:42 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff8880995033b8)

13:03:42 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:42 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x7000000, 0x0)

13:03:42 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/.oop#\x00', 0x0, 0x0)

13:03:42 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket$isdn_base(0x22, 0x3, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
ppoll(&(0x7f0000000080)=[{r1, 0x40}, {r2, 0x420}, {r3, 0x2000}, {r4, 0x40}], 0x4, &(0x7f00000000c0), &(0x7f0000000100)={0x6}, 0x8)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:42 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:42 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff888099503498)

13:03:42 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev//oop#\x00', 0x0, 0x0)

13:03:43 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x8000000, 0x0)

13:03:43 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/\\oop#\x00', 0x0, 0x0)

13:03:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff8880a7672658)

13:03:43 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, 0x7}, 0x1c)

13:03:43 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:43 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/l\\op#\x00', 0x0, 0x0)

13:03:43 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xa000000, 0x0)

13:03:43 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r3 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x3ff, 0x200900)
ioctl$KIOCSOUND(r4, 0x4b2f, 0x5)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r1, 0x0)
write$P9_RLOPEN(r1, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r5)
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000180)={0x1000, [0x0, 0x7c00, 0x4, 0x40, 0x773a, 0x7, 0x3f, 0x5, 0x9, 0xff, 0x2, 0x54e2, 0x2, 0x9, 0x524b, 0xf000, 0xfffb, 0x8, 0x0, 0x6, 0xb70, 0x7, 0x9, 0xebd, 0xffff, 0x101, 0x3, 0xfff7, 0x4, 0x8, 0x7f, 0x47a6, 0xcc, 0x3ff, 0x101, 0xfff8, 0x3, 0x42, 0x400, 0x40, 0x9cc, 0x1, 0x8b, 0x4, 0x4, 0x1, 0x6af, 0x1], 0x8})
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r5)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='\r\x0f\x00\xdd\xff\xff\xff\x00', 0x20104, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r6, 0x400455c8, 0x2)
close(r6)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
ioctl$KDGETLED(r8, 0x4b31, &(0x7f00000000c0))

13:03:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff8880a7672738)

13:03:43 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:43 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/lo\\p#\x00', 0x0, 0x0)

13:03:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff8880a8df42d8)

13:03:43 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)={0x8, 0x0, [{0xc0000006, 0x593, 0x20, 0x3, 0x3eba}, {0x4, 0x8, 0x0, 0x8, 0x7}, {0xa, 0x2, 0x1, 0x1, 0x9c58}, {0x0, 0x6, 0x9a7, 0x3, 0xfff}, {0x2, 0x5, 0x76, 0x8000, 0x7f}, {0x80000000, 0x10001, 0xffff, 0xffff, 0x7}, {0xa, 0x80, 0x7, 0x0, 0x7}, {0x80000007, 0x7f, 0x4, 0x3}]})

13:03:44 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loo\\#\x00', 0x0, 0x0)

13:03:44 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff8880a8df4498)

13:03:44 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x7}, 0x1c)

13:03:44 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xe000000, 0x0)

13:03:44 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x159, 0x8ca04)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x1, @time={0x0, 0x989680}, 0x4b, {0x3, 0x1a}, 0xff, 0x0, 0x9})

13:03:44 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x02', 0x0, 0x0)

13:03:44 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x02', 0x0, 0x0)

13:03:44 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0xffff8880a8df4578)

13:03:44 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:03:44 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:44 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x101641, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x2, 0x0)
r3 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendfile(r2, r3, &(0x7f0000000100)=0x7, 0x9)
ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0)

13:03:44 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x10000000, 0x0)

13:03:45 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
socketpair(0x2, 0x804, 0xb7, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f0000000040)={0x2c, @rand_addr=0x10000, 0x4e21, 0x2, 'nq\x00', 0x0, 0x0, 0x7c}, 0x2c)

13:03:45 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1554.978955][T30730] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:03:45 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x7}, 0x1c)

13:03:45 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x04', 0x0, 0x0)

13:03:45 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x15280100, 0x0)

13:03:45 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

13:03:45 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dl\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x16\x00', 0xc40000, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:03:45 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x05', 0x0, 0x0)

13:03:45 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:03:45 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x10400, 0x0)
ioctl$sock_proto_private(r1, 0x89eb, &(0x7f0000000040)="3acbf34bd1449ab1af190a4b9639")

[ 1557.008745][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1557.015006][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1559.088746][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1559.094867][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1561.168787][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:03:55 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000, 0x0)
ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f00000000c0))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)

13:03:55 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x16280100, 0x0)

13:03:55 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x06', 0x0, 0x0)

13:03:55 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

13:03:55 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r1, 0xc0096616, &(0x7f0000000040)={0x3, [0x0, 0x0, 0x0]})

13:03:55 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, 0x7}, 0x1c)

13:03:55 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:03:55 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\a', 0x0, 0x0)

13:03:55 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x17280100, 0x0)

13:03:55 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1565.700023][T30983] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:03:55 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\b', 0x0, 0x0)

13:03:55 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1567.728738][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1567.734878][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1569.808749][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1569.814868][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1571.888762][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:04:05 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:05 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x18280100, 0x0)

13:04:05 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000000)={0x7})

13:04:05 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48]}, 0x7}, 0x1c)

13:04:05 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)

13:04:05 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:06 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:06 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x2)

13:04:06 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x19280100, 0x0)

13:04:06 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

13:04:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000000))
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockopt$MISDN_TIME_STAMP(r4, 0x0, 0x1, &(0x7f0000000100), &(0x7f0000000140)=0x4)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, &(0x7f00000000c0)={'veth0_to_team\x00', {0x2, 0x4e20, @rand_addr=0x3ff}})

13:04:06 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

[ 1576.152140][T31233] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:04:06 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1a280100, 0x0)

13:04:06 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x02', 0x0, 0x0)

13:04:06 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:06 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c]}, 0x7}, 0x1c)

13:04:06 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:06 executing program 4:
r0 = syz_open_dev$admmidi(0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0)
chown(&(0x7f0000000140)='./file0\x00', r1, 0x0)
r2 = syz_open_dev$admmidi(0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0)
chown(&(0x7f0000000140)='./file0\x00', r3, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000080)=<r4=>0x0)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in=@multicast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000000280)=0xe8)
r7 = syz_open_dev$admmidi(0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r7, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0)
chown(&(0x7f0000000140)='./file0\x00', r8, 0x0)
getgroups(0x1, &(0x7f0000000200)=[<r9=>0x0])
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r10=>0x0}, &(0x7f00000003c0)=0xc)
r11 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = semget(0x2, 0x2, 0x6fe)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r11, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8)
lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
semctl$IPC_SET(r12, 0x0, 0x1, &(0x7f0000000740)={{0x81, r13, r14, r15, r16, 0x20, 0xc760}, 0x3, 0xfffffffffffff1d7, 0xfffffffffffffff7})
setresgid(r9, r10, r14)
r17 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r18 = semget(0x2, 0x2, 0x6fe)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r19=>0x0})
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r17, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r21=>0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8)
lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0})
semctl$IPC_SET(r18, 0x0, 0x1, &(0x7f0000000740)={{0x81, r19, r20, r21, r22, 0x20, 0xc760}, 0x3, 0xfffffffffffff1d7, 0xfffffffffffffff7})
getgroups(0x1, &(0x7f0000000200)=[<r23=>0x0])
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r24=>0x0}, &(0x7f00000003c0)=0xc)
r25 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r26 = semget(0x2, 0x2, 0x6fe)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r27=>0x0})
lstat(&(0x7f0000000380)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, <r28=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r25, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r29=>0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8)
lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r30=>0x0})
semctl$IPC_SET(r26, 0x0, 0x1, &(0x7f0000000740)={{0x81, r27, r28, r29, r30, 0x20, 0xc760}, 0x3, 0xfffffffffffff1d7, 0xfffffffffffffff7})
setresgid(r23, r24, r28)
getgroups(0x1, &(0x7f0000000200)=[<r31=>0x0])
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r32=>0x0}, &(0x7f00000003c0)=0xc)
r33 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r34 = semget(0x2, 0x2, 0x6fe)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r35=>0x0})
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r36=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r33, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r37=>0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8)
lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r38=>0x0})
semctl$IPC_SET(r34, 0x0, 0x1, &(0x7f0000000740)={{0x81, r35, r36, r37, r38, 0x20, 0xc760}, 0x3, 0xfffffffffffff1d7, 0xfffffffffffffff7})
setresgid(r31, r32, r36)
getgroups(0x6, &(0x7f00000002c0)=[r24, <r39=>0xee00, 0x0, 0x0, 0x0, r32])
getgroups(0x1, &(0x7f0000000200)=[<r40=>0x0])
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r41=>0x0}, &(0x7f00000003c0)=0xc)
r42 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r43 = semget(0x2, 0x2, 0x6fe)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r44=>0x0})
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r45=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r42, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r46=>0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8)
lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r47=>0x0})
semctl$IPC_SET(r43, 0x0, 0x1, &(0x7f0000000740)={{0x81, r44, r45, r46, r47, 0x20, 0xc760}, 0x3, 0xfffffffffffff1d7, 0xfffffffffffffff7})
setresgid(r40, r41, r45)
fstat(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r48=>0x0})
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f00000007c0)=ANY=[@ANYBLOB="0200000001007102000000000002000500", @ANYRES32=0xee01, @ANYBLOB="02000100", @ANYRES32=r1, @ANYBLOB="02000200", @ANYRES32=r3, @ANYBLOB="02000000", @ANYRES32=r4, @ANYBLOB="02000400", @ANYRES32=r5, @ANYBLOB="02000400", @ANYRES32=r6, @ANYBLOB="02000100", @ANYRES32=r8, @ANYBLOB="040001000000000008000000", @ANYRES32=r10, @ANYBLOB="08000200", @ANYRES32=r22, @ANYBLOB="08000600", @ANYRES32=r39, @ANYBLOB="08000100", @ANYRES32=r41, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=r48, @ANYBLOB="10000400000000002000020000000000"], 0x84, 0x1)
r49 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r49, 0x4c81, 0x0)

13:04:06 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:06 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1b280100, 0x0)

13:04:06 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:04:06 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

[ 1578.208747][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1578.214876][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1580.288752][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1580.294879][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1582.368762][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:04:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/x\x00', 0x200000, 0x0)
syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000100)="d440508ac3f15009505e864f6875e2fb0e26d22e37f5f939980523ca97b07d0454f6d12edd8634f26cee83e4a8d756c7aab7878cb4f865d73782f080cab3eabe6bf0e09d65f7e409143cbac6ee5d11877f2865e18e0852782ce68af79773935c573eef1b04f98db7373d2ad067baa6b958bd73cd7629b1c5c8c81d7c85afed74db151d45f775bd0df6c47ca54926ec9ea92643469026a44347338eba1d45d698706f78239482ff50cdba7ea671ec270b52e2d090408354852415b2063822a03118c4b23266b698")
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
ioctl$VT_GETSTATE(r2, 0x5603, &(0x7f0000000200)={0x2, 0x12, 0xd644})
ioctl$TCSETSF(r0, 0x5404, &(0x7f00000000c0)={0x167e, 0x7, 0x7, 0xfff, 0x4, 0x5, 0x4, 0x9, 0xe0, 0x3, 0x9, 0x10000})

13:04:16 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x283, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r3 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000240)={0x20000008})
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f00000002c0)={{0x6, 0x5}, 0x40}, 0xfffffffffffffde4)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r1, 0x0)
write$P9_RLOPEN(r1, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x4})
r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r5)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200)
ioctl$LOOP_CTL_GET_FREE(r9, 0x4c82)
r10 = socket(0x8, 0x0, 0x0)
setsockopt$packet_tx_ring(r10, 0x10f, 0x87, 0x0, 0x0)
dup2(r10, r0)
r11 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r12 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r13 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r12, 0x3, r13, &(0x7f0000000240)={0x20000008})
r14 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r14, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
setsockopt$RDS_FREE_MR(r14, 0x114, 0x3, &(0x7f0000000080)={{0xfff, 0x4}, 0x1}, 0xffa3)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r11, 0x0)
write$P9_RLOPEN(r11, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r12, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r15 = ioctl$LOOP_CTL_GET_FREE(r12, 0x4c82)
ioctl$LOOP_CTL_ADD(r11, 0x4c80, r15)
r16 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r17 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x100000001, 0xe00)
ioctl$LOOP_CTL_REMOVE(r17, 0x4c81, r16)

13:04:16 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c]}, 0x7}, 0x1c)

13:04:16 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1c280100, 0x0)

13:04:16 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:16 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x8000, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000040)={0x6, 0x3, 0x1, 0x9, 0x1a, 0x0, 0x0, 0xc0, 0x92, 0x1, 0x4, 0x1000})
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x4000, 0x0)
ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f00000000c0)={0x7, 0xec})

13:04:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCCBRK(r0, 0x5428)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:04:16 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:17 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1586.912601][T31495] QAT: Invalid ioctl
[ 1586.917483][T31494] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:04:17 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1d280100, 0x0)

13:04:17 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000140)=0x8000000000000000, 0x4)
r3 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000000)={0x9, 0x2, 0xffffffff, 0x3, [], [], [], 0x0, 0xfff, 0x80000001, 0x3, "c9c50999920742f524855728b5f94fc1"})

13:04:17 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xff', 0x0, 0x0)

13:04:17 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68]}, 0x7}, 0x1c)

13:04:17 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:17 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:17 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
prctl$PR_SVE_GET_VL(0x33, 0x7f00)

13:04:17 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1e280100, 0x0)

13:04:17 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

[ 1589.018760][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1589.024926][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1591.088747][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1591.095041][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1593.168863][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:04:27 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x1a081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
memfd_create(&(0x7f00000000c0)='/dev/sg#\x00', 0x4)
close(r1)
ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x3f)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r2 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x400, 0x0)
ioctl$SCSI_IOCTL_START_UNIT(r2, 0x5)

13:04:27 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1f000000, 0x0)

13:04:27 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000000)="0080ecfaeb8b2df4d173db794404ad77280c609ea4e573e0aede57d9665eed9aa95c0678fd70040b9869da6031aad3d25899f253720c4098da20d175414b411e6430bc7310b47f71ed11920813fcaeda5f29e1464614e9defb1d0b0c95574f97960a5cf2e65275b3bb406a0ab26c47f5ea35d6d5380f8cb6ac6b1085900ceeaf9e3bc7041bfe228450acdcd0f692054e602303634216cd579956f6aceb134cb554468134e2751050683143", 0xab}, {&(0x7f00000000c0)="c9997dbf7116621944a4417405f411feeacd72e70ef99531a893da679239131c2c5e3f987abc0e56e97cedaf65e5985f2184629ec4d78e119eb38331644bf39c5433803349191854e0ccddc49af36d71b7af397df1fbc3ab1d2760af1dc025e38bfdf5c0e75153cab0b58be31215ed0e99ed44f69d08ff2099ce4c40ef6e017b389ae80eeac9970fdebe2447", 0x8c}, {&(0x7f0000002a80)="982f9bde65ac2ad2057ea43643dc7870e4e10202b7a1f73e204c0d3ea56f869b9d68b66c61026c3f7402ecc1bbf229cbe55803016a2b6f6c17234cef310d9d36d0cf3c196399ff372732f9bd2e0d0d050cfb3f0d6ffaa0f8cc6629919fb59ac3a2fab712973b26acfa12d5e31a701338e396584fe999b0bc79db2c896fa9b68375f56e9fd258e2f3b7a742c6833c2c936c4dea36faf811afac93833bd87ca10671c6942fcbeb79e49dbc3d85d8fab9795cca9caa607422d0bea825cc33efc71b130942b9292eed797cf72a8e79fbe39a41eba8b847f2347d2927158ce8051f9418d6ab7e7bd6ac8c6ff7933ae9034555b04cf7e8eae9ec1f776f30313925ea072e24cc3cb2483995f8d59074aec70ae66bc549c1803aa61654b79bc8e90d62a7638fe283efb28c836b141e811a1eb48b481590c2ccffa652b254b1cb18945887b880015f07e228df7023bbb5c9913e4709a328d60bb70c0b78c00c198ea44f58462a5f6fcae30a55773e543b24a7c997727c59e1f4dd813b96d80df3ef26056b877a2d63acdc7f03312c976cf3795c22cb6adfa476a890f1806e54aed709cc38811beb26fefe130fd230e32f18a872330bbf27b7332e2e8fb1f555937c85e6ccc5111fe32b945698e10e10570f62b453e4ad86012a409106be20389f936d0de1850e5e8fc641876625bc027d1f22193bc0761643f838e40375ece543a0ce9ba47635af95adc277fdbd2af361958419875b61a50086cb618d75c4b3550ea1357b9d1bffc7b37cfd51347b174be5aa3246336185a26a41065733219f0194300cc224365a8660d4ffc6ec80a1f2bb8796d3bf53681049d07937bd2f47036f5004d776a5818d82368912891cf750f506143339492d1711c2212ba2857dfaabaa4267ff28e8bbe3601cf63d839ac8e518f2ebc38a7c978e1b4997277e1cc87a90af2cf20783423d75dfb824792c83bbe40ed933c1295b209ff7e076fbc282e5b36b152dc3d2bef359da28a187d970048fbdc9631e61097cdc51cf740e988001c6e52949534c585a0d3348ae00e6bcdcc0007a2f70455988d7f133f9a8f8dafac0288a0254a5e12f721c82bfb272bd3e5a47f86f13df0f0acf9336a6e3f627515c9f2d909d1bce2e7445dd84a0532c51f13c766745d347b9e8f927794a080050043e4b1cdedf017917cd754ec65c8904d986bc0f1b1e45704df476361cb2da17a58fc4f88c8f1a598266720c4ea3f6ca79366f9dc06702c7284ddec925e5e05d58ad78c31bcc1dc99d458d3fc00698185f358a7d90ebb5ba8ab3cf4aef4fb25d3e9faa6bc5e9847ab7fababbe233e55ab9d8b9cf1add8ffa4a8057783193ba270b3d55049331f43e2bf46e1fcb37e62aae4ade9187a5c69c74947101ae7bc8960afa454490810ee5fce083fc0b7a8bf95de9b19428f7c200eaffb4b703afbec5a9f882961b9643589ce7c363ddd811836df4344a290cd80f5d01ce771546ee4224270d0a8ef70ba461687445b73b068905b084da169f450ec07b03fdbd40e6995fd3c184c6d59988414e1fe47cc728226940ffc13221d83a5d1a43613309fd58a07dfdf1beb1cb07e84ab1a12a7e475e312ceb269d8c16e6ba10dc37bfa3b29700f5d48a9d881a7ec57a8159e170ca8a909ee1d949be365ecff579afdfc29bc825225ac1d7174c89ba519f50ebe10a3af3125efed4d63355f3eeb8e902e6a2365f904f5e50a860c6845c0a746f8289c13c3e779e31aa42b7605697f39cc5e2906c164a0779428927b96bd2f49c7760e088f6becfc12710292e94080118d4f41ca98adbb8186b3538e0a2232ee3866ba3d4822c44c077b7e24f7d5ebf2560bdc5ee8221f81de80032ea86a35651854b7d00ee8a2b6b9774e8f530dc82dd373ccc6f2ff9d7276ff95342082904e47a1ca69ad90331c91f5e71797447c7dc56c1e94bf442536714504a56e0daf6d3f14757a098ec10d1cdbc9b9a1ef1949751d0a4fe5fbd89416bbb8a2b97957c8aecf4a4d4765d1a5ee4420278ecf3cb62e2c0cfc8dbbbbfb84a374d2c45443f0c68c6744fe13176df1d87997d3187bc02c6f9afc9b80aea8dee2fb6bb66fb078cf9b01b6ccf2d0fc5536f881362262f5950e0e26fb502936a4e73e0fdee9657fa34de42c6f793daf22efd13da88b5c1434fd49f7f336183b945a1c724e84feb34fe2eadf4625af696a76580b9381b54c29eae76e02987c075b4b6e3d7be9c29f60b8a6c10cd13a89de38474c65b8851d1191c557845321bad7a7d71c9782de8fd68309ab520c321cfea70e452f7bf2cb3a33fc59f1d701fc80d77fb593cd825a0eed92edd7f3e6c604024ae4b2558ef3cc1346b7fada37b08dd721d030f63a8cf9edad6548339d428877a7b052e9553bc7186547795fb23f0f86c835097d06f938a052a0fc79deee0908495686fa7784909c067f24cd3ef28ab256fe42fd2b13a49252bdcb4dfa776a4d4e9c7979ebbaa3f90b1104159ca97e0d1350395bc089f24da7081508e4b52a1ad43d5769d761995fd036421b86bf13eb8b76479d8a1a34d89c8b1de31365aec9a95b6ddd252d1d6348d3e43c1ab9ef76eeadcc3ad8bd64c5febb558c7b86ab76b163a6eb139eed89cf7835ad48dea260a3ddf985025c932f9a54c3615f343bda3ab05d17946bcf185da2491d9db8d042251877525a3b31e461348cc62309680efc678b7fcfe855eb3c8b1fe775c5460720e35ef7ba975883f345a09d80f127cc6684ee09241e00c6a49054e5b614322dabd832f327acdd918212d7bc7c5424f69e6f8985fadc65573501e521b040231dadb7542657a6991616000de5da5bde446c08dd5c46a030bed238a9a3d2013322e00805c1429a79fe365276d5bb8afd9e24921f6611fea60f3a34c3c0f479589eed98819b5a9dee00a4ce59697988879d736e8ec35db679dfd5281bbc8bf2489a256fcb1e45e4b82f2a15c6c5387fe0e7f814c03f307dbb62ecfa0b7eb3207de976804d1c6ac6ecd1b62ef1635c6bce739e5c6955a93749dd179d9aebace38e585c89455bdae44ea9f793d7e876f83f284db89a3cae8416194273dcf8cd7e44c63c78515e0f20a10cbc395c5a7153fd9d5386abe404cc292ddb77a8c2586898fed8fe17bc88faa11a62069c9702a4bb3072cb4435ce61d0d9fb73e9d9a8fd2ba4ac323d0bdff9ca08450d05dbe7c4426e02601ce32a23c9dfde00ea35a658230014acff17e9408dde142a7c46e66a88ead342e16b0d19a2df45bfb22914cb01b5d33e0f166f4a9ef8a026be92bf0d81a1f57482f92ffb39f48fc99b885bf43ade8bb66bb9d70258cc8da0760633f64f97269ed9a6c8f9ddc3302e2b637eb67cf438317090b932bb527b0202f023dd3b5216ddfa147e0426cd17f83a7812705759f9e5e9e37fde1fd6582570be414bbd37b3ba566a88e847878ddbdfe292666f1dd619f362ea034a14c4a7f0588f68f50629e35374fcfcba7074e1e6a52923c4a16b5d1bae30a7fbc3729ee8f8068442c3bf3615bc184812febcbb143a4fd2f6d058fa2d9e60f046421e783a1cd3010c281c37a1fcf435e5069354f48b913ddb73516157c77a82b7bd257eae7b26de248984f2a62335ea07327e7900225b189824b316361907dabb24e21d6c2e7d39b1a0155cb409f2d491d40a95487ee2d22b3f5959aaeaafb90140048dbf65d43a38a6d76912a25a17b13b053744481767192f9f3c602c4142f80415a703e6fe6c54a1965797828f6f41e5973ec307698c7c28eaa87944b26c04cb8b6151b4009a0ddac888a947a9f9bde50e63d1fcb089e5e2977ed89c5f410771ad54910862835e6732a65923d09576370ed016b3790d426b9676ffbe3bd9de60af66453310f7a762fdc4b2b4d57a7503510d7a95eb94dc9f4cf491e09066f21a8284939b228f0b4498e326cc12871998b5eb70f78b27c738906d95b12da532913fffaf65df9ecb2ef9fd456c9393a09334de30f6d3cfcd0d87acbf3f1dd6f469391b0012d716590afff74c047ae8b4a6a8dbf7052b98ee5dd252689403bcdce6e10071303335403d9f763cc51e7998df40eec355be073a5d43d680fbe2d7f5d555817e2ab29051ec7270977d35e4123dc3d7d018a1f01227dfa56e06cd2e67f21c45d18214eb3e719d7da1994fec50949526f9bda83b78899124328059f2b63b95747a15f2f0110c81712591863d14379fc8c80fceef7796a8a33712668bf7e13911c04a90a45f6949809b6db262a6e668e9ee67a368419148e7b82292f550dd38c1cbcbe1a8cc8059936f1ac8e7fe7fe6627735f1919cd15e8c4600cf6c9bee30a633f060703df11bf3d282bde815a7732694d8999440368c059b86049f5723322dd6477b16838c33ad58d77730c5b1145d455fe5ddf6a1f51d95bcf4c12ac32ed2e8da1627c0fa95844f6cc9e8b3703be58c126e1ea8919ef73da757c636be4dff59fa23e290cf5ff9f9b6e5ea0a644e65b3d9434ac50502b899af57f119045b2ff64d5263a0378483af60db6f02628764c4c454301a97cb38685142413c6522448cddf7e0e25ff2a3c69c980b2dcb62e9cc818d0c2fa048f19d66d48e4139eea3bfb66c13811dee4025c671a8718f200c1929d71ccd4a11b2d54dc9c72e3247ca9def01b1430a29e23f521c40ea5f410abe7c45c78b640f223fbe6bd0599bc4876ad9b95008df77a7b026a64593aabe5769ad0da2ebd4781ba21e6c8c48b51dc869a5c031074e0b3eca70f08992a830bcc3b1dc57b5d080c58de94e794b4835b7e877dee1128f951bd9b8341e59d0ae9fda7401dd6051682b357d01fc79f36feb5b6ba1393da29ed463d14af8596b9c8ee62db9f0e0186c1f39178dea53438f5e788aefac45c4fc5ebd14880c97b1e0523521e640b17289ed27a31db845e3630894f7f9a46dba0df80d76caeb107d53e5aa4ae5324e262673afb9748de0734ce1047f21def89220d06ed35af6bc0501becc61a68e3b50b35c46f2f4d99a9dd5018e2e15058e6ab7c34c153a2a5bb3594178462a7a3ad42e6c728954d28c7fd3bb20a16c66d41cd524c3c5eb8017f9648c9739b930e6a172beba16b29e26ccbc7e91fa516d1c2555037964710362b19efc201d1e01d24025b3615d764166cb79fc78a56a98d80f73efe056d13ce931babcfdea197bc2611beb2ca914cffc9a86d2903af43fde8c453aade35517a3fd19f4b3e50fe16fc9b82a5a7860a22b8b9962c661444d7d13c5b4e6a048439b7790d4ae6e68d64e4ad2820bb1d5b2cfb694d92c4b49a74b4706d959e18bd12881c8ff1b0306a2360cb13baf554d01996e7cadefce2d75f19e20102a95a38ef23ee8f0ba57c9f6d3fb4aca8fb6c4640b072507fc2ec546c5cfe462bd2261f74c21f299c5e26e2f9d49a320249e66669f7e07d61f60270cca2d87f4f90a94729def59a04cadbd8c171d0e729ba8443cb9f6ad1443034d4a4ec4e1a8753bcf342d56d8c5a869072ea73de83a51433baf35ba7c2ceb21ce511bfc3265157d9e50a0a7d62868be7ce5fcd731b3ae5c372ac8bdc92596a73a224b4a18cc01c2eeb87aaae1e08f9dede0044697f7591a7f9ddcb1c583aa7416072f6b0872ab5b02035a5c385d2492b8fa2dfde943ae2529939bd12f895c7d5f7b65e356bc4a4fc03f936e466f4d3e28a9f8a3723c465bee05c4886d145abc3c4444d4d1151cea5da67d35ed62dba9cf0d9e6dad5937b87ff6c2818d618b99f40fbbd049f7df17b36c25eb695a29e26f86c95fad0c05dadab7eaaf2a9791bf86dbe99b41a096ff7976e3e363a210f49", 0x1000}, {&(0x7f0000000180)="0a137be7d9874f5ead06e2f7e7ca61e47ed6d45e6af0031cba56985e99188ab0211389b7a0569c1f25856f3bd7e9", 0x2e}], 0x4)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f0000000a00)={0x3, 0x0, 0x2080, {0x5000, 0x100000, 0x1}, [], "cd58e38aabebd52ef127e8bc7b4631992b3f1453a89e93f057bb63c9105dcf5d64808fb1c1cea5eb9ce571948f9fd47270a543b0d8f4958b64b6ca741cf7380337a36f6106d56a2066ae480e4bd30f415341d96bec9e3fabe309a8f3d669bf16ca1b8b1eedc4d1fbe4303ad9a1c9ebe3b9e422f7536c26388fcf2e0ebd0570b3aa7c4be89892909df4c4d63de178302062d346047001b55ce2f3dc039ebcd524d5bcde538d2ddada35a616ebbc4371c5f56d473e234b538d32742a808dbe27edc67f72e0a7f34e90e5cb4de5a1cc31d4c422247649ca93bc802de174b7a4b1c5831dc02dfa1d79af392b678c3fd459f79a3d1218a7230d77bae90b0b58ca06b6a41cb4122abfa71358a168963fc3d23722401d02961e7a77e2e84a28cbf97033c008ada7dcbbbd40d171b3a4380b627f15aa9b9f513a50d112c5f557998506b4a62259a4eccd558683fad696f613cf4e3763e959d3821e1d1aeff5952133ea57dfedcf111e8ac66c368efa34fd287ad9cc2a9f41742660378da8fabc4d6528d1d48ac3e0e835dd7b7c128da72762ff0fb7308611a7a7bc97aedafa1a051161cee56294ebd0d896adf8af87d6c5636340b76e6fdfcbabc6daf3e53d3b701b3254a46be364c3bda0f3db4df83484916c06be868de6316960269fe6c215251be48e87628f2581eddb3d796c8b54cd5f9722c9f1c890eb7db43a2dd86e7c26af2bf1acf3e6c22007515bd989b1d3fa6adad654dbdad69d5b371051ba3c3b594e1317937e7e0a6a30406825c1d440b17285ae8fc74689218ee912ce41f2fb6bf74102d235688144b448d6a541e40306e67888f3b1ad263f21c93da0d8cc456df2a59ca61aee9545a8b10f4402ab70dc53cc1596f34177afb27b1e279a580a91cd86df595cdb61101a11fc1dff3c8a5b21d79976173b9bd57ec042324786a99e5f6637b326928de711c82245f7e845ee1453b510bfce808a10847ab6a1a35d3f847a2e5b438d5da39ca6ab0b2dbfdf045cffeb39c76337d1e9f62fc30a5bb639f54416830a6f2679c10755eb7523a48e553b4662cd66ff26364abe3156702910a3836ddea84556bdc658e9e044c32bc09775205ff3310a0d739583cf030a3e912158a055c6bc81c9eceb1cdb9ea0dd078b22d83ab8f5c8d5fdedc19506368ce5623708cc50f541a79a3d223d35cd31d0c4eedb3fe54e0fa5522b03c0b04c3cce0c9c1da5a7c3d8e5e63422df096e0c083f29c7ddc31c84b3c01f93f78e2a77694c868c1d449b1e336cf34d8fdb3e9115f44c9b89f5fb2d9b60ec23c21256d60f62d67dbccfbc27692b04443c08de7cbc6dae9e9a9d80650f052ee2123a8c0978d86c32a2dfd0ec0a517cbb08b1d6a085ba5e4658fb84028304d4345305ea0c442d2dd375fda84b6cae64734150b182193905fb470a1c16cd3558b62fe69028b6ef2421a9f7b937d8bce4436db82c358c74e33bdc4e88110283a04bcf1d803346f2ec1a8c4258f4c7ae6670d0c8378fd0fd281727e3adedeb2a138b029db4c5f9eb1aa93ac9dd76b5b03b662d205b03eb7d8501fa94e0e1be5bd46afaacb2f4e1fbb69acf26a76e17f6ad058d718446a7a8e2f1f87f7d61331cf786dc1b44c85a1c57bd455bce87b4f3284555cccfdce9effb165464cebcac1c7ec18e82d6aa8857f61ed1f17740e2e4369165a6155cbc87eac92e6af5fc493268a51c084d4b6f610a54b88932c50dc11572e5bdaa685c44ed0326e4577f9e866fa45561bc686d0c9ab7a2345d951d9501f1339090462d1bc6a3ebb1997dc92cf096bac8f94fe28070b822d997032896589eae172b7e3d09a434e1777743485d379ae510156cba07a23f7e6aac2cada82fab798efd848f46dd26e1ef7929debddd2a7a2c7e71841514ab21960927aff37ffe012642421a35317c77a1c903ad006f6cbc9e496ba66feb64a940eb9da71745b5afbdd7728c571c158e0130b5e1ac7a7d0897b01668004938b7b501474d1f39d2247cf94c547cf492753a24a384a1b4bd4c8b58b43e20f7c7664aa57656e93ebcf75cb4a76f763236031f011c920ee8f642b1e3e36859a48f71f242dbe37e5448af8b15558b9929e718d50de6852d540d010f3514b5e3d10b48c1028aec92d3ff7f94f2d25cbaa723ac9e62f8f509b9c30389669fa804988372a7d902a8ce702d9e9844b6bc901e0b55a23fa70857786ad83a21a457a93c4714b2648295c5183f4cbbb19b27184dfb3b036d303182dd82b1639a41b1bd195324893be5d842301f7a2cae97aa89115bb53dacd75d07a9afe4914ef8323f56db7330d8a1c09143dc25e9d3d6df8aaac7b33251ed21476314d32ff11e657971a957e6f6f763481d4b453f2680149017701c65a3ec7260aa3c6fd941f2376e262f5c53b1da54c008e2dda78f4432c421f25c462b64d22b543968aa5196a22511025cab8d181340137568c6f88b8b4b4a9d0fef5376f8da043163f4536f71e3576e43e65cc2daae72aad9d0ec1e03b0f9266f167eaea66b536282563f7b2953d8791523df45dd2b9a1e6a18e6232692cdc7ed68a3223511748d36ece4b418c7e4d79488684d681eca5d2882a37ee944ac632b6c31020804696ea108241ea7c1cff03098988ac63273101241a9c85c78600504bd060512c8d9ebe7747b91171b4233354d41d56db5a557c710108b02d7743752eb7320fef72c28ec3b558ddd82c92931605efe9650f3dca2d0b4816442a05299d010d4b541729777c3b0ab95283c3906268c52dff25fab62b21c5c2769eb9dd025565edac32dc581271335b31d28cb3247e4d27c17e104f73f1cddedbf3a9f038c606ec58dbd1b0c18dc608bd48402531036a19531ac29ae5d40a7ec6675cca96789e1638f6bbf3632852a3ffb785f70158dd598e5274bbe36fdaef25c8adc9816407153c622dccf4efb4f7dcb223fba304386a08a5923184b41704d41affdaca16eed7abc2bcb6d5d975861bb50f4242ef61e95dc04e80293da80d84fe47c8f92918e937ff6769a79e052ccf5fbd3acddc0afd383f578842c2b3821362698d675f44a2ce6207e92e8b467353e1e88e9b66d08e6173778e49ed67ca62a7d042d9e908f8173d3a5403d11653e7e95c4dbd4b6e816e660edc3265b5b34a684f276b3fde95a89a1433db1ab4e9c7e445fcda9c717ef1e9f52ae54fdf3bf5ee4dcfd8334061adf2cb433e95d81565e689286f984c3b7e2d9025b3398f0f1a245a067f6fda902406d1c02f05078161296d1205b41dea16c714966c576b7ef61edd4a69c795f00ec1f8ff50fcda0d4035ee687262f54b2673b8aa3c8d9879ac869312e0da63b60a4bbbd176bbab353a4b0f2e30963499ced67049b597c9b095be1bf0ba3dd9d89e83e863f420f04d4b1c8faa06ed76fb92e9d618f809d07e59abce93b5000f6c147102b6469e044ff050dbb203ec25c68f643480135669dace2a24af51bb9760d4f85d88108bc7e3d761bad9dc52956c1f484e5e6ea056ede9f839a82e2d9c8b1f0d148623fb7737677daba3fb8886b9f00e168544e3cad2610b6964a40cac60f1c468c8d03e2da758988163c5b82ca570ebbcf84e76ac1c4f6b0026396ce3a05297a50c60bde2e192ddc4bc6f449dc9b62ebd0ce1e4d78e101af66f776b91ca1ce31f27179fa29d4182d201c8a6ef577e1f016cf12edba5f0fa36273e795f5e26f8248a28028645c1fcabc4165af3b6d0ccd6a1a5813a61ac9715a5a6debc7d808ac9d362084bc9682ba51d498787583b134fcbd3cf001605e8d6111e1e02b35dc0b6daf8acf1ad307da76197fd6a0801a6a2877a6d92e85ae02ba5d8f2c3c1993c1b0a6988ec858fcd7c678eb3a4e521138886c5b8995cd22f2aa402e53bcd5b86a1e5ec73cd263d9722f774392ad4ba76856748d77d8aa9c0fb02f3402b552bf7e735108b672ec4499a04db849b0dd46942b2a637f8805f28db5b5cdeb033e2ab3fb0d964da93f59bb8cd6197ee52066163e76226613d59d2053ffc4dea3663ca62981796de9f625607c10bf8ea93a4121df476e6dba88b8f42ba4509189d5a39624ff2c944318c8a1295cf8ab4cd7bb72dd7b3b711907a1bf32b33e0eb27bdb29d05a6bd02ab9b09b91b59c4b8c3349521362add8731e845660ee4ef77962a241290c8adcc505bf451487403592927067af3588126ae23d390884bfba37453cd8829432592cd236a1e6c4c0d8c82a80985d0a233398233abce2695589c437909877ca7b5f5d47961c9319189d0deb7319fa9ffbcf226d20c2ad7f783953f45cd3ccbf55d177deb75830eef1906aab95087fa9b8a662548e8f8ebc062e57ff631f1633e7e2bdff20a02a7ade23adf8c21099e612042b48c2f33d6fb0e22fd5f2ae787d2e96dc8aaf575f0b87307da347a5fa77be2793faadbcabbdda859ec581cdaee22a48e24310cf3187261be89790731b0c6aee583ac9cb05bf2a32b075520b39e95a6a8a47e4ed8526fc1ba91467abf7eea7e3b12b681792086eb9ed5b653cc38d5dd7ac8b4ba572eb5c446f5a52b8103cf9443cd4a921b9fc1c36170215b80a2f5ded6e8aadf97b6e34fb284413a6f3daa8d874f64490fc54af88b1d0d61dcf7e8edfca1ade8c917be2cb0c756b8d55b3bb7dc0bcd4f82d74f943d2eaf6e0c9856f16a3294797dc2d5619b96e5f844a7298835725e171b5c01a2da9fe6d46af183880ff5f2b55077af655816938eb8b71bd7db0dff1cae059ce9bf96563e16f6122e56805bbf26b80025d2ed63d482306f5064079996086940d3c823d21bbf6022d3014d8934d0a63078a63e45aacf81262b34dd5d1c585fe722a5a134b8c80b159132eb1f556a11e3e0f53168c90825c506d3f286737ec4a049f82e6ba902d715b91dad78ce527529718f32e7c448431fa185f65807649c37de61913f177b73cd03c5d0576d27eb1a7690dd275f33445a077f51049e0adba7ce777036de3015eabd2912491d546999f3cbcfb22ea807c5601fe4f713f7adf735b2daeb69599e09080827f01e97f6ea98cd64351a5165197daf9e0634f1c9be78e5ef546e2197cccc5568dc7c7367699e3572997cb51d24bd0a4391b0ebf5d03bb8c1201afb607d11ac446fc85e4f9f6dc876c7f5d806b30445288c86972e4b956518aa9090879d76ce5f8d2c94e772478e81845a165afa99085a267220a10925e89c60470e0dff41fb26d75fc4063211f221c23e57293b6855cf1a533c651016de445c5050eb0f22df7ee80c742747a8243ca8cb408eb98ef8b889437a201d735dd75fb2a27ae7add5b6f34b1fd70df667eaa860c83222b287727d07b92a8e358de60deafdd8eb02bbfd9fecf07a9d526fbdeae65d2a8425cfefa3c24deb5528d972137e577dd53028d49f4e42ad724e2b67f67c7d29225cd552ba1bbe69ca4c18eecfb5bd5743f0664a7d9debd509610d3729c39bcc15540bb9a1ec31ce5fe4ab42e476649dfb216eb82c5ad89a1280f30f89f5763718492d7993e29f9dd3dc9c67d4d48e2f081d46e991fa496c9fd73c4b10ff47ba1fc2f91c66a878969a5ce76565ff5b99d2fa8f0b1f86f9c016513c7c2b28fe29d5ca4ffa43856550fff1b8485fd934695781e8a18e311b3c8af3044218ee90b03b733a7914e075b4fb1fdbf658583b7361cadc71fd59e9aa98b3b1a3822f33d8a62c7b22d35b9af709a3979c93707bedc3659da6d7d729ad0b8366f6bf0600b2dfcef542610ea190b49580cb66fdcd62e3a1c348adf637675cd46bb1466bc1771f5b3680dc03da8a8bd3df5a7f71f03a2cf82d2ccfe1f6c", "9304df30a176eb3517ad8787983a380d1340569d986793e7654d6f645cbc21bb45d718c7e3a0e1b0655dc1408cfdfc55bee78e3837f4f20711d883be98a369130c1823639a79ca7bb4d2e93b3f7e585c690b932870476652bd598ea0fd224dfdf70d21b0c7056ed4e20cbfb7cca0bcf225c9716897b3b821ebfb291c4f4ceb868804e27efe77dacba6528156f56d1e00bbee2b9762e36f9c2b795b9d7f80c799150506ea3260c7a24f2e42e0af2d0815011ea802d331aa14352829751dd18fbd569dafa99a7462924a80a044c39c3e9c7c3470fe11fd5af4ded4ee535f948e8c22996b78c76f1dc6a4c9c281654eaaabbbb73f8e6b914f51239dbfbead870e3ce87cb37a412fcb46aaa34791c850e5e41272b3bcbf51a1ab0f157d8e306e6033ecc2a62846dac491e1a1714e1aaf49b9dd7dbc8fa537a36efa5942ec17b1dfb2d525ae60ca5dc14833b394695b3c64f8ff0873f9d7da802e228eb0a68cd68e2bce054550eac58822ecdb1daa85fc6d012b3f746a8f791b5956a8b94958f5afedeac420d5da1b458fba2a2522fa8c16b104d54cc46e7f4b4964c6f6171ff2e1e3b2cae2a7385e1201629500e507244e3eef74fac0886209b753479ddee11540d0d7b4ae8aa030d6a9b96e7e7f841ded14425330f53f1392ecab2d92540c72cc83be0b1d7c01c83102852ddb4aa310914df2a71c22aee41ce4e57a675c2bf189c5e3deaa7c18cd59017e58576f2e48c187051f8371577788a5b42815e2618086555003d3beeabb41f6d11f00979a7ac66dea5c9e7d5680f7f91cc005e7c3e7f504cd4439d4019bea0b7cbb97ea94d4efd55acc44b2029ae0941431d300f660eff7fcdf38156fc30f97dcaa1549e1c4e4a16c24a3ddb87eaced6f5c407966a6b8b2d84407570a702a81b718e84547554b6ed578fd58cacc2357683ee9bdc564a022ca2839e63e38fb001b4d023696774f4aee45f353ee9eb1cf5af135fe085421464c1125c2c5f636ecc313ff6a7e9d076699491c453e5851c2a4e28bcecc70a3751825d22e6d19de383f2c8487c22b738771e9a2805f71645c7be1ca5aca6baaa753f8924e8375866c13275a178a34068ae38be07eaec3e28e29a8ce7441be051725b5c91ee6b90ad226546cd97ea01c0389c002e4bc45af1fcac0735f2b2807e80655d466ed74479bc2de426a356e93b1bb0cd2a56550ec0ea83c7a4472a210d7510d4785e2cee18a375cc39b50dc45016aaf9cf867116e1ead593845b841f8d063124de9b87c108e8ee1aa5b28b05f952f95d4ac8faddf24daf904fff72708219383d9c8b58b15560bfca744f9295ca02a3d2111c0be671d8eccf48e0c24a31d503496dd1876c19eab779bbafb75554d85c07bb43be1508d947c5d585f2e8af22bb91ff66184e70cecc905865ae222a84b65ea40aeb96343ff3644a37aa30e26525491dade7272c7f17cc6d27f18a99a1c4db81ab18d2dd9b4b0063c2ccb04de3e911681af846c9cfda82753922ed2486b56ab083278a6b500b8a8794c4b24db0ea73c03aced47354ca60b1670bd76f9902277824a0a592c162a3b6e5bbf33768f6688eb73be526b66ffaba88d332a16f6d57f9efc6a7495b24d3f251bd73195053d6d86b3a807403eadf1d3bf7faee22c028fa46aaf762c4f93c96e421eb42dd96969d5487ab95cdf72e499d4e6fc62edd736dc62951f2988defc9ea5e821597f635390d4d05643c7a316d553f1c60f42f3124e5cc56331faecf10261b3272e918c188625656207a57cc2a4adab9c606a2812e9c384dc504bd687cbeafb04ecd0844b2979a9b97e91016cda1bc9eefd6c45a77f799042cdb8267ace26a15ff5ab41107e11e779f0edb31b85d933319d275bd755d90147117e8876f3c335a4eb6d3d85182211b1e5e284406ba4c0d295c5b0279c741149c2161701d5811a64c9f22371fbf8d0766c547141c5a26249170270e537ae564d7c133574ed67924b50cbc0f46657073d9ae91f26bdc538dabb5607212acb63c7d201b10d1cfbc767b53700687c18b14b380b91feffddd5cf7039ac0fcf263588619859b6563ce4bd4e70355d18aa432057864b794d7beaea8c081b5bbaa143ee039d00e9ce174cc12a2190dccacb6c53f212a5471ab2c14857c36539a733058a3d01aa7cb9cbb5cc30e444f1c874d9dae74cf21a80f5469b2f2af1950ce8e0c7474b859079ffbee73e320223c0f63a2eed4453e175447ceee4b627f64b5f61740d6c4a0b7ab464255d57465238d9c10d34db840fd1d6e5ddef50587d34d28654b01b2628bb0eb3e624ea568a060fe7d83b3fdde980ee2bb58117aa3e228826aa2b1d5bad6d90a74088a918f194bc1bf24b243b88061b39dab6a677c826defdbc3d5392987209e914e963930bce17139814780cc77dda71c0f8d8af83b28771de6163460059be114c5fd6c297828e79a0ef614402448a67fbb423f0d359831ed9d3a4c5709524ad80efc976a20f62a9832cb08ed3a94dc62eee2cb134477a4198a286dc148a3866ee22c12d3b8222ed6169afe544509fc717ba071a20535e940263c54990bf69179f1a937d826adc3e238eeb615be36bc5ce2a3244507f855a6b28da365643286baa8071cead1bb1c1691a8a2feeb92651c49086693016bdb511580a624ff9ccdad1ae739c81f7dd8c04e5b188014484fcb1526a91d6039651b49162b9ab10214d2060c227294f0a011698df38e186a1c24467e4806ecb95032d71d49b2f4c3cbf2548f42c90eb378fe39ec293fd3d33dc7fd99a8a3080e061d5af2c79e249973f3bb21b4aaa7c83fdde32d2a40ca3bb08284ecfbbf946d8dcf5b424d63169d6d5b7c77417562b61c0b9c3f2cb8336cdff68d6f7eaa06e722a7b85debeabce70b57b66ef942e4cf8c57aa33484dbf25f08d628ced0fc62b7aa4ef9c3663c80355d1687ef6533ca977eec89ae3f960baa54a3a836ee3724adcb42c08fd43073302cf0efba0f0f1cebd94d7ece2150080471c36de5ab76e1203bfe6ac406e8b96ff281a8d47731a4ef989d5e4b24e34440670afb9f09a869d7a5d4506b410201036c3be3558d51cd3ec53ff9e5442ff08c1032d787b87388b07f0f83e2ebb395ebc71f9bae37b9478ca33708f5e36c05311aaf75a0726062718b40fec5eb4e0cf11901693025913f67b89d148c16fad0744dc0525d5a6c33a22e29fb8e7f129c4afb91d167c14fb561ca2719f0addc4ca3b18c5e3e3d3e34291dfe0c568b3e8c1fe2e8cb6a02b9b8810b3ef491a53b854030ae54167247b5bed626ddea34dd9903ac67adeb66528bdb589ab03dc6aac6e731113a77c2beb7e97151914e1ed4bbb92b436c1ed9fe99cd31f8f24e627d7e395e1a1ca0ee56895e847cd35ae3ab896ff394849b212d99ce82a5ae500857888186ac89c3f5cb8f39f2fb63a8dbe44c5cdf829d78227485a8fa33bfb1c6256dc7d1966d28a60dd727a9ee192f3b87585c3790a3a634d4254a19999ab2d1a4d9e7b057a505de4d76fd9efc416b44dc39e003c8231121693def7671f187c72fd308a26c6bfb062928901c4affce38261b1e95ad837a86a97735b9c608336f06b35f8e637552d58ce5b98e3bfbb420f9180cc8f9808ace2975c40cbcc09f54c971689fbb83569a82991a57ba6a6e73efd3c57ce3c99ec1efcab29c09f982f6d899a22cfa3769e4ad2a67d00cbe866e2f819c9ff88552ceee1f77a234445cd155a2bb22023b57bf4770c349b6d6b0fa31ed33b5c509b1ce3b4e4fd828b05736d50b92461b62559783e4441d7b69148c898ce5980e9ceef7c0630e267baaa23fe78fa1ff88b98cb0462250eabbc394e23a559ab7c1507c37c2f9b07528bc3b7f448cca1fa5754f1c16f56149845ea19b8b13cb68592c1d37833d0f9bfd47664e891ca1eafe682cba8b40e2c3c6dc338ac8333f4386c1f94dd467edd0152f43fe28b32b516c353bed0f59f6453ca9f3e705f27b7e2a12ac0b1d1888f09730de21262a33bb3e9af3ea319b01040b82abee60bb8b6909eca8e8d9ea52b76c46806844632085cf40240bf492f9dc9897789493229533fe61f8b99a0ef58eeafd6c63bbd33229fe37c39002173d75ae8ad09a5e7484a4ed6c3d1078c87b023d487cec7f721ee109db7cf883fa2576b613e535d0d8b7faf406c9a7225e3cdecdb92fbf5371bdf6d2865fadaea9d460b7cac977fba1bae46ca7928a4a145349dd0a25116073b4b5d3623fd2c1207d2c48839fe709b47f5ea440977cb6e47706f7d467f8230c9a78f21d21e8c7bd2f0afea5234b9be5fc2388778aa140333b168378a359f89005d6b1ae670624fc11dce9446bcb5684eabcf4126a1012597390dfef7a97c0eca2d22430f1fa821bb784320375bb5a072efbde50bc5c28201172f69249dbc1695df7d504f3d1106a069cb73a7fa78463f8cd0849c7cd822a4bbfe4cb077f48f2b1f8a85037849e549d318a9e1d657cc89c2caa8806ec06c723fa364ede9a0cc71440274407c0aa9220366dacbc6bbf45ee01aba89c6cc336972e6f3909bdce7205b2315deb76d28a2f499d54275f40ef11b67c24544dcd264b08a5139b1e1ab6c3bc20c367d9fb0e5d0a1f8e0456ff932979bf85317b2110f9a6dda0b975f39bfa9bc1f9d71a61fa02f3700c60f08508a5a915e014e14bd6e3abb4a1e40bda3ce584dc1428d1c3911df6d9175bddae9247c6262de52affd571399925c4af5720a49032442f800674a2f7ee818a05ab8c55fcff4168753891b6b4cc9952ffd7fbf12c640b0b479d0be4d84f291d120e00ade3b9ce51c738fe3a1bcbfb38a75ab0b465024437d627786f8869d7b20d71c371dc0b555c549d2645356269c04490af83dbc69d73388707cb2e7ce23c3f5597311d2dcf2de0aafc4a8c7ded1400cedfcabd42cfb391febc122fc6e7ce9cdf64a503142a168685c819194709b7e33272180fee3fb557640b9cfa9376aefa939f5ab1285dd4dfa277109b539b7a84c81d7533553b7db5754686afb9c2d6894daa95efa28aa1fa799ed8cfac9fcbb36243fe772f748ec38b1f369a757e19dfac9421512b6e9f72e517dafa01ff28bb5163471b2866ffa74a7d01b9bc380ccd63d77e48d0c9c1e5647e7a9acb557aad124505471921292f32679cb55aefe4eee5d41f7aa4efac4b7bd8226751f28315a213d65e9221d576c34ada246036c68f2c456ca9786d554a309a084f77e36f73f91496960dfc50de7055ab7738d8241a4bbeab622b82fa9c58997ac2c1c6bdfda8b38f062220a03d4bb09901c7fc959864c7add306099c35bb4a7cf7face67178f915d4e534bafb5da23f9a3b8646e33abcf9ec398f42bbb1e8705d3487111bac1a7e082f52f1d7f72c2ad7d470f0739c9b61f21dbf1a841ec0c75f6e9c37fa5fb525dc74c8e017385a8e77524d4ff0ba373f97a9c84c15bead727dcae119c34966f51421592489a804222fa880556284f7add06a05ae220b84424de5a76adff695e723f42a8e322df6671eba62c46ffb5b7ef1a282e037506161350573efabf2bcb58fb8eccc070dc98cefc7eacd032a7eadafd8b784cd54b3483734924e61dafd0d59eeda7ed5cbed292f7d001e81bff4f1096d77572886f260977118bd7fc163deb0f6e36ca97a83c71c9ecded8ccfe559749d574e7d93c85cc65fc00a4f048182cb0183de0c4ae2ad2e5cfaddbd8da006d68a4b0a04ddc1f585b0c78a9ffe32faa65600c2cb3c3eab681b585b06652f2c50d522210c87bbc4e2b6b5c10d619947461f08e83a6feff3b3bdeb7605f09a05671f163"})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0)

13:04:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:27 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, 0x7}, 0x1c)

13:04:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:27 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1f280100, 0x0)

13:04:27 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x280, 0x0)
r0 = socket(0x5, 0x0, 0x40)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x26e)
syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x1000, 0x40)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
r3 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r2, 0x8905, &(0x7f0000000140))
r4 = syz_open_dev$radio(&(0x7f0000000000)='/d_v/0ad\r\xab\x00', 0x0, 0x2)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x400000, 0x0)
ioctl$TIOCSLCKTRMIOS(r5, 0x5457, &(0x7f0000000240))
ioctl$VIDIOC_S_JPEGCOMP(r4, 0x408c563e, &(0x7f0000000180)={0x9264, 0x1, 0x18, "d6c75c74640b0cf1f7f5efe2a12e82baa339735b3eb5ba1c7752e88b89497e466f1a37732a672619d9f2b9a67761791f35a59d344f073eff2a04333e", 0x400011, "3f5b33318a79cdd8963d9dc691c102dda6ab000a35bbdb7d2216d2e6abb1d5f405d1146d5ff3e26f618bff3094656e02138e3b5312adf996198d70b0"})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x200, 0x0)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
ioctl$CAPI_GET_PROFILE(0xffffffffffffffff, 0xc0404309, &(0x7f0000000080)=0x8)

13:04:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:27 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x4, 0x6, 0x4})

13:04:28 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x20000000, 0x0)

13:04:28 executing program 4:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
socket(0x10, 0x0, 0x0)
prctl$PR_GET_KEEPCAPS(0x7)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0xffffffffffffff49)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000000)=0x4, 0x4)
ioctl$sock_inet_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000040))

13:04:28 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:28 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1598.097692][T32067] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:04:28 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74]}, 0x7}, 0x1c)

13:04:28 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x268300, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:04:28 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x20280100, 0x0)

13:04:28 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:28 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

13:04:28 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

13:04:28 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1600.208788][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1600.214958][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1602.288823][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1602.294992][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1604.368814][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:04:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x4})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f00000000c0)={0x7, 0x40, 0x6, 0xff, 0xfd, 0x1, 0x8, 0x33, 0x6, 0x3, 0x5}, 0xb)
r4 = socket$l2tp(0x18, 0x1, 0x1)
flistxattr(r4, &(0x7f0000000100)=""/193, 0xc1)

13:04:38 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a]}, 0x7}, 0x1c)

13:04:38 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x21280100, 0x0)

13:04:38 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x8400, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:04:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:38 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x87', 0x0, 0x0)

13:04:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:04:38 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev\x05o\x89\xf2\x9c\x0f\x00\x00\x00\x01 \x00', 0x4f85ca22090e95e9, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:04:38 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

13:04:38 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x22280100, 0x0)

13:04:38 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1608.694558][T32224] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1610.768759][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1610.774976][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1612.848777][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1612.854888][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1614.928748][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:04:49 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:04:49 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2100000000000002, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0}, {0x0, 0xfffffffffffffffc}}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="02120000020000000000a577cd5e0000554cfe5d264cfa0b5a300b6cc4d6a818aae9227391d1e9ed27577f0b8f4e2e6770ef1338d0152cb2ad8773d7b826ac38af38fb28de9c0be77ba876"], 0x10}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r2, &(0x7f0000000180), 0x400000000000117, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$inet6_dccp_int(r3, 0x21, 0xa, &(0x7f00000000c0)=0x3f, 0x4)

13:04:49 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:49 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x23280100, 0x0)

13:04:49 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84]}, 0x7}, 0x1c)

13:04:49 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000180)=[r0, r3, r0, r4], 0x4)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r5 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7, 0x400)
readlinkat(r5, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=""/93, 0x5d)

13:04:49 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x02', 0x0, 0x0)

13:04:49 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xff', 0x0, 0x0)

[ 1619.512156][T32315] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:04:49 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:04:49 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x10000, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000140)='/dev/swpBdio#\x00', 0x0, 0x2)
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000440)='/dev/dlm-control\x00', 0x0, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000480)={'bridge0\x00', <r4=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000004c0)={'vcan0\x00', r4})
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7, 0x4, 0x0, 0x9, 0xa, 0x10, "abd89274a776716ecb2f65d4ef39406f9e46c34d219af99a063bcc4e283ff812f97626d85b3526cdf77c50296bb3fb4a5e110996683ee7a58676264ba1c17a2a", "0f996e3166df4487a9c71874a9f16276f2815948e08288711ce335a13581605fc8a6219e005a51499d4ebb3766c9a73291215f0c39b63be9d54ad62414da0861", "3292c5d4d6e87684f6c28c30f1d98fdc45ef59ffc8d512b25b6cde7d42feb5bf", [0x20, 0xffffffff]})

13:04:49 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x24280100, 0x0)

13:04:49 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:49 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:04:49 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='\xff\x01\x00\x00/loop-control\x00', 0x2000, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={'ip6_vti0\x00', {0x2, 0x4e21, @multicast2}})
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="740000002400f31c00000000757bffff00000000", @ANYRES32=r3, @ANYBLOB="00000000ffffffffffffffff08000100736671000600050000000000000000000000000000000033cc3512c9aa8178bdf1001b00000000000000000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940fb0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cb5d845549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d63007d6c6683e251ac28f6b0000863aa3d9e240168ef067671514ccb381077c2afecae2bb28925f8dd87c3994ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180772593cd728026dfe9b7bc2cbc765c540e40d828aa0de69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848be0f405c700000000010000004bf9fbef7bde2667d4d7d9d9ea1091e7a922d0137c5fc0d0771ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df356d3566411220610df00d12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d300d4d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbb6aeeb65f6b300de37a94e71c166d875ba535e3a9c98fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccd08f0056a2c495799c100addcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6af3fc266c48f4e869e98b1094fe3d270a43cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b77356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75ce88951d3403efc24fcbf8ca7090eb40200000000000000005d67c1670d99788dddbde7541e25ef8161c705b54eec4e093559342ab2cba47427a22e84b2405ccecbc11c2291f01e164a73bb18b20671d034961c93f63a961e4f7823abb167bdc304b77ec58d22c034a3975c55bf86ce00000000000000000000000000000061af13c82298a26df2d0fce0bc0266034b27dadc15ddd339d66163ef9b51d20efb8f38d4d3b8c6e57d384ca3891b41c726702d2508d4bbbd9d9e860df1ac9f7c184e52f5bcd8d616a07e5ca09b3669df4829188de3f25f2672ed91b0ecc9c962b3d5d057d08c470ef9284cd3f97a3d6f85358cc5c3966202105815e53531d741e5e5e24f07172a9591f75b844e7ae3995ca2c719edbc31c0b37f6044f0bef069a0f7111480a158298f39824ebf0fd62174743f3c95460112ca174ba06a86e6bcd9dfdf44d8a246e1ce819f6632223fac63e8b10927f95a4f3ca25ea226bca63e05cf8303ef0b85096e000000000000000000000000000000f10cf687bc1d9ce89bd43fb1f0bd21bfda681bf97336ce79906ab9875dd4360b415a7105e8d8139711c75b024733c56a3258f85908f2602d2b17f0bd85a901798305bcfbcb333105627deb63610e6d0ffb8ac44da24ca9c58ef3f5d07ce07b71071946fce222ec28e4a65e4b5b22a9fe160572c67d99fdfa032436622d85a0fbfd8ff1fc7d7a5eb93e2097d675df84ce1e2696117678bb4fcb1bbd0d10c6c19d355dfada0236ecbfa45915004aa9bfa85c10a9655d5f4bd1bc890f6632c0eebbad276296e229de842489264f16d5de7e6019569bf88067fda9c08beb7379544b4e5b13677e11d6b4fafb52f27f5dc6f3b43e"], 0x74}}, 0x0)
r4 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r4, &(0x7f0000000180)=[{0xa, 0x1000000000000, &(0x7f0000000100)=[{&(0x7f0000000040)="e588da94b522c2d1f313702948718f407fe7166ac45a790cd2065b44582f3310fb003cb29f9afc1ddb6272a61982d91403b9914e7638a71eab73d729de3c717034a0069e9ed7d8d5fa1979ad04faed8aeb63cac0ab9a4d2927d53b44ef0f6eb8b357571086780d116f40c92841c5a3d72ac31d7abedde3433aa57b7fefb2a6e25f68b39642e8ed4cba1d481661ba"}, {&(0x7f0000000600)="a175aecfc133f10e8096d588d507cb2369905aafe9156c60719627564d1f5841ed3912a4b4d6372b4d52111e6d26ae638675c823527d292fb9cfb0691358daaeed278a87b98817f0efa445e1e8110e40b7979829311002818ea4bfa43e186dbdf71f761f261789a4e4063b30213fc8674cff946703b49ecc157cd063ec3bf08b8f75365561ef81b12e6d77479cb6fba9e4a0e862fe0729da03403caa9b02aff1a185885195"}], 0xe, &(0x7f0000000100)}], 0x126618d46e7cf97, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:04:49 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x25280100, 0x0)

13:04:49 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x02', 0x0, 0x0)

[ 1619.818883][T32476] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1619.847798][T32476] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
13:04:50 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)

[ 1621.578824][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1621.584966][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1623.648900][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1623.655012][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1625.728869][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:04:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xb)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000000)={0x1000, 0x650, 0xb, 0x9df2, 0x1e, 0x8, 0x3, 0x81, 0x9, 0x3})
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x200, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000100)={0x7, 0x0, 0x3, 'queue0\x00', 0x8})

13:04:59 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x7}, 0x1c)

13:04:59 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:59 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:04:59 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
setsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x7f, &(0x7f0000000000)=0x7, 0x4)

13:04:59 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x26280100, 0x0)

13:04:59 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r3 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@ipv4={[], [], @local}}}}, &(0x7f0000000140)=0xe8)
unshare(0x200)
r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000480)='ns/mnt\x00')
setns(r5, 0x0)
clone(0x7002411a, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_dev$radio(&(0x7f00000001c0)='/dev/radio#\x00', 0x1, 0x2)
inotify_rm_watch(r6, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond_slave_0\x00', r4})
r7 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, 0x0, 0x0)
r8 = creat(&(0x7f0000000200)='./file0\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x0, r8, 0x8001, 0x4, 0x20, 0x2})
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x581200, 0x0)
ioctl$RTC_VL_CLR(r9, 0x7014)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000))
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1629.757910][T32502] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
[ 1629.830766][T32500] debugfs: Directory 'loop0' with parent 'block' already present!
13:04:59 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xf6', 0x0, 0x0)

13:04:59 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x01', 0x0, 0x0)

13:04:59 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x27280100, 0x0)

[ 1629.943218][T32609] IPVS: ftp: loaded support on port[0] = 21
13:05:00 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:00 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

[ 1631.809120][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[ 1631.815396][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1633.889043][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1633.895166][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1635.969006][   T12] Bluetooth: hci0: command 0x1009 tx timeout
13:05:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/px\x00', 0x40, 0x0)
getrusage(0x0, &(0x7f0000000400))
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x40000, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
socket$rds(0x15, 0x5, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x2001b)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
clone3(&(0x7f00000003c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), 0xd, 0x0, &(0x7f00000001c0)=""/239, 0xef, &(0x7f00000002c0)=""/215}, 0x40)

13:05:09 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x7}, 0x1c)

13:05:09 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:09 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x28280100, 0x0)

13:05:09 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x200, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
getpid()

13:05:09 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:10 executing program 4:
r0 = syz_open_dev$cec(&(0x7f0000000740)='/dev/cec#\x00', 0x0, 0x2)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000780)={0x9, 0x38, 0xd40, 'queue1\x00', 0x6})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80000, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$SG_SET_FORCE_PACK_ID(r4, 0x227b, &(0x7f0000000040)=0x1)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$SG_IO(r5, 0x2285, &(0x7f00000003c0)={0x0, 0xdbef9a2d7b930f1, 0xe5, 0x40, @scatter={0x1, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/237, 0xed}]}, &(0x7f0000000200)="deea902cbd6f1401891fe823a9fc35d204d3c285f3ef30d5244a3902b955c54a3c84c8f0726be78ef625e4143192f18107525218a3705d2713ede6a21b0228320d026b069f46bb2b323bd87b7ad1b199e099a253286d2709ff213e446edbff4474ad2d41d5749dc3947c6fab17bc87f5c2f88b6783bb24f44f3ba321dd5c2daec3747b87bdae999c982576c66a96cc2f42d28675a0b20e1935f8b5b57332323a607e40cb673f8674a2851dfa71976f95eba1d8342374d4c4497d0628bfdfe494bad0467b0138f1ca6f5334d9c5a1e66745f678d58e21b6530cd975a97c3c56ee76bb04eac5", &(0x7f0000000300)=""/119, 0x5, 0x14, 0x3, &(0x7f0000000380)})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r9=>0x0})
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = fcntl$dupfd(r10, 0x0, r10)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
ioctl$VIDIOC_S_AUDIO(r11, 0x40345622, &(0x7f0000000680)={0x3, "c1368e4bd6e65cf867bbbe3fef95a1ec29232f46045da20ce450f88cad15e7ed", 0x1, 0x1})
bind$packet(r8, &(0x7f0000000040)={0x11, 0x0, r9}, 0x14)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001000)=ANY=[@ANYBLOB="44040000240107e744c01e69dfc8a800f1ff7896cd2e24c9298bffff24f7b693c80fbb5bb33db6cf85f5fea33c6aeb0d9e2e52baa22e67cb69e5af6d954dc100bdbaba96fc75b12ff5b4122704944bc76f039be128e1ee2f6300", @ANYRES32=r12, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000440)={{{@in6, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000540)=0xe8)
setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000580)={{{@in6=@mcast2, @in6=@mcast1, 0x4e20, 0x6, 0x4e21, 0x6, 0x2, 0x80, 0xa0, 0x4, r12, r13}, {0x3, 0x3, 0x7, 0x2, 0x3, 0x7, 0x3, 0x527}, {0x4, 0x1, 0x4, 0x149}, 0x2, 0x6e6bbb, 0x2, 0xc0ebcdffb5e3964a, 0x3, 0x1}, {{@in=@multicast1, 0x4d4, 0xff}, 0x2, @in6=@empty, 0x3501, 0x4, 0x0, 0xf2, 0x6, 0xff, 0x3}}, 0xe8)
r14 = fcntl$dupfd(r6, 0x0, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200)
r15 = syz_open_dev$adsp(&(0x7f00000006c0)='/dev/adsp#\x00', 0x9, 0x404840)
io_uring_enter(r15, 0x10001, 0x101, 0x0, &(0x7f0000000700)={0x5}, 0x8)
ioctl$ASHMEM_GET_PIN_STATUS(r14, 0x7709, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)

13:05:10 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:10 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x29280100, 0x0)

13:05:10 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x03', 0x0, 0x0)

13:05:10 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:10 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:10 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='uid_map\x00')
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1b)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x101000, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000280)='vxcan1\x00', 0x10)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00')
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2020000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x78, r4, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x10, 0x4, [0x7, 0xffff, 0xff]}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x400, 0x5, 0x6, 0x6]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xb1}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x1}, @SEG6_ATTR_DST={0x14, 0x1, @mcast2}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000004}, 0x10)

13:05:10 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x7}, 0x1c)

13:05:10 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:10 executing program 4:
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
r1 = dup3(0xffffffffffffffff, r0, 0x180000)
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000080)={0x0, 0x7}, 0x2)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
ioctl(r3, 0x4, &(0x7f0000000000)="8b7be68abb9273ecac95f70e57f765ad36ee494c3e4e5c67e881a34b66ddaf6e4f9856ab83aafa5c258f4edf5488a55303ce81ecc11d70e918c1953750cccbbd6e78e599cc6d113f80da6c909a4c821b98bba7e2cc569f2113b27a7fbf9873ed4b51bbd45410c161d7bbe84b6f167ff37ca50d1cc119162ff8c7abd9")

13:05:10 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2a280100, 0x0)

13:05:10 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#*', 0x0, 0x0)

13:05:10 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000980)=@req3={0x4, 0x7, 0x1, 0x1, 0x401, 0x356, 0x5}, 0x1c)
r3 = socket(0x1e, 0x4, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000840)='./file0\x00', 0x60000, 0x23)
ioctl$SNDRV_TIMER_IOCTL_INFO(r4, 0x80e85411, &(0x7f0000000880)=""/200)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1, 0xf0f3}, 0x90)
r5 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000006c0)=ANY=[@ANYBLOB="010020003d00cdd5b8a53e78fbd52889bf4290f0d9258fc5414e978ecf73d533e17e1c22e1896ef103c32c148d0b9e128a143e964fd88c6f7ad3d0e60e6057e2d34d3ae2f6eec202fba1124c18de7264f3ffffffffffff0ace8017e4417a63c79e5b2c68ed9474e4581bce1cb11f2fe2f3a60df298c40b8a95c038f32851c2e68d7f5f1b8895dd5a1fe8ed38250a821b9dad34717280350d60f8a82278f366f6f96ca7dbbec54bbc4ebe332805856d1607ffdae4561ba32f79dac9f088a1b3c05359f8fe6654b712de", @ANYRES32=<r6=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000400)={0x0, 0x97a, 0x6, [0x7ff, 0x0, 0x8, 0x312e, 0x8, 0x80]}, &(0x7f0000000800)=0x28d)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={r6, @in6={{0xa, 0x4e22, 0xe39, @local, 0xf8}}, [0x9, 0x100, 0x4ff, 0x1, 0x3, 0x9, 0x10001, 0x8000, 0x9, 0x7f, 0x0, 0x7fff, 0x4, 0x4, 0x7]}, &(0x7f00000004c0)=0x100)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000001c0)={<r7=>r6, 0x8000, 0x8}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000300)={r7, @in6={{0xa, 0x4e23, 0x81, @empty, 0x1ff}}}, &(0x7f00000003c0)=0x84)
setsockopt$sock_int(r5, 0x1, 0x3, &(0x7f00000007c0)=0x80000000, 0x4)
sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @local}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e23, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xffffffff}, @in6={0xa, 0x4e23, 0x7, @mcast1, 0x3}], 0x68)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000440)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8080089}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)={0x74, r8, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x58, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@rand_addr="fefdab9161b46b87c7453fedf6141f9c"}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x28}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x48000}, 0x40000)
r9 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x80000)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r9, 0x6, 0x14, &(0x7f0000000140), 0x4)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:05:10 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1640.816368][  T404] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:05:10 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:10 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2b280100, 0x0)

13:05:10 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x40, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r2)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$UI_DEV_CREATE(r6, 0x5501)

13:05:11 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:11 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\xff', 0x0, 0x0)

13:05:11 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x7}, 0x1c)

13:05:11 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:11 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

13:05:11 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2c280100, 0x0)

13:05:11 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1642.848745][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1642.856111][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1644.928820][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1644.934937][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1647.008804][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:05:21 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:21 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:21 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2d280100, 0x0)

13:05:21 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x7}, 0x1c)

13:05:21 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/der/lootrkl\x00', 0xe0003, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x80c, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r2 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x4000, 0x0)
r4 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r4, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r2, 0x0)
write$P9_RLOPEN(r2, &(0x7f0000000000)={0x2ce, 0xd, 0x1}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r5 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, r5)
r6 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x80000000, 0x200006)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x10240, 0x0)
r8 = userfaultfd(0x0)
epoll_ctl$EPOLL_CTL_MOD(r7, 0x3, r8, &(0x7f0000000240)={0x20000008})
setsockopt$RDS_FREE_MR(r7, 0x114, 0x3, &(0x7f00000002c0)={{0x20a0, 0x4}, 0x1}, 0x10)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4000, 0x11, r6, 0x0)
write$P9_RLOPEN(r6, &(0x7f0000000000)={0x18}, 0x18)
ioctl$UFFDIO_ZEROPAGE(r7, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x4})
r9 = ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, r9)
r10 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
r12 = fcntl$dupfd(r11, 0x0, r11)
ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200)
ioctl$LOOP_CTL_REMOVE(r12, 0x4c81, r10)

13:05:21 executing program 5:
socket$pptp(0x18, 0x1, 0x2)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x82, 0x0)
ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000080)=""/141)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = accept4(0xffffffffffffffff, &(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @dev}, &(0x7f00000001c0)=0x80, 0x40000)
r2 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000200)={{{@in=@local, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000340)={@ipv4={[], [], @local}, 0x83, r3})
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
prctl$PR_MCE_KILL_GET(0x22)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:05:21 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/\x8dev/loop-control\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x2, 0x400002)
ioctl$RTC_RD_TIME(r1, 0x80247009, &(0x7f0000000040))
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

[ 1651.555552][  T763] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:05:21 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2e280100, 0x0)

13:05:21 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:21 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:21 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='rol\x00\xb1Q\xcdK\x8f\x998x\x02\x90\x00\xfe\xff\x00', 0xc8300, 0x0)
r1 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r2 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
r3 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0xb3)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000080)={<r4=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xe}}]}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000100)={r4, 0xa4f4}, 0x8)
setsockopt$inet_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000140)=@ccm_128={{}, "b0473422e10d5fe8", "27862050b1cc41fd11614cc28ae8922d", "eec19d1d", "cfea50ae40681acb"}, 0x28)

13:05:21 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:21 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:21 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2f280100, 0x0)

13:05:21 executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x11c102, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)

13:05:22 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x7}, 0x1c)

13:05:22 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1653.648792][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1653.655065][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1655.728805][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1655.734920][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1657.808756][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:05:32 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:05:32 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x30280100, 0x0)

13:05:32 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:32 executing program 4:
r0 = getuid()
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000000)={{{@in=@empty, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000100)=0xe8)
setreuid(r0, r2)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x80, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)

13:05:32 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:32 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x7}, 0x1c)

13:05:32 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:32 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:32 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x31280100, 0x0)

13:05:32 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:05:32 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:32 executing program 5:
syz_genetlink_get_family_id$fou(&(0x7f0000000000)='fou\x00')
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0xa11401, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:05:32 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:32 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000000)=0xffffffffffffffff)

13:05:32 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:32 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x3, 0x20000)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:05:32 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x32280100, 0x0)

[ 1662.800985][ T1556] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:05:33 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x7}, 0x1c)

13:05:33 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2, 0x0)

13:05:33 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:33 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x33280100, 0x0)

13:05:33 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
setsockopt$RDS_GET_MR(r2, 0x114, 0x2, &(0x7f00000001c0)={{&(0x7f0000000140)=""/18, 0x12}, &(0x7f0000000180)}, 0x20)
r3 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$DRM_IOCTL_GET_UNIQUE(r3, 0xc0106401, &(0x7f0000000100)={0xd9, &(0x7f0000000000)=""/217})
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
r5 = syz_open_dev$mice(&(0x7f0000000240)='/dev/input/mice\x00', 0x0, 0x502c0)
r6 = syz_genetlink_get_family_id$team(&(0x7f00000002c0)='team\x00')
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
clock_gettime(0x0, &(0x7f0000009900)={<r8=>0x0, <r9=>0x0})
recvmmsg(r7, &(0x7f0000001200)=[{{&(0x7f0000000800)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000880)=""/152, 0x98}, {&(0x7f0000000a00)=""/211, 0xd3}], 0x2, &(0x7f0000000fc0)=""/131, 0x83}, 0x2}, {{0x0, 0x0, &(0x7f0000000980), 0x0, &(0x7f0000000b00)=""/11, 0xb}, 0x8001}, {{&(0x7f0000001080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f00000011c0)=[{&(0x7f0000001100)=""/148, 0x94}], 0x1}, 0x5}], 0x3, 0x0, &(0x7f0000009940)={r8, r9+30000000})
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r12=>0x0})
bind$packet(r11, &(0x7f0000000040)={0x11, 0x0, r12}, 0x14)
r13 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r13, 0x10f, 0x87, 0x0, 0x0)
getsockname$packet(r13, &(0x7f0000000980)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x10)
sendmsg$nl_route_sched(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r14, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r15 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r15, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
getsockname$packet(r15, &(0x7f0000009980)={0x11, 0x0, <r16=>0x0}, &(0x7f00000099c0)=0x14)
r17 = socket$nl_route(0x10, 0x3, 0x0)
r18 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r18, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r19=>0x0})
bind$packet(r18, &(0x7f0000000040)={0x11, 0x0, r19}, 0x14)
getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r17, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r20, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000009a00)={'team0\x00', <r21=>r20})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000009a40)={{{@in=@dev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0}}, {{@in6=@initdev}, 0x0, @in=@empty}}, &(0x7f0000009b40)=0xe8)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x2c, &(0x7f0000009b80)={@rand_addr, <r23=>0x0}, &(0x7f0000009bc0)=0x14)
r24 = socket$nl_route(0x10, 0x3, 0x0)
r25 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r25, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r26=>0x0})
bind$packet(r25, &(0x7f0000000040)={0x11, 0x0, r26}, 0x14)
getsockname$packet(r25, &(0x7f0000000100)={0x11, 0x0, <r27=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r24, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000012c0)=ANY=[@ANYBLOB="04688bbaebf749c8a80000000c9500000000be466dec9bbf756f64e7aa9928c0f9d5f66ee739c200b99e2dee600d1761eee1274d1289f4657376cf18a9c167723a7c22d521612b203a844f0f28b089b484ea0913217379b116bf3d02309efa0253b03a1cf82a530b26b6d9324642247c8122e545da4dd8cf4bffb4449bfbd6d0a7ac2c1ea8c9ed2cdcbb9abe2576175cb569", @ANYRES32=r27, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008c5fe372bb758c6c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
r28 = socket$nl_route(0x10, 0x3, 0x0)
r29 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r29, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r30=>0x0})
bind$packet(r29, &(0x7f0000000040)={0x11, 0x0, r30}, 0x14)
getsockname$packet(r29, &(0x7f0000000100)={0x11, 0x0, <r31=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r28, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0420001e69dfc80000f100e1ffffffffffffff00006a6b5201c05cc61c1cd6d33235b196474616067e4c8e8651da70af8ed657efdfd70bfc034b17adbd06b52d229fe4c9feeddcbe106df18531463ef9f4d325eaa8502e712da31eb90bf8138a36ffd013d3c93078740b5cf4ad7d811de511efbdb33c3f612e60cd16083341c6dd581578b7375eaf94e5006ffa8ad2e9292a39360d0631277ecc351ab5c18dc9a240069bff9d4d7b4d1de12f2262f613be059408150bb4e8046f0e0c70c7d68469fa57", @ANYRES32=r31, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0)
sendmsg$TEAM_CMD_PORT_LIST_GET(r5, &(0x7f0000009e40)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000009e00)={&(0x7f0000009c00)={0x1d8, r6, 0x800, 0x70bd29, 0x25dfdbff, {}, [{{0x8}, {0x80, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r14}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r16}}}]}}, {{0x8, 0x1, r21}, {0x134, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8}}, {0x8, 0x6, r22}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r23}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r27}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r31}}}]}}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x80}, 0x4080)
sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0)
r32 = socket$packet(0x11, 0x2, 0x300)
connect$l2tp(r4, &(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, r32, 0x1, 0x2, 0x2, 0x0, {0xa, 0x4e23, 0x9, @rand_addr="6cedbce6c1a9096a0ffefcff9d34f2d4", 0x712}}}, 0x3a)

13:05:33 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3, 0x0)

13:05:33 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket(0x11, 0xa, 0x1)
getpeername$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000040)=0x9)

13:05:33 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:33 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0)

13:05:33 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x34280100, 0x0)

[ 1664.928825][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1664.935057][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1667.018744][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1667.025268][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1669.088817][   T12] Bluetooth: hci0: command 0x1009 tx timeout
13:05:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000280)='/dev/usbmon#\x00', 0x0, 0x800)
preadv(r1, &(0x7f0000000400)=[{&(0x7f00000002c0)=""/218, 0xda}], 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x13)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40000, 0x4)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000000))
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x3, 0x5f2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000440], 0x0, &(0x7f0000000040), &(0x7f0000000ac0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000100000010000000888465716c0000000000000000000000000069705f767469300000000000000000006270713000000000000000000000000069706464703000000000000000000000000000000000ffff00007f00aaaaaaaaaa20ffffff007f000e0100008e01000006020000737470000000000000000000000000000000000000000000000000000000000048000000000000000300000006007f00b50e0000000000000080ff00ff00000008000000ff030000ff010100aaaaaaaaaaaa00ff007f00ff4e224e2308000800050002000600010009000700020300003830325f330000000000000000000000000000000000000000000000000000000800000000000000dc00000801020000434f4e4e5345434d41524b000000000000000000000000000000000000000000080000000000000002000000000000006c6f6700000000000000000000000000000000000000000000000000000000002800000000000000077ca304c14c2c5a064a80b3e459fd03fa2ac50cae6fb9af0e36c7efbfda470004000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000a80000000100010100000000ba71ba3228aae11452f80961904f32f19dc860c983efa064878af3afd1d96afce12eae191068b562d2a788f4915781a31f2dcbd27ad6aca9591ad6e4514a01eb0000000011000000240000000f0e76657468305f746f5f7465616d0000006e6c6d6f6e300000000000000000000065716c000000000000000000000000006272696467655f736c6176655f310000aaaaaaaaaaaafdff81000001ffffffffffff000000ff00fff6000000260100005e0100006c696d6974000000000000000000000000000000000000000000000000000000200000000000000005000000640400000800000000000000c9000000c0ffffff0080000000000000737461746973746963000000000000000000000000000000000000000000000018000000000000000100000005000000000001000400000008000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000002000000000000006d61726b000000000000000000000000000000000000000000000000000000001000000000000000d0ffffff00000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff010000000300000001000000001a67726574617030000000000000000000626f6e6430000000000000000000000068737230000000000000000000000000626f6e645f736c6176655f300000000004b4479d8f8f00ff00ff000000000000000000ff00ffff24ce000000ce000000fe01000073746174650000000000000000000000000000000000000000000000000000000800000000000000ffffff7f00000000636f6e6e6c6162656c0000000000000000000000000000000000000000000000080000000000000006000300000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000003f00000073797374656d5f753a6f626a6563745f723a6370755f6465766963655f743a7330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005b9c4b4a16f59c95f56ed11613c8ba2b155ca13721854a6137ac0b0f7fc4d674aa9421091a34fef7af338ab1aa637422a40cc3f0a63818e5574d10c715fbc34c407605ca7a4daed0dabbb328fcd09bf26c9d944d4167fa6fd7475e25040c1775ca6a39bf7e159c6bf5a82221c8e24b84c68e351cfaa2c0d6e591e504168f4418d69c9339a00d2bbe43bc5e56a887"]}, 0x6f8)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:05:43 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x5, 0x0)

13:05:43 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0xc20000, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x406, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
pipe(&(0x7f00000000c0))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$KVM_GET_PIT(r6, 0xc048ae65, &(0x7f0000000000))

13:05:43 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:43 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x35280100, 0x0)

13:05:43 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, 0x7}, 0x1c)

13:05:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
prctl$PR_SET_FPEMU(0xa, 0x2)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0x4, 0x7, 0x1, 0x10001, 0x5, 0x3f, 0x2, 0x1, 0x7, 0x4, 0x3, 0x8000})

13:05:43 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6, 0x0)

13:05:43 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:05:43 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x36280100, 0x0)

13:05:43 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:43 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x7, 0x0)

[ 1673.410417][ T1840] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:05:43 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:05:43 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x8, 0x0)

13:05:43 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:43 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x37280100, 0x0)

13:05:43 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:05:44 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x300, 0x0)

[ 1675.488937][T18149] Bluetooth: hci0: command 0x1003 tx timeout
[ 1675.495139][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1677.568739][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1677.574841][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1679.648803][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:05:54 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SG_GET_TIMEOUT(r2, 0x2202, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:05:54 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x500, 0x0)

13:05:54 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:54 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:05:54 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x7}, 0x1c)

13:05:54 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x38280100, 0x0)

13:05:54 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:05:54 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x600, 0x0)

[ 1684.092701][ T1887] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:05:54 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
r4 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:05:54 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x39280100, 0x0)

13:05:54 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x700, 0x0)

13:05:54 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1686.208934][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1686.215053][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1688.288915][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1688.295045][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1690.368908][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:06:04 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x8)
r1 = socket(0x1e, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@ipv4={[], [], @empty}, 0x3, 0x1, 0x1, 0x8, 0x9, 0xfff}, &(0x7f00000000c0)=0x20)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:06:04 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:04 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3f00, 0x0)

13:06:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3a280100, 0x0)

13:06:04 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:04 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x7}, 0x1c)

13:06:04 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4000, 0x0)

13:06:04 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:04 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:04 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xff00, 0x0)

13:06:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3b280100, 0x0)

13:06:04 executing program 5:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200000, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000100)={0x0, 0x9, 0x3, [], &(0x7f00000000c0)=0x1})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)

13:06:04 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:04 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xfeffff, 0x0)

13:06:04 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:04 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3c280100, 0x0)

[ 1694.629780][ T1945] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:06:04 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, 0x7}, 0x1c)

13:06:05 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1000000, 0x0)

13:06:05 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:05 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:05 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3d280100, 0x0)

13:06:05 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1696.698733][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1696.704859][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1698.778746][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1698.784870][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1700.858733][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:06:15 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3e280100, 0x0)

13:06:15 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:15 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2000000, 0x0)

13:06:15 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:15 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48]}, 0x7}, 0x1c)

13:06:15 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KDADDIO(r0, 0x400455c8, 0x62)

13:06:15 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:15 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3000000, 0x0)

13:06:15 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:15 executing program 5:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1)

13:06:15 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3f000000, 0x0)

13:06:15 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4000000, 0x0)

13:06:15 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:15 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:15 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x4)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x111, 0x9}}, 0x20)
r4 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'\x86yz'}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, r4)
r5 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'\x86yz'}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, r5)
r6 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'\x86yz'}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, r6)
keyctl$KEYCTL_MOVE(0x1e, r4, r5, r6, 0x0)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f0000000240)={0xb, 0x10, 0xfa00, {&(0x7f0000000100), r3, 0x3}}, 0x18)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x10)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:06:15 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3f280100, 0x0)

[ 1705.542617][ T2013] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:06:16 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c]}, 0x7}, 0x1c)

13:06:16 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x5000000, 0x0)

13:06:16 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:16 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x40000000, 0x0)

13:06:16 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x6000000, 0x0)

13:06:16 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:16 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:16 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x40280100, 0x0)

13:06:16 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x7000000, 0x0)

[ 1707.648786][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1707.654990][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1709.728779][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1709.734891][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1711.808750][   T22] Bluetooth: hci0: command 0x1009 tx timeout
13:06:26 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xb)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:06:26 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x8000000, 0x0)

13:06:26 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:26 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:26 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x410f0000, 0x0)

13:06:26 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c]}, 0x7}, 0x1c)

13:06:26 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x3f000000, 0x0)

13:06:26 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:26 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:26 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x40000000, 0x0)

13:06:26 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x41280100, 0x0)

13:06:26 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x164480, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000000))

13:06:26 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:26 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xf6ffffff, 0x0)

13:06:26 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x42280100, 0x0)

13:06:26 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:26 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:26 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68]}, 0x7}, 0x1c)

13:06:26 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xff000000, 0x0)

13:06:26 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x2)
close(r1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:06:26 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x43280100, 0x0)

13:06:26 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:26 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:27 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:27 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xfffffe00, 0x0)

13:06:27 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f00000000c0)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, 0x8)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:06:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x44280100, 0x0)

13:06:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1717.207887][ T2129] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:06:27 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, 0x7}, 0x1c)

13:06:27 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xfffffff6, 0x0)

13:06:27 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000340)={0x7, 0x0, 0x7ff, 0xfff, 0x2, 0x4})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:27 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x45280100, 0x0)

13:06:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:27 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:28 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x1000000000000, 0x0)

13:06:28 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:28 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

[ 1719.248758][T18189] Bluetooth: hci0: command 0x1003 tx timeout
[ 1719.254882][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1721.328781][T18189] Bluetooth: hci0: command 0x1001 tx timeout
[ 1721.334894][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1723.409038][T18189] Bluetooth: hci0: command 0x1009 tx timeout
13:06:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r2, 0x4020565b, &(0x7f0000000380)={0x8001002, 0x8, 0x3})
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10)
recvmsg$can_raw(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000003c0)=""/114, 0x72}, {&(0x7f0000000440)=""/238, 0xee}, {&(0x7f0000000540)=""/126, 0x7e}, {&(0x7f0000000700)=""/212, 0xd4}], 0x4, &(0x7f0000000280)=""/144, 0x90}, 0x10202)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

13:06:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x46280100, 0x0)

13:06:37 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:37 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xfeffff00000000, 0x0)

13:06:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:37 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74]}, 0x7}, 0x1c)

[ 1727.623506][ T2179] debugfs: Directory 'hci0' with parent 'bluetooth' already present!
13:06:37 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x100000000000000, 0x0)

13:06:37 executing program 0:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x47280100, 0x0)

13:06:37 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x3100, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_interrupt={0x1, {0x1}, 0x2, 0x611c0f7dd373b9ce, &(0x7f0000000040)="4864b0cd8880bc410f49f0f7d24d71be6ab03811a24f7835ec16a825c447e7ddf7c17c1f41d9cd6e59b275c6f1aeccfa6450ee3e64057d93062c6eac0f98c4b0a97baf229e62e3831a4e0f7a3d630a597ae4eee4460048f24bbace400c97b2e92c5e8676aba765ded067ca71a1397451d9a8bd04c77d5ab125f98c633696486ebfecda5b55cb31241b19f5a68e28cdd818b24a057f77864ed6f7fc41f1992bfd94d90f2d39a2bb9ce09c5f81431611e107e9d61dec34a33500d5539f37f2e5f01f22a288", 0xc4, 0x3, 0x5, 0x0, 0x8, 0x401, &(0x7f0000000140)="10e51b2ad6cc75cf354e4d3fc904992de73d6210c319732db5195c16d08492a116447a1a35724fb7a505e3b14fc090de8e03892c6e4c0eff9ff92e972d0f65e74fffa0f78b92170cab25ad53cbefc9d4f5d48ea1bdf714bf88c114c068f9b2827481d56350df8402310faf60e3d118abd083d7279c566755b89b620e39986bd63d2ef65f2b6105bafca206e6007405"})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000240)={0x10001, "a178dc98145d1ab22c915b863921a0eb2faa2a5de1823bbf31743128f41f0af8", 0x1, 0x100, 0x7fffffff, 0x400, 0x17, 0x4, 0x18, 0xffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000002c0)={{0x5, 0x69}, 0x1, 0x800, 0xa171, {0x4, 0x4}, 0x0, 0x4})
socket(0x1e, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

13:06:37 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)

13:06:37 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x200000000000000, 0x0)

13:06:37 executing program 3:
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x300000000000000, 0x0)

[ 1727.932238][T13437] Bluetooth: Error in BCSP hdr checksum
[ 1728.189124][   T21] Bluetooth: Error in BCSP hdr checksum
[ 1729.728843][   T22] Bluetooth: hci0: command 0x1003 tx timeout
[ 1729.736150][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1731.808858][   T22] Bluetooth: hci0: command 0x1001 tx timeout
[ 1731.814971][T12958] Bluetooth: hci0: sending frame failed (-49)
[ 1733.888872][   T22] Bluetooth: hci0: command 0x1009 tx timeout
[ 1737.731388][ T2172] ==================================================================
[ 1737.739723][ T2172] BUG: KASAN: use-after-free in kfree_skb+0x38/0x3c0
[ 1737.746647][ T2172] Read of size 4 at addr ffff8880a76735d4 by task syz-executor.5/2172
[ 1737.754803][ T2172] 
[ 1737.757153][ T2172] CPU: 0 PID: 2172 Comm: syz-executor.5 Not tainted 5.4.0-rc8-syzkaller #0
[ 1737.765730][ T2172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1737.775780][ T2172] Call Trace:
[ 1737.779076][ T2172]  dump_stack+0x197/0x210
[ 1737.783407][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1737.787743][ T2172]  print_address_description.constprop.0.cold+0xd4/0x30b
[ 1737.794768][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1737.799100][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1737.803432][ T2172]  __kasan_report.cold+0x1b/0x41
[ 1737.808372][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1737.812704][ T2172]  kasan_report+0x12/0x20
[ 1737.817037][ T2172]  check_memory_region+0x134/0x1a0
[ 1737.822151][ T2172]  __kasan_check_read+0x11/0x20
[ 1737.827003][ T2172]  kfree_skb+0x38/0x3c0
[ 1737.831161][ T2172]  bcsp_close+0xc7/0x130
[ 1737.835407][ T2172]  hci_uart_tty_close+0x21e/0x280
[ 1737.840429][ T2172]  ? hci_uart_close+0x50/0x50
[ 1737.845111][ T2172]  tty_ldisc_close.isra.0+0x119/0x1a0
[ 1737.850487][ T2172]  tty_ldisc_kill+0x9c/0x160
[ 1737.855081][ T2172]  tty_ldisc_release+0xe9/0x2b0
[ 1737.859938][ T2172]  tty_release_struct+0x1b/0x50
[ 1737.864789][ T2172]  tty_release+0xbcb/0xe90
[ 1737.869322][ T2172]  __fput+0x2ff/0x890
[ 1737.873319][ T2172]  ? put_tty_driver+0x20/0x20
[ 1737.878026][ T2172]  ____fput+0x16/0x20
[ 1737.882017][ T2172]  task_work_run+0x145/0x1c0
[ 1737.886618][ T2172]  exit_to_usermode_loop+0x316/0x380
[ 1737.891915][ T2172]  do_syscall_64+0x65f/0x760
[ 1737.896512][ T2172]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1737.902403][ T2172] RIP: 0033:0x4141d1
[ 1737.906301][ T2172] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1737.925900][ T2172] RSP: 002b:0000000000a6fbf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1737.934311][ T2172] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004141d1
[ 1737.942284][ T2172] RDX: 0000001b31120000 RSI: 0000000000000c49 RDI: 0000000000000003
[ 1737.950254][ T2172] RBP: 0000000000000001 R08: 00000000f6e84c4c R09: ffffffffffffffff
[ 1737.958225][ T2172] R10: 0000000000a6fcd0 R11: 0000000000000293 R12: 000000000075c9a0
[ 1737.966199][ T2172] R13: 000000000075c9a0 R14: 0000000000760960 R15: 000000000075bfd4
[ 1737.974272][ T2172] 
[ 1737.976597][ T2172] Allocated by task 21:
[ 1737.980755][ T2172]  save_stack+0x23/0x90
[ 1737.985175][ T2172]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1737.990807][ T2172]  kasan_slab_alloc+0xf/0x20
[ 1737.995392][ T2172]  kmem_cache_alloc_node+0x138/0x740
[ 1738.000675][ T2172]  __alloc_skb+0xd5/0x5e0
[ 1738.005011][ T2172]  bcsp_recv+0x8c1/0x13a0
[ 1738.009336][ T2172]  hci_uart_tty_receive+0x279/0x6e0
[ 1738.014533][ T2172]  tty_ldisc_receive_buf+0x15f/0x1c0
[ 1738.019820][ T2172]  tty_port_default_receive_buf+0x7d/0xb0
[ 1738.025537][ T2172]  flush_to_ldisc+0x222/0x390
[ 1738.030215][ T2172]  process_one_work+0x9af/0x1740
[ 1738.035154][ T2172]  worker_thread+0x98/0xe40
[ 1738.039671][ T2172]  kthread+0x361/0x430
[ 1738.043737][ T2172]  ret_from_fork+0x24/0x30
[ 1738.048144][ T2172] 
[ 1738.050470][ T2172] Freed by task 21:
[ 1738.054273][ T2172]  save_stack+0x23/0x90
[ 1738.058424][ T2172]  __kasan_slab_free+0x102/0x150
[ 1738.063360][ T2172]  kasan_slab_free+0xe/0x10
[ 1738.067860][ T2172]  kmem_cache_free+0x86/0x320
[ 1738.072538][ T2172]  kfree_skbmem+0xc5/0x150
[ 1738.076952][ T2172]  kfree_skb+0x109/0x3c0
[ 1738.081195][ T2172]  bcsp_recv+0x2d8/0x13a0
[ 1738.085525][ T2172]  hci_uart_tty_receive+0x279/0x6e0
[ 1738.090723][ T2172]  tty_ldisc_receive_buf+0x15f/0x1c0
[ 1738.096005][ T2172]  tty_port_default_receive_buf+0x7d/0xb0
[ 1738.101729][ T2172]  flush_to_ldisc+0x222/0x390
[ 1738.106405][ T2172]  process_one_work+0x9af/0x1740
[ 1738.111343][ T2172]  worker_thread+0x98/0xe40
[ 1738.115847][ T2172]  kthread+0x361/0x430
[ 1738.120061][ T2172]  ret_from_fork+0x24/0x30
[ 1738.124471][ T2172] 
[ 1738.126808][ T2172] The buggy address belongs to the object at ffff8880a7673500
[ 1738.126808][ T2172]  which belongs to the cache skbuff_head_cache of size 224
[ 1738.141387][ T2172] The buggy address is located 212 bytes inside of
[ 1738.141387][ T2172]  224-byte region [ffff8880a7673500, ffff8880a76735e0)
[ 1738.154661][ T2172] The buggy address belongs to the page:
[ 1738.160301][ T2172] page:ffffea00029d9cc0 refcount:1 mapcount:0 mapping:ffff8880a9a44e00 index:0x0
[ 1738.169410][ T2172] raw: 01fffc0000000200 ffffea0002792648 ffffea00028f82c8 ffff8880a9a44e00
[ 1738.178011][ T2172] raw: 0000000000000000 ffff8880a7673000 000000010000000c 0000000000000000
[ 1738.186585][ T2172] page dumped because: kasan: bad access detected
[ 1738.192989][ T2172] 
[ 1738.195311][ T2172] Memory state around the buggy address:
[ 1738.200936][ T2172]  ffff8880a7673480: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[ 1738.208993][ T2172]  ffff8880a7673500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1738.217052][ T2172] >ffff8880a7673580: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1738.225111][ T2172]                                                  ^
[ 1738.231779][ T2172]  ffff8880a7673600: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 1738.239838][ T2172]  ffff8880a7673680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1738.247892][ T2172] ==================================================================
[ 1738.255943][ T2172] Disabling lock debugging due to kernel taint
[ 1738.263271][ T2172] Kernel panic - not syncing: panic_on_warn set ...
[ 1738.269888][ T2172] CPU: 0 PID: 2172 Comm: syz-executor.5 Tainted: G    B             5.4.0-rc8-syzkaller #0
[ 1738.279861][ T2172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1738.289930][ T2172] Call Trace:
[ 1738.293233][ T2172]  dump_stack+0x197/0x210
[ 1738.297569][ T2172]  panic+0x2e3/0x75c
[ 1738.301462][ T2172]  ? add_taint.cold+0x16/0x16
[ 1738.306140][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1738.310475][ T2172]  ? preempt_schedule+0x4b/0x60
[ 1738.315323][ T2172]  ? ___preempt_schedule+0x16/0x20
[ 1738.320430][ T2172]  ? trace_hardirqs_on+0x5e/0x240
[ 1738.325456][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1738.329784][ T2172]  end_report+0x47/0x4f
[ 1738.333938][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1738.338264][ T2172]  __kasan_report.cold+0xe/0x41
[ 1738.343114][ T2172]  ? kfree_skb+0x38/0x3c0
[ 1738.347461][ T2172]  kasan_report+0x12/0x20
[ 1738.351791][ T2172]  check_memory_region+0x134/0x1a0
[ 1738.356899][ T2172]  __kasan_check_read+0x11/0x20
[ 1738.361745][ T2172]  kfree_skb+0x38/0x3c0
[ 1738.365988][ T2172]  bcsp_close+0xc7/0x130
[ 1738.370233][ T2172]  hci_uart_tty_close+0x21e/0x280
[ 1738.375258][ T2172]  ? hci_uart_close+0x50/0x50
[ 1738.379933][ T2172]  tty_ldisc_close.isra.0+0x119/0x1a0
[ 1738.385306][ T2172]  tty_ldisc_kill+0x9c/0x160
[ 1738.389896][ T2172]  tty_ldisc_release+0xe9/0x2b0
[ 1738.394746][ T2172]  tty_release_struct+0x1b/0x50
[ 1738.399596][ T2172]  tty_release+0xbcb/0xe90
[ 1738.404015][ T2172]  __fput+0x2ff/0x890
[ 1738.407995][ T2172]  ? put_tty_driver+0x20/0x20
[ 1738.412668][ T2172]  ____fput+0x16/0x20
[ 1738.416650][ T2172]  task_work_run+0x145/0x1c0
[ 1738.421245][ T2172]  exit_to_usermode_loop+0x316/0x380
[ 1738.426530][ T2172]  do_syscall_64+0x65f/0x760
[ 1738.431122][ T2172]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1738.437010][ T2172] RIP: 0033:0x4141d1
[ 1738.440903][ T2172] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1738.460501][ T2172] RSP: 002b:0000000000a6fbf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1738.468906][ T2172] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004141d1
[ 1738.476875][ T2172] RDX: 0000001b31120000 RSI: 0000000000000c49 RDI: 0000000000000003
[ 1738.484841][ T2172] RBP: 0000000000000001 R08: 00000000f6e84c4c R09: ffffffffffffffff
[ 1738.492809][ T2172] R10: 0000000000a6fcd0 R11: 0000000000000293 R12: 000000000075c9a0
[ 1738.500776][ T2172] R13: 000000000075c9a0 R14: 0000000000760960 R15: 000000000075bfd4
[ 1738.510200][ T2172] Kernel Offset: disabled
[ 1738.514527][ T2172] Rebooting in 86400 seconds..