V_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved})
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = socket(0x1, 0x4, 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'})
sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x4c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c1}, 0x0)

18:28:45 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x200800)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f0000000040)={0x36, 0x0, 0x1013, 0x1, 0x20, {0x5, 0x1}, 0x1})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:45 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffd)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x3)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:45 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x6, 0x74b2, 0xe2d6, 0x3, 0x7c, "25c04a1bab4f1144f8e338cf9b50b1dc53f9eb"}) (async, rerun: 64)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000080)=0x4)
r2 = epoll_create1(0x0)
timerfd_create(0x6, 0x100800) (async)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, 0xffffffffffffffff)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:45 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x200800)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f0000000040)={0x36, 0x0, 0x1013, 0x1, 0x20, {0x5, 0x1}, 0x1})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x200800) (async)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f0000000040)={0x36, 0x0, 0x1013, 0x1, 0x20, {0x5, 0x1}, 0x1}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:45 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffd)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x3)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffd) (async)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x3) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)

18:28:45 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x8000200b})

18:28:45 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000)
timerfd_gettime(r3, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f0000000180)={0x1, &(0x7f0000000340)=[{}]})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_OVERLAY(r5, 0x4004560e, &(0x7f0000000140)=0xfffffff9)
timerfd_gettime(r4, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000400))
ioctl$VIDIOC_S_JPEGCOMP(r6, 0x408c563e, &(0x7f0000000080)={0x5, 0x0, 0x30, "14a55e4cacdec2a42612881af9a1aed7fb4b24d82aec02c92ab43dc85a983ccd4251849f1cf5b0f318454a1a13951b1219fefa68aa3d86220efb50be", 0x0, "95a34d5eee2dce8650f1691cff8eb1286125e3c81f73c1c6116b866b99230940f66437a6fc99e5d4ca42252c9b3657807355ecd601ad3e5d602ce7ba", 0xa8})
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f00000002c0)={0x6, "2f319384b542986cd3ba4b23f46d3da4e0cb0b656847af42944240dab2573c7e", 0x1, 0x9, 0x9, 0x1, 0x2})

18:28:46 executing program 1:
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000180)=@multiplanar_overlay={0x400, 0xb, 0x4, 0x40, 0xd5e4, {}, {0x3, 0x8, 0x98, 0x0, 0xac, 0xc6, "a628fa68"}, 0x4, 0x3, {&(0x7f0000000100)=[{0x2, 0x8, {0x1}, 0x92}, {0x80000000, 0x2d7, {0x2}, 0x6}]}, 0x8}) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r2, &(0x7f0000000000), 0x8)

18:28:46 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffd)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x3)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async, rerun: 32)
r2 = epoll_create1(0x0) (rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:46 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0))
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved})
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = socket(0x1, 0x4, 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'})
sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x4c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c1}, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)) (async)
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
socket(0x1, 0x4, 0x3) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'}) (async)
sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x4c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c1}, 0x0) (async)

18:28:46 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x8000200b})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x8000200b}) (async)

18:28:46 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x200800)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f0000000040)={0x36, 0x0, 0x1013, 0x1, 0x20, {0x5, 0x1}, 0x1})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x200800) (async)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f0000000040)={0x36, 0x0, 0x1013, 0x1, 0x20, {0x5, 0x1}, 0x1}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:46 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000) (rerun: 32)
timerfd_gettime(r3, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f0000000180)={0x1, &(0x7f0000000340)=[{}]})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r5, 0x0) (async)
ioctl$VIDIOC_OVERLAY(r5, 0x4004560e, &(0x7f0000000140)=0xfffffff9) (async)
timerfd_gettime(r4, 0x0) (async, rerun: 32)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) (rerun: 32)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000400)) (async, rerun: 32)
ioctl$VIDIOC_S_JPEGCOMP(r6, 0x408c563e, &(0x7f0000000080)={0x5, 0x0, 0x30, "14a55e4cacdec2a42612881af9a1aed7fb4b24d82aec02c92ab43dc85a983ccd4251849f1cf5b0f318454a1a13951b1219fefa68aa3d86220efb50be", 0x0, "95a34d5eee2dce8650f1691cff8eb1286125e3c81f73c1c6116b866b99230940f66437a6fc99e5d4ca42252c9b3657807355ecd601ad3e5d602ce7ba", 0xa8}) (async, rerun: 32)
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f00000002c0)={0x6, "2f319384b542986cd3ba4b23f46d3da4e0cb0b656847af42944240dab2573c7e", 0x1, 0x9, 0x9, 0x1, 0x2})

18:28:46 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
select(0x40, &(0x7f0000000080)={0x6, 0x1, 0x210, 0x3ff, 0x2, 0x7fffffff, 0x3, 0x1}, &(0x7f00000000c0)={0x8, 0xffffffff, 0x6, 0x8000000000000000, 0x5e4, 0x8, 0x0, 0x4ba}, &(0x7f0000000100)={0x6, 0x100000001, 0x0, 0xd60b, 0x80, 0x3, 0x5, 0x1}, &(0x7f0000000140))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:46 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x8000200b})

18:28:46 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
select(0x40, &(0x7f0000000080)={0x6, 0x1, 0x210, 0x3ff, 0x2, 0x7fffffff, 0x3, 0x1}, &(0x7f00000000c0)={0x8, 0xffffffff, 0x6, 0x8000000000000000, 0x5e4, 0x8, 0x0, 0x4ba}, &(0x7f0000000100)={0x6, 0x100000001, 0x0, 0xd60b, 0x80, 0x3, 0x5, 0x1}, &(0x7f0000000140))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
select(0x40, &(0x7f0000000080)={0x6, 0x1, 0x210, 0x3ff, 0x2, 0x7fffffff, 0x3, 0x1}, &(0x7f00000000c0)={0x8, 0xffffffff, 0x6, 0x8000000000000000, 0x5e4, 0x8, 0x0, 0x4ba}, &(0x7f0000000100)={0x6, 0x100000001, 0x0, 0xd60b, 0x80, 0x3, 0x5, 0x1}, &(0x7f0000000140)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:46 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
syz_open_dev$vivid(&(0x7f00000000c0), 0x2, 0x2)
r2 = syz_open_dev$vivid(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_SUBDEV_G_CROP(r2, 0xc038563b, &(0x7f0000000080)={0x1, 0x0, {0xc0c, 0x6, 0x8000, 0x4}})
pipe2(&(0x7f0000000000), 0x8c000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
getresgid(&(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140), &(0x7f00000001c0))
getresgid(&(0x7f0000000200)=<r4=>0x0, &(0x7f0000000240), &(0x7f0000000280))
getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=<r5=>0x0)
setgroups(0x6, &(0x7f0000000380)=[0xee01, r3, r4, r5, 0xffffffffffffffff, 0xffffffffffffffff])

18:28:46 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)) (async)
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved})
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r1 = socket(0x1, 0x4, 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'}) (async)
sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x4c, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c1}, 0x0)

18:28:46 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
select(0x40, &(0x7f0000000080)={0x6, 0x1, 0x210, 0x3ff, 0x2, 0x7fffffff, 0x3, 0x1}, &(0x7f00000000c0)={0x8, 0xffffffff, 0x6, 0x8000000000000000, 0x5e4, 0x8, 0x0, 0x4ba}, &(0x7f0000000100)={0x6, 0x100000001, 0x0, 0xd60b, 0x80, 0x3, 0x5, 0x1}, &(0x7f0000000140)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async, rerun: 64)
r1 = epoll_create1(0x0) (rerun: 64)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
syz_open_dev$vivid(&(0x7f00000000c0), 0x2, 0x2)
r2 = syz_open_dev$vivid(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_SUBDEV_G_CROP(r2, 0xc038563b, &(0x7f0000000080)={0x1, 0x0, {0xc0c, 0x6, 0x8000, 0x4}})
pipe2(&(0x7f0000000000), 0x8c000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
getresgid(&(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140), &(0x7f00000001c0))
getresgid(&(0x7f0000000200)=<r4=>0x0, &(0x7f0000000240), &(0x7f0000000280))
getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=<r5=>0x0)
setgroups(0x6, &(0x7f0000000380)=[0xee01, r3, r4, r5, 0xffffffffffffffff, 0xffffffffffffffff])
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
syz_open_dev$vivid(&(0x7f00000000c0), 0x2, 0x2) (async)
syz_open_dev$vivid(&(0x7f0000000040), 0x2, 0x2) (async)
ioctl$VIDIOC_SUBDEV_G_CROP(r2, 0xc038563b, &(0x7f0000000080)={0x1, 0x0, {0xc0c, 0x6, 0x8000, 0x4}}) (async)
pipe2(&(0x7f0000000000), 0x8c000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
getresgid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f00000001c0)) (async)
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)) (async)
getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)) (async)
setgroups(0x6, &(0x7f0000000380)=[0xee01, r3, r4, r5, 0xffffffffffffffff, 0xffffffffffffffff]) (async)

18:28:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_pts(r0, 0x5010c0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f00000000c0)={0x26, 0xfff8, 0x401})
r3 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x427)
ioctl$TIOCSRS485(r3, 0x542f, &(0x7f0000000080)={0x0, 0x2})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0xfff7, 0x8})
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000100)={0x7, 0x2, 0xd1c451})

18:28:47 executing program 0:
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44a0a8ea3a80026c}, 0x4000040)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))

18:28:47 executing program 2:
ptrace$cont(0x9, 0x0, 0x0, 0x9)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x51f, 0x2000)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x0, "58d3689ecdd4640f0a6727a21b4bd86d84a0be93f5a8deb717558b77fb609c03", 0x2})

18:28:47 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000)
timerfd_gettime(r3, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f0000000180)={0x1, &(0x7f0000000340)=[{}]}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0) (async, rerun: 32)
ioctl$VIDIOC_OVERLAY(r5, 0x4004560e, &(0x7f0000000140)=0xfffffff9) (async, rerun: 32)
timerfd_gettime(r4, 0x0) (async)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000400))
ioctl$VIDIOC_S_JPEGCOMP(r6, 0x408c563e, &(0x7f0000000080)={0x5, 0x0, 0x30, "14a55e4cacdec2a42612881af9a1aed7fb4b24d82aec02c92ab43dc85a983ccd4251849f1cf5b0f318454a1a13951b1219fefa68aa3d86220efb50be", 0x0, "95a34d5eee2dce8650f1691cff8eb1286125e3c81f73c1c6116b866b99230940f66437a6fc99e5d4ca42252c9b3657807355ecd601ad3e5d602ce7ba", 0xa8}) (async)
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f00000002c0)={0x6, "2f319384b542986cd3ba4b23f46d3da4e0cb0b656847af42944240dab2573c7e", 0x1, 0x9, 0x9, 0x1, 0x2})

18:28:47 executing program 1:
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x40)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000300))
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket(0x6, 0x800, 0x7092)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
socket(0x28, 0xa, 0x3)
connect$bt_sco(r1, &(0x7f0000000200), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f0000000100)=""/190, &(0x7f00000001c0)=0xbe)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f00000002c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, 0x0, 0xe, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0c00a1}, 0x4000010)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000080)={0x0, 0x4, 0x5, '\x00', &(0x7f0000000000)=0x81})

18:28:47 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r1, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x1}, @IEEE802154_ATTR_LBT_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x80)
r2 = syz_open_dev$vivid(&(0x7f0000000140), 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x4, 0xc4, 0x72780406, 0x2, 0x6, 0x80, 0x4, 0xfffffff9, 0x1, 0x3, 0x2, 0x5}})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x7}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44085}, 0xc011)

18:28:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_pts(r0, 0x5010c0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f00000000c0)={0x26, 0xfff8, 0x401})
r3 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x427)
ioctl$TIOCSRS485(r3, 0x542f, &(0x7f0000000080)={0x0, 0x2})
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0xfff7, 0x8})
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000100)={0x7, 0x2, 0xd1c451})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
syz_open_pts(r0, 0x5010c0) (async)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f00000000c0)={0x26, 0xfff8, 0x401}) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x427) (async)
ioctl$TIOCSRS485(r3, 0x542f, &(0x7f0000000080)={0x0, 0x2}) (async)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0xfff7, 0x8}) (async)
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000100)={0x7, 0x2, 0xd1c451}) (async)

18:28:47 executing program 1:
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x40)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000300))
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket(0x6, 0x800, 0x7092)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
socket(0x28, 0xa, 0x3)
connect$bt_sco(r1, &(0x7f0000000200), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f0000000100)=""/190, &(0x7f00000001c0)=0xbe)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f00000002c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, 0x0, 0xe, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0c00a1}, 0x4000010)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000080)={0x0, 0x4, 0x5, '\x00', &(0x7f0000000000)=0x81})
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x40) (async)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000300)) (async)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket(0x6, 0x800, 0x7092) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
socket(0x28, 0xa, 0x3) (async)
connect$bt_sco(r1, &(0x7f0000000200), 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f0000000100)=""/190, &(0x7f00000001c0)=0xbe) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f00000002c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, 0x0, 0xe, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0c00a1}, 0x4000010) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000080)={0x0, 0x4, 0x5, '\x00', &(0x7f0000000000)=0x81}) (async)

18:28:47 executing program 0:
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44a0a8ea3a80026c}, 0x4000040)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44a0a8ea3a80026c}, 0x4000040) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async)

18:28:47 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0) (async)
syz_open_dev$vivid(&(0x7f00000000c0), 0x2, 0x2)
r2 = syz_open_dev$vivid(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_SUBDEV_G_CROP(r2, 0xc038563b, &(0x7f0000000080)={0x1, 0x0, {0xc0c, 0x6, 0x8000, 0x4}}) (async)
pipe2(&(0x7f0000000000), 0x8c000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
getresgid(&(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140), &(0x7f00000001c0)) (async)
getresgid(&(0x7f0000000200)=<r4=>0x0, &(0x7f0000000240), &(0x7f0000000280)) (async)
getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=<r5=>0x0)
setgroups(0x6, &(0x7f0000000380)=[0xee01, r3, r4, r5, 0xffffffffffffffff, 0xffffffffffffffff])

18:28:47 executing program 1:
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x40)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000300)) (async)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket(0x6, 0x800, 0x7092) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
socket(0x28, 0xa, 0x3) (async)
connect$bt_sco(r1, &(0x7f0000000200), 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f0000000100)=""/190, &(0x7f00000001c0)=0xbe) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f00000002c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, 0x0, 0xe, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0c00a1}, 0x4000010) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000080)={0x0, 0x4, 0x5, '\x00', &(0x7f0000000000)=0x81})

18:28:47 executing program 0:
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44a0a8ea3a80026c}, 0x4000040)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44a0a8ea3a80026c}, 0x4000040) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async)

18:28:47 executing program 2:
ptrace$cont(0x9, 0x0, 0x0, 0x9)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x51f, 0x2000)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x0, "58d3689ecdd4640f0a6727a21b4bd86d84a0be93f5a8deb717558b77fb609c03", 0x2})

18:28:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = syz_open_pts(r0, 0x5010c0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f00000000c0)={0x26, 0xfff8, 0x401}) (async, rerun: 32)
r3 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x427) (rerun: 32)
ioctl$TIOCSRS485(r3, 0x542f, &(0x7f0000000080)={0x0, 0x2}) (async)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0xfff7, 0x8})
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000100)={0x7, 0x2, 0xd1c451})

18:28:47 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r1, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x1}, @IEEE802154_ATTR_LBT_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x80)
r2 = syz_open_dev$vivid(&(0x7f0000000140), 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x4, 0xc4, 0x72780406, 0x2, 0x6, 0x80, 0x4, 0xfffffff9, 0x1, 0x3, 0x2, 0x5}})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x7}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44085}, 0xc011)
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff) (async)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r1, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x1}, @IEEE802154_ATTR_LBT_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x80) (async)
syz_open_dev$vivid(&(0x7f0000000140), 0x2, 0x2) (async)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x4, 0xc4, 0x72780406, 0x2, 0x6, 0x80, 0x4, 0xfffffff9, 0x1, 0x3, 0x2, 0x5}}) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x7}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44085}, 0xc011) (async)

18:28:47 executing program 1:
r0 = syz_open_dev$vivid(&(0x7f0000000180), 0x2, 0x2)
ioctl$VIDIOC_S_JPEGCOMP(r0, 0x408c563e, &(0x7f0000000240)={0x100, 0xd, 0x8, "fc7c55cbc8649b06c5b72b464020b1a548258c8f494c2adb8e0c527c622c0e36b7d4253f27f2f072435c08349de195d2d89a0a9c8be358d9984e2577", 0x1a, "9537961c70350e784e35310d6a96aef47cdea505d00d037d2071860f455d3cd1ed8149404c861c9e57674321689fa4dd0273b19fb87e8078ad201ef7", 0x60})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pselect6(0x40, &(0x7f0000000000)={0x8000000000000000, 0x5, 0x8, 0x3306, 0x9, 0x7fffffff, 0x3, 0x6}, &(0x7f0000000080)={0x8001, 0x132, 0xffff, 0x1, 0x7b3, 0x4, 0x43c6, 0xffffffffffffffff}, &(0x7f0000000100)={0x6, 0x1, 0x9, 0xffffffffffffffff, 0x0, 0x7, 0xfffffffffffffffa, 0x9}, &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f00000001c0)={&(0x7f0000000200)={[0x80]}, 0x8})
connect$bt_sco(r1, &(0x7f0000000040), 0x8)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8)
clock_gettime(0x0, &(0x7f00000003c0)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000300)={0x9, 0x1f, 0x8, 0x0, 0xfffffffffffffc00, 0x2, 0xffffffffffff0001, 0x4a0ae2e3}, &(0x7f0000000340)={0xffff, 0x1, 0xff, 0x100, 0x5, 0x9, 0x4, 0x6d7}, &(0x7f0000000380)={0x163, 0x5, 0x2, 0x1, 0xfff, 0xd138, 0xfff, 0x80000001}, &(0x7f0000000400)={r2, r3+60000000}, &(0x7f0000000480)={&(0x7f0000000440)={[0x5]}, 0x8})

18:28:47 executing program 2:
ptrace$cont(0x9, 0x0, 0x0, 0x9)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x51f, 0x2000)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x0, "58d3689ecdd4640f0a6727a21b4bd86d84a0be93f5a8deb717558b77fb609c03", 0x2})
ptrace$cont(0x9, 0x0, 0x0, 0x9) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
syz_open_dev$video4linux(&(0x7f0000000000), 0x51f, 0x2000) (async)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x0, "58d3689ecdd4640f0a6727a21b4bd86d84a0be93f5a8deb717558b77fb609c03", 0x2}) (async)

18:28:47 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r4, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r4, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000880)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000000)={0x71, 0x17, 0x3})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000000)={0x71, 0x17, 0x3}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r4, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r4, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000880)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r4, 0x1}, 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r4, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000880) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:47 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"}) (async)
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:28:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000000)={0x71, 0x17, 0x3}) (async, rerun: 64)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 64)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:47 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async, rerun: 32)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async, rerun: 32)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r1, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x1}, @IEEE802154_ATTR_LBT_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x80)
r2 = syz_open_dev$vivid(&(0x7f0000000140), 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x4, 0xc4, 0x72780406, 0x2, 0x6, 0x80, 0x4, 0xfffffff9, 0x1, 0x3, 0x2, 0x5}}) (async, rerun: 32)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x7}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44085}, 0xc011) (rerun: 32)

18:28:48 executing program 1:
r0 = syz_open_dev$vivid(&(0x7f0000000180), 0x2, 0x2)
ioctl$VIDIOC_S_JPEGCOMP(r0, 0x408c563e, &(0x7f0000000240)={0x100, 0xd, 0x8, "fc7c55cbc8649b06c5b72b464020b1a548258c8f494c2adb8e0c527c622c0e36b7d4253f27f2f072435c08349de195d2d89a0a9c8be358d9984e2577", 0x1a, "9537961c70350e784e35310d6a96aef47cdea505d00d037d2071860f455d3cd1ed8149404c861c9e57674321689fa4dd0273b19fb87e8078ad201ef7", 0x60}) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pselect6(0x40, &(0x7f0000000000)={0x8000000000000000, 0x5, 0x8, 0x3306, 0x9, 0x7fffffff, 0x3, 0x6}, &(0x7f0000000080)={0x8001, 0x132, 0xffff, 0x1, 0x7b3, 0x4, 0x43c6, 0xffffffffffffffff}, &(0x7f0000000100)={0x6, 0x1, 0x9, 0xffffffffffffffff, 0x0, 0x7, 0xfffffffffffffffa, 0x9}, &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f00000001c0)={&(0x7f0000000200)={[0x80]}, 0x8}) (async)
connect$bt_sco(r1, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async, rerun: 64)
clock_gettime(0x0, &(0x7f00000003c0)={<r2=>0x0, <r3=>0x0}) (rerun: 64)
pselect6(0x40, &(0x7f0000000300)={0x9, 0x1f, 0x8, 0x0, 0xfffffffffffffc00, 0x2, 0xffffffffffff0001, 0x4a0ae2e3}, &(0x7f0000000340)={0xffff, 0x1, 0xff, 0x100, 0x5, 0x9, 0x4, 0x6d7}, &(0x7f0000000380)={0x163, 0x5, 0x2, 0x1, 0xfff, 0xd138, 0xfff, 0x80000001}, &(0x7f0000000400)={r2, r3+60000000}, &(0x7f0000000480)={&(0x7f0000000440)={[0x5]}, 0x8})

18:28:48 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000000080)={0x6, 0x8000, 0x1})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0xd0000001})

18:28:48 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)

18:28:48 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r4, 0x1}, 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r4, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000880)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:48 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000000c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$PIO_CMAP(r3, 0x4b71, &(0x7f0000000080)={0x5, 0x4, 0x6a, 0x100000001, 0x51f, 0x1})
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x5d, 0x7, 0x9, 0x2, 0x2, "947c5817520226879238c79f89fd28d349d831"})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:48 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84000)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r1, 0xc0945662, 0xfffffffffffffffc)
r2 = syz_open_dev$vivid(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f00000000c0)={0x2, 0x3, 0x6})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:28:48 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000000080)={0x6, 0x8000, 0x1})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0xd0000001})

18:28:48 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCSISO7816(r3, 0xc0285443, &(0x7f0000000140)={0x80, 0x9aec, 0xad, 0x2, 0x1ff})
r4 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7)
ioctl$KDSKBMETA(r4, 0x4b63, &(0x7f0000000040)=0x4)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f00000001c0)={0x7, "38a9718198651ce868e60372be5b81b462e47f06f8ab7f7d1ee3c43c146e05d69023835a9aa6262a71abbd27a8d4691e103258ae505e2d4f7d27143ade18ed1b7d92d602f2abe4da89a3b846219a33614931ba71b3fdd93b6507b2a2d682b8ede37b660ecb1e6b2b294108fbdc58c629b2e2253f02d2b139e9889054e368a9de3a5699e9f74af054cf3f9b9ab051810a67a118822fc9325a566c9f4f7a75daa13e893c3f4bb290ddcf285d5c2cc534a1de60e2ad33575c0ebbe65f04ffd4dddd8f5504562f75b1a2061196e7e6d676dda4ff1bb0b4d925ad13067715b8284aa62b7d66315ec24941b07d75698b59cb73d19f50d97367e30976b51d7c6aa13fc418a95fc1c1cc75a58167ba28f9f2eeeada5486ea576c07def8f66caa1e6521f6b028671566a443cb4dea9687dfafd9ad0aaacaf83adeeff07946ed25efcb0513eeeb1a6421df3c021fda45679c749c4933555cc48465010098900fde69137cf2a7774d51d5ff68264d0817fb740144fba6430007c584c59bfcf6726328a8a62bee1e7cf525b9261b255a17debbeaf36c5c33f300ba40bc6c872b4a09a854124fb5bfbab98d678fb27bb05e53f1a8446bbd758d83db636cfaa8d75f0f85b5e0a0d7525ca3893ff743d3c4f9a030e8da32b62143dc148f61a3f1924b3f5183cb55d1446881d726cfdce5f0a3304f7bfd56712152143175f456482bb0456245bd47"})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000440)={0x5, 0xff, 0x8, 0x47f, 0x6, "b79d07a17198b19beaa9ef8dd17bfbd6a908db", 0x7, 0x3})
timerfd_gettime(r6, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000000)=0x7)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x50002000})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0x1)
timerfd_gettime(r7, 0x0)
epoll_pwait(r1, &(0x7f0000000080), 0x0, 0x8000, &(0x7f0000000100)={[0x9]}, 0x66)

18:28:48 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000000c0)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$PIO_CMAP(r3, 0x4b71, &(0x7f0000000080)={0x5, 0x4, 0x6a, 0x100000001, 0x51f, 0x1})
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x5d, 0x7, 0x9, 0x2, 0x2, "947c5817520226879238c79f89fd28d349d831"}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:48 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000000080)={0x6, 0x8000, 0x1})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0xd0000001})

18:28:48 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:28:48 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0xfffd, 0x0, 0xb, "f6883935808d00"})
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000))

18:28:49 executing program 1:
r0 = syz_open_dev$vivid(&(0x7f0000000180), 0x2, 0x2)
ioctl$VIDIOC_S_JPEGCOMP(r0, 0x408c563e, &(0x7f0000000240)={0x100, 0xd, 0x8, "fc7c55cbc8649b06c5b72b464020b1a548258c8f494c2adb8e0c527c622c0e36b7d4253f27f2f072435c08349de195d2d89a0a9c8be358d9984e2577", 0x1a, "9537961c70350e784e35310d6a96aef47cdea505d00d037d2071860f455d3cd1ed8149404c861c9e57674321689fa4dd0273b19fb87e8078ad201ef7", 0x60})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pselect6(0x40, &(0x7f0000000000)={0x8000000000000000, 0x5, 0x8, 0x3306, 0x9, 0x7fffffff, 0x3, 0x6}, &(0x7f0000000080)={0x8001, 0x132, 0xffff, 0x1, 0x7b3, 0x4, 0x43c6, 0xffffffffffffffff}, &(0x7f0000000100)={0x6, 0x1, 0x9, 0xffffffffffffffff, 0x0, 0x7, 0xfffffffffffffffa, 0x9}, &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f00000001c0)={&(0x7f0000000200)={[0x80]}, 0x8}) (async, rerun: 64)
connect$bt_sco(r1, &(0x7f0000000040), 0x8) (async, rerun: 64)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8)
clock_gettime(0x0, &(0x7f00000003c0)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000300)={0x9, 0x1f, 0x8, 0x0, 0xfffffffffffffc00, 0x2, 0xffffffffffff0001, 0x4a0ae2e3}, &(0x7f0000000340)={0xffff, 0x1, 0xff, 0x100, 0x5, 0x9, 0x4, 0x6d7}, &(0x7f0000000380)={0x163, 0x5, 0x2, 0x1, 0xfff, 0xd138, 0xfff, 0x80000001}, &(0x7f0000000400)={r2, r3+60000000}, &(0x7f0000000480)={&(0x7f0000000440)={[0x5]}, 0x8})

18:28:49 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0xfffd, 0x0, 0xb, "f6883935808d00"})
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0xfffd, 0x0, 0xb, "f6883935808d00"}) (async)
epoll_create1(0x80000) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000)) (async)

18:28:49 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r1)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:28:49 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0) (async, rerun: 32)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async, rerun: 32)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCSISO7816(r3, 0xc0285443, &(0x7f0000000140)={0x80, 0x9aec, 0xad, 0x2, 0x1ff}) (async, rerun: 64)
r4 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7) (rerun: 64)
ioctl$KDSKBMETA(r4, 0x4b63, &(0x7f0000000040)=0x4) (async, rerun: 32)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f00000001c0)={0x7, "38a9718198651ce868e60372be5b81b462e47f06f8ab7f7d1ee3c43c146e05d69023835a9aa6262a71abbd27a8d4691e103258ae505e2d4f7d27143ade18ed1b7d92d602f2abe4da89a3b846219a33614931ba71b3fdd93b6507b2a2d682b8ede37b660ecb1e6b2b294108fbdc58c629b2e2253f02d2b139e9889054e368a9de3a5699e9f74af054cf3f9b9ab051810a67a118822fc9325a566c9f4f7a75daa13e893c3f4bb290ddcf285d5c2cc534a1de60e2ad33575c0ebbe65f04ffd4dddd8f5504562f75b1a2061196e7e6d676dda4ff1bb0b4d925ad13067715b8284aa62b7d66315ec24941b07d75698b59cb73d19f50d97367e30976b51d7c6aa13fc418a95fc1c1cc75a58167ba28f9f2eeeada5486ea576c07def8f66caa1e6521f6b028671566a443cb4dea9687dfafd9ad0aaacaf83adeeff07946ed25efcb0513eeeb1a6421df3c021fda45679c749c4933555cc48465010098900fde69137cf2a7774d51d5ff68264d0817fb740144fba6430007c584c59bfcf6726328a8a62bee1e7cf525b9261b255a17debbeaf36c5c33f300ba40bc6c872b4a09a854124fb5bfbab98d678fb27bb05e53f1a8446bbd758d83db636cfaa8d75f0f85b5e0a0d7525ca3893ff743d3c4f9a030e8da32b62143dc148f61a3f1924b3f5183cb55d1446881d726cfdce5f0a3304f7bfd56712152143175f456482bb0456245bd47"}) (async, rerun: 32)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f0000000080)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000440)={0x5, 0xff, 0x8, 0x47f, 0x6, "b79d07a17198b19beaa9ef8dd17bfbd6a908db", 0x7, 0x3}) (async)
timerfd_gettime(r6, 0x0) (async)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000000)=0x7) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x50002000}) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0) (rerun: 32)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0x1) (async)
timerfd_gettime(r7, 0x0)
epoll_pwait(r1, &(0x7f0000000080), 0x0, 0x8000, &(0x7f0000000100)={[0x9]}, 0x66)

18:28:49 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000000c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$PIO_CMAP(r3, 0x4b71, &(0x7f0000000080)={0x5, 0x4, 0x6a, 0x100000001, 0x51f, 0x1}) (async)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x5d, 0x7, 0x9, 0x2, 0x2, "947c5817520226879238c79f89fd28d349d831"}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:49 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async, rerun: 64)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84000) (rerun: 64)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r1, 0xc0945662, 0xfffffffffffffffc) (async, rerun: 64)
r2 = syz_open_dev$vivid(&(0x7f0000000080), 0x0, 0x2) (rerun: 64)
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f00000000c0)={0x2, 0x3, 0x6}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:28:49 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0xfffd, 0x0, 0xb, "f6883935808d00"}) (async)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000))

18:28:49 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r1)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x140e, 0x4, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000880)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:49 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
epoll_pwait(0xffffffffffffffff, &(0x7f0000000080)=[{}, {}, {}], 0x3, 0x6, &(0x7f00000000c0)={[0x8]}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})

18:28:49 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r1) (async)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:28:49 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
epoll_pwait(0xffffffffffffffff, &(0x7f0000000080)=[{}, {}, {}], 0x3, 0x6, &(0x7f00000000c0)={[0x8]}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000080)=[{}, {}, {}], 0x3, 0x6, &(0x7f00000000c0)={[0x8]}, 0x8) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) (async)

18:28:49 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r1) (async)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x140e, 0x4, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000880) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:50 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r2, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfffffeff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x48000}, 0x40000)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:28:50 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84000)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r1, 0xc0945662, 0xfffffffffffffffc)
r2 = syz_open_dev$vivid(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f00000000c0)={0x2, 0x3, 0x6})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
pipe2(&(0x7f0000000000), 0x84000) (async)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r1, 0xc0945662, 0xfffffffffffffffc) (async)
syz_open_dev$vivid(&(0x7f0000000080), 0x0, 0x2) (async)
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f00000000c0)={0x2, 0x3, 0x6}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)

18:28:50 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000080)=[{}, {}, {}], 0x3, 0x6, &(0x7f00000000c0)={[0x8]}, 0x8) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})

18:28:50 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCSISO7816(r3, 0xc0285443, &(0x7f0000000140)={0x80, 0x9aec, 0xad, 0x2, 0x1ff})
r4 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7)
ioctl$KDSKBMETA(r4, 0x4b63, &(0x7f0000000040)=0x4)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f00000001c0)={0x7, "38a9718198651ce868e60372be5b81b462e47f06f8ab7f7d1ee3c43c146e05d69023835a9aa6262a71abbd27a8d4691e103258ae505e2d4f7d27143ade18ed1b7d92d602f2abe4da89a3b846219a33614931ba71b3fdd93b6507b2a2d682b8ede37b660ecb1e6b2b294108fbdc58c629b2e2253f02d2b139e9889054e368a9de3a5699e9f74af054cf3f9b9ab051810a67a118822fc9325a566c9f4f7a75daa13e893c3f4bb290ddcf285d5c2cc534a1de60e2ad33575c0ebbe65f04ffd4dddd8f5504562f75b1a2061196e7e6d676dda4ff1bb0b4d925ad13067715b8284aa62b7d66315ec24941b07d75698b59cb73d19f50d97367e30976b51d7c6aa13fc418a95fc1c1cc75a58167ba28f9f2eeeada5486ea576c07def8f66caa1e6521f6b028671566a443cb4dea9687dfafd9ad0aaacaf83adeeff07946ed25efcb0513eeeb1a6421df3c021fda45679c749c4933555cc48465010098900fde69137cf2a7774d51d5ff68264d0817fb740144fba6430007c584c59bfcf6726328a8a62bee1e7cf525b9261b255a17debbeaf36c5c33f300ba40bc6c872b4a09a854124fb5bfbab98d678fb27bb05e53f1a8446bbd758d83db636cfaa8d75f0f85b5e0a0d7525ca3893ff743d3c4f9a030e8da32b62143dc148f61a3f1924b3f5183cb55d1446881d726cfdce5f0a3304f7bfd56712152143175f456482bb0456245bd47"})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000440)={0x5, 0xff, 0x8, 0x47f, 0x6, "b79d07a17198b19beaa9ef8dd17bfbd6a908db", 0x7, 0x3})
timerfd_gettime(r6, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000000)=0x7)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x50002000})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0x1)
timerfd_gettime(r7, 0x0)
epoll_pwait(r1, &(0x7f0000000080), 0x0, 0x8000, &(0x7f0000000100)={[0x9]}, 0x66)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
ioctl$TIOCSISO7816(r3, 0xc0285443, &(0x7f0000000140)={0x80, 0x9aec, 0xad, 0x2, 0x1ff}) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x7) (async)
ioctl$KDSKBMETA(r4, 0x4b63, &(0x7f0000000040)=0x4) (async)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f00000001c0)={0x7, "38a9718198651ce868e60372be5b81b462e47f06f8ab7f7d1ee3c43c146e05d69023835a9aa6262a71abbd27a8d4691e103258ae505e2d4f7d27143ade18ed1b7d92d602f2abe4da89a3b846219a33614931ba71b3fdd93b6507b2a2d682b8ede37b660ecb1e6b2b294108fbdc58c629b2e2253f02d2b139e9889054e368a9de3a5699e9f74af054cf3f9b9ab051810a67a118822fc9325a566c9f4f7a75daa13e893c3f4bb290ddcf285d5c2cc534a1de60e2ad33575c0ebbe65f04ffd4dddd8f5504562f75b1a2061196e7e6d676dda4ff1bb0b4d925ad13067715b8284aa62b7d66315ec24941b07d75698b59cb73d19f50d97367e30976b51d7c6aa13fc418a95fc1c1cc75a58167ba28f9f2eeeada5486ea576c07def8f66caa1e6521f6b028671566a443cb4dea9687dfafd9ad0aaacaf83adeeff07946ed25efcb0513eeeb1a6421df3c021fda45679c749c4933555cc48465010098900fde69137cf2a7774d51d5ff68264d0817fb740144fba6430007c584c59bfcf6726328a8a62bee1e7cf525b9261b255a17debbeaf36c5c33f300ba40bc6c872b4a09a854124fb5bfbab98d678fb27bb05e53f1a8446bbd758d83db636cfaa8d75f0f85b5e0a0d7525ca3893ff743d3c4f9a030e8da32b62143dc148f61a3f1924b3f5183cb55d1446881d726cfdce5f0a3304f7bfd56712152143175f456482bb0456245bd47"}) (async)
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f0000000080)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000440)={0x5, 0xff, 0x8, 0x47f, 0x6, "b79d07a17198b19beaa9ef8dd17bfbd6a908db", 0x7, 0x3}) (async)
timerfd_gettime(r6, 0x0) (async)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000000)=0x7) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x50002000}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0x1) (async)
timerfd_gettime(r7, 0x0) (async)
epoll_pwait(r1, &(0x7f0000000080), 0x0, 0x8000, &(0x7f0000000100)={[0x9]}, 0x66) (async)

18:28:50 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r1) (async)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x140e, 0x4, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000880)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:50 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r1) (async)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:28:50 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x15}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x5}, 0x805)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x4, 0xfffffffb, 0x2, 0x4, 0x7, "d4fb51f786b18bd4378a949dd0359943a38a7c"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x12, "06828993ab00"})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180))

18:28:50 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x0, 0x0, 0xfffc, 0x0, 0x8, "de083d3900"})
r1 = epoll_create1(0x0)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x2000000000000000)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000040))
r3 = syz_open_pts(r2, 0x40000)
syz_open_pts(r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:50 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r1)

18:28:50 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x0, 0x0, 0xfffc, 0x0, 0x8, "de083d3900"})
r1 = epoll_create1(0x0)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x2000000000000000)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000040))
r3 = syz_open_pts(r2, 0x40000)
syz_open_pts(r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x0, 0x0, 0xfffc, 0x0, 0x8, "de083d3900"}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x2000000000000000) (async)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000040)) (async)
syz_open_pts(r2, 0x40000) (async)
syz_open_pts(r3, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:50 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x8, 0x35, 0x7fffffff, 0x0, 0x1f, "a2e9f9b91bb65a2920d2d335def837af3774e3", 0x7, 0x1f})
r2 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:50 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r1) (async)

18:28:50 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r2, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfffffeff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x48000}, 0x40000)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:28:50 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x8, 0x35, 0x7fffffff, 0x0, 0x1f, "a2e9f9b91bb65a2920d2d335def837af3774e3", 0x7, 0x1f})
r2 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:50 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x0, 0x0, 0xfffc, 0x0, 0x8, "de083d3900"})
r1 = epoll_create1(0x0)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x2000000000000000)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000040))
r3 = syz_open_pts(r2, 0x40000)
syz_open_pts(r3, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:50 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r1)

18:28:50 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x15}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x5}, 0x805)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x4, 0xfffffffb, 0x2, 0x4, 0x7, "d4fb51f786b18bd4378a949dd0359943a38a7c"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x12, "06828993ab00"})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x15}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x5}, 0x805) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x4, 0xfffffffb, 0x2, 0x4, 0x7, "d4fb51f786b18bd4378a949dd0359943a38a7c"}) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x12, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180)) (async)

18:28:50 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x8, 0x6, 0x3ff}, 0x1, 0x3, &(0x7f00000000c0)={{0x1, 0x3, 0x0, 0x5}, &(0x7f0000000080)={{0x4, 0x5, 0x8, 0x8}, &(0x7f0000000000)={{0x900, 0xa1a, 0xc17, 0x92}}}}, 0x9, &(0x7f00000002c0)="4947bb417e6c4c364066cab953acc229b83c98a97682365f17889eecb5e43b35f6ed77079e78e938ac1a7561035dae09f92598de6cb08cbc9eb3ea71734bace5ae0b5784a5ce5bcf10875089d60d14c264d95ef242ad9ea3966b17db10c1590250389ea1cdb9206e48f453ec6e066f642bf91e39d8b6df59199d12ed9c606f9f01fdf73dd3494517f32b45f4e88eebd7161c6b31918c9c31906da821663f92cdf4e3238f39b7acb412e8a17d74fe10d55945dcd2d836bfa4a3f24001096d009faafc39ae09af1d52d1a9119567800b5418695aa5caba361b3b83e0fcf013231d73eda5994f16b1229fb68b603dcd7d08", 0x8}})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000100)={0x3, 0x8001})

18:28:50 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000100)={0xff, 0x0, 0x2, 0x2, 0xc, "e462f10c17bc1afa90ed6d1c4bf9e20abf935d"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0x401, 0x0, 0x0, 0x0, 0xc, "de08393900"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x84000)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r3, 0x80845663, &(0x7f00000001c0))
ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000140)={@any, 0xec5})
ioctl$TIOCSCTTY(r2, 0x540e, 0x100000000)
r4 = syz_open_dev$dri(&(0x7f0000000040), 0xa9, 0x8000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r6}, @NL802154_ATTR_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004081}, 0x4)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r5})

18:28:50 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, r1, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x88}]}, 0x4c}, 0x1, 0x0, 0x0, 0x84c736919f6a72a3}, 0x8004)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:28:50 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x15}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x5}, 0x805) (async)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x4, 0xfffffffb, 0x2, 0x4, 0x7, "d4fb51f786b18bd4378a949dd0359943a38a7c"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x12, "06828993ab00"}) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180))

18:28:50 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, r1, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x88}]}, 0x4c}, 0x1, 0x0, 0x0, 0x84c736919f6a72a3}, 0x8004) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:28:50 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000100)={0xff, 0x0, 0x2, 0x2, 0xc, "e462f10c17bc1afa90ed6d1c4bf9e20abf935d"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0x401, 0x0, 0x0, 0x0, 0xc, "de08393900"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x84000)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r3, 0x80845663, &(0x7f00000001c0))
ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000140)={@any, 0xec5})
ioctl$TIOCSCTTY(r2, 0x540e, 0x100000000)
r4 = syz_open_dev$dri(&(0x7f0000000040), 0xa9, 0x8000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r6}, @NL802154_ATTR_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004081}, 0x4)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r5})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000100)={0xff, 0x0, 0x2, 0x2, 0xc, "e462f10c17bc1afa90ed6d1c4bf9e20abf935d"}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0x401, 0x0, 0x0, 0x0, 0xc, "de08393900"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000000), 0x84000) (async)
timerfd_gettime(r2, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r3, 0x80845663, &(0x7f00000001c0)) (async)
ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000140)={@any, 0xec5}) (async)
ioctl$TIOCSCTTY(r2, 0x540e, 0x100000000) (async)
syz_open_dev$dri(&(0x7f0000000040), 0xa9, 0x8000) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r5, 0x0) (async)
syz_open_procfs$namespace(0x0, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r6, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r6}, @NL802154_ATTR_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004081}, 0x4) (async)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r5}) (async)

18:28:50 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x8, 0x35, 0x7fffffff, 0x0, 0x1f, "a2e9f9b91bb65a2920d2d335def837af3774e3", 0x7, 0x1f}) (async)
r2 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:51 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r2, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfffffeff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x48000}, 0x40000) (async, rerun: 32)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (rerun: 32)

18:28:51 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, r1, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x88}]}, 0x4c}, 0x1, 0x0, 0x0, 0x84c736919f6a72a3}, 0x8004)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:28:51 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000100)={0xff, 0x0, 0x2, 0x2, 0xc, "e462f10c17bc1afa90ed6d1c4bf9e20abf935d"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0x401, 0x0, 0x0, 0x0, 0xc, "de08393900"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x84000)
timerfd_gettime(r2, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r3, 0x80845663, &(0x7f00000001c0)) (async)
ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000140)={@any, 0xec5}) (async, rerun: 32)
ioctl$TIOCSCTTY(r2, 0x540e, 0x100000000) (async, rerun: 32)
r4 = syz_open_dev$dri(&(0x7f0000000040), 0xa9, 0x8000) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0) (async)
syz_open_procfs$namespace(0x0, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r6}, @NL802154_ATTR_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004081}, 0x4)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r5})

18:28:51 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
socket$inet_dccp(0x2, 0x6, 0x0)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f0000000100))
timerfd_gettime(r4, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r4, 0xc028564e, &(0x7f00000000c0)={0x0, 0x0, [0x2, 0xf1c, 0x5, 0x61d, 0x6, 0x1f4ae2cc, 0x101, 0x9a]})

18:28:51 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x8, 0x6, 0x3ff}, 0x1, 0x3, &(0x7f00000000c0)={{0x1, 0x3, 0x0, 0x5}, &(0x7f0000000080)={{0x4, 0x5, 0x8, 0x8}, &(0x7f0000000000)={{0x900, 0xa1a, 0xc17, 0x92}}}}, 0x9, &(0x7f00000002c0)="4947bb417e6c4c364066cab953acc229b83c98a97682365f17889eecb5e43b35f6ed77079e78e938ac1a7561035dae09f92598de6cb08cbc9eb3ea71734bace5ae0b5784a5ce5bcf10875089d60d14c264d95ef242ad9ea3966b17db10c1590250389ea1cdb9206e48f453ec6e066f642bf91e39d8b6df59199d12ed9c606f9f01fdf73dd3494517f32b45f4e88eebd7161c6b31918c9c31906da821663f92cdf4e3238f39b7acb412e8a17d74fe10d55945dcd2d836bfa4a3f24001096d009faafc39ae09af1d52d1a9119567800b5418695aa5caba361b3b83e0fcf013231d73eda5994f16b1229fb68b603dcd7d08", 0x8}}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000100)={0x3, 0x8001})

18:28:51 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = syz_open_pts(r0, 0x6000)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x5, "80b968dceebbc1b9ffae358f7aaa33d1ef77ebdbcf59dd01e65ad0abbee2617bdf0cc3039704a2bf6be578add934f640b2b53421a4c039d98553c2506b6f6c59a3f6b9c19fecb30bc28f687477ca567202f2469e3e34ad14c983d8aded053141f1ae8c506e9ac5067d7952b5b26aa7313e4bbd929e240d7df72762b8fdf29d64079d712ff0058c89cda70352cb02cc4bf76c8b61070c90e8c0541a7280f5d05bd6c1b582055306f51043146155796d257775afee3fc9d08a807cfc53405f06795a02565f94a73a373ff5262e06d9f81c12d77825583613dc7ae9f64fa3155aa8aa18d8963f0292111f52c9a696ea579b4be5aa930b9b13c0ded04e8a9f648a16684e9e5b8f192b5571901d325457091aa0d70d30613d740c2bd4b16f81ed6018ca6ef8988156de3f3fc0ae1aaaeb925191880aafbd49604b7766e1e7753ecfbb69443b8739ac0b4b5cccae558f050e176df71ba880a3beefc69f8fc7ef74ca29f352a1e912781916340d332c56b9050cc67137931694b3fc4628051726bc100721eacbb8497d53c4f5ad760f2e752761cbd636335ede744f07421faee8d5aee9bfeea22b6b3e4c55910b8519f3fae15869f1c00bb89dcb23624e2ce7e2f13481fabaaac865448671a87bcae8797026be062e0253ee211deb5bd0d25421b99b0833de9ef11a1d9a0ee0e97a6130c281047c103704c249b84140f87688ce6aca42"})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000080)="fb036f906ae01e6caad3661f2b2b0ab6af2ed924bf27d3e0eab65327631d6da9c2500aa215e654b71b0612865364b921620bd35181493e2588d944d466c45be3c3e207678600dc1bed68e817e8eb6173bab32ddf41fa8df6fd0b84aab3dbb5ba7e57487c")
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180)={0x120000001})

18:28:51 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x2002})

18:28:51 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000)) (async, rerun: 32)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1, "06828993ab00"}) (rerun: 32)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
socket$inet_dccp(0x2, 0x6, 0x0) (async, rerun: 32)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r3, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0) (async)
ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f0000000100)) (async)
timerfd_gettime(r4, 0x0) (async)
ioctl$VIDIOC_TRY_ENCODER_CMD(r4, 0xc028564e, &(0x7f00000000c0)={0x0, 0x0, [0x2, 0xf1c, 0x5, 0x61d, 0x6, 0x1f4ae2cc, 0x101, 0x9a]})

18:28:51 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = syz_open_pts(r0, 0x6000)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x5, "80b968dceebbc1b9ffae358f7aaa33d1ef77ebdbcf59dd01e65ad0abbee2617bdf0cc3039704a2bf6be578add934f640b2b53421a4c039d98553c2506b6f6c59a3f6b9c19fecb30bc28f687477ca567202f2469e3e34ad14c983d8aded053141f1ae8c506e9ac5067d7952b5b26aa7313e4bbd929e240d7df72762b8fdf29d64079d712ff0058c89cda70352cb02cc4bf76c8b61070c90e8c0541a7280f5d05bd6c1b582055306f51043146155796d257775afee3fc9d08a807cfc53405f06795a02565f94a73a373ff5262e06d9f81c12d77825583613dc7ae9f64fa3155aa8aa18d8963f0292111f52c9a696ea579b4be5aa930b9b13c0ded04e8a9f648a16684e9e5b8f192b5571901d325457091aa0d70d30613d740c2bd4b16f81ed6018ca6ef8988156de3f3fc0ae1aaaeb925191880aafbd49604b7766e1e7753ecfbb69443b8739ac0b4b5cccae558f050e176df71ba880a3beefc69f8fc7ef74ca29f352a1e912781916340d332c56b9050cc67137931694b3fc4628051726bc100721eacbb8497d53c4f5ad760f2e752761cbd636335ede744f07421faee8d5aee9bfeea22b6b3e4c55910b8519f3fae15869f1c00bb89dcb23624e2ce7e2f13481fabaaac865448671a87bcae8797026be062e0253ee211deb5bd0d25421b99b0833de9ef11a1d9a0ee0e97a6130c281047c103704c249b84140f87688ce6aca42"})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000080)="fb036f906ae01e6caad3661f2b2b0ab6af2ed924bf27d3e0eab65327631d6da9c2500aa215e654b71b0612865364b921620bd35181493e2588d944d466c45be3c3e207678600dc1bed68e817e8eb6173bab32ddf41fa8df6fd0b84aab3dbb5ba7e57487c")
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180)={0x120000001})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
syz_open_pts(r0, 0x6000) (async)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x5, "80b968dceebbc1b9ffae358f7aaa33d1ef77ebdbcf59dd01e65ad0abbee2617bdf0cc3039704a2bf6be578add934f640b2b53421a4c039d98553c2506b6f6c59a3f6b9c19fecb30bc28f687477ca567202f2469e3e34ad14c983d8aded053141f1ae8c506e9ac5067d7952b5b26aa7313e4bbd929e240d7df72762b8fdf29d64079d712ff0058c89cda70352cb02cc4bf76c8b61070c90e8c0541a7280f5d05bd6c1b582055306f51043146155796d257775afee3fc9d08a807cfc53405f06795a02565f94a73a373ff5262e06d9f81c12d77825583613dc7ae9f64fa3155aa8aa18d8963f0292111f52c9a696ea579b4be5aa930b9b13c0ded04e8a9f648a16684e9e5b8f192b5571901d325457091aa0d70d30613d740c2bd4b16f81ed6018ca6ef8988156de3f3fc0ae1aaaeb925191880aafbd49604b7766e1e7753ecfbb69443b8739ac0b4b5cccae558f050e176df71ba880a3beefc69f8fc7ef74ca29f352a1e912781916340d332c56b9050cc67137931694b3fc4628051726bc100721eacbb8497d53c4f5ad760f2e752761cbd636335ede744f07421faee8d5aee9bfeea22b6b3e4c55910b8519f3fae15869f1c00bb89dcb23624e2ce7e2f13481fabaaac865448671a87bcae8797026be062e0253ee211deb5bd0d25421b99b0833de9ef11a1d9a0ee0e97a6130c281047c103704c249b84140f87688ce6aca42"}) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000080)="fb036f906ae01e6caad3661f2b2b0ab6af2ed924bf27d3e0eab65327631d6da9c2500aa215e654b71b0612865364b921620bd35181493e2588d944d466c45be3c3e207678600dc1bed68e817e8eb6173bab32ddf41fa8df6fd0b84aab3dbb5ba7e57487c") (async)
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
pipe2(&(0x7f0000000040), 0x80000) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180)={0x120000001}) (async)

18:28:51 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
socket(0x20, 0x5, 0x35ce)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x1412, 0x0, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000011}, 0x800)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x43, 0x0, &(0x7f0000000000))

18:28:51 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x2002})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x2002}) (async)

18:28:51 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x2002})

18:28:52 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1401, 0x10, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x44004}, 0x40000a0)

18:28:52 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
socket(0x20, 0x5, 0x35ce) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x1412, 0x0, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000011}, 0x800) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x43, 0x0, &(0x7f0000000000))

18:28:52 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
socket$inet_dccp(0x2, 0x6, 0x0)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0) (async)
ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f0000000100)) (async)
timerfd_gettime(r4, 0x0) (async)
ioctl$VIDIOC_TRY_ENCODER_CMD(r4, 0xc028564e, &(0x7f00000000c0)={0x0, 0x0, [0x2, 0xf1c, 0x5, 0x61d, 0x6, 0x1f4ae2cc, 0x101, 0x9a]})

18:28:52 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x1000, 0x0, 0xfd, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:52 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x8, 0x6, 0x3ff}, 0x1, 0x3, &(0x7f00000000c0)={{0x1, 0x3, 0x0, 0x5}, &(0x7f0000000080)={{0x4, 0x5, 0x8, 0x8}, &(0x7f0000000000)={{0x900, 0xa1a, 0xc17, 0x92}}}}, 0x9, &(0x7f00000002c0)="4947bb417e6c4c364066cab953acc229b83c98a97682365f17889eecb5e43b35f6ed77079e78e938ac1a7561035dae09f92598de6cb08cbc9eb3ea71734bace5ae0b5784a5ce5bcf10875089d60d14c264d95ef242ad9ea3966b17db10c1590250389ea1cdb9206e48f453ec6e066f642bf91e39d8b6df59199d12ed9c606f9f01fdf73dd3494517f32b45f4e88eebd7161c6b31918c9c31906da821663f92cdf4e3238f39b7acb412e8a17d74fe10d55945dcd2d836bfa4a3f24001096d009faafc39ae09af1d52d1a9119567800b5418695aa5caba361b3b83e0fcf013231d73eda5994f16b1229fb68b603dcd7d08", 0x8}}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000100)={0x3, 0x8001})

18:28:52 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = syz_open_pts(r0, 0x6000)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x5, "80b968dceebbc1b9ffae358f7aaa33d1ef77ebdbcf59dd01e65ad0abbee2617bdf0cc3039704a2bf6be578add934f640b2b53421a4c039d98553c2506b6f6c59a3f6b9c19fecb30bc28f687477ca567202f2469e3e34ad14c983d8aded053141f1ae8c506e9ac5067d7952b5b26aa7313e4bbd929e240d7df72762b8fdf29d64079d712ff0058c89cda70352cb02cc4bf76c8b61070c90e8c0541a7280f5d05bd6c1b582055306f51043146155796d257775afee3fc9d08a807cfc53405f06795a02565f94a73a373ff5262e06d9f81c12d77825583613dc7ae9f64fa3155aa8aa18d8963f0292111f52c9a696ea579b4be5aa930b9b13c0ded04e8a9f648a16684e9e5b8f192b5571901d325457091aa0d70d30613d740c2bd4b16f81ed6018ca6ef8988156de3f3fc0ae1aaaeb925191880aafbd49604b7766e1e7753ecfbb69443b8739ac0b4b5cccae558f050e176df71ba880a3beefc69f8fc7ef74ca29f352a1e912781916340d332c56b9050cc67137931694b3fc4628051726bc100721eacbb8497d53c4f5ad760f2e752761cbd636335ede744f07421faee8d5aee9bfeea22b6b3e4c55910b8519f3fae15869f1c00bb89dcb23624e2ce7e2f13481fabaaac865448671a87bcae8797026be062e0253ee211deb5bd0d25421b99b0833de9ef11a1d9a0ee0e97a6130c281047c103704c249b84140f87688ce6aca42"})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000080)="fb036f906ae01e6caad3661f2b2b0ab6af2ed924bf27d3e0eab65327631d6da9c2500aa215e654b71b0612865364b921620bd35181493e2588d944d466c45be3c3e207678600dc1bed68e817e8eb6173bab32ddf41fa8df6fd0b84aab3dbb5ba7e57487c")
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180)={0x120000001})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
syz_open_pts(r0, 0x6000) (async)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x5, "80b968dceebbc1b9ffae358f7aaa33d1ef77ebdbcf59dd01e65ad0abbee2617bdf0cc3039704a2bf6be578add934f640b2b53421a4c039d98553c2506b6f6c59a3f6b9c19fecb30bc28f687477ca567202f2469e3e34ad14c983d8aded053141f1ae8c506e9ac5067d7952b5b26aa7313e4bbd929e240d7df72762b8fdf29d64079d712ff0058c89cda70352cb02cc4bf76c8b61070c90e8c0541a7280f5d05bd6c1b582055306f51043146155796d257775afee3fc9d08a807cfc53405f06795a02565f94a73a373ff5262e06d9f81c12d77825583613dc7ae9f64fa3155aa8aa18d8963f0292111f52c9a696ea579b4be5aa930b9b13c0ded04e8a9f648a16684e9e5b8f192b5571901d325457091aa0d70d30613d740c2bd4b16f81ed6018ca6ef8988156de3f3fc0ae1aaaeb925191880aafbd49604b7766e1e7753ecfbb69443b8739ac0b4b5cccae558f050e176df71ba880a3beefc69f8fc7ef74ca29f352a1e912781916340d332c56b9050cc67137931694b3fc4628051726bc100721eacbb8497d53c4f5ad760f2e752761cbd636335ede744f07421faee8d5aee9bfeea22b6b3e4c55910b8519f3fae15869f1c00bb89dcb23624e2ce7e2f13481fabaaac865448671a87bcae8797026be062e0253ee211deb5bd0d25421b99b0833de9ef11a1d9a0ee0e97a6130c281047c103704c249b84140f87688ce6aca42"}) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000080)="fb036f906ae01e6caad3661f2b2b0ab6af2ed924bf27d3e0eab65327631d6da9c2500aa215e654b71b0612865364b921620bd35181493e2588d944d466c45be3c3e207678600dc1bed68e817e8eb6173bab32ddf41fa8df6fd0b84aab3dbb5ba7e57487c") (async)
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
pipe2(&(0x7f0000000040), 0x80000) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180)={0x120000001}) (async)

18:28:52 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x1000, 0x0, 0xfd, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:52 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x1000, 0x0, 0xfd, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:52 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:52 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x1b)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x98e, 0x200000)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000080)={0x9, 0x5, 0x6})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x4})

18:28:52 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$nl_rdma(0x10, 0x3, 0x14) (async, rerun: 64)
socket(0x20, 0x5, 0x35ce) (rerun: 64)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x1412, 0x0, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000011}, 0x800)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x43, 0x0, &(0x7f0000000000))

18:28:52 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
clock_gettime(0x0, &(0x7f0000000000))
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000080)=@overlay={0x1, 0xa, 0x4, 0x2, 0x3, {}, {0x2, 0x0, 0x7f, 0x5, 0x1f, 0x2b, "b7f6a2be"}, 0x4, 0x3, {}, 0x2, 0x0, r1})
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
sched_rr_get_interval(r2, &(0x7f00000001c0))
clock_getres(0x3, &(0x7f0000000200))
r3 = getpid()
sched_rr_get_interval(r3, &(0x7f0000000100))
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180))

18:28:53 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async, rerun: 64)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (rerun: 64)
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1401, 0x10, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x44004}, 0x40000a0)

18:28:53 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x1b)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x98e, 0x200000)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000080)={0x9, 0x5, 0x6})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x4})

18:28:53 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
ioctl$TCXONC(r2, 0x540a, 0x2) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:53 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
clock_gettime(0x0, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000080)=@overlay={0x1, 0xa, 0x4, 0x2, 0x3, {}, {0x2, 0x0, 0x7f, 0x5, 0x1f, 0x2b, "b7f6a2be"}, 0x4, 0x3, {}, 0x2, 0x0, r1})
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0) (async)
sched_rr_get_interval(r2, &(0x7f00000001c0))
clock_getres(0x3, &(0x7f0000000200)) (async)
r3 = getpid()
sched_rr_get_interval(r3, &(0x7f0000000100)) (async)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180))

18:28:53 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000003c0)={0xb, @vbi={0x0, 0x2, 0xfffffffa, 0x31363553, [0xfffffc00, 0x5], [0x7, 0x4], 0x1}})
r1 = geteuid()
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000100)=@multiplanar_mmap={0x7f, 0x2, 0x4, 0x7dca76c72adaa7f, 0x7, {0x0, 0xea60}, {0x3, 0x8, 0x3, 0x40, 0x8b, 0x62, "47260ac4"}, 0x9, 0x1, {&(0x7f0000000080)=[{0x7, 0x3ff, {}, 0x7}, {0x7f, 0x80000000, {0x7}, 0x6}]}})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000000)={0x5, 0x5c, 0x3})
r3 = geteuid()
setresuid(r1, r1, r3)
setresuid(0xffffffffffffffff, 0x0, r1)

18:28:53 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f0000000040)=0xffffffffffffff50)

18:28:53 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x1b) (async)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x98e, 0x200000)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000080)={0x9, 0x5, 0x6}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x4})

18:28:53 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f0000000040)=0xffffffffffffff50)

18:28:53 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = geteuid()
setresuid(r2, 0xee01, 0xffffffffffffffff)

18:28:53 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:53 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
clock_gettime(0x0, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000080)=@overlay={0x1, 0xa, 0x4, 0x2, 0x3, {}, {0x2, 0x0, 0x7f, 0x5, 0x1f, 0x2b, "b7f6a2be"}, 0x4, 0x3, {}, 0x2, 0x0, r1}) (async)
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0) (async)
sched_rr_get_interval(r2, &(0x7f00000001c0)) (async)
clock_getres(0x3, &(0x7f0000000200)) (async)
r3 = getpid()
sched_rr_get_interval(r3, &(0x7f0000000100))
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180))

18:28:53 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = geteuid()
setresuid(r2, 0xee01, 0xffffffffffffffff)

18:28:54 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1401, 0x10, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x44004}, 0x40000a0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1401, 0x10, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x44004}, 0x40000a0) (async)

18:28:54 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x8, &(0x7f0000000140)={[0x100000001]}, 0x8)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_create1(0x80000)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCGDEV(r2, 0x80045432, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))

18:28:54 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f0000000040)=0xffffffffffffff50)

18:28:54 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = geteuid()
setresuid(r2, 0xee01, 0xffffffffffffffff)

18:28:54 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000003c0)={0xb, @vbi={0x0, 0x2, 0xfffffffa, 0x31363553, [0xfffffc00, 0x5], [0x7, 0x4], 0x1}})
r1 = geteuid()
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000100)=@multiplanar_mmap={0x7f, 0x2, 0x4, 0x7dca76c72adaa7f, 0x7, {0x0, 0xea60}, {0x3, 0x8, 0x3, 0x40, 0x8b, 0x62, "47260ac4"}, 0x9, 0x1, {&(0x7f0000000080)=[{0x7, 0x3ff, {}, 0x7}, {0x7f, 0x80000000, {0x7}, 0x6}]}})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000000)={0x5, 0x5c, 0x3})
r3 = geteuid()
setresuid(r1, r1, r3)
setresuid(0xffffffffffffffff, 0x0, r1)
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000003c0)={0xb, @vbi={0x0, 0x2, 0xfffffffa, 0x31363553, [0xfffffc00, 0x5], [0x7, 0x4], 0x1}}) (async)
geteuid() (async)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000100)=@multiplanar_mmap={0x7f, 0x2, 0x4, 0x7dca76c72adaa7f, 0x7, {0x0, 0xea60}, {0x3, 0x8, 0x3, 0x40, 0x8b, 0x62, "47260ac4"}, 0x9, 0x1, {&(0x7f0000000080)=[{0x7, 0x3ff, {}, 0x7}, {0x7f, 0x80000000, {0x7}, 0x6}]}}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000000)={0x5, 0x5c, 0x3}) (async)
geteuid() (async)
setresuid(r1, r1, r3) (async)
setresuid(0xffffffffffffffff, 0x0, r1) (async)

18:28:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:54 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x84)
timerfd_gettime(r2, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x22486bde67288f40, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r7, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r7, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r5, 0x310, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0xc000)
ioctl$TIOCOUTQ(r6, 0x5411, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r8 = syz_open_pts(r6, 0x206940)
ioctl$KDGETMODE(r8, 0x4b3b, &(0x7f0000000340))

18:28:54 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x8, &(0x7f0000000140)={[0x100000001]}, 0x8)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_create1(0x80000)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCGDEV(r2, 0x80045432, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x8, &(0x7f0000000140)={[0x100000001]}, 0x8) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_create1(0x80000) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$TIOCGDEV(r2, 0x80045432, &(0x7f0000000080)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) (async)

18:28:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:54 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (rerun: 64)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x84)
timerfd_gettime(r2, 0x0) (async)
ioctl$TCXONC(r2, 0x540a, 0x2) (async)
r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x22486bde67288f40, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r7, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r7, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r5, 0x310, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0xc000)
ioctl$TIOCOUTQ(r6, 0x5411, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r8 = syz_open_pts(r6, 0x206940)
ioctl$KDGETMODE(r8, 0x4b3b, &(0x7f0000000340))

18:28:54 executing program 2:
r0 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000240)={0x0, 0x3, 0x7, '\x00', &(0x7f0000000200)=0x3f})
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x2c, r0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0xc880)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

18:28:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:55 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
socketpair(0x0, 0x2, 0x8, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$bt_sco(r1, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:28:55 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (async, rerun: 64)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x84) (async, rerun: 64)
timerfd_gettime(r2, 0x0) (rerun: 64)
ioctl$TCXONC(r2, 0x540a, 0x2)
r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x22486bde67288f40, 0x0) (async)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r7, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r7, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r5, 0x310, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0xc000)
ioctl$TIOCOUTQ(r6, 0x5411, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r8 = syz_open_pts(r6, 0x206940)
ioctl$KDGETMODE(r8, 0x4b3b, &(0x7f0000000340))

18:28:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_create(0x80000000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:55 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x8, &(0x7f0000000140)={[0x100000001]}, 0x8)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_create1(0x80000) (async)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCGDEV(r2, 0x80045432, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))

18:28:55 executing program 2:
r0 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000240)={0x0, 0x3, 0x7, '\x00', &(0x7f0000000200)=0x3f})
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x2c, r0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0xc880)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)
syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff) (async)
ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000240)={0x0, 0x3, 0x7, '\x00', &(0x7f0000000200)=0x3f}) (async)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x2c, r0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0xc880) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14) (async)

18:28:55 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000003c0)={0xb, @vbi={0x0, 0x2, 0xfffffffa, 0x31363553, [0xfffffc00, 0x5], [0x7, 0x4], 0x1}}) (async)
r1 = geteuid()
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000100)=@multiplanar_mmap={0x7f, 0x2, 0x4, 0x7dca76c72adaa7f, 0x7, {0x0, 0xea60}, {0x3, 0x8, 0x3, 0x40, 0x8b, 0x62, "47260ac4"}, 0x9, 0x1, {&(0x7f0000000080)=[{0x7, 0x3ff, {}, 0x7}, {0x7f, 0x80000000, {0x7}, 0x6}]}}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000000)={0x5, 0x5c, 0x3}) (async)
r3 = geteuid()
setresuid(r1, r1, r3)
setresuid(0xffffffffffffffff, 0x0, r1)

18:28:55 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000))
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 32)
r1 = epoll_create1(0x0)
epoll_create(0x80000000) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:55 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000100))
r2 = epoll_create1(0x0)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDDELIO(r3, 0x4b35, 0xeeab)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={0xffffffffffffffff}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:55 executing program 2:
r0 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000240)={0x0, 0x3, 0x7, '\x00', &(0x7f0000000200)=0x3f})
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x2c, r0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0xc880)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)
syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff) (async)
ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000240)={0x0, 0x3, 0x7, '\x00', &(0x7f0000000200)=0x3f}) (async)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x2c, r0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0xc880) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14) (async)

18:28:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_create(0x80000000) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (rerun: 64)

18:28:55 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:55 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000100)) (async)
r2 = epoll_create1(0x0)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDDELIO(r3, 0x4b35, 0xeeab)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={0xffffffffffffffff}}, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:56 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
socketpair(0x0, 0x2, 0x8, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$bt_sco(r1, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:28:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x7fffffff, 0x5, 0x7, 0x10001, 0x12, "73f4d398884ffa90e3222308bfe84fa294f924"})
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:56 executing program 2:
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x1401, 0x300, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}}, 0x4000080)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f0000000000))

18:28:56 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000100)) (async)
r2 = epoll_create1(0x0) (async)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDDELIO(r3, 0x4b35, 0xeeab)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={0xffffffffffffffff}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:28:56 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:56 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000300)={0xfffffff8, 0x7, 0x3, 0x0, 0x8})
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x80800)
ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000100)=@fd={0x1, 0x4, 0x4, 0x400, 0x7ff, {0x77359400}, {0x1, 0xc, 0x20, 0x4, 0x1f, 0x1, "2060fed7"}, 0xfa66, 0x4, {}, 0x18eb})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
r3 = syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
ioctl$VIDIOC_G_STD(r3, 0x80085617, &(0x7f00000002c0))
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000000080)={0x3f, 0x1, 0x8000})

18:28:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x7fffffff, 0x5, 0x7, 0x10001, 0x12, "73f4d398884ffa90e3222308bfe84fa294f924"})
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x1) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x7fffffff, 0x5, 0x7, 0x10001, 0x12, "73f4d398884ffa90e3222308bfe84fa294f924"}) (async)
epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:56 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
ioctl$DRM_IOCTL_MODE_SETPLANE(r2, 0xc03064b7, &(0x7f0000000100)={0x0, 0x3, 0x5, 0x8, 0x8000, 0x1, 0x11c3, 0xff, 0xe00, 0x7fff, 0x8, 0x7})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
epoll_pwait(r3, &(0x7f0000000000)=[{}], 0x1, 0x8, &(0x7f0000000080)={[0x1]}, 0x8)

18:28:56 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
ioctl$DRM_IOCTL_MODE_SETPLANE(r2, 0xc03064b7, &(0x7f0000000100)={0x0, 0x3, 0x5, 0x8, 0x8000, 0x1, 0x11c3, 0xff, 0xe00, 0x7fff, 0x8, 0x7}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
epoll_pwait(r3, &(0x7f0000000000)=[{}], 0x1, 0x8, &(0x7f0000000080)={[0x1]}, 0x8)

18:28:56 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:56 executing program 2:
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x1401, 0x300, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}}, 0x4000080)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f0000000000))
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x1401, 0x300, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}}, 0x4000080) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f0000000000)) (async)

18:28:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1) (async, rerun: 64)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 64)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x7fffffff, 0x5, 0x7, 0x10001, 0x12, "73f4d398884ffa90e3222308bfe84fa294f924"}) (async, rerun: 32)
r1 = epoll_create1(0x80000) (async, rerun: 32)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:56 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
socketpair(0x0, 0x2, 0x8, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$bt_sco(r1, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
socketpair(0x0, 0x2, 0x8, &(0x7f0000000000)) (async)
bind$bt_sco(r1, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)

18:28:56 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
ioctl$DRM_IOCTL_MODE_SETPLANE(r2, 0xc03064b7, &(0x7f0000000100)={0x0, 0x3, 0x5, 0x8, 0x8000, 0x1, 0x11c3, 0xff, 0xe00, 0x7fff, 0x8, 0x7}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async, rerun: 64)
epoll_pwait(r3, &(0x7f0000000000)=[{}], 0x1, 0x8, &(0x7f0000000080)={[0x1]}, 0x8) (rerun: 64)

18:28:56 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async, rerun: 64)
r1 = epoll_create1(0x80000) (rerun: 64)
ioctl$TCXONC(r0, 0x540a, 0x0) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (rerun: 64)

18:28:56 executing program 2:
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x1401, 0x300, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}}, 0x4000080)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f0000000000))
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x1401, 0x300, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}}, 0x4000080) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f0000000000)) (async)

18:28:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/97})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:56 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000300)={0xfffffff8, 0x7, 0x3, 0x0, 0x8}) (async)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x80800)
ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000100)=@fd={0x1, 0x4, 0x4, 0x400, 0x7ff, {0x77359400}, {0x1, 0xc, 0x20, 0x4, 0x1f, 0x1, "2060fed7"}, 0xfa66, 0x4, {}, 0x18eb})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) (async)
r3 = syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
ioctl$VIDIOC_G_STD(r3, 0x80085617, &(0x7f00000002c0))
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000000080)={0x3f, 0x1, 0x8000})

18:28:57 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x20000000})

18:28:57 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/97})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:57 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/97}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:57 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x20000000})

18:28:57 executing program 2:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080), 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="8bd9a85ba9c21de7a9cb7947d20000b293628507a9e70b6571922f036fac43efa204fd71dfacbd3d62ff6b6a4eea1134620b24d29ce320b197e65d63a9c643c700c6550996315eba25c2c100"/86, @ANYRES16=r0, @ANYBLOB="020025bd7000fbdbdf25150000000800210007000000180020800c0005000900000000000000050002000200000005001e000100000008001f0004000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x20040090)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={0x2c, r3, 0x20, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x2c}}, 0x0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xc9abb6cfdf6f66ba}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x24, r3, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xfffe}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x8050)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="d6f41e38000100", @ANYRES16=r5, @ANYBLOB="00012dbd7000fcdbdf25230000000a0001007770616e3400020005002800ff0000000070000000"], 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x80)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)={0x30, r9, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x24, r7, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x800)

18:28:57 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x20000000})

18:28:57 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x0, "010100"})
epoll_create1(0x0)

18:28:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4)
r1 = epoll_create1(0x0)
r2 = syz_open_dev$vivid(&(0x7f0000000040), 0x1, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$TIOCSCTTY(r3, 0x540e, 0x5)
ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000080)={0x1ff, "3703164f8a9140f4b96f626927cc719bd4a1ec5d5bbda8037de5a155f22bc040", 0x2, 0x1})
ioctl$TCXONC(r0, 0x540a, 0x0)
timerfd_gettime(r3, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x20000000})
epoll_create1(0x80000)

18:28:57 executing program 1:
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80000)
epoll_pwait(r0, &(0x7f0000000000)=[{}, {}, {}], 0x3, 0xc, &(0x7f0000000080)={[0x3]}, 0x8)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000040), 0x8)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8)
epoll_pwait(r0, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x6, 0x2, &(0x7f0000000200)={[0x4]}, 0x8)
bind$bt_sco(r0, &(0x7f0000000140)={0x1f, @none}, 0x8)

18:28:57 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x8, 0x1ff, 0x9, 0x0, 0x0, "45bc6fed87f3bd89"})
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:57 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000300)={0xfffffff8, 0x7, 0x3, 0x0, 0x8}) (async)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x80800)
ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000100)=@fd={0x1, 0x4, 0x4, 0x400, 0x7ff, {0x77359400}, {0x1, 0xc, 0x20, 0x4, 0x1f, 0x1, "2060fed7"}, 0xfa66, 0x4, {}, 0x18eb}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async, rerun: 32)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) (rerun: 32)
r3 = syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
ioctl$VIDIOC_G_STD(r3, 0x80085617, &(0x7f00000002c0))
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000000080)={0x3f, 0x1, 0x8000})

18:28:57 executing program 2:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080), 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="8bd9a85ba9c21de7a9cb7947d20000b293628507a9e70b6571922f036fac43efa204fd71dfacbd3d62ff6b6a4eea1134620b24d29ce320b197e65d63a9c643c700c6550996315eba25c2c100"/86, @ANYRES16=r0, @ANYBLOB="020025bd7000fbdbdf25150000000800210007000000180020800c0005000900000000000000050002000200000005001e000100000008001f0004000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x20040090)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={0x2c, r3, 0x20, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xc9abb6cfdf6f66ba}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x24, r3, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xfffe}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x8050) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="d6f41e38000100", @ANYRES16=r5, @ANYBLOB="00012dbd7000fcdbdf25230000000a0001007770616e3400020005002800ff0000000070000000"], 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x80)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)={0x30, r9, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0x4080}, 0x0) (async)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x24, r7, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x800)

18:28:57 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x0, "010100"})
epoll_create1(0x0)

18:28:57 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x8, 0x1ff, 0x9, 0x0, 0x0, "45bc6fed87f3bd89"})
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:57 executing program 2:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080), 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="8bd9a85ba9c21de7a9cb7947d20000b293628507a9e70b6571922f036fac43efa204fd71dfacbd3d62ff6b6a4eea1134620b24d29ce320b197e65d63a9c643c700c6550996315eba25c2c100"/86, @ANYRES16=r0, @ANYBLOB="020025bd7000fbdbdf25150000000800210007000000180020800c0005000900000000000000050002000200000005001e000100000008001f0004000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x20040090) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={0x2c, r3, 0x20, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x2c}}, 0x0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xc9abb6cfdf6f66ba}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x24, r3, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xfffe}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x8050) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="d6f41e38000100", @ANYRES16=r5, @ANYBLOB="00012dbd7000fcdbdf25230000000a0001007770616e3400020005002800ff0000000070000000"], 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x80) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)={0x30, r9, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0x4080}, 0x0) (async)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x24, r7, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x800)

18:28:57 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x0, "010100"})
epoll_create1(0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x0, "010100"}) (async)
epoll_create1(0x0) (async)

18:28:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) (async, rerun: 64)
r1 = epoll_create1(0x0) (rerun: 64)
r2 = syz_open_dev$vivid(&(0x7f0000000040), 0x1, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$TIOCSCTTY(r3, 0x540e, 0x5)
ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000080)={0x1ff, "3703164f8a9140f4b96f626927cc719bd4a1ec5d5bbda8037de5a155f22bc040", 0x2, 0x1}) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
timerfd_gettime(r3, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x20000000}) (async)
epoll_create1(0x80000)

18:28:57 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))

18:28:58 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) (async)

18:28:58 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x8, 0x1ff, 0x9, 0x0, 0x0, "45bc6fed87f3bd89"}) (async)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:58 executing program 1:
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80000)
epoll_pwait(r0, &(0x7f0000000000)=[{}, {}, {}], 0x3, 0xc, &(0x7f0000000080)={[0x3]}, 0x8) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
epoll_pwait(r0, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x6, 0x2, &(0x7f0000000200)={[0x4]}, 0x8) (async)
bind$bt_sco(r0, &(0x7f0000000140)={0x1f, @none}, 0x8)

18:28:58 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x6, &(0x7f0000000140)=0x7, 0x4)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x20, 0x1402, 0x1, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000080)={0x3, 0x305aa7513b130fef, 0x9})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000))

18:28:58 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) (async)

18:28:58 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000))
ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, {0x6, 0x4, 0x401, 0x1}})
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000080)={0x3, 0x103, 0x1, {0x800, 0x1, 0xc54, 0x1}})

18:28:58 executing program 3:
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xf7dfa5018119c247}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="800000001b29b9be0880b1954d68e618f45db3c05cb1d15a4f6082e2b98e576853eba7138e4ca0df189b2ff199f357693fc46e5c74", @ANYRES16=0x0, @ANYBLOB="100027bd7000fedbdf250800000005002f00010000000500380000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20060874}, 0x14)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x2cc, r2, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x118, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xb4, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x64, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_DEVKEY={0x188, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x34, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xffffffff}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}]}, @NL802154_DEVKEY_ATTR_ID={0xb8, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x54, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x18, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x3c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x1}, @NL802154_DEVKEY_ATTR_ID={0x90, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x60, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0x5551}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1ff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0x7340c4222532a799}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x200}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x81}]}]}]}, 0x2cc}, 0x1, 0x0, 0x0, 0x40010}, 0x810)
epoll_create1(0x0)

18:28:58 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4)
r1 = epoll_create1(0x0) (async)
r2 = syz_open_dev$vivid(&(0x7f0000000040), 0x1, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$TIOCSCTTY(r3, 0x540e, 0x5) (async)
ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000080)={0x1ff, "3703164f8a9140f4b96f626927cc719bd4a1ec5d5bbda8037de5a155f22bc040", 0x2, 0x1}) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
timerfd_gettime(r3, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x20000000}) (async)
epoll_create1(0x80000)

18:28:58 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc091}, 0x1)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x80000000, 0x2)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4)

18:28:58 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc091}, 0x1)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x80000000, 0x2)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc091}, 0x1) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
syz_open_dev$dri(&(0x7f0000000000), 0x80000000, 0x2) (async)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4) (async)

18:28:58 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:58 executing program 3:
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xf7dfa5018119c247}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="800000001b29b9be0880b1954d68e618f45db3c05cb1d15a4f6082e2b98e576853eba7138e4ca0df189b2ff199f357693fc46e5c74", @ANYRES16=0x0, @ANYBLOB="100027bd7000fedbdf250800000005002f00010000000500380000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20060874}, 0x14) (async)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x2cc, r2, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x118, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xb4, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x64, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_DEVKEY={0x188, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x34, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xffffffff}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}]}, @NL802154_DEVKEY_ATTR_ID={0xb8, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x54, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x18, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x3c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x1}, @NL802154_DEVKEY_ATTR_ID={0x90, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x60, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0x5551}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1ff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0x7340c4222532a799}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x200}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x81}]}]}]}, 0x2cc}, 0x1, 0x0, 0x0, 0x40010}, 0x810)
epoll_create1(0x0)

18:28:58 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x6, &(0x7f0000000140)=0x7, 0x4)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x20, 0x1402, 0x1, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000080)={0x3, 0x305aa7513b130fef, 0x9})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x6, &(0x7f0000000140)=0x7, 0x4) (async)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x20, 0x1402, 0x1, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x20000080) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000080)={0x3, 0x305aa7513b130fef, 0x9}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) (async)

18:28:58 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:59 executing program 1:
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80000)
epoll_pwait(r0, &(0x7f0000000000)=[{}, {}, {}], 0x3, 0xc, &(0x7f0000000080)={[0x3]}, 0x8)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000040), 0x8)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8)
epoll_pwait(r0, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x6, 0x2, &(0x7f0000000200)={[0x4]}, 0x8)
bind$bt_sco(r0, &(0x7f0000000140)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000100), 0x80000) (async)
epoll_pwait(r0, &(0x7f0000000000)=[{}, {}, {}], 0x3, 0xc, &(0x7f0000000080)={[0x3]}, 0x8) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r1, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r1, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
epoll_pwait(r0, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x6, 0x2, &(0x7f0000000200)={[0x4]}, 0x8) (async)
bind$bt_sco(r0, &(0x7f0000000140)={0x1f, @none}, 0x8) (async)

18:28:59 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc091}, 0x1) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x80000000, 0x2)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4)

18:28:59 executing program 3:
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xf7dfa5018119c247}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="800000001b29b9be0880b1954d68e618f45db3c05cb1d15a4f6082e2b98e576853eba7138e4ca0df189b2ff199f357693fc46e5c74", @ANYRES16=0x0, @ANYBLOB="100027bd7000fedbdf250800000005002f00010000000500380000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20060874}, 0x14) (async)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x2cc, r2, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x118, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xb4, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x64, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_DEVKEY={0x188, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x34, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xffffffff}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}]}, @NL802154_DEVKEY_ATTR_ID={0xb8, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x54, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x18, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x3c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x1}, @NL802154_DEVKEY_ATTR_ID={0x90, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x60, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0x5551}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1ff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0x7340c4222532a799}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x200}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x81}]}]}]}, 0x2cc}, 0x1, 0x0, 0x0, 0x40010}, 0x810) (async)
epoll_create1(0x0)

18:28:59 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:59 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x6, &(0x7f0000000140)=0x7, 0x4)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x20, 0x1402, 0x1, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x20000080) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000080)={0x3, 0x305aa7513b130fef, 0x9}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000))

18:28:59 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000)) (async)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, {0x6, 0x4, 0x401, 0x1}}) (async)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000080)={0x3, 0x103, 0x1, {0x800, 0x1, 0xc54, 0x1}})

18:28:59 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r2, 0xc040563d, &(0x7f0000000000)={0x1, 0x0, 0x101, 0x4, {0x8001, 0x5, 0x6, 0xfff}})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:59 executing program 2:
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4800)
timerfd_gettime(r0, 0x0)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000))
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:28:59 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x151680, 0x0)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:59 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r2, 0xc040563d, &(0x7f0000000000)={0x1, 0x0, 0x101, 0x4, {0x8001, 0x5, 0x6, 0xfff}})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r2, 0xc040563d, &(0x7f0000000000)={0x1, 0x0, 0x101, 0x4, {0x8001, 0x5, 0x6, 0xfff}}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:28:59 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00', <r4=>0x0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
bind$bt_sco(r5, &(0x7f0000000200)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x20}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x7}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x87}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x10000851)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r8, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan4\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000002c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r6, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x30, r8, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0xb4d39f9c29f53845}, 0x44080)

18:28:59 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40814}, 0x84)
syz_open_dev$ptys(0xc, 0x3, 0x1)
syz_open_dev$ptys(0xc, 0x3, 0x0)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000000)={0x86, 0xc5, 0x8001})
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = epoll_create(0x40)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x40000000})

18:28:59 executing program 2:
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4800)
timerfd_gettime(r0, 0x0)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000))
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000040), 0x4800) (async)
timerfd_gettime(r0, 0x0) (async)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000)) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)

18:28:59 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000)) (async)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, {0x6, 0x4, 0x401, 0x1}})
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000080)={0x3, 0x103, 0x1, {0x800, 0x1, 0xc54, 0x1}})

18:28:59 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r2, 0xc040563d, &(0x7f0000000000)={0x1, 0x0, 0x101, 0x4, {0x8001, 0x5, 0x6, 0xfff}})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:59 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x151680, 0x0)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:59 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40814}, 0x84)
syz_open_dev$ptys(0xc, 0x3, 0x1)
syz_open_dev$ptys(0xc, 0x3, 0x0)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000000)={0x86, 0xc5, 0x8001})
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = epoll_create(0x40)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x40000000})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40814}, 0x84) (async)
syz_open_dev$ptys(0xc, 0x3, 0x1) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000000)={0x86, 0xc5, 0x8001}) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_create(0x40) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x40000000}) (async)

18:28:59 executing program 2:
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4800)
timerfd_gettime(r0, 0x0) (async)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000)) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:28:59 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000100))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x9, 0x200, 0x7fff, 0x8, 0x1a, "26929229fec3f21228566118333193eb2fd6c1"})
r1 = epoll_create1(0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000080)={0x0, 0x5, 0x9, '\x00', &(0x7f0000000000)=0x3})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

18:28:59 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x151680, 0x0)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f00000000c0)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:28:59 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40814}, 0x84) (async)
syz_open_dev$ptys(0xc, 0x3, 0x1) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000000)={0x86, 0xc5, 0x8001})
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
r2 = epoll_create(0x40)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x40000000})

18:28:59 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x1411, 0x4, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x40048081}, 0x4004)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:00 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x1411, 0x4, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x40048081}, 0x4004) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:00 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000100)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x9, 0x200, 0x7fff, 0x8, 0x1a, "26929229fec3f21228566118333193eb2fd6c1"})
r1 = epoll_create1(0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000080)={0x0, 0x5, 0x9, '\x00', &(0x7f0000000000)=0x3})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async, rerun: 32)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) (async, rerun: 32)
ioctl$TCXONC(r0, 0x540a, 0x0)

18:29:00 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x220000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x18)

18:29:00 executing program 3:
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='p\v\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002abd7000fcdbdf2507000000080005000200000008000500020000000c000600020000000000000008000100020000000c00060000000000000000000c000600030000000000000008000500010000000800010000000000"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x20004080)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCMGET(r2, 0x5415, &(0x7f00000001c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:00 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00', <r4=>0x0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
bind$bt_sco(r5, &(0x7f0000000200)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x20}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x7}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x87}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x10000851)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r8, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan4\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000002c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r6, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x30, r8, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0xb4d39f9c29f53845}, 0x44080)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00'}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r5, 0x0) (async)
bind$bt_sco(r5, &(0x7f0000000200)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x20}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x7}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x87}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x10000851) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r8, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan4\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000002c0)={'wpan0\x00'}) (async)
sendmsg$NL802154_CMD_SET_PAN_ID(r6, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x30, r8, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0xb4d39f9c29f53845}, 0x44080) (async)

18:29:00 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0xfff, 0x0, '\x00', {0x0, @bt={0x0, 0x65, 0x0, 0x1, 0x4ef4, 0x40, 0x7fff, 0xcdce, 0x7, 0xb9c, 0x5, 0x6068, 0xe8, 0x11, 0x11, 0x6, {0x0, 0x8d}, 0x7, 0x2}}})
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000140)={0x9, 0x3, 0x1, "6fa5d3b01ed24278ffb7e185877a759544480de5f8a6b11b1ffc9384b9728676", 0x56595559})

18:29:00 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000100)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x9, 0x200, 0x7fff, 0x8, 0x1a, "26929229fec3f21228566118333193eb2fd6c1"}) (async)
r1 = epoll_create1(0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000080)={0x0, 0x5, 0x9, '\x00', &(0x7f0000000000)=0x3}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)

18:29:00 executing program 3:
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='p\v\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002abd7000fcdbdf2507000000080005000200000008000500020000000c000600020000000000000008000100020000000c00060000000000000000000c000600030000000000000008000500010000000800010000000000"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x20004080) (async)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCMGET(r2, 0x5415, &(0x7f00000001c0)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:00 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x220000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x18)

18:29:00 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x1411, 0x4, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x40048081}, 0x4004)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x1411, 0x4, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x40048081}, 0x4004) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)

18:29:00 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x220000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x18)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x220000, 0x0) (async)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x18) (async)

18:29:00 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x2, 0x1, 0x100})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:00 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00', <r4=>0x0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0) (async)
bind$bt_sco(r5, &(0x7f0000000200)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x20}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x7}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x87}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x10000851)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r8, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan4\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000002c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r6, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x30, r8, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0xb4d39f9c29f53845}, 0x44080)

18:29:00 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
timerfd_create(0x2, 0x800)
r2 = syz_open_pts(r0, 0x108000)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x4, 0x0, 0x9, 0xfffffffffffffffe, 0x80000001})

18:29:00 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x2, 0x1, 0x100})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:00 executing program 3:
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='p\v\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002abd7000fcdbdf2507000000080005000200000008000500020000000c000600020000000000000008000100020000000c00060000000000000000000c000600030000000000000008000500010000000800010000000000"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x20004080)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCMGET(r2, 0x5415, &(0x7f00000001c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='p\v\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002abd7000fcdbdf2507000000080005000200000008000500020000000c000600020000000000000008000100020000000c00060000000000000000000c000600030000000000000008000500010000000800010000000000"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x20004080) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCMGET(r2, 0x5415, &(0x7f00000001c0)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:00 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000700)={0x0, 0x9, 0x0, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x4, 0x0, &(0x7f0000000400)=[{}, {}, {}, {}], 0x6, 0x0, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000680)=[{}, {}, {}]})
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=""/237})
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:29:00 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0xfff, 0x0, '\x00', {0x0, @bt={0x0, 0x65, 0x0, 0x1, 0x4ef4, 0x40, 0x7fff, 0xcdce, 0x7, 0xb9c, 0x5, 0x6068, 0xe8, 0x11, 0x11, 0x6, {0x0, 0x8d}, 0x7, 0x2}}})
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000140)={0x9, 0x3, 0x1, "6fa5d3b01ed24278ffb7e185877a759544480de5f8a6b11b1ffc9384b9728676", 0x56595559})

18:29:00 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x2, 0x1, 0x100})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:00 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
timerfd_create(0x2, 0x800) (async)
r2 = syz_open_pts(r0, 0x108000)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x4, 0x0, 0x9, 0xfffffffffffffffe, 0x80000001})

18:29:00 executing program 3:
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x80000000})

18:29:00 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000700)={0x0, 0x9, 0x0, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x4, 0x0, &(0x7f0000000400)=[{}, {}, {}, {}], 0x6, 0x0, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000680)=[{}, {}, {}]}) (async)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=""/237}) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:29:00 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
timerfd_gettime(r1, &(0x7f00000000c0))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000080))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000000))
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

18:29:00 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
timerfd_create(0x2, 0x800) (async)
r2 = syz_open_pts(r0, 0x108000)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x4, 0x0, 0x9, 0xfffffffffffffffe, 0x80000001})

18:29:01 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_STD(r2, 0x80085617, &(0x7f0000000080))
timerfd_gettime(r1, &(0x7f0000000100))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:01 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
timerfd_gettime(r1, &(0x7f00000000c0)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000080)) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000000)) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

18:29:01 executing program 3:
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) (async, rerun: 64)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (rerun: 64)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x80000000})

18:29:01 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000700)={0x0, 0x9, 0x0, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x4, 0x0, &(0x7f0000000400)=[{}, {}, {}, {}], 0x6, 0x0, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000680)=[{}, {}, {}]})
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=""/237})
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000000), 0x0) (async)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000700)={0x0, 0x9, 0x0, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x4, 0x0, &(0x7f0000000400)=[{}, {}, {}, {}], 0x6, 0x0, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000680)=[{}, {}, {}]}) (async)
socket$inet_dccp(0x2, 0x6, 0x0) (async)
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=""/237}) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040)) (async)

18:29:01 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = epoll_create1(0x80000)
syz_open_dev$media(&(0x7f0000000000), 0x7f, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:01 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0xfff, 0x0, '\x00', {0x0, @bt={0x0, 0x65, 0x0, 0x1, 0x4ef4, 0x40, 0x7fff, 0xcdce, 0x7, 0xb9c, 0x5, 0x6068, 0xe8, 0x11, 0x11, 0x6, {0x0, 0x8d}, 0x7, 0x2}}})
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000140)={0x9, 0x3, 0x1, "6fa5d3b01ed24278ffb7e185877a759544480de5f8a6b11b1ffc9384b9728676", 0x56595559})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0xfff, 0x0, '\x00', {0x0, @bt={0x0, 0x65, 0x0, 0x1, 0x4ef4, 0x40, 0x7fff, 0xcdce, 0x7, 0xb9c, 0x5, 0x6068, 0xe8, 0x11, 0x11, 0x6, {0x0, 0x8d}, 0x7, 0x2}}}) (async)
syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2) (async)
ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000140)={0x9, 0x3, 0x1, "6fa5d3b01ed24278ffb7e185877a759544480de5f8a6b11b1ffc9384b9728676", 0x56595559}) (async)

18:29:01 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
timerfd_gettime(r1, &(0x7f00000000c0)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000080)) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000000)) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

18:29:01 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
r1 = epoll_create1(0x80000) (async)
syz_open_dev$media(&(0x7f0000000000), 0x7f, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:01 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000000))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:01 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000000)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:01 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000000))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:01 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = epoll_create1(0x80000)
syz_open_dev$media(&(0x7f0000000000), 0x7f, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:02 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_STD(r2, 0x80085617, &(0x7f0000000080)) (async, rerun: 64)
timerfd_gettime(r1, &(0x7f0000000100)) (async, rerun: 64)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:02 executing program 3:
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x80000000})

18:29:02 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:29:02 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x408200, 0x0)
timerfd_gettime(r2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000180)={0xe0002010})

18:29:02 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:02 executing program 5:
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)

18:29:02 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCMBIC(r3, 0x5417, &(0x7f00000000c0)=0x401)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
syz_open_pts(r4, 0x1110c0)
r5 = syz_open_dev$vivid(&(0x7f0000000100), 0x2, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f00000001c0)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}})

18:29:02 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000)) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (async)

18:29:02 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x408200, 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000180)={0xe0002010})

18:29:02 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r2 = epoll_create1(0x0) (async)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCMBIC(r3, 0x5417, &(0x7f00000000c0)=0x401) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0) (async)
syz_open_pts(r4, 0x1110c0) (async)
r5 = syz_open_dev$vivid(&(0x7f0000000100), 0x2, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f00000001c0)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}})

18:29:02 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"}) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:02 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0) (async, rerun: 32)
ioctl$TCXONC(r0, 0x540a, 0x0) (async, rerun: 32)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x408200, 0x0) (async, rerun: 64)
timerfd_gettime(r2, 0x0) (rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000180)={0xe0002010})

18:29:03 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_STD(r2, 0x80085617, &(0x7f0000000080))
timerfd_gettime(r1, &(0x7f0000000100))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_G_STD(r2, 0x80085617, &(0x7f0000000080)) (async)
timerfd_gettime(r1, &(0x7f0000000100)) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:03 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCMBIC(r3, 0x5417, &(0x7f00000000c0)=0x401)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
syz_open_pts(r4, 0x1110c0)
r5 = syz_open_dev$vivid(&(0x7f0000000100), 0x2, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f00000001c0)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000000), 0x4800) (async)
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000080)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
ioctl$TIOCMBIC(r3, 0x5417, &(0x7f00000000c0)=0x401) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
syz_open_pts(r4, 0x1110c0) (async)
syz_open_dev$vivid(&(0x7f0000000100), 0x2, 0x2) (async)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f00000001c0)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}}) (async)

18:29:03 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000000)={0x3e0, 0x84c, 0x8001})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

18:29:03 executing program 5:
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)

18:29:03 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:29:03 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x80000)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x1)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)={0x80000000})

18:29:03 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000100))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r3, 0x541c, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))
r4 = syz_open_dev$vivid(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_QUERYSTD(r4, 0x8008563f, &(0x7f0000000080))

18:29:03 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x80000)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x1) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)={0x80000000})

18:29:03 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000000)={0x3e0, 0x84c, 0x8001}) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

18:29:03 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000100)) (async, rerun: 32)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 32)
r2 = epoll_create1(0x0) (async)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r3, 0x541c, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)
r4 = syz_open_dev$vivid(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_QUERYSTD(r4, 0x8008563f, &(0x7f0000000080))

18:29:03 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000000)={0x3e0, 0x84c, 0x8001}) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

18:29:03 executing program 5:
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)

18:29:04 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000100)=""/217, &(0x7f0000000000)=0xd9)
socketpair(0x73, 0x80000, 0x2, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x58, 0x1406, 0x800, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x8010)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:04 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:04 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x80000)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x1)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)={0x80000000})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x80000) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCXONC(r1, 0x540a, 0x1) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)={0x80000000}) (async)

18:29:04 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000100)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r2 = epoll_create1(0x0) (async)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r3, 0x541c, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)
r4 = syz_open_dev$vivid(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_QUERYSTD(r4, 0x8008563f, &(0x7f0000000080))

18:29:04 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:29:04 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000080))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x80000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, 0x1409, 0x200, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x8000)

18:29:04 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000000)={0x8})

18:29:04 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r3 = syz_open_pts(r0, 0x4400)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000240)={0x7, 0x7, 0x1, 0xcb7, 0x9, "0aa437aab66e5b7c12d3411c556657f52defca"})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r2, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r5, 0xeaf62f055ec910b4, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000003}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc0}, 0x10)

18:29:04 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:04 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r3 = syz_open_pts(r0, 0x4400)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000240)={0x7, 0x7, 0x1, 0xcb7, 0x9, "0aa437aab66e5b7c12d3411c556657f52defca"})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r2, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r5, 0xeaf62f055ec910b4, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000003}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc0}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
syz_open_pts(r0, 0x4400) (async)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000240)={0x7, 0x7, 0x1, 0xcb7, 0x9, "0aa437aab66e5b7c12d3411c556657f52defca"}) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00'}) (async)
sendmsg$NL802154_CMD_SET_PAN_ID(r2, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r5, 0xeaf62f055ec910b4, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000003}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc0}, 0x10) (async)

18:29:04 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:04 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
r3 = syz_open_pts(r0, 0x4400)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000240)={0x7, 0x7, 0x1, 0xcb7, 0x9, "0aa437aab66e5b7c12d3411c556657f52defca"}) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r2, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r5, 0xeaf62f055ec910b4, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000003}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc0}, 0x10)

18:29:05 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000100)=""/217, &(0x7f0000000000)=0xd9)
socketpair(0x73, 0x80000, 0x2, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x58, 0x1406, 0x800, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x8010) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:05 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000000)={0x8})

18:29:05 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000080))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x80000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, 0x1409, 0x200, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2) (async)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000080)) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
pipe2(&(0x7f00000000c0), 0x80000) (async)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, 0x1409, 0x200, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x8000) (async)

18:29:05 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:05 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:05 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async, rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000000)={0x8}) (rerun: 32)

18:29:05 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000080))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x80000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, 0x1409, 0x200, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2) (async)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000080)) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
pipe2(&(0x7f00000000c0), 0x80000) (async)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, 0x1409, 0x200, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x8000) (async)

18:29:05 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:05 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000000)="5b348f562538c8d30b00000000e3")
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:05 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000100)=""/217, &(0x7f0000000000)=0xd9) (async, rerun: 64)
socketpair(0x73, 0x80000, 0x2, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (rerun: 64)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x58, 0x1406, 0x800, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x8010) (async, rerun: 64)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (rerun: 64)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:05 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:05 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000)) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:05 executing program 5:
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)

18:29:05 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000000)="5b348f562538c8d30b00000000e3") (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:05 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000000)="5b348f562538c8d30b00000000e3") (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:05 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:05 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000040)=0x4)

18:29:05 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:06 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000040)=0x4)

18:29:06 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:06 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
connect$bt_sco(r2, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r3})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r4, 0x541c, &(0x7f0000000000))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:06 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x1406, 0x200, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000000}, 0x10010)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:06 executing program 5:
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)

18:29:06 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket(0x8, 0x800, 0x2)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00'})
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
setresuid(0xee00, 0xee00, 0xee00)

18:29:06 executing program 0:
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000180))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080))

18:29:06 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x1406, 0x200, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000000}, 0x10010)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x1406, 0x200, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000000}, 0x10010) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:06 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r1 = socket(0x8, 0x800, 0x2) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00'})
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
setresuid(0xee00, 0xee00, 0xee00)

18:29:06 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000040)=0x4)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000040)=0x4) (async)

18:29:06 executing program 0:
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000180))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080))

18:29:06 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000000))

18:29:06 executing program 0:
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000180))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080))

18:29:06 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket(0x8, 0x800, 0x2)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00'})
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
setresuid(0xee00, 0xee00, 0xee00)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket(0x8, 0x800, 0x2) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00'}) (async)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
setresuid(0xee00, 0xee00, 0xee00) (async)

18:29:07 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
connect$bt_sco(r2, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r3})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r4, 0x541c, &(0x7f0000000000))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:07 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:07 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) (async)

18:29:07 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x1406, 0x200, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000000}, 0x10010) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (rerun: 64)

18:29:07 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000), 0x8)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:07 executing program 5:
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)

18:29:07 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:07 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:07 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
connect$bt_sco(r2, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r3})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0) (async, rerun: 64)
ioctl$TIOCL_UNBLANKSCREEN(r4, 0x541c, &(0x7f0000000000)) (rerun: 64)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:07 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:07 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:07 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:07 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) (async)

18:29:07 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:07 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:07 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:08 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000), 0x8) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:08 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5010000009da55edf04ee0a561b6d41461b3701000000b1f58b362a2804ffdcd56c8d09b656ed82e876b6bf28bd847cdec8035fa6ff25e191c3bbc8971e35518ceb82c962ce4ecf5cada485b91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a494d097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11fa4f8a61292c007b089ba00"})
ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f0000000000)={0x5, "3f0bcae48a217f61feedd7088af8b68f69cb408941c5038be44ab57030af66a1", 0x2, 0x1})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000080)={0x4, [0x4, 0x6, 0xffa6, 0x9, 0x1, 0x8, 0x40, 0x0, 0x101, 0x55d, 0xe70d, 0x0, 0x7, 0xc558, 0xfffe, 0x4, 0x6, 0xffe0, 0x7, 0x7, 0xd33b, 0x5d7, 0x1000, 0xa80e, 0x100, 0x2, 0x1a, 0x0, 0x81, 0x2, 0x4, 0x6, 0xc5e5, 0x1, 0x6, 0x81, 0x746, 0x3, 0xd3d, 0x7fff, 0x379, 0x3, 0x200, 0xffa7, 0x5c8, 0x0, 0x2, 0x4], 0x1})

18:29:08 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:08 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, &(0x7f0000000000))

18:29:08 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, &(0x7f0000000000)) (async)

18:29:08 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f0000000000)={0x9, &(0x7f00000001c0)=[{}, {}, {}, {}, {@none}, {@fixed}, {@fixed}, {@none}, {}]})

18:29:08 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000080)=[0x0], 0x1})
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000))
socket(0x1e, 0x4, 0x7fff)
socketpair(0x2c, 0x2, 0xfffffff7, &(0x7f0000000140))
r1 = socket(0x29, 0x6, 0x2)
connect$bt_sco(r1, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:08 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:08 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5010000009da55edf04ee0a561b6d41461b3701000000b1f58b362a2804ffdcd56c8d09b656ed82e876b6bf28bd847cdec8035fa6ff25e191c3bbc8971e35518ceb82c962ce4ecf5cada485b91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a494d097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11fa4f8a61292c007b089ba00"}) (async)
ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f0000000000)={0x5, "3f0bcae48a217f61feedd7088af8b68f69cb408941c5038be44ab57030af66a1", 0x2, 0x1}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000080)={0x4, [0x4, 0x6, 0xffa6, 0x9, 0x1, 0x8, 0x40, 0x0, 0x101, 0x55d, 0xe70d, 0x0, 0x7, 0xc558, 0xfffe, 0x4, 0x6, 0xffe0, 0x7, 0x7, 0xd33b, 0x5d7, 0x1000, 0xa80e, 0x100, 0x2, 0x1a, 0x0, 0x81, 0x2, 0x4, 0x6, 0xc5e5, 0x1, 0x6, 0x81, 0x746, 0x3, 0xd3d, 0x7fff, 0x379, 0x3, 0x200, 0xffa7, 0x5c8, 0x0, 0x2, 0x4], 0x1})

18:29:08 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:08 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, &(0x7f0000000000)) (async)

18:29:08 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f0000000000)={0x9, &(0x7f00000001c0)=[{}, {}, {}, {}, {@none}, {@fixed}, {@fixed}, {@none}, {}]})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f0000000000)={0x9, &(0x7f00000001c0)=[{}, {}, {}, {}, {@none}, {@fixed}, {@fixed}, {@none}, {}]}) (async)

18:29:09 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000), 0x8)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000000), 0x8) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)

18:29:09 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080))

18:29:09 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f0000000000)={0x9, &(0x7f00000001c0)=[{}, {}, {}, {}, {@none}, {@fixed}, {@fixed}, {@none}, {}]})

18:29:09 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5010000009da55edf04ee0a561b6d41461b3701000000b1f58b362a2804ffdcd56c8d09b656ed82e876b6bf28bd847cdec8035fa6ff25e191c3bbc8971e35518ceb82c962ce4ecf5cada485b91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a494d097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11fa4f8a61292c007b089ba00"})
ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f0000000000)={0x5, "3f0bcae48a217f61feedd7088af8b68f69cb408941c5038be44ab57030af66a1", 0x2, 0x1})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000080)={0x4, [0x4, 0x6, 0xffa6, 0x9, 0x1, 0x8, 0x40, 0x0, 0x101, 0x55d, 0xe70d, 0x0, 0x7, 0xc558, 0xfffe, 0x4, 0x6, 0xffe0, 0x7, 0x7, 0xd33b, 0x5d7, 0x1000, 0xa80e, 0x100, 0x2, 0x1a, 0x0, 0x81, 0x2, 0x4, 0x6, 0xc5e5, 0x1, 0x6, 0x81, 0x746, 0x3, 0xd3d, 0x7fff, 0x379, 0x3, 0x200, 0xffa7, 0x5c8, 0x0, 0x2, 0x4], 0x1})
syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5010000009da55edf04ee0a561b6d41461b3701000000b1f58b362a2804ffdcd56c8d09b656ed82e876b6bf28bd847cdec8035fa6ff25e191c3bbc8971e35518ceb82c962ce4ecf5cada485b91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a494d097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11fa4f8a61292c007b089ba00"}) (async)
ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f0000000000)={0x5, "3f0bcae48a217f61feedd7088af8b68f69cb408941c5038be44ab57030af66a1", 0x2, 0x1}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000080)={0x4, [0x4, 0x6, 0xffa6, 0x9, 0x1, 0x8, 0x40, 0x0, 0x101, 0x55d, 0xe70d, 0x0, 0x7, 0xc558, 0xfffe, 0x4, 0x6, 0xffe0, 0x7, 0x7, 0xd33b, 0x5d7, 0x1000, 0xa80e, 0x100, 0x2, 0x1a, 0x0, 0x81, 0x2, 0x4, 0x6, 0xc5e5, 0x1, 0x6, 0x81, 0x746, 0x3, 0xd3d, 0x7fff, 0x379, 0x3, 0x200, 0xffa7, 0x5c8, 0x0, 0x2, 0x4], 0x1}) (async)

18:29:09 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
select(0x40, &(0x7f0000000000)={0x0, 0x10000, 0x80000000, 0x6d, 0xffffffffffffffff, 0x100000000, 0x8000, 0x100000000}, &(0x7f0000000080)={0xff, 0x8, 0x7fffffff, 0x7fff, 0x9, 0x31, 0xa89c, 0xffffffff}, &(0x7f00000000c0)={0x9, 0x100, 0x4, 0xffffffffffffffff, 0x1, 0x6, 0x6, 0x3}, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:09 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080))

18:29:09 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000080)=[0x0], 0x1}) (async)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) (async)
socket(0x1e, 0x4, 0x7fff) (async)
socketpair(0x2c, 0x2, 0xfffffff7, &(0x7f0000000140))
r1 = socket(0x29, 0x6, 0x2)
connect$bt_sco(r1, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:09 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:09 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
select(0x40, &(0x7f0000000000)={0x0, 0x10000, 0x80000000, 0x6d, 0xffffffffffffffff, 0x100000000, 0x8000, 0x100000000}, &(0x7f0000000080)={0xff, 0x8, 0x7fffffff, 0x7fff, 0x9, 0x31, 0xa89c, 0xffffffff}, &(0x7f00000000c0)={0x9, 0x100, 0x4, 0xffffffffffffffff, 0x1, 0x6, 0x6, 0x3}, &(0x7f0000000100)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:09 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080))

18:29:09 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, 0x0)

18:29:09 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x500000000000000, 0x4000)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000040)={0x1, 0x7, 0x2})

18:29:09 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, 0x0)

18:29:10 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x500000000000000, 0x4000)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000040)={0x1, 0x7, 0x2})

18:29:10 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
select(0x40, &(0x7f0000000000)={0x0, 0x10000, 0x80000000, 0x6d, 0xffffffffffffffff, 0x100000000, 0x8000, 0x100000000}, &(0x7f0000000080)={0xff, 0x8, 0x7fffffff, 0x7fff, 0x9, 0x31, 0xa89c, 0xffffffff}, &(0x7f00000000c0)={0x9, 0x100, 0x4, 0xffffffffffffffff, 0x1, 0x6, 0x6, 0x3}, &(0x7f0000000100)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:10 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, 0x0)

18:29:10 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:10 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x80, 0x2)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000000080)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r2, 0xc01064c2, &(0x7f0000000100)={<r3=>0x0, 0x1, r1})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r2, 0xc01064c1, &(0x7f00000000c0)={r3})
timerfd_gettime(r1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:29:10 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000080)=[0x0], 0x1})
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000))
socket(0x1e, 0x4, 0x7fff)
socketpair(0x2c, 0x2, 0xfffffff7, &(0x7f0000000140))
r1 = socket(0x29, 0x6, 0x2)
connect$bt_sco(r1, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000080)=[0x0], 0x1}) (async)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) (async)
socket(0x1e, 0x4, 0x7fff) (async)
socketpair(0x2c, 0x2, 0xfffffff7, &(0x7f0000000140)) (async)
socket(0x29, 0x6, 0x2) (async)
connect$bt_sco(r1, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:10 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x800, 0x2000, 0x3, 0x556c, 0x19, "8212d29a632b0b2e"})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000100)={0x80000000, &(0x7f0000000000), &(0x7f0000000080)})

18:29:10 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x6, 0x10, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))

18:29:10 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x80, 0x2) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000000080)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r2, 0xc01064c2, &(0x7f0000000100)={<r3=>0x0, 0x1, r1})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r2, 0xc01064c1, &(0x7f00000000c0)={r3})
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:29:10 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async, rerun: 64)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x500000000000000, 0x4000) (rerun: 64)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000040)={0x1, 0x7, 0x2})

18:29:10 executing program 0:
r0 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000240)={0x0, 0x3, 0x7, '\x00', &(0x7f0000000200)=0x3f})
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x2c, r0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0xc880)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

18:29:10 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8)

18:29:10 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x80, 0x2)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000000080)={0x0, 0x0, r0}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r2, 0xc01064c2, &(0x7f0000000100)={<r3=>0x0, 0x1, r1})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r2, 0xc01064c1, &(0x7f00000000c0)={r3}) (async)
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:29:10 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x800, 0x2000, 0x3, 0x556c, 0x19, "8212d29a632b0b2e"}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000100)={0x80000000, &(0x7f0000000000), &(0x7f0000000080)})

18:29:10 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x84)
timerfd_gettime(r2, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x22486bde67288f40, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r7, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r7, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r5, 0x310, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0xc000)
ioctl$TIOCOUTQ(r6, 0x5411, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r8 = syz_open_pts(r6, 0x206940)
ioctl$KDGETMODE(r8, 0x4b3b, &(0x7f0000000340))

18:29:10 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000080)={0x7fffffff, 0x0, '\x00', {0x0, @reserved}}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)

18:29:10 executing program 4:
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000080)={0x5, 0x4, 0x20})
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7f)
ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000240))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r4 = epoll_create1(0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_NOTIFY(r5, &(0x7f0000000040)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x6}}, 0x10)
ioctl$TCXONC(r3, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000180))
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0)
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x3c, r6, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48000}, 0x800)

18:29:10 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
clock_gettime(0x0, &(0x7f0000000000))
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000080)=@overlay={0x1, 0xa, 0x4, 0x2, 0x3, {}, {0x2, 0x0, 0x7f, 0x5, 0x1f, 0x2b, "b7f6a2be"}, 0x4, 0x3, {}, 0x2, 0x0, r1})
r2 = getpid()
syz_open_procfs$namespace(r2, 0x0)
sched_rr_get_interval(r2, &(0x7f00000001c0))
clock_getres(0x3, &(0x7f0000000200))
r3 = getpid()
sched_rr_get_interval(r3, &(0x7f0000000100))
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000180))

18:29:10 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x800, 0x2000, 0x3, 0x556c, 0x19, "8212d29a632b0b2e"}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r2, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000100)={0x80000000, &(0x7f0000000000), &(0x7f0000000080)})

18:29:10 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x2, 0x752, 0x73f274ac, 0x2})
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0)

18:29:10 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, r1, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x88}]}, 0x4c}, 0x1, 0x0, 0x0, 0x84c736919f6a72a3}, 0x8004)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
getsockopt$sock_timeval(r2, 0x1, 0x15, 0x0, &(0x7f0000000040))

18:29:10 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000)) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r1, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x2, 0x752, 0x73f274ac, 0x2})
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0)

18:29:10 executing program 4:
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000080)={0x5, 0x4, 0x20}) (async)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7f)
ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000240)) (async)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r4 = epoll_create1(0x0) (async)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_NOTIFY(r5, &(0x7f0000000040)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x6}}, 0x10) (async)
ioctl$TCXONC(r3, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000180)) (async)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0)
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x3c, r6, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48000}, 0x800)

18:29:11 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8)

18:29:11 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:11 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x8, 0x1, 0x5000, 0x989, 0x2f, "400eb4f0e40200"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:11 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x2, 0x752, 0x73f274ac, 0x2})
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x2, 0x752, 0x73f274ac, 0x2}) (async)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0) (async)

18:29:11 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000100)={0x5, 0x3, 0x32, "c1f71f1b2b6c7f553f65a0242646c824378fdb267a19aa4b4ad279f4f4a857cadbefabddf23ce2b8c0ee9a0f267d76365bd21c7848efca54d2526c2c", 0xe, "f7747c3d3ea2b6c65a3a71b8bffe27b968924f7e3e02481ba6e1d8e94f10a479843ab7057a72e8857c8b0c6363a802e72d30b4881e771350553ed35a", 0x84})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_DECODER_CMD(r2, 0xc0485660, &(0x7f0000000080)={0x3, 0x1, @raw_data=[0xf039502, 0xfffffffb, 0x6, 0x2, 0x3, 0x1, 0x0, 0x4, 0x0, 0x4, 0x4931, 0x3, 0x66, 0x1, 0x0, 0x4]})
getsockopt$sock_timeval(r2, 0x1, 0x42, &(0x7f0000000300), &(0x7f0000000340)=0x10)
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f00000002c0))

18:29:11 executing program 4:
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000080)={0x5, 0x4, 0x20}) (async)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7f)
ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000240))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r4 = epoll_create1(0x0) (async, rerun: 32)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (rerun: 32)
write$RDMA_USER_CM_CMD_NOTIFY(r5, &(0x7f0000000040)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x6}}, 0x10) (async, rerun: 32)
ioctl$TCXONC(r3, 0x540a, 0x0) (rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000180))
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0)
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x3c, r6, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48000}, 0x800)

18:29:11 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r4, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r4, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000880)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:11 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x8, 0x1, 0x5000, 0x989, 0x2f, "400eb4f0e40200"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:11 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f0000000000))

18:29:11 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:11 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x8, 0x1, 0x5000, 0x989, 0x2f, "400eb4f0e40200"}) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:11 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f0000000000))

18:29:12 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8) (async)

18:29:12 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:12 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f0000000000))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f0000000000)) (async)

18:29:12 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = getpid()
syz_open_procfs$namespace(r2, &(0x7f0000000000)='ns/uts\x00')

18:29:12 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000100)={0x5, 0x3, 0x32, "c1f71f1b2b6c7f553f65a0242646c824378fdb267a19aa4b4ad279f4f4a857cadbefabddf23ce2b8c0ee9a0f267d76365bd21c7848efca54d2526c2c", 0xe, "f7747c3d3ea2b6c65a3a71b8bffe27b968924f7e3e02481ba6e1d8e94f10a479843ab7057a72e8857c8b0c6363a802e72d30b4881e771350553ed35a", 0x84})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_DECODER_CMD(r2, 0xc0485660, &(0x7f0000000080)={0x3, 0x1, @raw_data=[0xf039502, 0xfffffffb, 0x6, 0x2, 0x3, 0x1, 0x0, 0x4, 0x0, 0x4, 0x4931, 0x3, 0x66, 0x1, 0x0, 0x4]})
getsockopt$sock_timeval(r2, 0x1, 0x42, &(0x7f0000000300), &(0x7f0000000340)=0x10)
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f00000002c0))
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2) (async)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000100)={0x5, 0x3, 0x32, "c1f71f1b2b6c7f553f65a0242646c824378fdb267a19aa4b4ad279f4f4a857cadbefabddf23ce2b8c0ee9a0f267d76365bd21c7848efca54d2526c2c", 0xe, "f7747c3d3ea2b6c65a3a71b8bffe27b968924f7e3e02481ba6e1d8e94f10a479843ab7057a72e8857c8b0c6363a802e72d30b4881e771350553ed35a", 0x84}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_DECODER_CMD(r2, 0xc0485660, &(0x7f0000000080)={0x3, 0x1, @raw_data=[0xf039502, 0xfffffffb, 0x6, 0x2, 0x3, 0x1, 0x0, 0x4, 0x0, 0x4, 0x4931, 0x3, 0x66, 0x1, 0x0, 0x4]}) (async)
getsockopt$sock_timeval(r2, 0x1, 0x42, &(0x7f0000000300), &(0x7f0000000340)=0x10) (async)
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f00000002c0)) (async)

18:29:12 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x3)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:12 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:12 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = getpid()
syz_open_procfs$namespace(r2, &(0x7f0000000000)='ns/uts\x00')

18:29:12 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x10)

18:29:12 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:29:12 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0) (async)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x3)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:12 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:29:13 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000080), &(0x7f0000001100))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000100)=""/4096, &(0x7f0000000000)=0x1000)
bind$bt_sco(r1, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:29:13 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x10)

18:29:13 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x3)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:13 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async, rerun: 32)
r2 = getpid() (rerun: 32)
syz_open_procfs$namespace(r2, &(0x7f0000000000)='ns/uts\x00')

18:29:13 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
r1 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000100)={0x5, 0x3, 0x32, "c1f71f1b2b6c7f553f65a0242646c824378fdb267a19aa4b4ad279f4f4a857cadbefabddf23ce2b8c0ee9a0f267d76365bd21c7848efca54d2526c2c", 0xe, "f7747c3d3ea2b6c65a3a71b8bffe27b968924f7e3e02481ba6e1d8e94f10a479843ab7057a72e8857c8b0c6363a802e72d30b4881e771350553ed35a", 0x84}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_DECODER_CMD(r2, 0xc0485660, &(0x7f0000000080)={0x3, 0x1, @raw_data=[0xf039502, 0xfffffffb, 0x6, 0x2, 0x3, 0x1, 0x0, 0x4, 0x0, 0x4, 0x4931, 0x3, 0x66, 0x1, 0x0, 0x4]})
getsockopt$sock_timeval(r2, 0x1, 0x42, &(0x7f0000000300), &(0x7f0000000340)=0x10) (async, rerun: 64)
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f00000002c0)) (rerun: 64)

18:29:13 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "de08393980984a8d"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:29:13 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x10)

18:29:13 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000000)="f3fb89e20ffffe4afca08a10926566fa8318e9a9ba90f2a6a1ec5c35f507ba7fd60ffd37e88efb316ed8f889a28186b7a7a2ff9d43df56cdafecc0141d3162490886b9fc4dd06b5af9f47e938e825072fc3a32d3fc085e8606133d0afb21f0429b3161bd536d9a515be23ec89d7fd2fbf2f8db8036a542872363237ab03a60bcded764ff528b57aad79868abd2ab8565fd2594cb4910dc06dcef18f24117e41406952c192d4b23e88cf25886d54c7caa8996c371b06d14daaa32af7574e4f8e4c388932e435973ac9501104f")
r2 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
epoll_create1(0x80000)

18:29:13 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x9, "06828993ab00"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x128, 0x1403, 0x10, 0x70bd2a, 0x25dfdbfd, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_vlan\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'macvlan0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vxcan1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_hsr\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan0\x00'}}]}, 0x128}, 0x1, 0x0, 0x0, 0x40000044}, 0x8000)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:13 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x200, "042f3e3616cae27cb0ac2afcfc43bf094d261d4a577588033aaee843432ab67f", 0x3})

18:29:13 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:13 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f46788a25ef18ac4c8b0bf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_TRY_ENCODER_CMD(r1, 0xc028564e, &(0x7f00000002c0)={0x0, 0x1, [0x8000, 0x4, 0xffffffc0, 0x4, 0x4, 0x9, 0x101, 0x3]})
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000080)={0x2, @capture={0x1000, 0x0, {0xef8, 0xfffff801}, 0xffffff9a, 0x10000}})
r2 = syz_open_dev$vbi(&(0x7f0000000180), 0x1, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000300)={0x1, 0x7, 0x2})

18:29:14 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000080), &(0x7f0000001100)) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000100)=""/4096, &(0x7f0000000000)=0x1000)
bind$bt_sco(r1, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:29:14 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x200, "042f3e3616cae27cb0ac2afcfc43bf094d261d4a577588033aaee843432ab67f", 0x3})

18:29:14 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000000)="f3fb89e20ffffe4afca08a10926566fa8318e9a9ba90f2a6a1ec5c35f507ba7fd60ffd37e88efb316ed8f889a28186b7a7a2ff9d43df56cdafecc0141d3162490886b9fc4dd06b5af9f47e938e825072fc3a32d3fc085e8606133d0afb21f0429b3161bd536d9a515be23ec89d7fd2fbf2f8db8036a542872363237ab03a60bcded764ff528b57aad79868abd2ab8565fd2594cb4910dc06dcef18f24117e41406952c192d4b23e88cf25886d54c7caa8996c371b06d14daaa32af7574e4f8e4c388932e435973ac9501104f")
r2 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async)
epoll_create1(0x80000)

18:29:14 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x9, "06828993ab00"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x128, 0x1403, 0x10, 0x70bd2a, 0x25dfdbfd, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_vlan\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'macvlan0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vxcan1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_hsr\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan0\x00'}}]}, 0x128}, 0x1, 0x0, 0x0, 0x40000044}, 0x8000) (async)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f46788a25ef18ac4c8b0bf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_TRY_ENCODER_CMD(r1, 0xc028564e, &(0x7f00000002c0)={0x0, 0x1, [0x8000, 0x4, 0xffffffc0, 0x4, 0x4, 0x9, 0x101, 0x3]})
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000080)={0x2, @capture={0x1000, 0x0, {0xef8, 0xfffff801}, 0xffffff9a, 0x10000}}) (async)
r2 = syz_open_dev$vbi(&(0x7f0000000180), 0x1, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000300)={0x1, 0x7, 0x2})

18:29:14 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000000)="f3fb89e20ffffe4afca08a10926566fa8318e9a9ba90f2a6a1ec5c35f507ba7fd60ffd37e88efb316ed8f889a28186b7a7a2ff9d43df56cdafecc0141d3162490886b9fc4dd06b5af9f47e938e825072fc3a32d3fc085e8606133d0afb21f0429b3161bd536d9a515be23ec89d7fd2fbf2f8db8036a542872363237ab03a60bcded764ff528b57aad79868abd2ab8565fd2594cb4910dc06dcef18f24117e41406952c192d4b23e88cf25886d54c7caa8996c371b06d14daaa32af7574e4f8e4c388932e435973ac9501104f") (async)
r2 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async, rerun: 64)
epoll_create1(0x80000) (rerun: 64)

18:29:14 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x200, "042f3e3616cae27cb0ac2afcfc43bf094d261d4a577588033aaee843432ab67f", 0x3})

18:29:14 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

18:29:14 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000000c0)={0x401, 0x968, 0x6, 0xd49c, 0x8, "be546a1441b93b50fa090c2ffc42c98cc73a78"})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

18:29:14 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1)
r2 = syz_open_pts(r0, 0x80000)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000040)={0x6, 0x7, 0x3354})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x9, "06828993ab00"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x128, 0x1403, 0x10, 0x70bd2a, 0x25dfdbfd, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_vlan\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'macvlan0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vxcan1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_hsr\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan0\x00'}}]}, 0x128}, 0x1, 0x0, 0x0, 0x40000044}, 0x8000) (async)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f46788a25ef18ac4c8b0bf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_TRY_ENCODER_CMD(r1, 0xc028564e, &(0x7f00000002c0)={0x0, 0x1, [0x8000, 0x4, 0xffffffc0, 0x4, 0x4, 0x9, 0x101, 0x3]})
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000080)={0x2, @capture={0x1000, 0x0, {0xef8, 0xfffff801}, 0xffffff9a, 0x10000}}) (async)
r2 = syz_open_dev$vbi(&(0x7f0000000180), 0x1, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000300)={0x1, 0x7, 0x2})

18:29:14 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000080), &(0x7f0000001100))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000100)=""/4096, &(0x7f0000000000)=0x1000)
bind$bt_sco(r1, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

18:29:14 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1b)
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000180))

18:29:14 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

18:29:14 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1b)
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000180))

18:29:14 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1) (async)
r2 = syz_open_pts(r0, 0x80000)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000040)={0x6, 0x7, 0x3354}) (async)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:14 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1b)
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000180))

18:29:15 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1)
r2 = syz_open_pts(r0, 0x80000)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000040)={0x6, 0x7, 0x3354})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x1) (async)
syz_open_pts(r0, 0x80000) (async)
ioctl$TCXONC(r2, 0x540a, 0x0) (async)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000040)={0x6, 0x7, 0x3354}) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:15 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000000), 0x4800)

18:29:15 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f00000000c0)={<r0=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={r0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000080))
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000000))

18:29:15 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (async)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040)) (async)
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:15 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:15 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:15 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000080)={0x0, 0x2, 0x5})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:15 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:15 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f00000000c0)={<r0=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={r0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000080))
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000000))

18:29:15 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:15 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:15 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:15 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:16 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000000), 0x4800)

18:29:16 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f00000000c0)={<r0=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={r0}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000080))
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000000))

18:29:16 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (async)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040)) (async)
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:16 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:16 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000080)={0x0, 0x2, 0x5})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:16 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000)) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:16 executing program 2:
r0 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7, 0xffff, 0x7, 0x9, 0x2, "dfa040d5bf550b60"})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/205})

18:29:16 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:16 executing program 2:
r0 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7, 0xffff, 0x7, 0x9, 0x2, "dfa040d5bf550b60"})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/205})
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7, 0xffff, 0x7, 0x9, 0x2, "dfa040d5bf550b60"}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/205}) (async)

18:29:16 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:16 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:16 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:17 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000000), 0x4800)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000000), 0x4800) (async)

18:29:17 executing program 4:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = socket(0x0, 0x2, 0xa250)
bind$bt_sco(r2, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x61}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000044}, 0x24008040)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000240))
epoll_create(0xa)

18:29:17 executing program 2:
r0 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7, 0xffff, 0x7, 0x9, 0x2, "dfa040d5bf550b60"}) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCGSERIAL(r2, 0x541e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/205})

18:29:17 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:29:17 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
r2 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080)) (async, rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (rerun: 32)

18:29:17 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000080)={0x0, 0x2, 0x5})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:17 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:29:17 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
r2 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:17 executing program 2:
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x4800)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000100)=@multiplanar_mmap={0x81, 0x3, 0x4, 0xe000, 0x7, {0x77359400}, {0x1, 0x2, 0x3f, 0x4, 0x6, 0x54, "b967b965"}, 0x7ff, 0x1, {&(0x7f0000000040)=[{0x7, 0x989f, {0x4823}}, {0x9, 0x1, {0x3ff}, 0x8}]}, 0x40000000, 0x0, r0})
socket(0x23, 0x80000, 0xfffffff7)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0))
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000000)={0x40, 0xfffe, 0x797a})
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x100, 0xa07, 0x1, 0x0, 0x6, 0x8, 0x16, 0x4f43, 0x1, 0x1, 0x2, 0x5, 0x1, 0x1, 0x8, 0x38, {0x4, 0x200}, 0x59, 0x1f}})

18:29:17 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:29:17 executing program 4:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x1ff) (async, rerun: 32)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (rerun: 32)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = socket(0x0, 0x2, 0xa250)
bind$bt_sco(r2, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x61}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000044}, 0x24008040)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000240))
epoll_create(0xa)

18:29:17 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000180))

18:29:18 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:18 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000180))

18:29:18 executing program 4:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = socket(0x0, 0x2, 0xa250)
bind$bt_sco(r2, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x61}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000044}, 0x24008040)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000240))
epoll_create(0xa)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x1ff) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
socket(0x0, 0x2, 0xa250) (async)
bind$bt_sco(r2, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) (async)
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x61}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000044}, 0x24008040) (async)
pipe2(&(0x7f0000000200), 0x0) (async)
ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000240)) (async)
epoll_create(0xa) (async)

18:29:18 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:18 executing program 2:
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x4800)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000100)=@multiplanar_mmap={0x81, 0x3, 0x4, 0xe000, 0x7, {0x77359400}, {0x1, 0x2, 0x3f, 0x4, 0x6, 0x54, "b967b965"}, 0x7ff, 0x1, {&(0x7f0000000040)=[{0x7, 0x989f, {0x4823}}, {0x9, 0x1, {0x3ff}, 0x8}]}, 0x40000000, 0x0, r0}) (async)
socket(0x23, 0x80000, 0xfffffff7)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r2) (async)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000000)={0x40, 0xfffe, 0x797a}) (async)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x100, 0xa07, 0x1, 0x0, 0x6, 0x8, 0x16, 0x4f43, 0x1, 0x1, 0x2, 0x5, 0x1, 0x1, 0x8, 0x38, {0x4, 0x200}, 0x59, 0x1f}})

18:29:18 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x6, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a3d1b6d45461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf287cdec8035fa6ff25e191c3bbc8871e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb37488b601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba00"})
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x4000)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000080)={0x401, 0x6, 0xf, "f8206e470d090c56b72be3ecb37bd57789d75b614c09677dd5fc5be016f48c8413565705c271bcdece9ba809947d4e95c4841d240d1a7ea660ad996b", 0x32, "0afded0caa0a4fcb0ce97f142d6f253385c38b053802f58b9ea002be942c76e9ed899da685d26e3f0e3a77a2a1e058f9bd8b9215a9fc90a444041a99", 0x40})
ioctl$VIDIOC_S_AUDOUT(r1, 0x40345632, &(0x7f0000000140)={0x5, "de1bb5f973fdd0c4a4b0cf349c58ab66e7c0daca0de614b7bef4516d2a707b65", 0x1})

18:29:18 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000180))

18:29:18 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)

18:29:18 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:18 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000180)=0xfffffff8)
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x400580, 0x0)
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/249})

18:29:18 executing program 2:
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x4800)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000100)=@multiplanar_mmap={0x81, 0x3, 0x4, 0xe000, 0x7, {0x77359400}, {0x1, 0x2, 0x3f, 0x4, 0x6, 0x54, "b967b965"}, 0x7ff, 0x1, {&(0x7f0000000040)=[{0x7, 0x989f, {0x4823}}, {0x9, 0x1, {0x3ff}, 0x8}]}, 0x40000000, 0x0, r0})
socket(0x23, 0x80000, 0xfffffff7)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r2) (async)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000000)={0x40, 0xfffe, 0x797a}) (async)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x100, 0xa07, 0x1, 0x0, 0x6, 0x8, 0x16, 0x4f43, 0x1, 0x1, 0x2, 0x5, 0x1, 0x1, 0x8, 0x38, {0x4, 0x200}, 0x59, 0x1f}})

18:29:18 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)

18:29:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000180)=0xfffffff8)
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x400580, 0x0)
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/249})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000180)=0xfffffff8) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x400580, 0x0) (async)
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/249}) (async)

18:29:19 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:19 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:19 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="10ce271beb0000000d14bbe226bd7000fbdbdf25f3539446bc9de1ee62427a3adca5c8fdc4b76d83e6253213ca93e68db398bf5f59fa7a8193e1e13ea3b90041b9690f7e939e3f47a666bde794bf5ecb8439aa6f5940a4966d5569cd48bb43977616a1f59fe0de6e884eb552de3776cf25b7ec426c8279e550ae37fda58cb457e10c8de3930e6c69b5dfca5a4b145389702c48bf1955f9fa710823a0e478fc00000000"], 0x10}, 0x1, 0x0, 0x0, 0x2000000}, 0xc841)

18:29:19 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)

18:29:19 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x6, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a3d1b6d45461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf287cdec8035fa6ff25e191c3bbc8871e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb37488b601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba00"})
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x4000)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000080)={0x401, 0x6, 0xf, "f8206e470d090c56b72be3ecb37bd57789d75b614c09677dd5fc5be016f48c8413565705c271bcdece9ba809947d4e95c4841d240d1a7ea660ad996b", 0x32, "0afded0caa0a4fcb0ce97f142d6f253385c38b053802f58b9ea002be942c76e9ed899da685d26e3f0e3a77a2a1e058f9bd8b9215a9fc90a444041a99", 0x40})
ioctl$VIDIOC_S_AUDOUT(r1, 0x40345632, &(0x7f0000000140)={0x5, "de1bb5f973fdd0c4a4b0cf349c58ab66e7c0daca0de614b7bef4516d2a707b65", 0x1})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x6, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a3d1b6d45461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf287cdec8035fa6ff25e191c3bbc8871e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb37488b601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba00"}) (async)
pipe2(&(0x7f0000000000), 0x4000) (async)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000080)={0x401, 0x6, 0xf, "f8206e470d090c56b72be3ecb37bd57789d75b614c09677dd5fc5be016f48c8413565705c271bcdece9ba809947d4e95c4841d240d1a7ea660ad996b", 0x32, "0afded0caa0a4fcb0ce97f142d6f253385c38b053802f58b9ea002be942c76e9ed899da685d26e3f0e3a77a2a1e058f9bd8b9215a9fc90a444041a99", 0x40}) (async)
ioctl$VIDIOC_S_AUDOUT(r1, 0x40345632, &(0x7f0000000140)={0x5, "de1bb5f973fdd0c4a4b0cf349c58ab66e7c0daca0de614b7bef4516d2a707b65", 0x1}) (async)

18:29:19 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1b)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:19 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000180)=0xfffffff8)
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x400580, 0x0)
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/249})

18:29:19 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:19 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="10ce271beb0000000d14bbe226bd7000fbdbdf25f3539446bc9de1ee62427a3adca5c8fdc4b76d83e6253213ca93e68db398bf5f59fa7a8193e1e13ea3b90041b9690f7e939e3f47a666bde794bf5ecb8439aa6f5940a4966d5569cd48bb43977616a1f59fe0de6e884eb552de3776cf25b7ec426c8279e550ae37fda58cb457e10c8de3930e6c69b5dfca5a4b145389702c48bf1955f9fa710823a0e478fc00000000"], 0x10}, 0x1, 0x0, 0x0, 0x2000000}, 0xc841)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="10ce271beb0000000d14bbe226bd7000fbdbdf25f3539446bc9de1ee62427a3adca5c8fdc4b76d83e6253213ca93e68db398bf5f59fa7a8193e1e13ea3b90041b9690f7e939e3f47a666bde794bf5ecb8439aa6f5940a4966d5569cd48bb43977616a1f59fe0de6e884eb552de3776cf25b7ec426c8279e550ae37fda58cb457e10c8de3930e6c69b5dfca5a4b145389702c48bf1955f9fa710823a0e478fc00000000"], 0x10}, 0x1, 0x0, 0x0, 0x2000000}, 0xc841) (async)

18:29:19 executing program 3:
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40080}, 0x40080)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))

18:29:19 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:19 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async, rerun: 64)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="10ce271beb0000000d14bbe226bd7000fbdbdf25f3539446bc9de1ee62427a3adca5c8fdc4b76d83e6253213ca93e68db398bf5f59fa7a8193e1e13ea3b90041b9690f7e939e3f47a666bde794bf5ecb8439aa6f5940a4966d5569cd48bb43977616a1f59fe0de6e884eb552de3776cf25b7ec426c8279e550ae37fda58cb457e10c8de3930e6c69b5dfca5a4b145389702c48bf1955f9fa710823a0e478fc00000000"], 0x10}, 0x1, 0x0, 0x0, 0x2000000}, 0xc841) (rerun: 64)

18:29:20 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="ed73a96171ce976025bddf25e600010002000000"], 0x18}, 0x1, 0x0, 0x0, 0x4004}, 0x80)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x36d17ee44e078a79})
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:20 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x6, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a3d1b6d45461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf287cdec8035fa6ff25e191c3bbc8871e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb37488b601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba00"})
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x4000)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000080)={0x401, 0x6, 0xf, "f8206e470d090c56b72be3ecb37bd57789d75b614c09677dd5fc5be016f48c8413565705c271bcdece9ba809947d4e95c4841d240d1a7ea660ad996b", 0x32, "0afded0caa0a4fcb0ce97f142d6f253385c38b053802f58b9ea002be942c76e9ed899da685d26e3f0e3a77a2a1e058f9bd8b9215a9fc90a444041a99", 0x40}) (async)
ioctl$VIDIOC_S_AUDOUT(r1, 0x40345632, &(0x7f0000000140)={0x5, "de1bb5f973fdd0c4a4b0cf349c58ab66e7c0daca0de614b7bef4516d2a707b65", 0x1})

18:29:20 executing program 3:
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40080}, 0x40080) (async)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))

18:29:20 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:20 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f0000000040)={0x4, "c70df9d4f02e58bb0551dc5ce3a8ca2d1354c3323601eaff1eaecb275bbcb7a1", 0x2, 0x3ff, 0x57e, 0x200000, 0x2})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200))
clock_gettime(0x0, &(0x7f0000000180)={<r2=>0x0, <r3=>0x0})
select(0x40, &(0x7f00000000c0)={0x80, 0x1, 0x0, 0x6e, 0x0, 0x68, 0x1, 0x8001}, &(0x7f0000000100)={0x3, 0x9ce7, 0x3, 0x4, 0x80000002, 0x1e5, 0x3f, 0x6}, &(0x7f0000000140)={0x9, 0x2, 0x8f5, 0x6, 0x10000, 0x7, 0x8, 0x3}, &(0x7f0000000240)={r2, r3/1000+60000})

18:29:20 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)

18:29:20 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))

18:29:20 executing program 3:
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40080}, 0x40080)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))

18:29:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="ed73a96171ce976025bddf25e600010002000000"], 0x18}, 0x1, 0x0, 0x0, 0x4004}, 0x80)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x36d17ee44e078a79})
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="ed73a96171ce976025bddf25e600010002000000"], 0x18}, 0x1, 0x0, 0x0, 0x4004}, 0x80) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x36d17ee44e078a79}) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:20 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)

18:29:20 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f0000000040)={0x4, "c70df9d4f02e58bb0551dc5ce3a8ca2d1354c3323601eaff1eaecb275bbcb7a1", 0x2, 0x3ff, 0x57e, 0x200000, 0x2}) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200)) (async, rerun: 32)
clock_gettime(0x0, &(0x7f0000000180)={<r2=>0x0, <r3=>0x0})
select(0x40, &(0x7f00000000c0)={0x80, 0x1, 0x0, 0x6e, 0x0, 0x68, 0x1, 0x8001}, &(0x7f0000000100)={0x3, 0x9ce7, 0x3, 0x4, 0x80000002, 0x1e5, 0x3f, 0x6}, &(0x7f0000000140)={0x9, 0x2, 0x8f5, 0x6, 0x10000, 0x7, 0x8, 0x3}, &(0x7f0000000240)={r2, r3/1000+60000})

18:29:20 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000100)={0x16, 0x98, 0xfa00, {&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0x1c, 0x1, @in={0x2, 0x4e23, @rand_addr=0x64010100}}}, 0xa0)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x10, 0xfa00, {&(0x7f0000000000), r1}}, 0x18)

18:29:20 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)

18:29:20 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x9, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:20 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r4, 0x80845663, &(0x7f00000002c0))

18:29:20 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async, rerun: 32)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="ed73a96171ce976025bddf25e600010002000000"], 0x18}, 0x1, 0x0, 0x0, 0x4004}, 0x80) (rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x36d17ee44e078a79}) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async, rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (rerun: 32)

18:29:20 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f0000000040)={0x4, "c70df9d4f02e58bb0551dc5ce3a8ca2d1354c3323601eaff1eaecb275bbcb7a1", 0x2, 0x3ff, 0x57e, 0x200000, 0x2}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200)) (async, rerun: 64)
clock_gettime(0x0, &(0x7f0000000180)={<r2=>0x0, <r3=>0x0}) (rerun: 64)
select(0x40, &(0x7f00000000c0)={0x80, 0x1, 0x0, 0x6e, 0x0, 0x68, 0x1, 0x8001}, &(0x7f0000000100)={0x3, 0x9ce7, 0x3, 0x4, 0x80000002, 0x1e5, 0x3f, 0x6}, &(0x7f0000000140)={0x9, 0x2, 0x8f5, 0x6, 0x10000, 0x7, 0x8, 0x3}, &(0x7f0000000240)={r2, r3/1000+60000})

18:29:21 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)

18:29:21 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x9, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:21 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x14)

18:29:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000000)={0x7, 0x0, 0xffffffff})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r2, 0x1}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x38}, 0x1, 0x0, 0x0, 0x240000c0}, 0x4040005)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:29:21 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x14)

18:29:21 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x9, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:21 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async, rerun: 64)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000100)={0x16, 0x98, 0xfa00, {&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0x1c, 0x1, @in={0x2, 0x4e23, @rand_addr=0x64010100}}}, 0xa0) (rerun: 64)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x10, 0xfa00, {&(0x7f0000000000), r1}}, 0x18)

18:29:21 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x14)

18:29:21 executing program 3:
syz_open_pts(0xffffffffffffffff, 0x2810c0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
epoll_create1(0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
epoll_create(0xffff7fff)

18:29:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000000)={0x7, 0x0, 0xffffffff})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r2, 0x1}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x38}, 0x1, 0x0, 0x0, 0x240000c0}, 0x4040005)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000000)={0x7, 0x0, 0xffffffff}) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000000c0)={'wpan0\x00'}) (async)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r2, 0x1}, 0x14}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00'}) (async)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x38}, 0x1, 0x0, 0x0, 0x240000c0}, 0x4040005) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)) (async)

18:29:21 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r4, 0x80845663, &(0x7f00000002c0))

18:29:21 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair(0x15, 0x5, 0xfffffffa, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000003)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x402000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r3, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40)

18:29:21 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socketpair(0x15, 0x5, 0xfffffffa, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000003)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x402000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r3, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40)

18:29:21 executing program 3:
syz_open_pts(0xffffffffffffffff, 0x2810c0) (async)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
epoll_create1(0x0) (async)
ioctl$VT_DISALLOCATE(r0, 0x5608)
epoll_create(0xffff7fff)

18:29:21 executing program 0:
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x14)

18:29:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000000)={0x7, 0x0, 0xffffffff})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r2, 0x1}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x38}, 0x1, 0x0, 0x0, 0x240000c0}, 0x4040005)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000000)={0x7, 0x0, 0xffffffff}) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000000c0)={'wpan0\x00'}) (async)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r2, 0x1}, 0x14}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00'}) (async)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x38}, 0x1, 0x0, 0x0, 0x240000c0}, 0x4040005) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)) (async)

18:29:21 executing program 3:
syz_open_pts(0xffffffffffffffff, 0x2810c0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
epoll_create1(0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
epoll_create(0xffff7fff)
syz_open_pts(0xffffffffffffffff, 0x2810c0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$VT_DISALLOCATE(r0, 0x5608) (async)
epoll_create(0xffff7fff) (async)

18:29:21 executing program 0:
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x14)

18:29:22 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000100)={0x16, 0x98, 0xfa00, {&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0x1c, 0x1, @in={0x2, 0x4e23, @rand_addr=0x64010100}}}, 0xa0)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x10, 0xfa00, {&(0x7f0000000000), r1}}, 0x18)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000100)={0x16, 0x98, 0xfa00, {&(0x7f0000000080), 0x0, 0xffffffffffffffff, 0x1c, 0x1, @in={0x2, 0x4e23, @rand_addr=0x64010100}}}, 0xa0) (async)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x10, 0xfa00, {&(0x7f0000000000), r1}}, 0x18) (async)

18:29:22 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair(0x15, 0x5, 0xfffffffa, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000003)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x402000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r3, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socketpair(0x15, 0x5, 0xfffffffa, &(0x7f0000000000)) (async)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000003) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x402000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r3, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40) (async)

18:29:22 executing program 0:
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x14)

18:29:22 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000000))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r4, 0x80845663, &(0x7f00000002c0))
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000000)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r4, 0x80845663, &(0x7f00000002c0)) (async)

18:29:22 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0xfff, 0x7ff, 0x80})
r1 = epoll_create1(0x0)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xffffffffffffffc1)
ioctl$TCXONC(r2, 0x540a, 0x1)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:22 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0xfff, 0x7ff, 0x80})
r1 = epoll_create1(0x0)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0xfff, 0x7ff, 0x80}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:22 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
timerfd_create(0x5, 0x80000)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

18:29:22 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)

18:29:22 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xffffffffffffffc1)
ioctl$TCXONC(r2, 0x540a, 0x1)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xffffffffffffffc1) (async)
ioctl$TCXONC(r2, 0x540a, 0x1) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:22 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)

18:29:22 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)

18:29:23 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140))

18:29:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xffffffffffffffc1)
ioctl$TCXONC(r2, 0x540a, 0x1)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xffffffffffffffc1) (async)
ioctl$TCXONC(r2, 0x540a, 0x1) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:23 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0xfff, 0x7ff, 0x80}) (async)
r1 = epoll_create1(0x0) (async)
ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:23 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
timerfd_create(0x5, 0x80000)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
timerfd_create(0x5, 0x80000) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48080}, 0x0) (async)

18:29:23 executing program 5:
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000080)=""/234, &(0x7f0000000000)=0xea)
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:23 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008001d00", @ANYRES32, @ANYBLOB="080001bd4bba0f00"], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan3\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan3\x00'})
sendmsg$NL802154_CMD_GET_SEC_KEY(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="018000009e9c8fa1b07ffeb8d42b1cc69ce84632c550d00c31f4877d53fa88168be63749a8cd44e18b807f594e2bad7f94a4a1c54fc9168fff26293a607ff3c785ee41d26574a77746e7b0e20be0ab0885485db6915a7a8c88d84f662f875e5451642e8b998e87d18ffb9cb8d63d4e9d27905bbf2837070c8642bfb112e3d0bfc96a9d1ba9071674b4f07f35ce0035f436823fd0f216b4bf196ebbc44c2472c6ed0fe300000000c76b6dbc551db1d145b9919107779d4ac7a01f35ca8b2593eefa0115e76a9bf8820fd7b68fd8030842c3575ce4be4e978020324db601439c29f341ae6a0665b75e44aab8c7b8af78a2eb18247ddd4014b01067dccad4ed287ed3446ad68d", @ANYRES16=r3, @ANYBLOB="040025bd7000ffdbdf2516000000"], 0x14}, 0x1, 0x0, 0x0, 0x4040001}, 0x800)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x520, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4010)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x50, r5, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5c9}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xe5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r7, 0x709}, 0x14}}, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x74, r7, 0x300, 0x2, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040000)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:23 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140))

18:29:23 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140))

18:29:23 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x1403, 0x400, 0x70bd2d, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'netdevsim0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vlan0\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x100}, 0x10)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:23 executing program 5:
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000080)=""/234, &(0x7f0000000000)=0xea)
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000080)=""/234, &(0x7f0000000000)=0xea) (async)
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)

18:29:23 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
timerfd_create(0x5, 0x80000)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

18:29:23 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x1403, 0x400, 0x70bd2d, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'netdevsim0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vlan0\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x100}, 0x10)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:23 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140))

18:29:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:23 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x10000, 0x101080)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000040))

18:29:23 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)

18:29:24 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async, rerun: 64)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008001d00", @ANYRES32, @ANYBLOB="080001bd4bba0f00"], 0x24}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan3\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan3\x00'})
sendmsg$NL802154_CMD_GET_SEC_KEY(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="018000009e9c8fa1b07ffeb8d42b1cc69ce84632c550d00c31f4877d53fa88168be63749a8cd44e18b807f594e2bad7f94a4a1c54fc9168fff26293a607ff3c785ee41d26574a77746e7b0e20be0ab0885485db6915a7a8c88d84f662f875e5451642e8b998e87d18ffb9cb8d63d4e9d27905bbf2837070c8642bfb112e3d0bfc96a9d1ba9071674b4f07f35ce0035f436823fd0f216b4bf196ebbc44c2472c6ed0fe300000000c76b6dbc551db1d145b9919107779d4ac7a01f35ca8b2593eefa0115e76a9bf8820fd7b68fd8030842c3575ce4be4e978020324db601439c29f341ae6a0665b75e44aab8c7b8af78a2eb18247ddd4014b01067dccad4ed287ed3446ad68d", @ANYRES16=r3, @ANYBLOB="040025bd7000ffdbdf2516000000"], 0x14}, 0x1, 0x0, 0x0, 0x4040001}, 0x800) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x520, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4010) (async, rerun: 32)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), 0xffffffffffffffff) (rerun: 32)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x50, r5, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5c9}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xe5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x0) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6) (async, rerun: 64)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
sendmsg$IEEE802154_LIST_IFACE(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r7, 0x709}, 0x14}}, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x74, r7, 0x300, 0x2, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040000)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:24 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x1403, 0x400, 0x70bd2d, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'netdevsim0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vlan0\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x100}, 0x10) (async)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:24 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)

18:29:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:24 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x10000, 0x101080)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000040))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
syz_open_dev$dri(&(0x7f0000000000), 0x10000, 0x101080) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000040)) (async)

18:29:24 executing program 5:
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000080)=""/234, &(0x7f0000000000)=0xea) (async)
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:24 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:24 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008001d00", @ANYRES32, @ANYBLOB="080001bd4bba0f00"], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan3\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan3\x00'})
sendmsg$NL802154_CMD_GET_SEC_KEY(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="018000009e9c8fa1b07ffeb8d42b1cc69ce84632c550d00c31f4877d53fa88168be63749a8cd44e18b807f594e2bad7f94a4a1c54fc9168fff26293a607ff3c785ee41d26574a77746e7b0e20be0ab0885485db6915a7a8c88d84f662f875e5451642e8b998e87d18ffb9cb8d63d4e9d27905bbf2837070c8642bfb112e3d0bfc96a9d1ba9071674b4f07f35ce0035f436823fd0f216b4bf196ebbc44c2472c6ed0fe300000000c76b6dbc551db1d145b9919107779d4ac7a01f35ca8b2593eefa0115e76a9bf8820fd7b68fd8030842c3575ce4be4e978020324db601439c29f341ae6a0665b75e44aab8c7b8af78a2eb18247ddd4014b01067dccad4ed287ed3446ad68d", @ANYRES16=r3, @ANYBLOB="040025bd7000ffdbdf2516000000"], 0x14}, 0x1, 0x0, 0x0, 0x4040001}, 0x800)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x520, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4010)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x50, r5, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5c9}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xe5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r7, 0x709}, 0x14}}, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x74, r7, 0x300, 0x2, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040000)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:24 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f0000000040))
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:24 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x10000, 0x101080)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000040))

18:29:24 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:24 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000))
epoll_create1(0x80000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = epoll_create1(0x80000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3)
epoll_create(0x7)

18:29:25 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008001d00", @ANYRES32, @ANYBLOB="080001bd4bba0f00"], 0x24}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan3\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan3\x00'})
sendmsg$NL802154_CMD_GET_SEC_KEY(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="018000009e9c8fa1b07ffeb8d42b1cc69ce84632c550d00c31f4877d53fa88168be63749a8cd44e18b807f594e2bad7f94a4a1c54fc9168fff26293a607ff3c785ee41d26574a77746e7b0e20be0ab0885485db6915a7a8c88d84f662f875e5451642e8b998e87d18ffb9cb8d63d4e9d27905bbf2837070c8642bfb112e3d0bfc96a9d1ba9071674b4f07f35ce0035f436823fd0f216b4bf196ebbc44c2472c6ed0fe300000000c76b6dbc551db1d145b9919107779d4ac7a01f35ca8b2593eefa0115e76a9bf8820fd7b68fd8030842c3575ce4be4e978020324db601439c29f341ae6a0665b75e44aab8c7b8af78a2eb18247ddd4014b01067dccad4ed287ed3446ad68d", @ANYRES16=r3, @ANYBLOB="040025bd7000ffdbdf2516000000"], 0x14}, 0x1, 0x0, 0x0, 0x4040001}, 0x800) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x520, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4010)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x50, r5, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5c9}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xe5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r7, 0x709}, 0x14}}, 0x0) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x74, r7, 0x300, 0x2, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040000) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f0000000040))
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f0000000040)) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:25 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000)) (async)
epoll_create1(0x80000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
r2 = epoll_create1(0x80000) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3)
epoll_create(0x7)

18:29:25 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:25 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x3, @sliced={0x401, [0x800, 0xf7eb, 0x2, 0x5, 0x0, 0x401, 0x2, 0xfffa, 0x9, 0x200, 0x0, 0x1, 0x1000, 0x800, 0xb0, 0x2, 0x4, 0x1, 0x9, 0x5, 0x2, 0x2, 0x6, 0x5, 0x3, 0x2, 0x7, 0x99, 0xb4a, 0x6, 0x0, 0xc302, 0x8, 0x5, 0x7, 0xfff7, 0x7ff, 0x8000, 0xa15c, 0x6, 0x3ff, 0x0, 0x8, 0x3ff, 0x1da8, 0xed59, 0x8, 0x1ff], 0xff}})
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = timerfd_create(0x1, 0x80800)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x90000004})
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000080))

18:29:25 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7f, 0x8c87, 0x9, 0x1, 0x15, "d034f8d9ad7ac6b0"})
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/user\x00')
r1 = epoll_create1(0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000080)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x991, 0x7, 0x3, 0x2, 0x80, "6bc5bfdf1e1593c416270cde105aa29de383458c874ff8e77951c655ac061662bc8f2879e44348d17933619cd3791899849164c90e68a74c759431a8f1e3da2fc7067511052e93f4492e526d7840b4a59bc88ac13df3caab659776837d2f78a0b39ca47881a350922f3dfc22b58818683fac69e116462d1a8b7df9de2a0f0d6c"})

18:29:25 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000))
epoll_create1(0x80000) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
r2 = epoll_create1(0x80000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3) (async)
epoll_create(0x7)

18:29:25 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7f, 0x8c87, 0x9, 0x1, 0x15, "d034f8d9ad7ac6b0"})
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/user\x00')
r1 = epoll_create1(0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000080)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x991, 0x7, 0x3, 0x2, 0x80, "6bc5bfdf1e1593c416270cde105aa29de383458c874ff8e77951c655ac061662bc8f2879e44348d17933619cd3791899849164c90e68a74c759431a8f1e3da2fc7067511052e93f4492e526d7840b4a59bc88ac13df3caab659776837d2f78a0b39ca47881a350922f3dfc22b58818683fac69e116462d1a8b7df9de2a0f0d6c"})

18:29:25 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f0000000040))
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f0000000040)) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:25 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7f, 0x8c87, 0x9, 0x1, 0x15, "d034f8d9ad7ac6b0"})
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/user\x00')
r1 = epoll_create1(0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000080)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x991, 0x7, 0x3, 0x2, 0x80, "6bc5bfdf1e1593c416270cde105aa29de383458c874ff8e77951c655ac061662bc8f2879e44348d17933619cd3791899849164c90e68a74c759431a8f1e3da2fc7067511052e93f4492e526d7840b4a59bc88ac13df3caab659776837d2f78a0b39ca47881a350922f3dfc22b58818683fac69e116462d1a8b7df9de2a0f0d6c"})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7f, 0x8c87, 0x9, 0x1, 0x15, "d034f8d9ad7ac6b0"}) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/user\x00') (async)
epoll_create1(0x0) (async)
ioctl$VT_DISALLOCATE(r0, 0x5608) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000080)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x991, 0x7, 0x3, 0x2, 0x80, "6bc5bfdf1e1593c416270cde105aa29de383458c874ff8e77951c655ac061662bc8f2879e44348d17933619cd3791899849164c90e68a74c759431a8f1e3da2fc7067511052e93f4492e526d7840b4a59bc88ac13df3caab659776837d2f78a0b39ca47881a350922f3dfc22b58818683fac69e116462d1a8b7df9de2a0f0d6c"}) (async)

18:29:25 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)

18:29:25 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x3, @sliced={0x401, [0x800, 0xf7eb, 0x2, 0x5, 0x0, 0x401, 0x2, 0xfffa, 0x9, 0x200, 0x0, 0x1, 0x1000, 0x800, 0xb0, 0x2, 0x4, 0x1, 0x9, 0x5, 0x2, 0x2, 0x6, 0x5, 0x3, 0x2, 0x7, 0x99, 0xb4a, 0x6, 0x0, 0xc302, 0x8, 0x5, 0x7, 0xfff7, 0x7ff, 0x8000, 0xa15c, 0x6, 0x3ff, 0x0, 0x8, 0x3ff, 0x1da8, 0xed59, 0x8, 0x1ff], 0xff}})
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = timerfd_create(0x1, 0x80800)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x90000004})
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000080))
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x3, @sliced={0x401, [0x800, 0xf7eb, 0x2, 0x5, 0x0, 0x401, 0x2, 0xfffa, 0x9, 0x200, 0x0, 0x1, 0x1000, 0x800, 0xb0, 0x2, 0x4, 0x1, 0x9, 0x5, 0x2, 0x2, 0x6, 0x5, 0x3, 0x2, 0x7, 0x99, 0xb4a, 0x6, 0x0, 0xc302, 0x8, 0x5, 0x7, 0xfff7, 0x7ff, 0x8000, 0xa15c, 0x6, 0x3ff, 0x0, 0x8, 0x3ff, 0x1da8, 0xed59, 0x8, 0x1ff], 0xff}}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_create(0x1, 0x80800) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x90000004}) (async)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000080)) (async)

18:29:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x9, 0x401, 0x40, 0x2, 0x14, "79f59391a366fec5"})
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:26 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000080)={0x1f, @none}, 0x8)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000040)={0xfff, 0x81, 0x80, 0x7fffffff, 0x81, "3e456919708f5b2199fffb284b5efd5e02f6ea", 0x6, 0x8})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000000c0)={0x9, 0x5, 0xda63})

18:29:26 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))

18:29:26 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x7f, 0x8c87, 0x9, 0x1, 0x15, "d034f8d9ad7ac6b0"}) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/user\x00') (async)
r1 = epoll_create1(0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000080)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x991, 0x7, 0x3, 0x2, 0x80, "6bc5bfdf1e1593c416270cde105aa29de383458c874ff8e77951c655ac061662bc8f2879e44348d17933619cd3791899849164c90e68a74c759431a8f1e3da2fc7067511052e93f4492e526d7840b4a59bc88ac13df3caab659776837d2f78a0b39ca47881a350922f3dfc22b58818683fac69e116462d1a8b7df9de2a0f0d6c"})

18:29:26 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x3, @sliced={0x401, [0x800, 0xf7eb, 0x2, 0x5, 0x0, 0x401, 0x2, 0xfffa, 0x9, 0x200, 0x0, 0x1, 0x1000, 0x800, 0xb0, 0x2, 0x4, 0x1, 0x9, 0x5, 0x2, 0x2, 0x6, 0x5, 0x3, 0x2, 0x7, 0x99, 0xb4a, 0x6, 0x0, 0xc302, 0x8, 0x5, 0x7, 0xfff7, 0x7ff, 0x8000, 0xa15c, 0x6, 0x3ff, 0x0, 0x8, 0x3ff, 0x1da8, 0xed59, 0x8, 0x1ff], 0xff}}) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (async)
r3 = timerfd_create(0x1, 0x80800)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x90000004}) (async)
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000080))

18:29:26 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r4 = syz_open_pts(0xffffffffffffffff, 0x80002)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000180)={0x400, 0x0, 0xe48e, 0x8, 0x6, "97df853f5e5d2ef6"})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r3, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8011}, 0x40080)

18:29:26 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)

18:29:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x9, 0x401, 0x40, 0x2, 0x14, "79f59391a366fec5"})
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:26 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x200, 0xfff, 0x7, 0x0, 0x3, "76add2bb4db66f7dfe3a4139b0219b846c3f19"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000200)={0x5bd3e43f, 0x100, 0x6, 0x9, 0x15, "c77ffd4ce7cca87658198ea8d85f21e88d0bd2", 0x4, 0x1})
timerfd_gettime(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000140), &(0x7f00000001c0)=0x14)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000100)={0x9, 0x2, 0x6, 0x3585a9ea, 0x6, 0x1, 0x10})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000080)={0x5, [0x7ff, 0x5, 0x8, 0x5, 0x6, 0x8, 0xfff, 0x3, 0x3, 0xd478, 0x3, 0x7, 0xa2c, 0x2, 0x6, 0x4, 0x2, 0x3ff, 0x20, 0x6941, 0x4, 0x20d5, 0x40, 0x1, 0x609, 0x800, 0x1, 0x3bc6, 0xb98e, 0x9, 0xfff9, 0x2, 0x1, 0x8, 0xfffa, 0x35b, 0x9, 0x3, 0x0, 0x9, 0x800, 0xfffc, 0xffff, 0x6, 0x20, 0x7, 0xffff, 0x8], 0x3})

18:29:26 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040))
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x2, &(0x7f0000000000)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:26 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x9, 0x401, 0x40, 0x2, 0x14, "79f59391a366fec5"})
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
epoll_create1(0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x9, 0x401, 0x40, 0x2, 0x14, "79f59391a366fec5"}) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:26 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x200, 0xfff, 0x7, 0x0, 0x3, "76add2bb4db66f7dfe3a4139b0219b846c3f19"}) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000200)={0x5bd3e43f, 0x100, 0x6, 0x9, 0x15, "c77ffd4ce7cca87658198ea8d85f21e88d0bd2", 0x4, 0x1}) (async)
timerfd_gettime(r3, 0x0) (async)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000140), &(0x7f00000001c0)=0x14)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000100)={0x9, 0x2, 0x6, 0x3585a9ea, 0x6, 0x1, 0x10}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000080)={0x5, [0x7ff, 0x5, 0x8, 0x5, 0x6, 0x8, 0xfff, 0x3, 0x3, 0xd478, 0x3, 0x7, 0xa2c, 0x2, 0x6, 0x4, 0x2, 0x3ff, 0x20, 0x6941, 0x4, 0x20d5, 0x40, 0x1, 0x609, 0x800, 0x1, 0x3bc6, 0xb98e, 0x9, 0xfff9, 0x2, 0x1, 0x8, 0xfffa, 0x35b, 0x9, 0x3, 0x0, 0x9, 0x800, 0xfffc, 0xffff, 0x6, 0x20, 0x7, 0xffff, 0x8], 0x3})

18:29:26 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x9, "06828993ab00"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x128, 0x1403, 0x10, 0x70bd2a, 0x25dfdbfd, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_vlan\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'macvlan0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vxcan1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_hsr\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan0\x00'}}]}, 0x128}, 0x1, 0x0, 0x0, 0x40000044}, 0x8000)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:27 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000080)={0x1f, @none}, 0x8) (async, rerun: 64)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) (rerun: 64)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000040)={0xfff, 0x81, 0x80, 0x7fffffff, 0x81, "3e456919708f5b2199fffb284b5efd5e02f6ea", 0x6, 0x8}) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000000c0)={0x9, 0x5, 0xda63})

18:29:27 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x200, 0xfff, 0x7, 0x0, 0x3, "76add2bb4db66f7dfe3a4139b0219b846c3f19"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000200)={0x5bd3e43f, 0x100, 0x6, 0x9, 0x15, "c77ffd4ce7cca87658198ea8d85f21e88d0bd2", 0x4, 0x1})
timerfd_gettime(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000140), &(0x7f00000001c0)=0x14)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000100)={0x9, 0x2, 0x6, 0x3585a9ea, 0x6, 0x1, 0x10})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000080)={0x5, [0x7ff, 0x5, 0x8, 0x5, 0x6, 0x8, 0xfff, 0x3, 0x3, 0xd478, 0x3, 0x7, 0xa2c, 0x2, 0x6, 0x4, 0x2, 0x3ff, 0x20, 0x6941, 0x4, 0x20d5, 0x40, 0x1, 0x609, 0x800, 0x1, 0x3bc6, 0xb98e, 0x9, 0xfff9, 0x2, 0x1, 0x8, 0xfffa, 0x35b, 0x9, 0x3, 0x0, 0x9, 0x800, 0xfffc, 0xffff, 0x6, 0x20, 0x7, 0xffff, 0x8], 0x3})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x200, 0xfff, 0x7, 0x0, 0x3, "76add2bb4db66f7dfe3a4139b0219b846c3f19"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000200)={0x5bd3e43f, 0x100, 0x6, 0x9, 0x15, "c77ffd4ce7cca87658198ea8d85f21e88d0bd2", 0x4, 0x1}) (async)
timerfd_gettime(r3, 0x0) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000140), &(0x7f00000001c0)=0x14) (async)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000100)={0x9, 0x2, 0x6, 0x3585a9ea, 0x6, 0x1, 0x10}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000080)={0x5, [0x7ff, 0x5, 0x8, 0x5, 0x6, 0x8, 0xfff, 0x3, 0x3, 0xd478, 0x3, 0x7, 0xa2c, 0x2, 0x6, 0x4, 0x2, 0x3ff, 0x20, 0x6941, 0x4, 0x20d5, 0x40, 0x1, 0x609, 0x800, 0x1, 0x3bc6, 0xb98e, 0x9, 0xfff9, 0x2, 0x1, 0x8, 0xfffa, 0x35b, 0x9, 0x3, 0x0, 0x9, 0x800, 0xfffc, 0xffff, 0x6, 0x20, 0x7, 0xffff, 0x8], 0x3}) (async)

18:29:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:27 executing program 0:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r1, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x1}, @IEEE802154_ATTR_LBT_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x80)
r2 = syz_open_dev$vivid(&(0x7f0000000140), 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x4, 0xc4, 0x72780406, 0x2, 0x6, 0x80, 0x4, 0xfffffff9, 0x1, 0x3, 0x2, 0x5}})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x7}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44085}, 0xc011)

18:29:27 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x1, 0x0, 0x3, 0x3}, 0x1, 0x28, &(0x7f0000000300)={{0x3, 0x2, 0x557, 0x1}, &(0x7f00000002c0)={{0xffff, 0xe0000000, 0x800, 0x3ff}, &(0x7f0000000180)={{0x1, 0x3, 0xd8, 0x8}}}}, 0x3ff, &(0x7f0000000340), 0x5}})
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
r4 = syz_open_dev$vbi(&(0x7f00000000c0), 0x1, 0x2)
ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000440)=@multiplanar_userptr={0x1, 0xcfc5b6ec311b484f, 0x4, 0x2000, 0x8, {0x0, 0x2710}, {0x5, 0xc, 0x6, 0x3, 0x0, 0x7, "8fb44470"}, 0xd78f, 0x2, {&(0x7f00000003c0)=[{0x793, 0x8, {&(0x7f0000000340)}, 0x1}, {0x40, 0x81, {&(0x7f0000000380)}, 0xfffffffd}]}, 0xe89, 0x0, r3})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_SUBDEV_G_EDID(r5, 0xc0285628, &(0x7f0000000500)={0x0, 0x2, 0x1, '\x00', &(0x7f00000004c0)=0x4})
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000100)={0x6, 0x7, 0x2, "5084d644199e9e7369e20d4f4253e784a32cbb7d17d1fdb41b8621909a3e8f3e", 0x3032344d})
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000000080))

18:29:27 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r4 = syz_open_pts(0xffffffffffffffff, 0x80002)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000180)={0x400, 0x0, 0xe48e, 0x8, 0x6, "97df853f5e5d2ef6"})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r3, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8011}, 0x40080)

18:29:27 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r4 = syz_open_pts(0xffffffffffffffff, 0x80002)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000180)={0x400, 0x0, 0xe48e, 0x8, 0x6, "97df853f5e5d2ef6"})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r3, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8011}, 0x40080)

18:29:27 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:27 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:27 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r4 = syz_open_pts(0xffffffffffffffff, 0x80002)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000180)={0x400, 0x0, 0xe48e, 0x8, 0x6, "97df853f5e5d2ef6"})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r3, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8011}, 0x40080)

18:29:27 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x1, 0x0, 0x3, 0x3}, 0x1, 0x28, &(0x7f0000000300)={{0x3, 0x2, 0x557, 0x1}, &(0x7f00000002c0)={{0xffff, 0xe0000000, 0x800, 0x3ff}, &(0x7f0000000180)={{0x1, 0x3, 0xd8, 0x8}}}}, 0x3ff, &(0x7f0000000340), 0x5}})
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
r4 = syz_open_dev$vbi(&(0x7f00000000c0), 0x1, 0x2)
ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000440)=@multiplanar_userptr={0x1, 0xcfc5b6ec311b484f, 0x4, 0x2000, 0x8, {0x0, 0x2710}, {0x5, 0xc, 0x6, 0x3, 0x0, 0x7, "8fb44470"}, 0xd78f, 0x2, {&(0x7f00000003c0)=[{0x793, 0x8, {&(0x7f0000000340)}, 0x1}, {0x40, 0x81, {&(0x7f0000000380)}, 0xfffffffd}]}, 0xe89, 0x0, r3})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_SUBDEV_G_EDID(r5, 0xc0285628, &(0x7f0000000500)={0x0, 0x2, 0x1, '\x00', &(0x7f00000004c0)=0x4})
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000100)={0x6, 0x7, 0x2, "5084d644199e9e7369e20d4f4253e784a32cbb7d17d1fdb41b8621909a3e8f3e", 0x3032344d})
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000000080))
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x1, 0x0, 0x3, 0x3}, 0x1, 0x28, &(0x7f0000000300)={{0x3, 0x2, 0x557, 0x1}, &(0x7f00000002c0)={{0xffff, 0xe0000000, 0x800, 0x3ff}, &(0x7f0000000180)={{0x1, 0x3, 0xd8, 0x8}}}}, 0x3ff, &(0x7f0000000340), 0x5}}) (async)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) (async)
pipe2(&(0x7f0000000900), 0x80000) (async)
syz_open_dev$vbi(&(0x7f00000000c0), 0x1, 0x2) (async)
ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000440)=@multiplanar_userptr={0x1, 0xcfc5b6ec311b484f, 0x4, 0x2000, 0x8, {0x0, 0x2710}, {0x5, 0xc, 0x6, 0x3, 0x0, 0x7, "8fb44470"}, 0xd78f, 0x2, {&(0x7f00000003c0)=[{0x793, 0x8, {&(0x7f0000000340)}, 0x1}, {0x40, 0x81, {&(0x7f0000000380)}, 0xfffffffd}]}, 0xe89, 0x0, r3}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r5, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_EDID(r5, 0xc0285628, &(0x7f0000000500)={0x0, 0x2, 0x1, '\x00', &(0x7f00000004c0)=0x4}) (async)
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000100)={0x6, 0x7, 0x2, "5084d644199e9e7369e20d4f4253e784a32cbb7d17d1fdb41b8621909a3e8f3e", 0x3032344d}) (async)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000000080)) (async)

18:29:28 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000080)={0x1f, @none}, 0x8)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000040)={0xfff, 0x81, 0x80, 0x7fffffff, 0x81, "3e456919708f5b2199fffb284b5efd5e02f6ea", 0x6, 0x8}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000000c0)={0x9, 0x5, 0xda63})

18:29:28 executing program 0:
syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)

18:29:28 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:28 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x1, 0x0, 0x3, 0x3}, 0x1, 0x28, &(0x7f0000000300)={{0x3, 0x2, 0x557, 0x1}, &(0x7f00000002c0)={{0xffff, 0xe0000000, 0x800, 0x3ff}, &(0x7f0000000180)={{0x1, 0x3, 0xd8, 0x8}}}}, 0x3ff, &(0x7f0000000340), 0x5}})
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
r4 = syz_open_dev$vbi(&(0x7f00000000c0), 0x1, 0x2)
ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000440)=@multiplanar_userptr={0x1, 0xcfc5b6ec311b484f, 0x4, 0x2000, 0x8, {0x0, 0x2710}, {0x5, 0xc, 0x6, 0x3, 0x0, 0x7, "8fb44470"}, 0xd78f, 0x2, {&(0x7f00000003c0)=[{0x793, 0x8, {&(0x7f0000000340)}, 0x1}, {0x40, 0x81, {&(0x7f0000000380)}, 0xfffffffd}]}, 0xe89, 0x0, r3})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_SUBDEV_G_EDID(r5, 0xc0285628, &(0x7f0000000500)={0x0, 0x2, 0x1, '\x00', &(0x7f00000004c0)=0x4})
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000100)={0x6, 0x7, 0x2, "5084d644199e9e7369e20d4f4253e784a32cbb7d17d1fdb41b8621909a3e8f3e", 0x3032344d})
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000000080))
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x1, 0x0, 0x3, 0x3}, 0x1, 0x28, &(0x7f0000000300)={{0x3, 0x2, 0x557, 0x1}, &(0x7f00000002c0)={{0xffff, 0xe0000000, 0x800, 0x3ff}, &(0x7f0000000180)={{0x1, 0x3, 0xd8, 0x8}}}}, 0x3ff, &(0x7f0000000340), 0x5}}) (async)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) (async)
pipe2(&(0x7f0000000900), 0x80000) (async)
syz_open_dev$vbi(&(0x7f00000000c0), 0x1, 0x2) (async)
ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000440)=@multiplanar_userptr={0x1, 0xcfc5b6ec311b484f, 0x4, 0x2000, 0x8, {0x0, 0x2710}, {0x5, 0xc, 0x6, 0x3, 0x0, 0x7, "8fb44470"}, 0xd78f, 0x2, {&(0x7f00000003c0)=[{0x793, 0x8, {&(0x7f0000000340)}, 0x1}, {0x40, 0x81, {&(0x7f0000000380)}, 0xfffffffd}]}, 0xe89, 0x0, r3}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r5, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_EDID(r5, 0xc0285628, &(0x7f0000000500)={0x0, 0x2, 0x1, '\x00', &(0x7f00000004c0)=0x4}) (async)
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000100)={0x6, 0x7, 0x2, "5084d644199e9e7369e20d4f4253e784a32cbb7d17d1fdb41b8621909a3e8f3e", 0x3032344d}) (async)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000000080)) (async)

18:29:28 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r4 = syz_open_pts(0xffffffffffffffff, 0x80002)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000180)={0x400, 0x0, 0xe48e, 0x8, 0x6, "97df853f5e5d2ef6"}) (async)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r3, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8011}, 0x40080)

18:29:28 executing program 1:
pselect6(0x40, &(0x7f0000000000)={0x100000000, 0x9, 0x8d, 0x0, 0x0, 0x3f, 0x7, 0x7fff}, &(0x7f0000000080)={0x6, 0x8001, 0x10001, 0x560, 0xe, 0x1, 0x5, 0x4619d076}, &(0x7f0000000100)={0x1, 0x9, 0x0, 0x5, 0xf94, 0x100, 0xd95, 0x5}, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x4]}, 0x8})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:28 executing program 0:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0))
sendmsg$RDMA_NLDEV_CMD_SYS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x1406, 0x400, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000000))
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x6c1200, 0x0)

18:29:28 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000)) (async, rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (rerun: 32)

18:29:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:28 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:28 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400f0b43f5893e1264509bf56b339ccbe2f2023a6003b390000", @ANYRES16=r4, @ANYBLOB="080025bd7000fddbdf2514000000"], 0x14}}, 0x4040004)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:28 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010b29bd7000fddbdf250a0000005eb4998be6969d4084c50f46c49afac8a5c9b3a2bf7f203faf51b8c5dc63db880e1f939aae26db09ecc26c0fe5677d4960036ec7bfc7659211712db0c4d1ef5cbc71daaf4755dd06596647318cbb7b9ba4da0080"], 0x14}, 0x1, 0x0, 0x0, 0x40840}, 0x4)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:28 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x3}}, 0x20)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:28 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400f0b43f5893e1264509bf56b339ccbe2f2023a6003b390000", @ANYRES16=r4, @ANYBLOB="080025bd7000fddbdf2514000000"], 0x14}}, 0x4040004)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400f0b43f5893e1264509bf56b339ccbe2f2023a6003b390000", @ANYRES16=r4, @ANYBLOB="080025bd7000fddbdf2514000000"], 0x14}}, 0x4040004) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async, rerun: 32)
ioctl$TCXONC(r0, 0x540a, 0x0) (rerun: 32)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:28 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x1, 0x0, &(0x7f0000000080)=[{<r1=>0x80000000}], 0x2, 0x0, &(0x7f00000002c0)=[{}, {}], 0x7, 0x0, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000100)=[{}, {}, {}]})
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, &(0x7f0000000000), &(0x7f0000000540)=[{}, {{<r2=>0x80000000}}]})
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, &(0x7f00000005c0)={{r1, 0x0, 0x7, [0x1, 0x7]}, {r2, 0x0, 0x4, [0x8000, 0x8]}, 0x4, [0x1, 0x8]})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:28 executing program 1:
pselect6(0x40, &(0x7f0000000000)={0x100000000, 0x9, 0x8d, 0x0, 0x0, 0x3f, 0x7, 0x7fff}, &(0x7f0000000080)={0x6, 0x8001, 0x10001, 0x560, 0xe, 0x1, 0x5, 0x4619d076}, &(0x7f0000000100)={0x1, 0x9, 0x0, 0x5, 0xf94, 0x100, 0xd95, 0x5}, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x4]}, 0x8})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:28 executing program 0:
r0 = syz_open_dev$media(&(0x7f0000000100), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000200)={0x80000000, &(0x7f0000000140)=[{}, {<r1=>0x80000000}], 0x0})
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000300)={r1, 0x0, 0x0})
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000100)={0x80000000, &(0x7f0000000000)=[{}, {0x80000000, <r2=>0x0}], &(0x7f0000000080)})
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, &(0x7f0000000140)={{0x80000000, 0x0, 0x1, [0x72c, 0x9]}, {r1, r2, 0x2, [0x0, 0x7c5]}, 0x2, [0x4, 0x3f]})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r4 = epoll_create1(0x0)
ioctl$TIOCGPTPEER(r3, 0x5441, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000180))

18:29:28 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010b29bd7000fddbdf250a0000005eb4998be6969d4084c50f46c49afac8a5c9b3a2bf7f203faf51b8c5dc63db880e1f939aae26db09ecc26c0fe5677d4960036ec7bfc7659211712db0c4d1ef5cbc71daaf4755dd06596647318cbb7b9ba4da0080"], 0x14}, 0x1, 0x0, 0x0, 0x40840}, 0x4) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:28 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'vlan1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'macvlan1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x64000}, 0x800)

18:29:29 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400f0b43f5893e1264509bf56b339ccbe2f2023a6003b390000", @ANYRES16=r4, @ANYBLOB="080025bd7000fddbdf2514000000"], 0x14}}, 0x4040004)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400f0b43f5893e1264509bf56b339ccbe2f2023a6003b390000", @ANYRES16=r4, @ANYBLOB="080025bd7000fddbdf2514000000"], 0x14}}, 0x4040004) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:29 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:29 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'vlan1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'macvlan1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x64000}, 0x800)

18:29:29 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'vlan1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'macvlan1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x64000}, 0x800)

18:29:29 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010b29bd7000fddbdf250a0000005eb4998be6969d4084c50f46c49afac8a5c9b3a2bf7f203faf51b8c5dc63db880e1f939aae26db09ecc26c0fe5677d4960036ec7bfc7659211712db0c4d1ef5cbc71daaf4755dd06596647318cbb7b9ba4da0080"], 0x14}, 0x1, 0x0, 0x0, 0x40840}, 0x4)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010b29bd7000fddbdf250a0000005eb4998be6969d4084c50f46c49afac8a5c9b3a2bf7f203faf51b8c5dc63db880e1f939aae26db09ecc26c0fe5677d4960036ec7bfc7659211712db0c4d1ef5cbc71daaf4755dd06596647318cbb7b9ba4da0080"], 0x14}, 0x1, 0x0, 0x0, 0x40840}, 0x4) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)

18:29:29 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x204001, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:29 executing program 4:
r0 = epoll_create1(0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000180)={0xc0000004})
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0xffffffffffff2d7d)

18:29:29 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async, rerun: 64)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x1, 0x0, &(0x7f0000000080)=[{<r1=>0x80000000}], 0x2, 0x0, &(0x7f00000002c0)=[{}, {}], 0x7, 0x0, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000100)=[{}, {}, {}]}) (async, rerun: 64)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, &(0x7f0000000000), &(0x7f0000000540)=[{}, {{<r2=>0x80000000}}]})
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, &(0x7f00000005c0)={{r1, 0x0, 0x7, [0x1, 0x7]}, {r2, 0x0, 0x4, [0x8000, 0x8]}, 0x4, [0x1, 0x8]})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:29 executing program 1:
pselect6(0x40, &(0x7f0000000000)={0x100000000, 0x9, 0x8d, 0x0, 0x0, 0x3f, 0x7, 0x7fff}, &(0x7f0000000080)={0x6, 0x8001, 0x10001, 0x560, 0xe, 0x1, 0x5, 0x4619d076}, &(0x7f0000000100)={0x1, 0x9, 0x0, 0x5, 0xf94, 0x100, 0xd95, 0x5}, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x4]}, 0x8}) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:29 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x204001, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:29 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:29 executing program 4:
r0 = epoll_create1(0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000180)={0xc0000004}) (async)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0xffffffffffff2d7d)

18:29:29 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

18:29:29 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x1, 0x0, &(0x7f0000000080)=[{<r1=>0x80000000}], 0x2, 0x0, &(0x7f00000002c0)=[{}, {}], 0x7, 0x0, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000100)=[{}, {}, {}]})
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, &(0x7f0000000000), &(0x7f0000000540)=[{}, {{<r2=>0x80000000}}]})
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, &(0x7f00000005c0)={{r1, 0x0, 0x7, [0x1, 0x7]}, {r2, 0x0, 0x4, [0x8000, 0x8]}, 0x4, [0x1, 0x8]})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x1, 0x0, &(0x7f0000000080)=[{}], 0x2, 0x0, &(0x7f00000002c0)=[{}, {}], 0x7, 0x0, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000100)=[{}, {}, {}]}) (async)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, &(0x7f0000000000), &(0x7f0000000540)}) (async)
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, &(0x7f00000005c0)={{r1, 0x0, 0x7, [0x1, 0x7]}, {r2, 0x0, 0x4, [0x8000, 0x8]}, 0x4, [0x1, 0x8]}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)

18:29:29 executing program 0:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:29 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x204001, 0x0) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:29 executing program 0:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:29 executing program 4:
r0 = epoll_create1(0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000180)={0xc0000004}) (async)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0xffffffffffff2d7d)

18:29:29 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:29 executing program 0:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:30 executing program 1:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r6, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffff8001}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20004811)

18:29:30 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:30 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:30 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000000080)={0x7, 0x0, '\x00', {0x0, @reserved}})
timerfd_gettime(r2, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x9, 0x400, 0x7fff, 0x80, 0x6, "09d6b011665fdecc3b860dd3f33c9083279dce"})

18:29:30 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)

18:29:30 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x844)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r6 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r6, &(0x7f0000000000)={0x10})
sendmsg$RDMA_NLDEV_CMD_RES_GET(r7, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x1409, 0x300, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4044801}, 0x4010)
ioctl$TCXONC(r5, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000180))

18:29:30 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:30 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:30 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x844) (async)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r6 = epoll_create1(0x0) (async, rerun: 32)
pipe2(&(0x7f0000000900)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r6, &(0x7f0000000000)={0x10}) (async)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r7, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x1409, 0x300, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4044801}, 0x4010)
ioctl$TCXONC(r5, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000180))

18:29:30 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:30 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, &(0x7f00000001c0)=0x62)

18:29:30 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async, rerun: 64)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x844) (async)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r6 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r8, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r6, &(0x7f0000000000)={0x10})
sendmsg$RDMA_NLDEV_CMD_RES_GET(r7, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x1409, 0x300, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4044801}, 0x4010)
ioctl$TCXONC(r5, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000180))

18:29:31 executing program 1:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r6, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffff8001}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20004811)
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080)) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f00000002c0), 0x80000) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882}) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]}) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
pipe2(&(0x7f00000005c0), 0x84000) (async)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r6, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880) (async)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffff8001}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20004811) (async)

18:29:31 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x7})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:31 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, &(0x7f00000001c0)=0x62)

18:29:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:31 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

18:29:31 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000000080)={0x7, 0x0, '\x00', {0x0, @reserved}})
timerfd_gettime(r2, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x9, 0x400, 0x7fff, 0x80, 0x6, "09d6b011665fdecc3b860dd3f33c9083279dce"})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000000080)={0x7, 0x0, '\x00', {0x0, @reserved}}) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x9, 0x400, 0x7fff, 0x80, 0x6, "09d6b011665fdecc3b860dd3f33c9083279dce"}) (async)

18:29:31 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, &(0x7f00000001c0)=0x62)

18:29:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:31 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, 0x0)

18:29:31 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x7})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x7}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:31 executing program 1:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080)) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882}) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r6, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880) (async)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffff8001}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20004811)

18:29:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:31 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, 0x0)

18:29:31 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x7}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:31 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, 0x0)

18:29:31 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:32 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x140d, 0x200, 0x70bd2a, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}]}, 0x38}}, 0x40)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:32 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r6, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffff8001}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20004811)

18:29:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:32 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000000080)={0x7, 0x0, '\x00', {0x0, @reserved}}) (async)
timerfd_gettime(r2, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000000)={0x9, 0x400, 0x7fff, 0x80, 0x6, "09d6b011665fdecc3b860dd3f33c9083279dce"})

18:29:32 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, "06828993ab00"})
ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0x8000000000000001)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
timerfd_gettime(r2, 0x0)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000000))
ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000080))

18:29:32 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r6, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffff8001}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20004811)

18:29:32 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x10)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:32 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r6, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffff8001}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20004811)

18:29:32 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x140d, 0x200, 0x70bd2a, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}]}, 0x38}}, 0x40)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x140d, 0x200, 0x70bd2a, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}]}, 0x38}}, 0x40) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)

18:29:32 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, "06828993ab00"}) (async)
ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0x8000000000000001) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
timerfd_gettime(r2, 0x0) (async)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000000)) (async)
ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000080))

18:29:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:32 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x10)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x10) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:32 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, "06828993ab00"})
ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0x8000000000000001)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
timerfd_gettime(r2, 0x0)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000000)) (async, rerun: 64)
ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000080)) (rerun: 64)

18:29:32 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x140d, 0x200, 0x70bd2a, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}]}, 0x38}}, 0x40)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:32 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x10)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x10) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:32 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000003c0)={0x1, 0x6, 0x1})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x1, 0x9, 0x1}, 0x4, 0xff7f4e86, &(0x7f0000000100)={{0x5, 0xffffffff, 0xfffffe01, 0x3}, &(0x7f00000000c0)={{0x800, 0x200, 0xfffffffc, 0x19e}, &(0x7f00000002c0)={{0xa26a, 0x1, 0xfffffff9, 0x9}}}}, 0x7fffffff, &(0x7f0000000140)="63c2203307fb014289edca2cdad568cac32683e6c37e1082dd34ce6bcdcdfd6a5245d966d0be3c334d65308d81beb26099b26b7da6623d3d93db35ee1cf32e63e9026088f6b5259a28aadcd440cf16ff221964fc3242", 0x2}})
r1 = syz_open_dev$vivid(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f0000000000)={{0x0, @name="58fd2d6fb47c13380a5bd128fa4b1a9da7b457ae39cd64a01fe0b9b2f7f0eb7e"}, 0x8, 0xffffffff, 0x7fff})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f0000000300)={0x7f, 0x0, '\x00', {0x0, @bt={0xa11, 0x7, 0x1, 0x2, 0xff, 0x8000, 0x3, 0x400, 0xf6a, 0x517, 0x8, 0x20, 0x6, 0x7ff, 0x1, 0x20, {0x100, 0x7a9a}, 0x95, 0x40}}})

18:29:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:32 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

18:29:32 executing program 3:
epoll_create1(0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x0, 0x4, 0x7f})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$VIDIOC_S_MODULATOR(0xffffffffffffffff, 0x40445637, &(0x7f0000000080)={0x1, "635e4d422215e47a9b6f35f73b7b86096a6f4acf9763381c042e85e0ef5a2da1", 0x80, 0x5, 0x0, 0x8, 0x2})

18:29:33 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x880)

18:29:33 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x4c, r2, 0x0, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x101}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7000000}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfffffff9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c000}, 0x20000040)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f00000000c0)=""/3, &(0x7f0000000100)=0x3)

18:29:33 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200)) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2}) (async)
pipe2(&(0x7f00000000c0), 0x80800) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0) (async)

18:29:33 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:33 executing program 3:
epoll_create1(0x0) (async)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x0, 0x4, 0x7f})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$VIDIOC_S_MODULATOR(0xffffffffffffffff, 0x40445637, &(0x7f0000000080)={0x1, "635e4d422215e47a9b6f35f73b7b86096a6f4acf9763381c042e85e0ef5a2da1", 0x80, 0x5, 0x0, 0x8, 0x2})

18:29:33 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000003c0)={0x1, 0x6, 0x1})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x1, 0x9, 0x1}, 0x4, 0xff7f4e86, &(0x7f0000000100)={{0x5, 0xffffffff, 0xfffffe01, 0x3}, &(0x7f00000000c0)={{0x800, 0x200, 0xfffffffc, 0x19e}, &(0x7f00000002c0)={{0xa26a, 0x1, 0xfffffff9, 0x9}}}}, 0x7fffffff, &(0x7f0000000140)="63c2203307fb014289edca2cdad568cac32683e6c37e1082dd34ce6bcdcdfd6a5245d966d0be3c334d65308d81beb26099b26b7da6623d3d93db35ee1cf32e63e9026088f6b5259a28aadcd440cf16ff221964fc3242", 0x2}})
r1 = syz_open_dev$vivid(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f0000000000)={{0x0, @name="58fd2d6fb47c13380a5bd128fa4b1a9da7b457ae39cd64a01fe0b9b2f7f0eb7e"}, 0x8, 0xffffffff, 0x7fff})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f0000000300)={0x7f, 0x0, '\x00', {0x0, @bt={0xa11, 0x7, 0x1, 0x2, 0xff, 0x8000, 0x3, 0x400, 0xf6a, 0x517, 0x8, 0x20, 0x6, 0x7ff, 0x1, 0x20, {0x100, 0x7a9a}, 0x95, 0x40}}})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000003c0)={0x1, 0x6, 0x1}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x1, 0x9, 0x1}, 0x4, 0xff7f4e86, &(0x7f0000000100)={{0x5, 0xffffffff, 0xfffffe01, 0x3}, &(0x7f00000000c0)={{0x800, 0x200, 0xfffffffc, 0x19e}, &(0x7f00000002c0)={{0xa26a, 0x1, 0xfffffff9, 0x9}}}}, 0x7fffffff, &(0x7f0000000140)="63c2203307fb014289edca2cdad568cac32683e6c37e1082dd34ce6bcdcdfd6a5245d966d0be3c334d65308d81beb26099b26b7da6623d3d93db35ee1cf32e63e9026088f6b5259a28aadcd440cf16ff221964fc3242", 0x2}}) (async)
syz_open_dev$vivid(&(0x7f0000000080), 0x1, 0x2) (async)
ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f0000000000)={{0x0, @name="58fd2d6fb47c13380a5bd128fa4b1a9da7b457ae39cd64a01fe0b9b2f7f0eb7e"}, 0x8, 0xffffffff, 0x7fff}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f0000000300)={0x7f, 0x0, '\x00', {0x0, @bt={0xa11, 0x7, 0x1, 0x2, 0xff, 0x8000, 0x3, 0x400, 0xf6a, 0x517, 0x8, 0x20, 0x6, 0x7ff, 0x1, 0x20, {0x100, 0x7a9a}, 0x95, 0x40}}}) (async)

18:29:33 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x4c, r2, 0x0, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x101}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7000000}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfffffff9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c000}, 0x20000040) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f00000000c0)=""/3, &(0x7f0000000100)=0x3)

18:29:33 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:33 executing program 3:
epoll_create1(0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x0, 0x4, 0x7f})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$VIDIOC_S_MODULATOR(0xffffffffffffffff, 0x40445637, &(0x7f0000000080)={0x1, "635e4d422215e47a9b6f35f73b7b86096a6f4acf9763381c042e85e0ef5a2da1", 0x80, 0x5, 0x0, 0x8, 0x2})
epoll_create1(0x0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x0, 0x4, 0x7f}) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$VIDIOC_S_MODULATOR(0xffffffffffffffff, 0x40445637, &(0x7f0000000080)={0x1, "635e4d422215e47a9b6f35f73b7b86096a6f4acf9763381c042e85e0ef5a2da1", 0x80, 0x5, 0x0, 0x8, 0x2}) (async)

18:29:33 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200)) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2}) (async)
pipe2(&(0x7f00000000c0), 0x80800) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0) (async)

18:29:33 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x4c, r2, 0x0, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x101}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7000000}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfffffff9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c000}, 0x20000040) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r3, 0x0)
getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f00000000c0)=""/3, &(0x7f0000000100)=0x3)

18:29:33 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000040)={0x7ff, 0xf8000000, 0x954})
pipe2(&(0x7f0000000000), 0x84800)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:34 executing program 2:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000925bd7000fddbdf251b00f202100023800c0004000203aaaa8aaaaaaa0c000600010000000100000a100023800c06b46f087a8c886408000300000000", @ANYRES32=0x0, @ANYBLOB="100023800c0004000201aaaaaaaaaaaa"], 0x58}}, 0x800)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r2, 0x3}}, 0x10)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
bind$bt_sco(r3, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:29:34 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000000)=0x4)

18:29:34 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000300)=""/49, &(0x7f0000000340)=0x31)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000540))
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000580)=0x12)
r3 = syz_open_dev$vivid(&(0x7f00000001c0), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_EDID(r3, 0xc0285629, &(0x7f0000000700)={0x0, 0x7ff2, 0x100, '\x00', &(0x7f00000006c0)=0x9a})
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00022cbd70008f7382ebc9e210c00c000600020000000077fd821ed729a52a9ee387630c75eb4a0bdd5b13c7de1ec1993432f7f7bb8da11f2411ef01059a9923e321004ef78ec13ecbccf6bde7167f68d7ba38cda38816b1221ae78c0f3c4684239459e8777e6ff68b9f2154f176024a3abdf686cefd2e2b117560ad81a29a946c523d490e6578e128594357e9a977b3b01fb1db5634ec67a12410ce89b387332f7ad436f8c413abe084360197d9447689477104741612f3aad39d02211b036f5da604"], 0x2c}, 0x1, 0x0, 0x0, 0x24040004}, 0x2000c804)
r4 = syz_open_dev$video4linux(&(0x7f0000000380), 0x6, 0x2100)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0xd, 0x4, 0x100, 0xe29, {0x0, 0x2710}, {0x2, 0x0, 0x2, 0x7f, 0x9, 0x8, "3b019ebd"}, 0x5, 0x2, {&(0x7f0000000440)=[{0x10001, 0x9, {&(0x7f00000003c0)}, 0x7fff}, {0x401, 0x1101, {&(0x7f0000000400)}, 0xfffffffc}]}, 0x3f, 0x0, r5})
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f00000002c0)={0x0, 0x4, 0x8, '\x00', &(0x7f0000000740)=0x4})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="4000ef7c", @ANYRES16=0x0, @ANYBLOB="000125bd7000fedbdf25040000000900010073797a320000000005000400010000000900010073797a31000000000900010073797a3100000000", @ANYRESHEX=r1, @ANYRESOCT=r6], 0x40}, 0x1, 0x0, 0x0, 0x200480d0}, 0x20040000)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f00000005c0), &(0x7f0000000600)=0x14)

18:29:34 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)

18:29:34 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000040)={0x7ff, 0xf8000000, 0x954})
pipe2(&(0x7f0000000000), 0x84800) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:34 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000003c0)={0x1, 0x6, 0x1})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x1, 0x9, 0x1}, 0x4, 0xff7f4e86, &(0x7f0000000100)={{0x5, 0xffffffff, 0xfffffe01, 0x3}, &(0x7f00000000c0)={{0x800, 0x200, 0xfffffffc, 0x19e}, &(0x7f00000002c0)={{0xa26a, 0x1, 0xfffffff9, 0x9}}}}, 0x7fffffff, &(0x7f0000000140)="63c2203307fb014289edca2cdad568cac32683e6c37e1082dd34ce6bcdcdfd6a5245d966d0be3c334d65308d81beb26099b26b7da6623d3d93db35ee1cf32e63e9026088f6b5259a28aadcd440cf16ff221964fc3242", 0x2}})
r1 = syz_open_dev$vivid(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f0000000000)={{0x0, @name="58fd2d6fb47c13380a5bd128fa4b1a9da7b457ae39cd64a01fe0b9b2f7f0eb7e"}, 0x8, 0xffffffff, 0x7fff})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f0000000300)={0x7f, 0x0, '\x00', {0x0, @bt={0xa11, 0x7, 0x1, 0x2, 0xff, 0x8000, 0x3, 0x400, 0xf6a, 0x517, 0x8, 0x20, 0x6, 0x7ff, 0x1, 0x20, {0x100, 0x7a9a}, 0x95, 0x40}}})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000003c0)={0x1, 0x6, 0x1}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @win={{0x0, 0x1, 0x9, 0x1}, 0x4, 0xff7f4e86, &(0x7f0000000100)={{0x5, 0xffffffff, 0xfffffe01, 0x3}, &(0x7f00000000c0)={{0x800, 0x200, 0xfffffffc, 0x19e}, &(0x7f00000002c0)={{0xa26a, 0x1, 0xfffffff9, 0x9}}}}, 0x7fffffff, &(0x7f0000000140)="63c2203307fb014289edca2cdad568cac32683e6c37e1082dd34ce6bcdcdfd6a5245d966d0be3c334d65308d81beb26099b26b7da6623d3d93db35ee1cf32e63e9026088f6b5259a28aadcd440cf16ff221964fc3242", 0x2}}) (async)
syz_open_dev$vivid(&(0x7f0000000080), 0x1, 0x2) (async)
ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f0000000000)={{0x0, @name="58fd2d6fb47c13380a5bd128fa4b1a9da7b457ae39cd64a01fe0b9b2f7f0eb7e"}, 0x8, 0xffffffff, 0x7fff}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f0000000300)={0x7f, 0x0, '\x00', {0x0, @bt={0xa11, 0x7, 0x1, 0x2, 0xff, 0x8000, 0x3, 0x400, 0xf6a, 0x517, 0x8, 0x20, 0x6, 0x7ff, 0x1, 0x20, {0x100, 0x7a9a}, 0x95, 0x40}}}) (async)

18:29:34 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

18:29:34 executing program 2:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000925bd7000fddbdf251b00f202100023800c0004000203aaaa8aaaaaaa0c000600010000000100000a100023800c06b46f087a8c886408000300000000", @ANYRES32=0x0, @ANYBLOB="100023800c0004000201aaaaaaaaaaaa"], 0x58}}, 0x800) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r2, 0x3}}, 0x10) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async, rerun: 32)
bind$bt_sco(r3, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async, rerun: 32)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:29:34 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r2, 0x0)
ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000000)=0x4)

18:29:34 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x40, 0x1409, 0x0, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x40000d5)

18:29:34 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000040)={0x7ff, 0xf8000000, 0x954})
pipe2(&(0x7f0000000000), 0x84800)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000040)={0x7ff, 0xf8000000, 0x954}) (async)
pipe2(&(0x7f0000000000), 0x84800) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:34 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000005c0), 0x84000)

18:29:34 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000080)={0x0, @reserved})

18:29:34 executing program 2:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000925bd7000fddbdf251b00f202100023800c0004000203aaaa8aaaaaaa0c000600010000000100000a100023800c06b46f087a8c886408000300000000", @ANYRES32=0x0, @ANYBLOB="100023800c0004000201aaaaaaaaaaaa"], 0x58}}, 0x800)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r2, 0x3}}, 0x10)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
bind$bt_sco(r3, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f00000001c0))
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000925bd7000fddbdf251b00f202100023800c0004000203aaaa8aaaaaaa0c000600010000000100000a100023800c06b46f087a8c886408000300000000", @ANYRES32=0x0, @ANYBLOB="100023800c0004000201aaaaaaaaaaaa"], 0x58}}, 0x800) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040), 0x13f, 0x2}}, 0x20) (async)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r2, 0x3}}, 0x10) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
bind$bt_sco(r3, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f00000001c0)) (async)

18:29:35 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async, rerun: 32)
getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000300)=""/49, &(0x7f0000000340)=0x31) (async, rerun: 32)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000540)) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000580)=0x12) (async)
r3 = syz_open_dev$vivid(&(0x7f00000001c0), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_EDID(r3, 0xc0285629, &(0x7f0000000700)={0x0, 0x7ff2, 0x100, '\x00', &(0x7f00000006c0)=0x9a}) (async, rerun: 64)
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00022cbd70008f7382ebc9e210c00c000600020000000077fd821ed729a52a9ee387630c75eb4a0bdd5b13c7de1ec1993432f7f7bb8da11f2411ef01059a9923e321004ef78ec13ecbccf6bde7167f68d7ba38cda38816b1221ae78c0f3c4684239459e8777e6ff68b9f2154f176024a3abdf686cefd2e2b117560ad81a29a946c523d490e6578e128594357e9a977b3b01fb1db5634ec67a12410ce89b387332f7ad436f8c413abe084360197d9447689477104741612f3aad39d02211b036f5da604"], 0x2c}, 0x1, 0x0, 0x0, 0x24040004}, 0x2000c804) (async, rerun: 64)
r4 = syz_open_dev$video4linux(&(0x7f0000000380), 0x6, 0x2100) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0) (async)
ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0xd, 0x4, 0x100, 0xe29, {0x0, 0x2710}, {0x2, 0x0, 0x2, 0x7f, 0x9, 0x8, "3b019ebd"}, 0x5, 0x2, {&(0x7f0000000440)=[{0x10001, 0x9, {&(0x7f00000003c0)}, 0x7fff}, {0x401, 0x1101, {&(0x7f0000000400)}, 0xfffffffc}]}, 0x3f, 0x0, r5}) (async, rerun: 32)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f00000002c0)={0x0, 0x4, 0x8, '\x00', &(0x7f0000000740)=0x4}) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0) (async)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="4000ef7c", @ANYRES16=0x0, @ANYBLOB="000125bd7000fedbdf25040000000900010073797a320000000005000400010000000900010073797a31000000000900010073797a3100000000", @ANYRESHEX=r1, @ANYRESOCT=r6], 0x40}, 0x1, 0x0, 0x0, 0x200480d0}, 0x20040000)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f00000005c0), &(0x7f0000000600)=0x14)

18:29:35 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)

18:29:35 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000000)=0x4)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000000)=0x4) (async)

18:29:35 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000000), 0x800)

18:29:35 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:35 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000080)={0x0, @reserved})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000080)={0x0, @reserved}) (async)

18:29:35 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000300)=""/49, &(0x7f0000000340)=0x31)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000540))
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000580)=0x12)
r3 = syz_open_dev$vivid(&(0x7f00000001c0), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_EDID(r3, 0xc0285629, &(0x7f0000000700)={0x0, 0x7ff2, 0x100, '\x00', &(0x7f00000006c0)=0x9a})
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00022cbd70008f7382ebc9e210c00c000600020000000077fd821ed729a52a9ee387630c75eb4a0bdd5b13c7de1ec1993432f7f7bb8da11f2411ef01059a9923e321004ef78ec13ecbccf6bde7167f68d7ba38cda38816b1221ae78c0f3c4684239459e8777e6ff68b9f2154f176024a3abdf686cefd2e2b117560ad81a29a946c523d490e6578e128594357e9a977b3b01fb1db5634ec67a12410ce89b387332f7ad436f8c413abe084360197d9447689477104741612f3aad39d02211b036f5da604"], 0x2c}, 0x1, 0x0, 0x0, 0x24040004}, 0x2000c804)
r4 = syz_open_dev$video4linux(&(0x7f0000000380), 0x6, 0x2100)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0xd, 0x4, 0x100, 0xe29, {0x0, 0x2710}, {0x2, 0x0, 0x2, 0x7f, 0x9, 0x8, "3b019ebd"}, 0x5, 0x2, {&(0x7f0000000440)=[{0x10001, 0x9, {&(0x7f00000003c0)}, 0x7fff}, {0x401, 0x1101, {&(0x7f0000000400)}, 0xfffffffc}]}, 0x3f, 0x0, r5})
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f00000002c0)={0x0, 0x4, 0x8, '\x00', &(0x7f0000000740)=0x4})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="4000ef7c", @ANYRES16=0x0, @ANYBLOB="000125bd7000fedbdf25040000000900010073797a320000000005000400010000000900010073797a31000000000900010073797a3100000000", @ANYRESHEX=r1, @ANYRESOCT=r6], 0x40}, 0x1, 0x0, 0x0, 0x200480d0}, 0x20040000)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f00000005c0), &(0x7f0000000600)=0x14)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000300)=""/49, &(0x7f0000000340)=0x31) (async)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f0000000540)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000580)=0x12) (async)
syz_open_dev$vivid(&(0x7f00000001c0), 0x0, 0x2) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(r3, 0xc0285629, &(0x7f0000000700)={0x0, 0x7ff2, 0x100, '\x00', &(0x7f00000006c0)=0x9a}) (async)
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00022cbd70008f7382ebc9e210c00c000600020000000077fd821ed729a52a9ee387630c75eb4a0bdd5b13c7de1ec1993432f7f7bb8da11f2411ef01059a9923e321004ef78ec13ecbccf6bde7167f68d7ba38cda38816b1221ae78c0f3c4684239459e8777e6ff68b9f2154f176024a3abdf686cefd2e2b117560ad81a29a946c523d490e6578e128594357e9a977b3b01fb1db5634ec67a12410ce89b387332f7ad436f8c413abe084360197d9447689477104741612f3aad39d02211b036f5da604"], 0x2c}, 0x1, 0x0, 0x0, 0x24040004}, 0x2000c804) (async)
syz_open_dev$video4linux(&(0x7f0000000380), 0x6, 0x2100) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r5, 0x0) (async)
ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0xd, 0x4, 0x100, 0xe29, {0x0, 0x2710}, {0x2, 0x0, 0x2, 0x7f, 0x9, 0x8, "3b019ebd"}, 0x5, 0x2, {&(0x7f0000000440)=[{0x10001, 0x9, {&(0x7f00000003c0)}, 0x7fff}, {0x401, 0x1101, {&(0x7f0000000400)}, 0xfffffffc}]}, 0x3f, 0x0, r5}) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f00000002c0)={0x0, 0x4, 0x8, '\x00', &(0x7f0000000740)=0x4}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r6, 0x0) (async)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="4000ef7c", @ANYRES16=0x0, @ANYBLOB="000125bd7000fedbdf25040000000900010073797a320000000005000400010000000900010073797a31000000000900010073797a3100000000", @ANYRESHEX=r1, @ANYRESOCT=r6], 0x40}, 0x1, 0x0, 0x0, 0x200480d0}, 0x20040000) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f00000005c0), &(0x7f0000000600)=0x14) (async)

18:29:35 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:35 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000000), 0x800)

18:29:35 executing program 3:
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8001)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000080)="350627e66c5504e45c20906f6891cd60ebe3beaf9020ea2f7f6b190c6f73fbf3e3ab9eb3923888784e2ed967f3bee2ac53b93379e8241f90e47b587454d793e095b9b0505815e049284849d64d1e34ee4a8eb71ab41f29c9d0318c23cd10f7151b7aaaf6d97c5c872b341ea1a7a14df3490a09233e408017905fa156d79223b59670a277483ee6b47505e4b6835b77")
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r1, 0x541c, &(0x7f0000000000))
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x3f, "06828993ab00"})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180))
r4 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCGSERIAL(r4, 0x541e, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/154})

18:29:35 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000004)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000000))
timerfd_gettime(r1, 0x0)
ioctl$KDDELIO(r1, 0x4b35, 0x7)

18:29:35 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
pipe2(&(0x7f0000000000), 0x800)

18:29:35 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:36 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:36 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000004)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000000))
timerfd_gettime(r1, 0x0)
ioctl$KDDELIO(r1, 0x4b35, 0x7)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000004) (async)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000000)) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$KDDELIO(r1, 0x4b35, 0x7) (async)

18:29:36 executing program 3:
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8001)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000080)="350627e66c5504e45c20906f6891cd60ebe3beaf9020ea2f7f6b190c6f73fbf3e3ab9eb3923888784e2ed967f3bee2ac53b93379e8241f90e47b587454d793e095b9b0505815e049284849d64d1e34ee4a8eb71ab41f29c9d0318c23cd10f7151b7aaaf6d97c5c872b341ea1a7a14df3490a09233e408017905fa156d79223b59670a277483ee6b47505e4b6835b77") (async)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r1, 0x541c, &(0x7f0000000000)) (async)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x3f, "06828993ab00"}) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180))
r4 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCGSERIAL(r4, 0x541e, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/154})

18:29:36 executing program 2:
socket$inet_dccp(0x2, 0x6, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x3f)

18:29:36 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000080)={0x0, @reserved})

18:29:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000000))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$TIOCSCTTY(r3, 0x540e, 0x101)
ioctl$TCXONC(r2, 0x540a, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
ioctl$TIOCGLCKTRMIOS(r6, 0x5456, &(0x7f0000000040)={0xffffbb4c, 0x7fb, 0x10001, 0x80000001, 0x8, "85a4fc225fa5cf0b3ff0fc2e1c7fb58557e74a"})
ioctl$VT_DISALLOCATE(r4, 0x5608)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, 0x0, 0x300, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xffff}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040081}, 0x40000c1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(0xffffffffffffffff, 0xc040564b, &(0x7f0000000240)={0x1, 0x0, 0x3016, 0xfffffffb, 0x4, {0x2, 0x8001}, 0x1})

18:29:36 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:36 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:36 executing program 3:
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8001)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000080)="350627e66c5504e45c20906f6891cd60ebe3beaf9020ea2f7f6b190c6f73fbf3e3ab9eb3923888784e2ed967f3bee2ac53b93379e8241f90e47b587454d793e095b9b0505815e049284849d64d1e34ee4a8eb71ab41f29c9d0318c23cd10f7151b7aaaf6d97c5c872b341ea1a7a14df3490a09233e408017905fa156d79223b59670a277483ee6b47505e4b6835b77") (async)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r1, 0x541c, &(0x7f0000000000))
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x3f, "06828993ab00"}) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180))
r4 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCGSERIAL(r4, 0x541e, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/154})

18:29:36 executing program 2:
socket$inet_dccp(0x2, 0x6, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
r1 = socket$nl_rdma(0x10, 0x3, 0x14) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x3f)

18:29:36 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{@fixed}, {@none}, {@fixed}]})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:36 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000100)={0xa4, 0x5, 0x5882})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000000))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$TIOCSCTTY(r3, 0x540e, 0x101) (async)
ioctl$TCXONC(r2, 0x540a, 0x0) (async)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r6, 0x5456, &(0x7f0000000040)={0xffffbb4c, 0x7fb, 0x10001, 0x80000001, 0x8, "85a4fc225fa5cf0b3ff0fc2e1c7fb58557e74a"}) (async)
ioctl$VT_DISALLOCATE(r4, 0x5608)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, 0x0, 0x300, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xffff}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040081}, 0x40000c1) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async, rerun: 32)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(0xffffffffffffffff, 0xc040564b, &(0x7f0000000240)={0x1, 0x0, 0x3016, 0xfffffffb, 0x4, {0x2, 0x8001}, 0x1}) (rerun: 32)

18:29:36 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000000)={0x4, "3d3dc9a639f0c9eeb37df68355676f0f65362d5a40adc4b4e8a731055e8ccd71", 0x0, 0x1})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r1, 0xc040563e, &(0x7f0000000180)={0x0, 0x0, 0x3, 0x5, {0x10000, 0x40, 0x0, 0x80000000}})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f00000000c0)={0x0, @bt={0xa1, 0x2, 0x1, 0x1, 0x2, 0x7, 0x3, 0x9, 0x9, 0x0, 0x3, 0x2, 0x0, 0xed46, 0x2, 0x3, {0x1f, 0x411}, 0xa9, 0x8}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000080)={0x3, 0x4, 0x4, 0x0, 0x2})

18:29:36 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000004)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000000))
timerfd_gettime(r1, 0x0)
ioctl$KDDELIO(r1, 0x4b35, 0x7)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000004) (async)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000000)) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$KDDELIO(r1, 0x4b35, 0x7) (async)

18:29:36 executing program 2:
socket$inet_dccp(0x2, 0x6, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x3f)

18:29:36 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:36 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f0000000080)={0x20, 0x5, 0x2})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r3 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x19})

18:29:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000000)) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$TIOCSCTTY(r3, 0x540e, 0x101) (async)
ioctl$TCXONC(r2, 0x540a, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r6, 0x5456, &(0x7f0000000040)={0xffffbb4c, 0x7fb, 0x10001, 0x80000001, 0x8, "85a4fc225fa5cf0b3ff0fc2e1c7fb58557e74a"}) (async)
ioctl$VT_DISALLOCATE(r4, 0x5608) (async)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, 0x0, 0x300, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xffff}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040081}, 0x40000c1) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(0xffffffffffffffff, 0xc040564b, &(0x7f0000000240)={0x1, 0x0, 0x3016, 0xfffffffb, 0x4, {0x2, 0x8001}, 0x1})

18:29:36 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
pipe2(&(0x7f0000000900), 0x0)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:36 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
select(0x40, &(0x7f0000000000)={0x2, 0x2, 0x59, 0x4, 0x3ff, 0x800, 0x8, 0x8000000000000000}, &(0x7f0000000040)={0x8000000000000000, 0x8, 0x8001, 0x7, 0x0, 0xc2d8, 0x81, 0x8000000000000000}, &(0x7f0000000080)={0x1, 0x3, 0xfffffffffffffffe, 0x8000000000000000, 0xd0, 0x3f, 0x6, 0xfffffffffffffff9}, &(0x7f00000000c0)={0x0, 0x2710})
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000100)={0x6, "ca975064fc612795ac340843c4d5532b70e0c39b39eeab97c434b54649f09933", 0x2, 0x1})

18:29:36 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:36 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f0000000080)={0x20, 0x5, 0x2})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r3 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x19})

18:29:36 executing program 1:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:37 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f00000002c0), 0x80000)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:37 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000000)={0x4, "3d3dc9a639f0c9eeb37df68355676f0f65362d5a40adc4b4e8a731055e8ccd71", 0x0, 0x1})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r1, 0xc040563e, &(0x7f0000000180)={0x0, 0x0, 0x3, 0x5, {0x10000, 0x40, 0x0, 0x80000000}}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f00000000c0)={0x0, @bt={0xa1, 0x2, 0x1, 0x1, 0x2, 0x7, 0x3, 0x9, 0x9, 0x0, 0x3, 0x2, 0x0, 0xed46, 0x2, 0x3, {0x1f, 0x411}, 0xa9, 0x8}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000080)={0x3, 0x4, 0x4, 0x0, 0x2})

18:29:37 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
select(0x40, &(0x7f0000000000)={0x2, 0x2, 0x59, 0x4, 0x3ff, 0x800, 0x8, 0x8000000000000000}, &(0x7f0000000040)={0x8000000000000000, 0x8, 0x8001, 0x7, 0x0, 0xc2d8, 0x81, 0x8000000000000000}, &(0x7f0000000080)={0x1, 0x3, 0xfffffffffffffffe, 0x8000000000000000, 0xd0, 0x3f, 0x6, 0xfffffffffffffff9}, &(0x7f00000000c0)={0x0, 0x2710})
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000100)={0x6, "ca975064fc612795ac340843c4d5532b70e0c39b39eeab97c434b54649f09933", 0x2, 0x1})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
select(0x40, &(0x7f0000000000)={0x2, 0x2, 0x59, 0x4, 0x3ff, 0x800, 0x8, 0x8000000000000000}, &(0x7f0000000040)={0x8000000000000000, 0x8, 0x8001, 0x7, 0x0, 0xc2d8, 0x81, 0x8000000000000000}, &(0x7f0000000080)={0x1, 0x3, 0xfffffffffffffffe, 0x8000000000000000, 0xd0, 0x3f, 0x6, 0xfffffffffffffff9}, &(0x7f00000000c0)={0x0, 0x2710}) (async)
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000100)={0x6, "ca975064fc612795ac340843c4d5532b70e0c39b39eeab97c434b54649f09933", 0x2, 0x1}) (async)

18:29:37 executing program 1:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:37 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f0000000080)={0x20, 0x5, 0x2})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r3 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x19})

18:29:37 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:37 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
select(0x40, &(0x7f0000000000)={0x2, 0x2, 0x59, 0x4, 0x3ff, 0x800, 0x8, 0x8000000000000000}, &(0x7f0000000040)={0x8000000000000000, 0x8, 0x8001, 0x7, 0x0, 0xc2d8, 0x81, 0x8000000000000000}, &(0x7f0000000080)={0x1, 0x3, 0xfffffffffffffffe, 0x8000000000000000, 0xd0, 0x3f, 0x6, 0xfffffffffffffff9}, &(0x7f00000000c0)={0x0, 0x2710})
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000100)={0x6, "ca975064fc612795ac340843c4d5532b70e0c39b39eeab97c434b54649f09933", 0x2, 0x1})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
select(0x40, &(0x7f0000000000)={0x2, 0x2, 0x59, 0x4, 0x3ff, 0x800, 0x8, 0x8000000000000000}, &(0x7f0000000040)={0x8000000000000000, 0x8, 0x8001, 0x7, 0x0, 0xc2d8, 0x81, 0x8000000000000000}, &(0x7f0000000080)={0x1, 0x3, 0xfffffffffffffffe, 0x8000000000000000, 0xd0, 0x3f, 0x6, 0xfffffffffffffff9}, &(0x7f00000000c0)={0x0, 0x2710}) (async)
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000100)={0x6, "ca975064fc612795ac340843c4d5532b70e0c39b39eeab97c434b54649f09933", 0x2, 0x1}) (async)

18:29:37 executing program 1:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:37 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_pts(r0, 0x4080)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1, "06828993ab00"})
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f00000000c0)=0x4)
r2 = epoll_create1(0x0)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x3, "3ab208249331fdd65800e14832e1df555f1683aedc96a766e0b36b9f063a34733ad7d3a54316914921a22a2abd97c28b7957626d784693afee1c8d48bba7649855ca9292cdb48d7b5a6744c90b55c9aa847d4f4ed90e3f6aa7025bb57aa9a4a2969d36a33b9d13ac820f2428a7b8af7a2b9207a6dc67d8064f5c784e70d16fd1fdb53d69352afa773bc3b00c7d4464b3bd83262d595441b510177dd16e79de2279fecbdf4f72d35d8c6c5df07072666007bdd83f3e7e0423de907eaf0071f52b914c00002614a62aca7a2a9d1512d6058d6d7807f6eb0440f6c6f3e89bce0f3ad84ae52517e98b5a497d7f1fd3ec4f7a346e39303df56365243ce4b9a58dbc9c64bfd911d020402852cb7b42b5a2d903f6b00be72a763a786f5cdd34ce007e5ae70812107c1aa9a1688310556241596d88563d6eaa1aa107a0fa2d60201e838050918af879d37bc4fcded78d5654045878180ba096761ff2385d613c553d57c67457827f78870d208ed0c111c60cab7df88cf6467db002abd3e6d7c5f997ddd523a512417e33b0a3cca13b5abe3054b268712fa7804c0edbae75a2df0a80fe0d5f6631761e8fa1c57b295132434689ffa985b042e2344325c4621ca668b1893f5662231af1ff95f0d89e09aab53a4cb3b582b61f467fa26c5d65c8584137096a61ac19ba2640ca98894bbf25ce2968f18f5b00f2a8c4e013eb21c72f5e6cc2d3"})
pipe2(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
timerfd_gettime(r4, 0x0)
r5 = syz_open_pts(r3, 0xc4003)
ioctl$TIOCSRS485(r5, 0x542f, &(0x7f0000000100)={0x0, 0x4, 0xf969})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000080)={0x4})
clock_getres(0x0, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:37 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VT_DISALLOCATE(r1, 0x5608)

18:29:37 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:37 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x14, 0x0, &(0x7f0000000100))
r2 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000040)={0x0, @reserved})
pipe2(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x4000)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)=@multiplanar_mmap={0x1f3, 0xb, 0x4, 0x0, 0x5, {0x0, 0x2710}, {0x3, 0x8, 0x40, 0x4, 0xea, 0x1f, "711c6926"}, 0x40, 0x1, {&(0x7f0000000140)=[{0xffffffff, 0x6, {}, 0x5cf}, {0x400, 0x57, {0x3f}, 0x3f}]}, 0x9, 0x0, r3})

18:29:37 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000000)={0x4, "3d3dc9a639f0c9eeb37df68355676f0f65362d5a40adc4b4e8a731055e8ccd71", 0x0, 0x1}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r1, 0xc040563e, &(0x7f0000000180)={0x0, 0x0, 0x3, 0x5, {0x10000, 0x40, 0x0, 0x80000000}}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f00000000c0)={0x0, @bt={0xa1, 0x2, 0x1, 0x1, 0x2, 0x7, 0x3, 0x9, 0x9, 0x0, 0x3, 0x2, 0x0, 0xed46, 0x2, 0x3, {0x1f, 0x411}, 0xa9, 0x8}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000080)={0x3, 0x4, 0x4, 0x0, 0x2})

18:29:37 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:37 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_pts(r0, 0x4080) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1, "06828993ab00"})
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f00000000c0)=0x4) (async)
r2 = epoll_create1(0x0) (async)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x3, "3ab208249331fdd65800e14832e1df555f1683aedc96a766e0b36b9f063a34733ad7d3a54316914921a22a2abd97c28b7957626d784693afee1c8d48bba7649855ca9292cdb48d7b5a6744c90b55c9aa847d4f4ed90e3f6aa7025bb57aa9a4a2969d36a33b9d13ac820f2428a7b8af7a2b9207a6dc67d8064f5c784e70d16fd1fdb53d69352afa773bc3b00c7d4464b3bd83262d595441b510177dd16e79de2279fecbdf4f72d35d8c6c5df07072666007bdd83f3e7e0423de907eaf0071f52b914c00002614a62aca7a2a9d1512d6058d6d7807f6eb0440f6c6f3e89bce0f3ad84ae52517e98b5a497d7f1fd3ec4f7a346e39303df56365243ce4b9a58dbc9c64bfd911d020402852cb7b42b5a2d903f6b00be72a763a786f5cdd34ce007e5ae70812107c1aa9a1688310556241596d88563d6eaa1aa107a0fa2d60201e838050918af879d37bc4fcded78d5654045878180ba096761ff2385d613c553d57c67457827f78870d208ed0c111c60cab7df88cf6467db002abd3e6d7c5f997ddd523a512417e33b0a3cca13b5abe3054b268712fa7804c0edbae75a2df0a80fe0d5f6631761e8fa1c57b295132434689ffa985b042e2344325c4621ca668b1893f5662231af1ff95f0d89e09aab53a4cb3b582b61f467fa26c5d65c8584137096a61ac19ba2640ca98894bbf25ce2968f18f5b00f2a8c4e013eb21c72f5e6cc2d3"}) (async)
pipe2(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
timerfd_gettime(r4, 0x0) (async)
r5 = syz_open_pts(r3, 0xc4003)
ioctl$TIOCSRS485(r5, 0x542f, &(0x7f0000000100)={0x0, 0x4, 0xf969}) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000080)={0x4})
clock_getres(0x0, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:37 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000000))

18:29:37 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x14, 0x0, &(0x7f0000000100)) (async)
r2 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000040)={0x0, @reserved}) (async)
pipe2(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x4000)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)=@multiplanar_mmap={0x1f3, 0xb, 0x4, 0x0, 0x5, {0x0, 0x2710}, {0x3, 0x8, 0x40, 0x4, 0xea, 0x1f, "711c6926"}, 0x40, 0x1, {&(0x7f0000000140)=[{0xffffffff, 0x6, {}, 0x5cf}, {0x400, 0x57, {0x3f}, 0x3f}]}, 0x9, 0x0, r3})

18:29:37 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xc, @vbi={0x0, 0x6, 0x7ff, 0x160d6f63, [0x6, 0x1ff], [0x10001, 0x5], 0x2}})

18:29:37 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_pts(r0, 0x4080) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1, "06828993ab00"})
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f00000000c0)=0x4)
r2 = epoll_create1(0x0) (async)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x3, "3ab208249331fdd65800e14832e1df555f1683aedc96a766e0b36b9f063a34733ad7d3a54316914921a22a2abd97c28b7957626d784693afee1c8d48bba7649855ca9292cdb48d7b5a6744c90b55c9aa847d4f4ed90e3f6aa7025bb57aa9a4a2969d36a33b9d13ac820f2428a7b8af7a2b9207a6dc67d8064f5c784e70d16fd1fdb53d69352afa773bc3b00c7d4464b3bd83262d595441b510177dd16e79de2279fecbdf4f72d35d8c6c5df07072666007bdd83f3e7e0423de907eaf0071f52b914c00002614a62aca7a2a9d1512d6058d6d7807f6eb0440f6c6f3e89bce0f3ad84ae52517e98b5a497d7f1fd3ec4f7a346e39303df56365243ce4b9a58dbc9c64bfd911d020402852cb7b42b5a2d903f6b00be72a763a786f5cdd34ce007e5ae70812107c1aa9a1688310556241596d88563d6eaa1aa107a0fa2d60201e838050918af879d37bc4fcded78d5654045878180ba096761ff2385d613c553d57c67457827f78870d208ed0c111c60cab7df88cf6467db002abd3e6d7c5f997ddd523a512417e33b0a3cca13b5abe3054b268712fa7804c0edbae75a2df0a80fe0d5f6631761e8fa1c57b295132434689ffa985b042e2344325c4621ca668b1893f5662231af1ff95f0d89e09aab53a4cb3b582b61f467fa26c5d65c8584137096a61ac19ba2640ca98894bbf25ce2968f18f5b00f2a8c4e013eb21c72f5e6cc2d3"}) (async)
pipe2(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
timerfd_gettime(r4, 0x0)
r5 = syz_open_pts(r3, 0xc4003)
ioctl$TIOCSRS485(r5, 0x542f, &(0x7f0000000100)={0x0, 0x4, 0xf969}) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000080)={0x4})
clock_getres(0x0, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:37 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x14, 0x0, &(0x7f0000000100)) (async)
r2 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000040)={0x0, @reserved})
pipe2(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x4000)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)=@multiplanar_mmap={0x1f3, 0xb, 0x4, 0x0, 0x5, {0x0, 0x2710}, {0x3, 0x8, 0x40, 0x4, 0xea, 0x1f, "711c6926"}, 0x40, 0x1, {&(0x7f0000000140)=[{0xffffffff, 0x6, {}, 0x5cf}, {0x400, 0x57, {0x3f}, 0x3f}]}, 0x9, 0x0, r3})

18:29:37 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000000))

18:29:38 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VT_DISALLOCATE(r1, 0x5608)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VT_DISALLOCATE(r1, 0x5608) (async)

18:29:38 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xc, @vbi={0x0, 0x6, 0x7ff, 0x160d6f63, [0x6, 0x1ff], [0x10001, 0x5], 0x2}})

18:29:38 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)={0x4c, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x7}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0xff}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x6}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xff}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8001}, 0x81)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, r3, 0xe00, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_DEVICE={0x34, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}]}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x9}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r1, &(0x7f0000000180))

18:29:38 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000000))

18:29:38 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x30000010})
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000080)={0x2, 0x9, 0x3ff})

18:29:38 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r0, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)

18:29:38 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xc, @vbi={0x0, 0x6, 0x7ff, 0x160d6f63, [0x6, 0x1ff], [0x10001, 0x5], 0x2}})
syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xc, @vbi={0x0, 0x6, 0x7ff, 0x160d6f63, [0x6, 0x1ff], [0x10001, 0x5], 0x2}}) (async)

18:29:38 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)={0x4c, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x7}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0xff}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x6}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xff}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8001}, 0x81)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, r3, 0xe00, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_DEVICE={0x34, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}]}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x9}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r1, &(0x7f0000000180))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)={0x4c, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x7}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0xff}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x6}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xff}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8001}, 0x81) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000000c0)={'wpan0\x00'}) (async)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0) (async)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, r3, 0xe00, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_DEVICE={0x34, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}]}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x9}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000000) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r1, &(0x7f0000000180)) (async)

18:29:38 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:38 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))

18:29:38 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VT_DISALLOCATE(r1, 0x5608)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VT_DISALLOCATE(r1, 0x5608) (async)

18:29:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x30000010})
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000080)={0x2, 0x9, 0x3ff})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x30000010}) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) (async)
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000080)={0x2, 0x9, 0x3ff}) (async)

18:29:38 executing program 0:
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000080))
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:38 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)={0x4c, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x7}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0xff}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x6}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xff}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8001}, 0x81)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r0) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0) (async)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, r3, 0xe00, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_DEVICE={0x34, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}]}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x9}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000000) (async)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r1, &(0x7f0000000180))

18:29:38 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000000), 0x800)

18:29:38 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000000)=0x4)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xb, @pix={0xffffffff, 0x5, 0xb0cf94aa, 0x3, 0x80000000, 0xb1, 0xc, 0x20400, 0x0, 0x3, 0x2, 0x4}})

18:29:38 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:38 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x8, 0x7fffffffffffffff, 0x9, 0x7, 0x870, 0x4})

18:29:38 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

18:29:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x30000010})
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000080)={0x2, 0x9, 0x3ff})

18:29:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r2)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r4, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000809}, 0x8000)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x1a0000, 0x0)
pipe2(&(0x7f0000000900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
ioctl$TIOCGDEV(r5, 0x80045432, &(0x7f00000000c0))
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000000)={0x9, 0x3, 0x50a})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:39 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000100)="287563d0e0503caf1340bdbb06217dcd907a5215415ab3aaab2c4f4bb948fcdfa82cb4c77ec305477d3f15327ba1f1ac7a965227a30594a8138fba2611522d3e14ad7656cdccc19373f81712f4bc1ac843c617e80ca603a9409c6f7a01880ac9ef8b5f7edf3fe2f6cbab09ebc7b9b9ce62679d8d8289efff8dd6374f2f42c43c10894b6994f5cc9ed931a2c09cebbb00fbc6a47796b923fa35a67ac2b5c9ce51afb6629cc3745c99304c2efaf20f7b9b7a42d9199780ac653c8333766aac9bbdedd1fc4c9f9ef45fe5eedf791fbbe4ead860b993c962ef959d4408353272191d6bee3d448e457bfb56")
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:39 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 32)
r1 = epoll_create1(0x0) (rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r2, 0x0)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x8, 0x7fffffffffffffff, 0x9, 0x7, 0x870, 0x4})

18:29:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r2)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r4, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000809}, 0x8000) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x1a0000, 0x0)
pipe2(&(0x7f0000000900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0) (async)
ioctl$TIOCGDEV(r5, 0x80045432, &(0x7f00000000c0))
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000000)={0x9, 0x3, 0x50a})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:39 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

18:29:39 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x8, 0x7fffffffffffffff, 0x9, 0x7, 0x870, 0x4})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x8, 0x7fffffffffffffff, 0x9, 0x7, 0x870, 0x4}) (async)

18:29:39 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000200))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x7ff, 0x0, '\x00', &(0x7f0000000000)=0x2})
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000240)={@none, 0x3ff, 0x80, 0x800, 0x6, 0x2, "8be3245546b3526a4103a3bde632de857db181164aa04361c84741ac99fb0de2e2d5758a1b245162b986c04d7ed40434e7023de38b091d3ddc4f12c03afbae8a0a5be0bfc6b03dcb1f71d021626ebfb60c1128ade8c6ace66155e501f6533526196dbbdd582a653baa4932dcca64930ca950c2c02aede6005fa454eda2462f1b"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x1402, 0x10, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

18:29:39 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000000)=0x4)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xb, @pix={0xffffffff, 0x5, 0xb0cf94aa, 0x3, 0x80000000, 0xb1, 0xc, 0x20400, 0x0, 0x3, 0x2, 0x4}})

18:29:39 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r3, 0x0) (async)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r2)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r4, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000809}, 0x8000)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x1a0000, 0x0) (async)
pipe2(&(0x7f0000000900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
ioctl$TIOCGDEV(r5, 0x80045432, &(0x7f00000000c0)) (async, rerun: 64)
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000000)={0x9, 0x3, 0x50a}) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:39 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x844)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r6 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r6, &(0x7f0000000000)={0x10})
sendmsg$RDMA_NLDEV_CMD_RES_GET(r7, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x1409, 0x300, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4044801}, 0x4010)
ioctl$TCXONC(r5, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000180))

18:29:39 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000000})

18:29:39 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000000)=0x4) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xb, @pix={0xffffffff, 0x5, 0xb0cf94aa, 0x3, 0x80000000, 0xb1, 0xc, 0x20400, 0x0, 0x3, 0x2, 0x4}})

18:29:39 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000100)="287563d0e0503caf1340bdbb06217dcd907a5215415ab3aaab2c4f4bb948fcdfa82cb4c77ec305477d3f15327ba1f1ac7a965227a30594a8138fba2611522d3e14ad7656cdccc19373f81712f4bc1ac843c617e80ca603a9409c6f7a01880ac9ef8b5f7edf3fe2f6cbab09ebc7b9b9ce62679d8d8289efff8dd6374f2f42c43c10894b6994f5cc9ed931a2c09cebbb00fbc6a47796b923fa35a67ac2b5c9ce51afb6629cc3745c99304c2efaf20f7b9b7a42d9199780ac653c8333766aac9bbdedd1fc4c9f9ef45fe5eedf791fbbe4ead860b993c962ef959d4408353272191d6bee3d448e457bfb56") (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:39 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000000})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000000}) (async)

18:29:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000000)={0xfffff027, 0x8001, 0x81, 0x7ff, 0x11, "a78cc1c8990a8250db4e925f37c61d22998f5d"})

18:29:39 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_EDID(r2, 0xc0285628, &(0x7f0000000080)={0x0, 0x200, 0xacd4, '\x00', &(0x7f0000000040)=0x41})
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:39 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000080)={0x0, 0x0, {0x7f, 0x1b55, 0x3001, 0x1, 0x1, 0x0, 0x1, 0x1}})

18:29:39 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000000})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000000}) (async)

18:29:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000000)={0xfffff027, 0x8001, 0x81, 0x7ff, 0x11, "a78cc1c8990a8250db4e925f37c61d22998f5d"})

18:29:40 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000000)={0xfffff027, 0x8001, 0x81, 0x7ff, 0x11, "a78cc1c8990a8250db4e925f37c61d22998f5d"})

18:29:40 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:40 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$cont(0x7, 0x0, 0xffffffff, 0xd63)
r1 = getpid()
r2 = syz_open_procfs$namespace(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, 0x1407, 0x400, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r2}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x20000090)
ptrace$cont(0x9, r1, 0x5, 0x4)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r5 = syz_open_pts(r3, 0x20000)
ioctl$TIOCL_UNBLANKSCREEN(r5, 0x541c, &(0x7f0000000200))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r6, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$EPOLL_CTL_DEL(r6, 0x2, r7)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000000)=""/101, &(0x7f0000000080)=0x65)

18:29:40 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0xfffd, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:40 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000080)={0x0, 0x0, {0x7f, 0x1b55, 0x3001, 0x1, 0x1, 0x0, 0x1, 0x1}})

18:29:40 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000100)="287563d0e0503caf1340bdbb06217dcd907a5215415ab3aaab2c4f4bb948fcdfa82cb4c77ec305477d3f15327ba1f1ac7a965227a30594a8138fba2611522d3e14ad7656cdccc19373f81712f4bc1ac843c617e80ca603a9409c6f7a01880ac9ef8b5f7edf3fe2f6cbab09ebc7b9b9ce62679d8d8289efff8dd6374f2f42c43c10894b6994f5cc9ed931a2c09cebbb00fbc6a47796b923fa35a67ac2b5c9ce51afb6629cc3745c99304c2efaf20f7b9b7a42d9199780ac653c8333766aac9bbdedd1fc4c9f9ef45fe5eedf791fbbe4ead860b993c962ef959d4408353272191d6bee3d448e457bfb56")
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:40 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
pipe2(&(0x7f0000000400)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x16)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$KDGKBMODE(r5, 0x4b44, &(0x7f0000000380))
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', <r6=>0x0})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000240)={'wpan3\x00', <r9=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000f3ff1a00ec06000206000000f69fb68000000000000002dc6f61ae44863e2f97be772206bd6ef676c2357c197f86bf0938bed48cbf1f29fdfbf359593c9993b63b730fbf762a5e64e5a7eb74a94b3e74808bbfa7dd3904eb65c87901d9e8f585b22f4dcbbbec0cd2fb8b7571574c2442b7d390d1e72f1d37f24ef306399c975f6cfb2d680b8a363091c2f085e97d2e22845c1c96f129120d78af6519f7915955b1e66528796793b777e8e7258bccc8a430d2b20b6af5cbaa73a8c7fb176794bae9ce8e9a779dac531a0cdaf53019", @ANYRES32=r9, @ANYBLOB="100023800c0004000000000000000000"], 0x38}}, 0x0)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080025bd7000fddbdf251f0000000a0001007770616e3400000008000200", @ANYRES32=r6, @ANYBLOB="0800c23e", @ANYRES32=r9, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:40 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0xfffd, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:40 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x80000000)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x3)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000040))
r3 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))
r4 = syz_open_pts(r0, 0x280800)
syz_open_pts(r4, 0x95cf9bc1c9fa507e)

18:29:40 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000380)={&(0x7f0000000340), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x70bd2b, 0xfffffffc}, 0x5e}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, r2, 0x800, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x20}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x9}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x8}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0xfd}, @NL802154_ATTR_MAX_BE={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0xae}]}, 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x1)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="300000000914200029bd7000fedbdf250800010000000000080000000800010000000000000000000000000000000000c91dbc501f386472c2e20b64874381ad605f19820e1873fc9d18b91ec3c90bc9a3974f5b67f07c8bd3c26d6b91d00a436620b54f1355d67c75d9c7248fce6ea85e15b72f44e8ff0d15722fa0fdc7fabbf4a22d09b7a3132f6f90a5ba70759459516b915a55310000"], 0x30}, 0x1, 0x0, 0x0, 0x40011}, 0x44000)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0xffffffffffffff1a, 0xfa00, {&(0x7f0000000100)}}, 0x18)
connect$bt_sco(r4, &(0x7f0000000040), 0x8)
connect$bt_sco(r4, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:40 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0xfffd, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:40 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x80000000)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x3)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000040))
r3 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180)) (async)
r4 = syz_open_pts(r0, 0x280800)
syz_open_pts(r4, 0x95cf9bc1c9fa507e)

18:29:40 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000080)={0x0, 0x0, {0x7f, 0x1b55, 0x3001, 0x1, 0x1, 0x0, 0x1, 0x1}})

[ 2127.312785] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
18:29:40 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0x0, 0xb9, 0x3, 0x9, 0x1a, "9d354bf2aa804a98"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x0, 0x4, "06828993ab00"})
r3 = epoll_create1(0x0)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000080)={0x80000000})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

[ 2127.356794] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
18:29:41 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:41 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x1402, 0x8, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0xc001}, 0x8000)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000140)={0x1ff, 0x1, 0x401})

18:29:41 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x80000000)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x3)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000040)) (async)
r3 = epoll_create1(0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180)) (async)
r4 = syz_open_pts(r0, 0x280800)
syz_open_pts(r4, 0x95cf9bc1c9fa507e)

18:29:41 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x3, 0x7, 0x2, 0x0, 0x20})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
connect$bt_sco(r1, &(0x7f0000000040), 0x8)
socket$inet_dccp(0x2, 0x6, 0x0)

18:29:41 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0x0, 0xb9, 0x3, 0x9, 0x1a, "9d354bf2aa804a98"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x0, 0x4, "06828993ab00"})
r3 = epoll_create1(0x0)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000080)={0x80000000})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0x0, 0xb9, 0x3, 0x9, 0x1a, "9d354bf2aa804a98"}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x0, 0x4, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000000), 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000080)={0x80000000}) (async)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180)) (async)

18:29:41 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x8000)
ioctl$VIDIOC_DECODER_CMD(r1, 0xc0485660, &(0x7f0000000080)={0x2, 0x1, @start={0x3}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:41 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
syz_open_dev$tty20(0xc, 0x4, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r3, 0x540a, 0x1)

18:29:41 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x1402, 0x8, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0xc001}, 0x8000)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000140)={0x1ff, 0x1, 0x401})

18:29:41 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r3, 0x540a, 0x1)

18:29:41 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x3, 0x7, 0x2, 0x0, 0x20})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000000040), 0x8)
socket$inet_dccp(0x2, 0x6, 0x0)

18:29:41 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0x0, 0xb9, 0x3, 0x9, 0x1a, "9d354bf2aa804a98"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x0, 0x4, "06828993ab00"})
r3 = epoll_create1(0x0)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000080)={0x80000000})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))

18:29:41 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x3, 0x7, 0x2, 0x0, 0x20})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
connect$bt_sco(r1, &(0x7f0000000040), 0x8)
socket$inet_dccp(0x2, 0x6, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x3, 0x7, 0x2, 0x0, 0x20}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000000040), 0x8) (async)
socket$inet_dccp(0x2, 0x6, 0x0) (async)

18:29:42 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, 0x0, 0x0)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:42 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x1402, 0x8, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0xc001}, 0x8000)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000140)={0x1ff, 0x1, 0x401})

18:29:42 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0xffff, 0x200, 0x400, 0xfd, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:42 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
syz_open_dev$tty20(0xc, 0x4, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r3, 0x540a, 0x1)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x800) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TCXONC(r2, 0x540a, 0x1) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCXONC(r3, 0x540a, 0x1) (async)

18:29:42 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x8000)
ioctl$VIDIOC_DECODER_CMD(r1, 0xc0485660, &(0x7f0000000080)={0x2, 0x1, @start={0x3}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:42 executing program 1:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000180)={0xf, 0x8, 0xfa00, {r3}}, 0x10)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000080)={0xf, 0x8, 0xfa00, {r3, 0x12}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r4, &(0x7f0000000040), 0x8)
connect$bt_sco(r4, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:42 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, 0x0, 0x0)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:42 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x1402, 0x8, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0xc001}, 0x8000)

18:29:42 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0xffff, 0x200, 0x400, 0xfd, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0xffff, 0x200, 0x400, 0xfd, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)

18:29:42 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, 0x0, 0x0)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:42 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:42 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)

18:29:42 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:42 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0xffff, 0x200, 0x400, 0xfd, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:42 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0)

18:29:42 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:42 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x8000)
ioctl$VIDIOC_DECODER_CMD(r1, 0xc0485660, &(0x7f0000000080)={0x2, 0x1, @start={0x3}}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:43 executing program 1:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000180)={0xf, 0x8, 0xfa00, {r3}}, 0x10)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000080)={0xf, 0x8, 0xfa00, {r3, 0x12}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r4, &(0x7f0000000040), 0x8)
connect$bt_sco(r4, &(0x7f00000000c0)={0x1f, @none}, 0x8)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x13f}}, 0x20) (async)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000180)={0xf, 0x8, 0xfa00, {r3}}, 0x10) (async)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000080)={0xf, 0x8, 0xfa00, {r3, 0x12}}, 0x10) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r4, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r4, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:43 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:43 executing program 2:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:43 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x81)
ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000000))
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:43 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x80000)
ioctl$TCXONC(r0, 0x540a, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
epoll_create1(0x80000) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)

18:29:43 executing program 5:
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f00000000c0)={0x1, 0x0, {0x7, 0x3, 0x1015, 0x0, 0x4, 0x1, 0x2, 0x5}})
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f0000000080)={0x52fe, "476d73883d134b71254142f1d8961eb48b1c535aa6257d2e9d11ed88b34307e1", 0x2, 0x1})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000000)={0x7, 0x2, 0x1, {0x800401, 0x4, 0x964, 0x22}})

18:29:43 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, 0x0, 0x0)

18:29:43 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async, rerun: 32)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x81) (rerun: 32)
ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000000))
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:43 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, 0x0, 0x0)

18:29:43 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x204641, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x9, 0x0, 0x0, "de08393980984a8d"})
epoll_create1(0x0)
syz_open_pts(0xffffffffffffffff, 0x1)
r1 = epoll_create(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x2051b9d9f55ba58e})

18:29:43 executing program 2:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:43 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, 0x0, 0x0)

18:29:43 executing program 1:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000180)={0xf, 0x8, 0xfa00, {r3}}, 0x10) (async)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000080)={0xf, 0x8, 0xfa00, {r3, 0x12}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r4, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r4, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:43 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (fail_nth: 1)

18:29:43 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x81)
ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000000))
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:43 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x404340, 0x0)
pipe2(&(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f0000000100)={0x3f, 0x8000, 0x1, 0x101, 0xb, "0eb12409f3288eaa061c22e02f913eefae3688"})
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000180))
ioctl$TCSETS(r3, 0x5402, &(0x7f00000001c0)={0x2, 0x80000001, 0xab7, 0x4, 0x13, "4a4335593b0a7b2589307bb5fc5f303fdc5240"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x9, "0d79ef2f940d7dd281d802371721ae1706187ccc30a83a4818e27a0715f583f3"})
ioctl$VIDIOC_LOG_STATUS(r3, 0x5646, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
ioctl$TIOCMGET(r4, 0x5415, &(0x7f0000000140))

18:29:43 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(0xffffffffffffffff, &(0x7f0000000100)={0xf, 0x8, 0xfa00, {r1, 0x11}}, 0x10)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000140)={0x80000000, 0x6, "f3538a2737db7bbe4606a0f573e7427f0d738e314d8fe7aece5755163e68ff5c", 0x1, 0x5, 0x6, 0x0, 0x101, 0x2, 0x7f, 0x10001, [0x8000, 0x3ff, 0x1, 0x2]})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:43 executing program 5:
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f00000000c0)={0x1, 0x0, {0x7, 0x3, 0x1015, 0x0, 0x4, 0x1, 0x2, 0x5}}) (async)
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f0000000080)={0x52fe, "476d73883d134b71254142f1d8961eb48b1c535aa6257d2e9d11ed88b34307e1", 0x2, 0x1}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000000)={0x7, 0x2, 0x1, {0x800401, 0x4, 0x964, 0x22}})

18:29:43 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (fail_nth: 1)

18:29:43 executing program 2:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:43 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(0xffffffffffffffff, &(0x7f0000000100)={0xf, 0x8, 0xfa00, {r1, 0x11}}, 0x10)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000140)={0x80000000, 0x6, "f3538a2737db7bbe4606a0f573e7427f0d738e314d8fe7aece5755163e68ff5c", 0x1, 0x5, 0x6, 0x0, 0x101, 0x2, 0x7f, 0x10001, [0x8000, 0x3ff, 0x1, 0x2]})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:43 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x404340, 0x0) (async)
pipe2(&(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f0000000100)={0x3f, 0x8000, 0x1, 0x101, 0xb, "0eb12409f3288eaa061c22e02f913eefae3688"})
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000180))
ioctl$TCSETS(r3, 0x5402, &(0x7f00000001c0)={0x2, 0x80000001, 0xab7, 0x4, 0x13, "4a4335593b0a7b2589307bb5fc5f303fdc5240"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x9, "0d79ef2f940d7dd281d802371721ae1706187ccc30a83a4818e27a0715f583f3"}) (async)
ioctl$VIDIOC_LOG_STATUS(r3, 0x5646, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) (async)
ioctl$TIOCMGET(r4, 0x5415, &(0x7f0000000140))

18:29:43 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(0xffffffffffffffff, &(0x7f0000000100)={0xf, 0x8, 0xfa00, {r1, 0x11}}, 0x10) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000140)={0x80000000, 0x6, "f3538a2737db7bbe4606a0f573e7427f0d738e314d8fe7aece5755163e68ff5c", 0x1, 0x5, 0x6, 0x0, 0x101, 0x2, 0x7f, 0x10001, [0x8000, 0x3ff, 0x1, 0x2]}) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:43 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0x6)

18:29:43 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x1, 0x0, &(0x7f00000001c0))

[ 2130.857473] FAULT_INJECTION: forcing a failure.
[ 2130.857473] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2130.869347] CPU: 0 PID: 21367 Comm: syz-executor.0 Not tainted 4.14.271-syzkaller #0
[ 2130.877218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2130.886659] Call Trace:
[ 2130.889230]  dump_stack+0x1b2/0x281
[ 2130.892843]  should_fail.cold+0x10a/0x149
[ 2130.896972]  __alloc_pages_nodemask+0x22c/0x2720
[ 2130.901715]  ? __lock_acquire+0x5fc/0x3f20
[ 2130.905942]  ? trace_hardirqs_on+0x10/0x10
[ 2130.910157]  ? lock_downgrade+0x740/0x740
[ 2130.914285]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 2130.919104]  ? trace_hardirqs_on+0x10/0x10
[ 2130.923321]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 2130.928316]  ? lock_acquire+0x170/0x3f0
[ 2130.932264]  ? mem_cgroup_id_get_online+0xb0/0xb0
[ 2130.937089]  ? check_preemption_disabled+0x35/0x240
[ 2130.942094]  ? __unlock_page_memcg+0x4f/0x100
[ 2130.946622]  alloc_pages_current+0x155/0x260
[ 2130.951010]  __get_free_pages+0xb/0x40
[ 2130.954888]  __tlb_remove_page_size+0x272/0x440
[ 2130.959533]  unmap_page_range+0xf92/0x1ce0
[ 2130.963755]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2130.969095]  ? vm_normal_page_pmd+0x340/0x340
[ 2130.973585]  unmap_single_vma+0x147/0x2b0
[ 2130.977712]  unmap_vmas+0x9d/0x160
[ 2130.981234]  exit_mmap+0x270/0x4d0
[ 2130.984764]  ? SyS_remap_file_pages+0x6a0/0x6a0
[ 2130.989413]  ? kmem_cache_free+0x23a/0x2b0
[ 2130.993623]  ? __khugepaged_exit+0x29b/0x3c0
[ 2130.998008]  mmput+0xfa/0x420
[ 2131.001090]  do_exit+0x984/0x2850
[ 2131.004522]  ? mm_update_next_owner+0x5b0/0x5b0
[ 2131.009182]  ? get_signal+0x323/0x1ca0
[ 2131.013048]  ? lock_acquire+0x170/0x3f0
[ 2131.016997]  ? lock_downgrade+0x740/0x740
[ 2131.021146]  do_group_exit+0x100/0x2e0
[ 2131.025015]  get_signal+0x38d/0x1ca0
[ 2131.028708]  do_signal+0x7c/0x1550
[ 2131.032225]  ? check_preemption_disabled+0x35/0x240
[ 2131.037217]  ? setup_sigcontext+0x820/0x820
[ 2131.041531]  ? task_work_add+0x87/0xe0
[ 2131.045399]  ? fput_many+0xaf/0x140
[ 2131.049004]  ? SyS_connect+0xf6/0x240
[ 2131.052777]  ? SyS_accept+0x30/0x30
[ 2131.056385]  ? vfs_write+0x319/0x4d0
[ 2131.060074]  ? fput_many+0xe/0x140
[ 2131.063591]  ? exit_to_usermode_loop+0x41/0x200
[ 2131.068239]  exit_to_usermode_loop+0x160/0x200
[ 2131.072799]  do_syscall_64+0x4a3/0x640
[ 2131.076674]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2131.081841] RIP: 0033:0x7f0a551b3049
[ 2131.085529] RSP: 002b:00007f0a53b28168 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 2131.093211] RAX: fffffffffffffffc RBX: 00007f0a552c5f60 RCX: 00007f0a551b3049
[ 2131.100456] RDX: 0000000000000008 RSI: 00000000200000c0 RDI: 0000000000000004
18:29:44 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000100))
ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000080)=0x4)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:44 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x404340, 0x0)
pipe2(&(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f0000000100)={0x3f, 0x8000, 0x1, 0x101, 0xb, "0eb12409f3288eaa061c22e02f913eefae3688"})
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000180))
ioctl$TCSETS(r3, 0x5402, &(0x7f00000001c0)={0x2, 0x80000001, 0xab7, 0x4, 0x13, "4a4335593b0a7b2589307bb5fc5f303fdc5240"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x9, "0d79ef2f940d7dd281d802371721ae1706187ccc30a83a4818e27a0715f583f3"})
ioctl$VIDIOC_LOG_STATUS(r3, 0x5646, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
ioctl$TIOCMGET(r4, 0x5415, &(0x7f0000000140))
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x404340, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f0000000100)={0x3f, 0x8000, 0x1, 0x101, 0xb, "0eb12409f3288eaa061c22e02f913eefae3688"}) (async)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000180)) (async)
ioctl$TCSETS(r3, 0x5402, &(0x7f00000001c0)={0x2, 0x80000001, 0xab7, 0x4, 0x13, "4a4335593b0a7b2589307bb5fc5f303fdc5240"}) (async)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x9, "0d79ef2f940d7dd281d802371721ae1706187ccc30a83a4818e27a0715f583f3"}) (async)
ioctl$VIDIOC_LOG_STATUS(r3, 0x5646, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) (async)
ioctl$TIOCMGET(r4, 0x5415, &(0x7f0000000140)) (async)

18:29:44 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:44 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
sync()
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x4, 0x1ff, 0x0, 0x6}})

18:29:44 executing program 5:
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f00000000c0)={0x1, 0x0, {0x7, 0x3, 0x1015, 0x0, 0x4, 0x1, 0x2, 0x5}}) (async)
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f0000000080)={0x52fe, "476d73883d134b71254142f1d8961eb48b1c535aa6257d2e9d11ed88b34307e1", 0x2, 0x1}) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async, rerun: 32)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000000)={0x7, 0x2, 0x1, {0x800401, 0x4, 0x964, 0x22}}) (rerun: 32)

18:29:44 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0x6)

[ 2131.107702] RBP: 00007f0a53b281d0 R08: 0000000000000000 R09: 0000000000000000
[ 2131.114967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2131.122213] R13: 00007ffcdda63f2f R14: 00007f0a53b28300 R15: 0000000000022000
18:29:44 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0x6)

18:29:44 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:44 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000))

18:29:44 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, &(0x7f00000001c0))

18:29:44 executing program 4:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, 0x0, &(0x7f0000000000))

18:29:44 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000))

18:29:45 executing program 4:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, 0x0, &(0x7f0000000000))

18:29:45 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, &(0x7f00000001c0))

18:29:45 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000)) (async)

18:29:45 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000100)) (async)
ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000080)=0x4) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:45 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000080)={0x1, 0x9, 0x1, 0x0, 0xef})

18:29:45 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
sync()
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x4, 0x1ff, 0x0, 0x6}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
sync() (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x4, 0x1ff, 0x0, 0x6}}) (async)

18:29:45 executing program 4:
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, 0x0, &(0x7f0000000000))
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, 0x0, &(0x7f0000000000)) (async)

18:29:45 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"}) (async)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000080)={0x1, 0x9, 0x1, 0x0, 0xef})

18:29:45 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, &(0x7f00000001c0))

18:29:45 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x8010)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))

18:29:45 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:45 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, 0x0)

18:29:45 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x8010)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x8010) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async)

18:29:45 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:29:45 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
sync()
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x4, 0x1ff, 0x0, 0x6}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
sync() (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x4, 0x1ff, 0x0, 0x6}}) (async)

18:29:46 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000100)) (async)
ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000080)=0x4) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:46 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, 0x0)

18:29:46 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x8010)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x8010) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async)

18:29:46 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8) (async, rerun: 32)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (rerun: 32)

18:29:46 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000080)={0x1, 0x9, 0x1, 0x0, 0xef})

18:29:46 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:46 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, 0x0)

18:29:46 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x501401, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000001c0)={0x10})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000080)={0x0, @sliced={0xff, [0xff, 0x9269, 0xfff, 0x0, 0x6, 0x401, 0xcbee, 0x3f, 0x7ff, 0x1, 0x0, 0x7ff, 0x598, 0x42, 0x6, 0xd607, 0xfff, 0x4, 0x2, 0xff, 0x8000, 0x0, 0x0, 0x5, 0xffff, 0x2, 0x1, 0x8, 0x182f, 0x1, 0x101, 0x3, 0x400, 0x1, 0x4, 0xff78, 0x0, 0x8, 0x1, 0x6, 0x1, 0x2, 0x7702, 0x8000, 0x558, 0x1, 0x1, 0x6], 0x2}})

18:29:46 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, 0x0)

18:29:46 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:46 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x501401, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000001c0)={0x10})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000080)={0x0, @sliced={0xff, [0xff, 0x9269, 0xfff, 0x0, 0x6, 0x401, 0xcbee, 0x3f, 0x7ff, 0x1, 0x0, 0x7ff, 0x598, 0x42, 0x6, 0xd607, 0xfff, 0x4, 0x2, 0xff, 0x8000, 0x0, 0x0, 0x5, 0xffff, 0x2, 0x1, 0x8, 0x182f, 0x1, 0x101, 0x3, 0x400, 0x1, 0x4, 0xff78, 0x0, 0x8, 0x1, 0x6, 0x1, 0x2, 0x7702, 0x8000, 0x558, 0x1, 0x1, 0x6], 0x2}})
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x501401, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000001c0)={0x10}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000080)={0x0, @sliced={0xff, [0xff, 0x9269, 0xfff, 0x0, 0x6, 0x401, 0xcbee, 0x3f, 0x7ff, 0x1, 0x0, 0x7ff, 0x598, 0x42, 0x6, 0xd607, 0xfff, 0x4, 0x2, 0xff, 0x8000, 0x0, 0x0, 0x5, 0xffff, 0x2, 0x1, 0x8, 0x182f, 0x1, 0x101, 0x3, 0x400, 0x1, 0x4, 0xff78, 0x0, 0x8, 0x1, 0x6, 0x1, 0x2, 0x7702, 0x8000, 0x558, 0x1, 0x1, 0x6], 0x2}}) (async)

18:29:46 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000080), 0x0) (async)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:46 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x404340, 0x0)
pipe2(&(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f0000000100)={0x3f, 0x8000, 0x1, 0x101, 0xb, "0eb12409f3288eaa061c22e02f913eefae3688"})
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000180))
ioctl$TCSETS(r3, 0x5402, &(0x7f00000001c0)={0x2, 0x80000001, 0xab7, 0x4, 0x13, "4a4335593b0a7b2589307bb5fc5f303fdc5240"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x9, "0d79ef2f940d7dd281d802371721ae1706187ccc30a83a4818e27a0715f583f3"})
ioctl$VIDIOC_LOG_STATUS(r3, 0x5646, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
ioctl$TIOCMGET(r4, 0x5415, &(0x7f0000000140))

18:29:46 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x501401, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000001c0)={0x10})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000080)={0x0, @sliced={0xff, [0xff, 0x9269, 0xfff, 0x0, 0x6, 0x401, 0xcbee, 0x3f, 0x7ff, 0x1, 0x0, 0x7ff, 0x598, 0x42, 0x6, 0xd607, 0xfff, 0x4, 0x2, 0xff, 0x8000, 0x0, 0x0, 0x5, 0xffff, 0x2, 0x1, 0x8, 0x182f, 0x1, 0x101, 0x3, 0x400, 0x1, 0x4, 0xff78, 0x0, 0x8, 0x1, 0x6, 0x1, 0x2, 0x7702, 0x8000, 0x558, 0x1, 0x1, 0x6], 0x2}})

18:29:46 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async, rerun: 32)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 32)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:47 executing program 4:
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000000)={0x6, 0x3, 0x1})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:47 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (fail_nth: 1)

18:29:47 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:47 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=""/186})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:47 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x4800)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:47 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000000000)={0x1, 0x0, {0x1ff, 0xfffffff7, 0x2, 0x4}})

18:29:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:47 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000000000)={0x1, 0x0, {0x1ff, 0xfffffff7, 0x2, 0x4}})

18:29:47 executing program 4:
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000000)={0x6, 0x3, 0x1}) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:47 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000000000)={0x1, 0x0, {0x1ff, 0xfffffff7, 0x2, 0x4}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000000000)={0x1, 0x0, {0x1ff, 0xfffffff7, 0x2, 0x4}}) (async)

18:29:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:47 executing program 4:
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000000)={0x6, 0x3, 0x1})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000000)={0x6, 0x3, 0x1}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:29:47 executing program 2:
socketpair(0x23, 0x80000, 0x1279, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000040)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40060)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000000240)={0x0, @bt={0x7, 0x8, 0x0, 0x3, 0x2, 0x3, 0x1ff, 0x1, 0x1, 0x1, 0x2, 0x3, 0x0, 0x1, 0x20, 0x10, {0x8, 0x6}, 0x7, 0x7}})
getsockopt$sock_timeval(r2, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:48 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:48 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x13, '\b\x00'})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f00000000c0))
r3 = epoll_create(0x3)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)={0x0, 0x0, <r4=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:48 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0xab)
select(0x40, &(0x7f0000000080)={0x2, 0x4, 0x6, 0x3, 0x3, 0x1fc0000000000, 0x9, 0x1}, &(0x7f00000000c0)={0x3, 0x101, 0x6, 0xe99, 0x6, 0x4, 0x9, 0x80}, &(0x7f0000000100)={0xffffffffffffffff, 0x5, 0xffffffffffffffc0, 0x3, 0x41, 0x497b4026, 0x81, 0x7587}, &(0x7f0000000140))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000200)={@none, 0x9, 0x8, 0x11, 0x4, 0x9, "a33583df1f1e3ab25c7ed6962f814b9279c556b93d6f18d48a715a4af8eb65e6d4d14043d1825b7f52875334e1e3142bef620d923ab179b83c5f4dedc159e3a8be8d10cc1035703298f35064ad1b01b3c8846f1c982c61279e306dec5572808be0e4a2bb0667bfd2475a3ea3b7814afed539fe5bf927f2128b63443c4af73b86"})
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

18:29:48 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2) (async)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x4800)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:48 executing program 2:
socketpair(0x23, 0x80000, 0x1279, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000040)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40060)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000000240)={0x0, @bt={0x7, 0x8, 0x0, 0x3, 0x2, 0x3, 0x1ff, 0x1, 0x1, 0x1, 0x2, 0x3, 0x0, 0x1, 0x20, 0x10, {0x8, 0x6}, 0x7, 0x7}})
getsockopt$sock_timeval(r2, 0x1, 0x1, 0x0, &(0x7f00000001c0))
socketpair(0x23, 0x80000, 0x1279, &(0x7f0000000000)) (async)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000040)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40060) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000000240)={0x0, @bt={0x7, 0x8, 0x0, 0x3, 0x2, 0x3, 0x1ff, 0x1, 0x1, 0x1, 0x2, 0x3, 0x0, 0x1, 0x20, 0x10, {0x8, 0x6}, 0x7, 0x7}}) (async)
getsockopt$sock_timeval(r2, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)

18:29:48 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r1, 0x0) (async, rerun: 32)
ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=""/186}) (rerun: 32)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:48 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x13, '\b\x00'})
r1 = epoll_create1(0x0) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f00000000c0))
r3 = epoll_create(0x3) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8) (async)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)={0x0, 0x0, <r4=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:48 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0xab)
select(0x40, &(0x7f0000000080)={0x2, 0x4, 0x6, 0x3, 0x3, 0x1fc0000000000, 0x9, 0x1}, &(0x7f00000000c0)={0x3, 0x101, 0x6, 0xe99, 0x6, 0x4, 0x9, 0x80}, &(0x7f0000000100)={0xffffffffffffffff, 0x5, 0xffffffffffffffc0, 0x3, 0x41, 0x497b4026, 0x81, 0x7587}, &(0x7f0000000140))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000200)={@none, 0x9, 0x8, 0x11, 0x4, 0x9, "a33583df1f1e3ab25c7ed6962f814b9279c556b93d6f18d48a715a4af8eb65e6d4d14043d1825b7f52875334e1e3142bef620d923ab179b83c5f4dedc159e3a8be8d10cc1035703298f35064ad1b01b3c8846f1c982c61279e306dec5572808be0e4a2bb0667bfd2475a3ea3b7814afed539fe5bf927f2128b63443c4af73b86"})
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0xab) (async)
select(0x40, &(0x7f0000000080)={0x2, 0x4, 0x6, 0x3, 0x3, 0x1fc0000000000, 0x9, 0x1}, &(0x7f00000000c0)={0x3, 0x101, 0x6, 0xe99, 0x6, 0x4, 0x9, 0x80}, &(0x7f0000000100)={0xffffffffffffffff, 0x5, 0xffffffffffffffc0, 0x3, 0x41, 0x497b4026, 0x81, 0x7587}, &(0x7f0000000140)) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000200)={@none, 0x9, 0x8, 0x11, 0x4, 0x9, "a33583df1f1e3ab25c7ed6962f814b9279c556b93d6f18d48a715a4af8eb65e6d4d14043d1825b7f52875334e1e3142bef620d923ab179b83c5f4dedc159e3a8be8d10cc1035703298f35064ad1b01b3c8846f1c982c61279e306dec5572808be0e4a2bb0667bfd2475a3ea3b7814afed539fe5bf927f2128b63443c4af73b86"}) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14) (async)

18:29:48 executing program 5:
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x4800)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) (async)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x7, @raw_data="abff8098a9099ca6ac6915fb01973e45af0db5f0be6e179da55edf04ee0a561b6d41461b37b3dbf8a2b1f58b362a2804ffdcd56c8d09b656ed82e87696bf28bd847cdec8035fa6ff25e191c3bbc8971e355175e0cfb6ddd9a15b8ceb82c962ce4ecf5cada485f91f11ec53b0c1e4cb374868601ed9530e01dde16ce3b612e35a1a7555ebd010af6a4964097333ee2eebb5b8384b3ba05d2a1f37fa8365d1c51908a2f4671a946c6883c7ac7ebf81b78d6d7ca11f57ff6c6f2442b078c053a4f8a61292c007b089ba"})

18:29:48 executing program 2:
socketpair(0x23, 0x80000, 0x1279, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000040)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40060) (async, rerun: 32)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async, rerun: 32)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000000240)={0x0, @bt={0x7, 0x8, 0x0, 0x3, 0x2, 0x3, 0x1ff, 0x1, 0x1, 0x1, 0x2, 0x3, 0x0, 0x1, 0x20, 0x10, {0x8, 0x6}, 0x7, 0x7}}) (async)
getsockopt$sock_timeval(r2, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:48 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x13, '\b\x00'})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f00000000c0))
r3 = epoll_create(0x3)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)={0x0, 0x0, <r4=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$VT_DISALLOCATE(r0, 0x5608) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x13, '\b\x00'}) (async)
epoll_create1(0x0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f00000000c0)) (async)
epoll_create(0x3) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8) (async)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)) (async)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:48 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0xab)
select(0x40, &(0x7f0000000080)={0x2, 0x4, 0x6, 0x3, 0x3, 0x1fc0000000000, 0x9, 0x1}, &(0x7f00000000c0)={0x3, 0x101, 0x6, 0xe99, 0x6, 0x4, 0x9, 0x80}, &(0x7f0000000100)={0xffffffffffffffff, 0x5, 0xffffffffffffffc0, 0x3, 0x41, 0x497b4026, 0x81, 0x7587}, &(0x7f0000000140)) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000200)={@none, 0x9, 0x8, 0x11, 0x4, 0x9, "a33583df1f1e3ab25c7ed6962f814b9279c556b93d6f18d48a715a4af8eb65e6d4d14043d1825b7f52875334e1e3142bef620d923ab179b83c5f4dedc159e3a8be8d10cc1035703298f35064ad1b01b3c8846f1c982c61279e306dec5572808be0e4a2bb0667bfd2475a3ea3b7814afed539fe5bf927f2128b63443c4af73b86"}) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

18:29:48 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x140a, 0x800, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x24004804}, 0x1)

18:29:48 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, 0x2, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:48 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x13, '\b\x00'})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f00000000c0))
r3 = epoll_create(0x3)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)={0x0, 0x0, <r4=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:48 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000140))
socketpair(0xf, 0x80000, 0x4, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_RES_GET(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="38000000091408002bbd7000fbdbdf2508000100000000010800010000000000080001000000000008000100060000004700d90402000000c2f20a8c991f3fb6e9a89b6b9649ed0602ffb2556855329b534c2483242e749eb68ae672b3cd0885150da3463088673285a8bae5e240c0e68f7220810a8bcaedd7716a12d123e9443bb7d24c905d025c60d8617244f8b2573200dce6bf87e85bcf9c3ad5576b61b587aa38c53784661dc0176576fe25679fc8f9d4aab833bf9041588b641446a44d57b4e601b94c395b86dee08d88b47d4272f951318b1fabd31a19f15cdd98628315fd8af4ebf335e09ef10ac6fc7277f5778d5b39d5c54030a6d40a2f4732614e08172ff0f69345cf350e219700862e0a0e2cd10ab975f9b92edb27eaaefb576dc285514b0e5787b2aa1b575ca8f0db4c21f71689697f6e25a356c668795102c336f0524e18c2504e13e3ceef9f74445274"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180))
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))

18:29:48 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x18000}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x80000000}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000801}, 0x4000001)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:48 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=""/186})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=""/186}) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:49 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = socket$inet_dccp(0x2, 0x6, 0x0) (async)
ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000140))
socketpair(0xf, 0x80000, 0x4, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_RES_GET(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="38000000091408002bbd7000fbdbdf2508000100000000010800010000000000080001000000000008000100060000004700d90402000000c2f20a8c991f3fb6e9a89b6b9649ed0602ffb2556855329b534c2483242e749eb68ae672b3cd0885150da3463088673285a8bae5e240c0e68f7220810a8bcaedd7716a12d123e9443bb7d24c905d025c60d8617244f8b2573200dce6bf87e85bcf9c3ad5576b61b587aa38c53784661dc0176576fe25679fc8f9d4aab833bf9041588b641446a44d57b4e601b94c395b86dee08d88b47d4272f951318b1fabd31a19f15cdd98628315fd8af4ebf335e09ef10ac6fc7277f5778d5b39d5c54030a6d40a2f4732614e08172ff0f69345cf350e219700862e0a0e2cd10ab975f9b92edb27eaaefb576dc285514b0e5787b2aa1b575ca8f0db4c21f71689697f6e25a356c668795102c336f0524e18c2504e13e3ceef9f74445274"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180))
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))

18:29:49 executing program 0:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:49 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, 0x2, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x8) (async, rerun: 32)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (rerun: 32)

18:29:49 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x18000}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x80000000}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000801}, 0x4000001)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r2, 0x1}, 0x14}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) (async)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x18000}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x80000000}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000801}, 0x4000001) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:29:49 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = socket$inet_dccp(0x2, 0x6, 0x0) (async)
ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000140)) (async)
socketpair(0xf, 0x80000, 0x4, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_RES_GET(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="38000000091408002bbd7000fbdbdf2508000100000000010800010000000000080001000000000008000100060000004700d90402000000c2f20a8c991f3fb6e9a89b6b9649ed0602ffb2556855329b534c2483242e749eb68ae672b3cd0885150da3463088673285a8bae5e240c0e68f7220810a8bcaedd7716a12d123e9443bb7d24c905d025c60d8617244f8b2573200dce6bf87e85bcf9c3ad5576b61b587aa38c53784661dc0176576fe25679fc8f9d4aab833bf9041588b641446a44d57b4e601b94c395b86dee08d88b47d4272f951318b1fabd31a19f15cdd98628315fd8af4ebf335e09ef10ac6fc7277f5778d5b39d5c54030a6d40a2f4732614e08172ff0f69345cf350e219700862e0a0e2cd10ab975f9b92edb27eaaefb576dc285514b0e5787b2aa1b575ca8f0db4c21f71689697f6e25a356c668795102c336f0524e18c2504e13e3ceef9f74445274"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180))
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))

18:29:49 executing program 0:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:49 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async, rerun: 64)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8) (rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x140a, 0x800, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x24004804}, 0x1)

18:29:49 executing program 0:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:49 executing program 2:
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000000)={0x80000000, 0x9, "02e7d7dbf0830757529437081d330f94a252cf1b151eff9eeb37dcb01c850bb6", 0x400, 0xffffffff, 0x1, 0x100000001, 0x3, 0x101, 0xa84, 0x8, [0x7fff, 0x1, 0x3, 0xffff0000]})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:49 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 1)

18:29:49 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r2, 0x1}, 0x14}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x18000}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x80000000}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000801}, 0x4000001) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:49 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, 0x2, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x8) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:49 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x140a, 0x800, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x24004804}, 0x1)

18:29:49 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000080)={0x401, 0xe, 0x32, "b541812dc75071662562869a0af8c2881708eaf3178e682ab2d7ca76418ff99713e4037d736a4f92fcd9ad09193d2d2669f2068496f1020fb3293d0e", 0x7, "195a484e242b8a705c2e7a2c0a19f6ba4a14402ce4129767da77db59075f361d6053519ae6b4d0c9ca2d3ca3fe2132aa739158e3bd3eb61c1c5dcb7d", 0xa0})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:49 executing program 0:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:49 executing program 2:
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000000)={0x80000000, 0x9, "02e7d7dbf0830757529437081d330f94a252cf1b151eff9eeb37dcb01c850bb6", 0x400, 0xffffffff, 0x1, 0x100000001, 0x3, 0x101, 0xa84, 0x8, [0x7fff, 0x1, 0x3, 0xffff0000]}) (async, rerun: 64)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (rerun: 64)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:49 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000000614040029bd7000fddbdf25080001000200000008000100012000000800010001000000080001000100000008000100000000000800010002000000"], 0x40}, 0x1, 0x0, 0x0, 0x40480d0}, 0x8004)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:49 executing program 0:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080)) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
bind$bt_sco(r0, &(0x7f0000000000), 0x8) (async)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:49 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000080)={0x401, 0xe, 0x32, "b541812dc75071662562869a0af8c2881708eaf3178e682ab2d7ca76418ff99713e4037d736a4f92fcd9ad09193d2d2669f2068496f1020fb3293d0e", 0x7, "195a484e242b8a705c2e7a2c0a19f6ba4a14402ce4129767da77db59075f361d6053519ae6b4d0c9ca2d3ca3fe2132aa739158e3bd3eb61c1c5dcb7d", 0xa0}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:49 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000000614040029bd7000fddbdf25080001000200000008000100012000000800010001000000080001000100000008000100000000000800010002000000"], 0x40}, 0x1, 0x0, 0x0, 0x40480d0}, 0x8004) (async, rerun: 32)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (rerun: 32)

18:29:49 executing program 0:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080)) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
bind$bt_sco(r0, &(0x7f0000000000), 0x8) (async)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

[ 2136.467159] FAULT_INJECTION: forcing a failure.
[ 2136.467159] name failslab, interval 1, probability 0, space 0, times 0
[ 2136.484639] CPU: 1 PID: 21798 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2136.492538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2136.501892] Call Trace:
[ 2136.504479]  dump_stack+0x1b2/0x281
[ 2136.508110]  should_fail.cold+0x10a/0x149
[ 2136.512250]  should_failslab+0xd6/0x130
[ 2136.516291]  kmem_cache_alloc_node_trace+0x25a/0x400
[ 2136.521375]  __kmalloc_node+0x38/0x70
[ 2136.525159]  kvmalloc_node+0x46/0xd0
[ 2136.528851]  alloc_netdev_mqs+0x76/0xb70
[ 2136.532895]  ? caif_net_open+0x40/0x40
[ 2136.536780]  ldisc_open+0x114/0x860
[ 2136.540385]  ? caifdev_setup+0x3b0/0x3b0
[ 2136.544433]  ? lock_downgrade+0x740/0x740
[ 2136.548557]  ? caifdev_setup+0x3b0/0x3b0
[ 2136.552597]  tty_ldisc_open+0x6c/0xb0
[ 2136.556383]  tty_set_ldisc+0x287/0x5d0
[ 2136.560254]  tty_ioctl+0xa2a/0x1430
[ 2136.563974]  ? tty_fasync+0x2c0/0x2c0
[ 2136.567757]  ? proc_fail_nth_write+0x7b/0x180
[ 2136.572238]  ? trace_hardirqs_on+0x10/0x10
[ 2136.576455]  ? fsnotify+0x974/0x11b0
[ 2136.580165]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2136.585090]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2136.590086]  ? SyS_write+0x1b7/0x210
[ 2136.593785]  ? tty_fasync+0x2c0/0x2c0
[ 2136.597565]  do_vfs_ioctl+0x75a/0xff0
[ 2136.601392]  ? lock_acquire+0x170/0x3f0
[ 2136.605351]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2136.609756]  ? __fget+0x265/0x3e0
[ 2136.613188]  ? do_vfs_ioctl+0xff0/0xff0
[ 2136.617153]  ? security_file_ioctl+0x83/0xb0
[ 2136.621540]  SyS_ioctl+0x7f/0xb0
[ 2136.624882]  ? do_vfs_ioctl+0xff0/0xff0
[ 2136.628836]  do_syscall_64+0x1d5/0x640
[ 2136.632711]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2136.637877] RIP: 0033:0x7f1c69918049
[ 2136.641567] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2136.649253] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2136.656501] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
18:29:50 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 2)

18:29:50 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000080)={0x401, 0xe, 0x32, "b541812dc75071662562869a0af8c2881708eaf3178e682ab2d7ca76418ff99713e4037d736a4f92fcd9ad09193d2d2669f2068496f1020fb3293d0e", 0x7, "195a484e242b8a705c2e7a2c0a19f6ba4a14402ce4129767da77db59075f361d6053519ae6b4d0c9ca2d3ca3fe2132aa739158e3bd3eb61c1c5dcb7d", 0xa0})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000080)={0x401, 0xe, 0x32, "b541812dc75071662562869a0af8c2881708eaf3178e682ab2d7ca76418ff99713e4037d736a4f92fcd9ad09193d2d2669f2068496f1020fb3293d0e", 0x7, "195a484e242b8a705c2e7a2c0a19f6ba4a14402ce4129767da77db59075f361d6053519ae6b4d0c9ca2d3ca3fe2132aa739158e3bd3eb61c1c5dcb7d", 0xa0}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

18:29:50 executing program 2:
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000000)={0x80000000, 0x9, "02e7d7dbf0830757529437081d330f94a252cf1b151eff9eeb37dcb01c850bb6", 0x400, 0xffffffff, 0x1, 0x100000001, 0x3, 0x101, 0xa84, 0x8, [0x7fff, 0x1, 0x3, 0xffff0000]})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

[ 2136.663754] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2136.671005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2136.678255] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
[ 2136.727279] FAULT_INJECTION: forcing a failure.
[ 2136.727279] name failslab, interval 1, probability 0, space 0, times 0
[ 2136.738587] CPU: 0 PID: 21821 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2136.746453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2136.755788] Call Trace:
[ 2136.758362]  dump_stack+0x1b2/0x281
[ 2136.761974]  should_fail.cold+0x10a/0x149
[ 2136.766108]  should_failslab+0xd6/0x130
[ 2136.770063]  kmem_cache_alloc_trace+0x47/0x3d0
[ 2136.774627]  __hw_addr_create_ex+0x5b/0x300
[ 2136.778928]  __hw_addr_add_ex+0x1c1/0x290
[ 2136.783065]  dev_addr_init+0xfb/0x1b0
[ 2136.786869]  ? dev_mc_flush+0x30/0x30
[ 2136.790651]  alloc_netdev_mqs+0x11d/0xb70
[ 2136.794777]  ? caif_net_open+0x40/0x40
[ 2136.798654]  ldisc_open+0x114/0x860
[ 2136.802271]  ? caifdev_setup+0x3b0/0x3b0
[ 2136.806322]  ? lock_downgrade+0x740/0x740
[ 2136.810454]  ? caifdev_setup+0x3b0/0x3b0
[ 2136.814494]  tty_ldisc_open+0x6c/0xb0
[ 2136.818272]  tty_set_ldisc+0x287/0x5d0
[ 2136.822149]  tty_ioctl+0xa2a/0x1430
[ 2136.825772]  ? tty_fasync+0x2c0/0x2c0
[ 2136.829554]  ? proc_fail_nth_write+0x7b/0x180
[ 2136.834038]  ? trace_hardirqs_on+0x10/0x10
[ 2136.838260]  ? fsnotify+0x974/0x11b0
[ 2136.841958]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2136.846866]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2136.851868]  ? SyS_write+0x1b7/0x210
[ 2136.855571]  ? tty_fasync+0x2c0/0x2c0
[ 2136.859373]  do_vfs_ioctl+0x75a/0xff0
[ 2136.863182]  ? lock_acquire+0x170/0x3f0
[ 2136.867136]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2136.871532]  ? __fget+0x265/0x3e0
[ 2136.874971]  ? do_vfs_ioctl+0xff0/0xff0
[ 2136.878942]  ? security_file_ioctl+0x83/0xb0
[ 2136.883347]  SyS_ioctl+0x7f/0xb0
[ 2136.886691]  ? do_vfs_ioctl+0xff0/0xff0
[ 2136.890659]  do_syscall_64+0x1d5/0x640
[ 2136.894550]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2136.899719] RIP: 0033:0x7f1c69918049
[ 2136.903425] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2136.911130] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2136.918388] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2136.925639] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2136.932892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2136.940157] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:50 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

18:29:50 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_open_pts(0xffffffffffffffff, 0x100)

18:29:50 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000000614040029bd7000fddbdf25080001000200000008000100012000000800010001000000080001000100000008000100000000000800010002000000"], 0x40}, 0x1, 0x0, 0x0, 0x40480d0}, 0x8004)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000000614040029bd7000fddbdf25080001000200000008000100012000000800010001000000080001000100000008000100000000000800010002000000"], 0x40}, 0x1, 0x0, 0x0, 0x40480d0}, 0x8004) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:29:50 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x40)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
pipe2(&(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_DEL(r5, 0x2, r2)
r6 = syz_open_dev$dri(&(0x7f0000000140), 0x7, 0x80)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180)={<r7=>0x0, 0x0, r4})
ioctl$DRM_IOCTL_GEM_FLINK(r6, 0xc008640a, &(0x7f0000000200)={r7})

18:29:50 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000000)={0x100, 0x5, 0x4, 0x200, 0xf, "35ea6bececfb6099"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:50 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 3)

18:29:50 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000000)={0x100, 0x5, 0x4, 0x200, 0xf, "35ea6bececfb6099"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000000)={0x100, 0x5, 0x4, 0x200, 0xf, "35ea6bececfb6099"}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)

18:29:50 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r1, 0x0) (async)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

18:29:50 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x40) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14)
pipe2(&(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0) (async)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_DEL(r5, 0x2, r2)
r6 = syz_open_dev$dri(&(0x7f0000000140), 0x7, 0x80) (async)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180)={<r7=>0x0, 0x0, r4})
ioctl$DRM_IOCTL_GEM_FLINK(r6, 0xc008640a, &(0x7f0000000200)={r7})

18:29:50 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r1)

18:29:50 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

18:29:50 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000000)={0x100, 0x5, 0x4, 0x200, 0xf, "35ea6bececfb6099"}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:50 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x40) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14)
pipe2(&(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_DEL(r5, 0x2, r2)
r6 = syz_open_dev$dri(&(0x7f0000000140), 0x7, 0x80) (async)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180)={<r7=>0x0, 0x0, r4})
ioctl$DRM_IOCTL_GEM_FLINK(r6, 0xc008640a, &(0x7f0000000200)={r7})

[ 2137.292258] FAULT_INJECTION: forcing a failure.
[ 2137.292258] name failslab, interval 1, probability 0, space 0, times 0
[ 2137.306492] CPU: 1 PID: 21842 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2137.314387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2137.323735] Call Trace:
[ 2137.326323]  dump_stack+0x1b2/0x281
[ 2137.329967]  should_fail.cold+0x10a/0x149
[ 2137.329982]  should_failslab+0xd6/0x130
[ 2137.329995]  kmem_cache_alloc_node_trace+0x25a/0x400
[ 2137.330008]  __kmalloc_node+0x38/0x70
[ 2137.330020]  kvmalloc_node+0x46/0xd0
[ 2137.330032]  alloc_netdev_mqs+0x5e5/0xb70
[ 2137.330047]  ldisc_open+0x114/0x860
[ 2137.330058]  ? caifdev_setup+0x3b0/0x3b0
[ 2137.330073]  ? lock_downgrade+0x740/0x740
[ 2137.330084]  ? caifdev_setup+0x3b0/0x3b0
[ 2137.330095]  tty_ldisc_open+0x6c/0xb0
[ 2137.330105]  tty_set_ldisc+0x287/0x5d0
[ 2137.378357]  tty_ioctl+0xa2a/0x1430
[ 2137.378368]  ? tty_fasync+0x2c0/0x2c0
[ 2137.385786]  ? proc_fail_nth_write+0x7b/0x180
[ 2137.390281]  ? trace_hardirqs_on+0x10/0x10
[ 2137.394519]  ? fsnotify+0x974/0x11b0
[ 2137.398233]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2137.403151]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2137.408149]  ? SyS_write+0x1b7/0x210
[ 2137.411860]  ? tty_fasync+0x2c0/0x2c0
[ 2137.415645]  do_vfs_ioctl+0x75a/0xff0
[ 2137.419425]  ? lock_acquire+0x170/0x3f0
[ 2137.423375]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2137.427778]  ? __fget+0x265/0x3e0
[ 2137.431219]  ? do_vfs_ioctl+0xff0/0xff0
[ 2137.435182]  ? security_file_ioctl+0x83/0xb0
[ 2137.439568]  SyS_ioctl+0x7f/0xb0
[ 2137.442917]  ? do_vfs_ioctl+0xff0/0xff0
[ 2137.446886]  do_syscall_64+0x1d5/0x640
[ 2137.450771]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2137.455962] RIP: 0033:0x7f1c69918049
[ 2137.459656] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2137.467385] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2137.474660] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2137.481929] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2137.489183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2137.496433] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:51 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
syz_open_pts(0xffffffffffffffff, 0x100)

18:29:51 executing program 2:
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved})
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000000c0)={0x8000002, 0xffffffff, 0x2})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:51 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000300)={0x0, 0xffffffff, 0xff, 0x0, 0x80})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000340)={0xa000, 0x0, 0x0, 0x4, 0x0, "d266087a42a5e3bb"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = syz_open_pts(r0, 0x105000)
ioctl$TIOCGLCKTRMIOS(r3, 0x5456, &(0x7f00000002c0)={0x6, 0x1000, 0x5, 0x1, 0xd, "4131800cdf01b09052b7640dc4ca9fe0386516"})
timerfd_gettime(r2, 0x0)
syz_open_pts(r2, 0x4000)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x20}, 0x1, 0x0, 0x0, 0x100}, 0x40000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f00000003c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @remote}, 0x8}}}, 0x30)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r6, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0)
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x4c040)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000180))

18:29:51 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r1)

18:29:51 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8)
r1 = socket(0x1f, 0x3, 0x2)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)

18:29:51 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 4)

18:29:51 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000300)={0x0, 0xffffffff, 0xff, 0x0, 0x80})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000340)={0xa000, 0x0, 0x0, 0x4, 0x0, "d266087a42a5e3bb"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (async)
r3 = syz_open_pts(r0, 0x105000)
ioctl$TIOCGLCKTRMIOS(r3, 0x5456, &(0x7f00000002c0)={0x6, 0x1000, 0x5, 0x1, 0xd, "4131800cdf01b09052b7640dc4ca9fe0386516"}) (async)
timerfd_gettime(r2, 0x0) (async)
syz_open_pts(r2, 0x4000) (async)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x20}, 0x1, 0x0, 0x0, 0x100}, 0x40000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f00000003c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @remote}, 0x8}}}, 0x30) (async)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r6, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0) (async)
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x4c040) (async)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000180))

18:29:51 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r1) (rerun: 64)

18:29:51 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8) (async)
r1 = socket(0x1f, 0x3, 0x2)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)

18:29:51 executing program 2:
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved})
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000000c0)={0x8000002, 0xffffffff, 0x2})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved}) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000000c0)={0x8000002, 0xffffffff, 0x2}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)

18:29:51 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0xe4, 0x9, 0xffffffff, 0x3, 0x56, "4d8e1cae2a9d97b7461451d401eed398901bcb", 0x1, 0x80})
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:51 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8)
r1 = socket(0x1f, 0x3, 0x2)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0), 0x8) (async)
socket(0x1f, 0x3, 0x2) (async)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8) (async)

[ 2138.153281] FAULT_INJECTION: forcing a failure.
[ 2138.153281] name failslab, interval 1, probability 0, space 0, times 0
[ 2138.178518] CPU: 1 PID: 21901 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2138.186432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2138.195772] Call Trace:
[ 2138.198342]  dump_stack+0x1b2/0x281
[ 2138.201955]  should_fail.cold+0x10a/0x149
[ 2138.206094]  should_failslab+0xd6/0x130
[ 2138.210051]  kmem_cache_alloc_node_trace+0x25a/0x400
[ 2138.215187]  __kmalloc_node+0x38/0x70
[ 2138.218995]  kvmalloc_node+0x46/0xd0
[ 2138.222690]  alloc_netdev_mqs+0x75c/0xb70
[ 2138.226836]  ldisc_open+0x114/0x860
[ 2138.230442]  ? caifdev_setup+0x3b0/0x3b0
[ 2138.234586]  ? lock_downgrade+0x740/0x740
[ 2138.238718]  ? caifdev_setup+0x3b0/0x3b0
[ 2138.242769]  tty_ldisc_open+0x6c/0xb0
[ 2138.246553]  tty_set_ldisc+0x287/0x5d0
[ 2138.250426]  tty_ioctl+0xa2a/0x1430
[ 2138.254039]  ? tty_fasync+0x2c0/0x2c0
[ 2138.257821]  ? proc_fail_nth_write+0x7b/0x180
[ 2138.262300]  ? trace_hardirqs_on+0x10/0x10
[ 2138.266513]  ? fsnotify+0x974/0x11b0
[ 2138.270204]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2138.275112]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2138.280107]  ? SyS_write+0x1b7/0x210
[ 2138.283800]  ? tty_fasync+0x2c0/0x2c0
[ 2138.287579]  do_vfs_ioctl+0x75a/0xff0
[ 2138.291359]  ? lock_acquire+0x170/0x3f0
[ 2138.295319]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2138.299713]  ? __fget+0x265/0x3e0
[ 2138.303152]  ? do_vfs_ioctl+0xff0/0xff0
[ 2138.307105]  ? security_file_ioctl+0x83/0xb0
[ 2138.311498]  SyS_ioctl+0x7f/0xb0
[ 2138.314846]  ? do_vfs_ioctl+0xff0/0xff0
[ 2138.318805]  do_syscall_64+0x1d5/0x640
[ 2138.322675]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2138.327846] RIP: 0033:0x7f1c69918049
[ 2138.331554] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2138.339243] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2138.346504] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2138.353754] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2138.361008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2138.368258] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:52 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async, rerun: 64)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async, rerun: 64)
syz_open_pts(0xffffffffffffffff, 0x100)

18:29:52 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000300)={0x0, 0xffffffff, 0xff, 0x0, 0x80})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000340)={0xa000, 0x0, 0x0, 0x4, 0x0, "d266087a42a5e3bb"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = syz_open_pts(r0, 0x105000)
ioctl$TIOCGLCKTRMIOS(r3, 0x5456, &(0x7f00000002c0)={0x6, 0x1000, 0x5, 0x1, 0xd, "4131800cdf01b09052b7640dc4ca9fe0386516"})
timerfd_gettime(r2, 0x0)
syz_open_pts(r2, 0x4000)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x20}, 0x1, 0x0, 0x0, 0x100}, 0x40000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f00000003c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @remote}, 0x8}}}, 0x30)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r6, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0)
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x4c040)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000300)={0x0, 0xffffffff, 0xff, 0x0, 0x80}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000340)={0xa000, 0x0, 0x0, 0x4, 0x0, "d266087a42a5e3bb"}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
syz_open_pts(r0, 0x105000) (async)
ioctl$TIOCGLCKTRMIOS(r3, 0x5456, &(0x7f00000002c0)={0x6, 0x1000, 0x5, 0x1, 0xd, "4131800cdf01b09052b7640dc4ca9fe0386516"}) (async)
timerfd_gettime(r2, 0x0) (async)
syz_open_pts(r2, 0x4000) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x20}, 0x1, 0x0, 0x0, 0x100}, 0x40000) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f00000003c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @remote}, 0x8}}}, 0x30) (async)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00'}) (async)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x38, r6, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x23, 0x0, 0x1, {0xc}}]}, 0x38}}, 0x0) (async)
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x4c040) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000180)) (async)

18:29:52 executing program 2:
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000000)={0x0, @reserved})
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000000c0)={0x8000002, 0xffffffff, 0x2})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:52 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000080))
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)

18:29:52 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0xe4, 0x9, 0xffffffff, 0x3, 0x56, "4d8e1cae2a9d97b7461451d401eed398901bcb", 0x1, 0x80}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:52 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 5)

18:29:52 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0xe4, 0x9, 0xffffffff, 0x3, 0x56, "4d8e1cae2a9d97b7461451d401eed398901bcb", 0x1, 0x80})
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) (async)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0xe4, 0x9, 0xffffffff, 0x3, 0x56, "4d8e1cae2a9d97b7461451d401eed398901bcb", 0x1, 0x80}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:29:52 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000))
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:52 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:52 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000))
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:52 executing program 4:
timerfd_gettime(0xffffffffffffffff, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(0xffffffffffffffff, 0xc0945662, &(0x7f00000000c0)={0xfbf, 0x0, '\x00', {0x0, @reserved}})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f0000000180)={0x0, 0x3, 0xffffffff, '\x00', &(0x7f0000000000)=0x1f})
r2 = syz_open_dev$media(&(0x7f0000000100), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{}], 0x0, 0x0, 0x0})
r3 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r3, 0x1, 0x42, &(0x7f0000000080), &(0x7f0000000040)=0x10)

18:29:52 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

[ 2139.003763] FAULT_INJECTION: forcing a failure.
[ 2139.003763] name failslab, interval 1, probability 0, space 0, times 0
[ 2139.036523] CPU: 1 PID: 21950 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2139.044432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2139.053782] Call Trace:
[ 2139.056372]  dump_stack+0x1b2/0x281
[ 2139.060034]  should_fail.cold+0x10a/0x149
[ 2139.064188]  should_failslab+0xd6/0x130
[ 2139.068170]  kmem_cache_alloc+0x28e/0x3c0
[ 2139.072323]  __d_alloc+0x2a/0xa20
[ 2139.076017]  ? d_lookup+0x172/0x220
[ 2139.079651]  d_alloc+0x46/0x240
[ 2139.082938]  __lookup_hash+0x101/0x270
[ 2139.086828]  ? __inode_permission+0xcd/0x2f0
[ 2139.086840]  lookup_one_len+0x279/0x3a0
[ 2139.095287]  ? lookup_one_len_unlocked+0x410/0x410
[ 2139.100221]  start_creating+0xb0/0x200
[ 2139.104100]  debugfs_create_dir+0x1f/0x420
[ 2139.108318]  ldisc_open+0x1b5/0x860
[ 2139.111928]  ? caifdev_setup+0x3b0/0x3b0
[ 2139.115974]  ? lock_downgrade+0x740/0x740
[ 2139.120100]  ? caifdev_setup+0x3b0/0x3b0
[ 2139.124145]  tty_ldisc_open+0x6c/0xb0
[ 2139.127923]  tty_set_ldisc+0x287/0x5d0
[ 2139.131811]  tty_ioctl+0xa2a/0x1430
[ 2139.135425]  ? tty_fasync+0x2c0/0x2c0
[ 2139.139220]  ? proc_fail_nth_write+0x7b/0x180
[ 2139.143695]  ? trace_hardirqs_on+0x10/0x10
[ 2139.147910]  ? fsnotify+0x974/0x11b0
[ 2139.151607]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2139.156516]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2139.161513]  ? SyS_write+0x1b7/0x210
[ 2139.165209]  ? tty_fasync+0x2c0/0x2c0
[ 2139.168998]  do_vfs_ioctl+0x75a/0xff0
[ 2139.172802]  ? lock_acquire+0x170/0x3f0
[ 2139.176774]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2139.181167]  ? __fget+0x265/0x3e0
[ 2139.184723]  ? do_vfs_ioctl+0xff0/0xff0
[ 2139.188687]  ? security_file_ioctl+0x83/0xb0
[ 2139.193093]  SyS_ioctl+0x7f/0xb0
[ 2139.196438]  ? do_vfs_ioctl+0xff0/0xff0
[ 2139.200391]  do_syscall_64+0x1d5/0x640
[ 2139.204260]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2139.209426] RIP: 0033:0x7f1c69918049
[ 2139.213146] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2139.220848] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2139.228118] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2139.235375] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2139.242628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2139.249881] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:53 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:53 executing program 4:
timerfd_gettime(0xffffffffffffffff, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(0xffffffffffffffff, 0xc0945662, &(0x7f00000000c0)={0xfbf, 0x0, '\x00', {0x0, @reserved}})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f0000000180)={0x0, 0x3, 0xffffffff, '\x00', &(0x7f0000000000)=0x1f})
r2 = syz_open_dev$media(&(0x7f0000000100), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{}], 0x0, 0x0, 0x0})
r3 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r3, 0x1, 0x42, &(0x7f0000000080), &(0x7f0000000040)=0x10)
timerfd_gettime(0xffffffffffffffff, 0x0) (async)
ioctl$VIDIOC_ENUM_DV_TIMINGS(0xffffffffffffffff, 0xc0945662, &(0x7f00000000c0)={0xfbf, 0x0, '\x00', {0x0, @reserved}}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f0000000180)={0x0, 0x3, 0xffffffff, '\x00', &(0x7f0000000000)=0x1f}) (async)
syz_open_dev$media(&(0x7f0000000100), 0x0, 0x0) (async)
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{}], 0x0, 0x0, 0x0}) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
getsockopt$sock_timeval(r3, 0x1, 0x42, &(0x7f0000000080), &(0x7f0000000040)=0x10) (async)

18:29:53 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:53 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000))
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:53 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 6)

18:29:53 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async, rerun: 32)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0) (rerun: 32)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000080)) (async, rerun: 32)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async, rerun: 32)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)

18:29:53 executing program 2:
r0 = syz_open_dev$media(&(0x7f0000000080), 0xffffffff, 0x8a01)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f00000000c0)=[{}], 0x7, 0x0, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], 0x5, 0x0, &(0x7f0000000540)=[{}, {}, {}, {}, {}], 0x8, 0x0, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}]})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket(0xf, 0x2, 0x742a)
getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f0000000000)=""/2, &(0x7f0000000040)=0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:53 executing program 4:
timerfd_gettime(0xffffffffffffffff, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(0xffffffffffffffff, 0xc0945662, &(0x7f00000000c0)={0xfbf, 0x0, '\x00', {0x0, @reserved}})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f0000000180)={0x0, 0x3, 0xffffffff, '\x00', &(0x7f0000000000)=0x1f})
r2 = syz_open_dev$media(&(0x7f0000000100), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{}], 0x0, 0x0, 0x0})
r3 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r3, 0x1, 0x42, &(0x7f0000000080), &(0x7f0000000040)=0x10)

18:29:53 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000080)) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)

18:29:53 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_pts(r0, 0xc8000)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x9, 0x0, 0x0, "0386000000008547"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000000)={0xd2, 0x0, 0x7f})

[ 2139.866976] FAULT_INJECTION: forcing a failure.
[ 2139.866976] name failslab, interval 1, probability 0, space 0, times 0
18:29:53 executing program 2:
r0 = syz_open_dev$media(&(0x7f0000000080), 0xffffffff, 0x8a01)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f00000000c0)=[{}], 0x7, 0x0, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], 0x5, 0x0, &(0x7f0000000540)=[{}, {}, {}, {}, {}], 0x8, 0x0, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}]}) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket(0xf, 0x2, 0x742a)
getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f0000000000)=""/2, &(0x7f0000000040)=0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:53 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r1, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xffff7fff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x54}}, 0x10)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000340)={0x7, 0x3, 0x2})
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000000000))
r2 = socket(0x2c, 0x14, 0x2)
sendmsg$SMC_PNETID_FLUSH(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ipvlan1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x800)

[ 2139.915246] CPU: 0 PID: 22007 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2139.923148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2139.932496] Call Trace:
[ 2139.935088]  dump_stack+0x1b2/0x281
[ 2139.938725]  should_fail.cold+0x10a/0x149
[ 2139.942876]  should_failslab+0xd6/0x130
[ 2139.946853]  kmem_cache_alloc+0x28e/0x3c0
[ 2139.951019]  alloc_inode+0xa0/0x170
[ 2139.951030]  new_inode+0x1d/0xf0
[ 2139.958003]  debugfs_get_inode+0x1a/0x130
[ 2139.962159]  debugfs_create_dir+0x63/0x420
[ 2139.962172]  ldisc_open+0x1b5/0x860
[ 2139.962184]  ? caifdev_setup+0x3b0/0x3b0
[ 2139.962199]  ? lock_downgrade+0x740/0x740
[ 2139.962209]  ? caifdev_setup+0x3b0/0x3b0
[ 2139.962220]  tty_ldisc_open+0x6c/0xb0
[ 2139.962231]  tty_set_ldisc+0x287/0x5d0
[ 2139.962243]  tty_ioctl+0xa2a/0x1430
[ 2139.962253]  ? tty_fasync+0x2c0/0x2c0
[ 2139.962264]  ? proc_fail_nth_write+0x7b/0x180
[ 2139.962274]  ? trace_hardirqs_on+0x10/0x10
[ 2139.962288]  ? fsnotify+0x974/0x11b0
[ 2139.962297]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2139.962307]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2139.962318]  ? SyS_write+0x1b7/0x210
[ 2139.962329]  ? tty_fasync+0x2c0/0x2c0
[ 2139.962340]  do_vfs_ioctl+0x75a/0xff0
[ 2139.962351]  ? lock_acquire+0x170/0x3f0
[ 2139.962361]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2139.962373]  ? __fget+0x265/0x3e0
[ 2139.962384]  ? do_vfs_ioctl+0xff0/0xff0
[ 2139.962395]  ? security_file_ioctl+0x83/0xb0
[ 2139.962405]  SyS_ioctl+0x7f/0xb0
[ 2139.962413]  ? do_vfs_ioctl+0xff0/0xff0
[ 2139.962424]  do_syscall_64+0x1d5/0x640
[ 2139.962440]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2139.962448] RIP: 0033:0x7f1c69918049
[ 2139.962453] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2139.962464] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2139.962469] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2139.962475] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2139.962480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2139.962486] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:54 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:54 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0)) (async)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r1, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xffff7fff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x54}}, 0x10)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000340)={0x7, 0x3, 0x2}) (async, rerun: 64)
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000000000)) (async, rerun: 64)
r2 = socket(0x2c, 0x14, 0x2)
sendmsg$SMC_PNETID_FLUSH(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ipvlan1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x800)

18:29:54 executing program 2:
r0 = syz_open_dev$media(&(0x7f0000000080), 0xffffffff, 0x8a01)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f00000000c0)=[{}], 0x7, 0x0, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], 0x5, 0x0, &(0x7f0000000540)=[{}, {}, {}, {}, {}], 0x8, 0x0, &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}, {}, {}]}) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket(0xf, 0x2, 0x742a)
getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f0000000000)=""/2, &(0x7f0000000040)=0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:54 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 7)

18:29:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_pts(r0, 0xc8000)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x9, 0x0, 0x0, "0386000000008547"}) (async)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) (async)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000000)={0xd2, 0x0, 0x7f})

18:29:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_pts(r0, 0xc8000)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x9, 0x0, 0x0, "0386000000008547"})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) (async)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) (async)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000000)={0xd2, 0x0, 0x7f})

18:29:54 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
socket$nl_rdma(0x10, 0x3, 0x14)
socketpair(0x6, 0x3, 0x401, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="58000000111400082cbd7000ffdbdf250800010001000000080001000100000008003e000300020008004b002800000008004a0000000000080003000200000008004a000100000008004a00020000000800030003000000"], 0x58}, 0x1, 0x0, 0x0, 0x20000090}, 0x8000)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000280)=@multiplanar_fd={0xfffffbff, 0x5, 0x4, 0x4, 0x7, {0x0, 0x2710}, {0x2, 0x0, 0x4, 0x7, 0x1, 0x8, "0a062885"}, 0x4, 0x4, {&(0x7f0000000200)=[{0x200, 0x1ff, {}, 0x2}, {0x1, 0x4}]}, 0x2, 0x0, r3})

18:29:54 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r1, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xffff7fff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x54}}, 0x10)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000340)={0x7, 0x3, 0x2})
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000000000))
r2 = socket(0x2c, 0x14, 0x2)
sendmsg$SMC_PNETID_FLUSH(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ipvlan1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x800)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0)) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r1, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xffff7fff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3f}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x40}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x54}}, 0x10) (async)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000340)={0x7, 0x3, 0x2}) (async)
ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f0000000000)) (async)
socket(0x2c, 0x14, 0x2) (async)
sendmsg$SMC_PNETID_FLUSH(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ipvlan1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x800) (async)

18:29:54 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair(0x25, 0x1, 0x8e, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair(0x29, 0x80000, 0x3, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
connect$bt_sco(r2, &(0x7f0000000100), 0x8)

18:29:54 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
socketpair(0x6, 0x3, 0x401, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="58000000111400082cbd7000ffdbdf250800010001000000080001000100000008003e000300020008004b002800000008004a0000000000080003000200000008004a000100000008004a00020000000800030003000000"], 0x58}, 0x1, 0x0, 0x0, 0x20000090}, 0x8000)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000280)=@multiplanar_fd={0xfffffbff, 0x5, 0x4, 0x4, 0x7, {0x0, 0x2710}, {0x2, 0x0, 0x4, 0x7, 0x1, 0x8, "0a062885"}, 0x4, 0x4, {&(0x7f0000000200)=[{0x200, 0x1ff, {}, 0x2}, {0x1, 0x4}]}, 0x2, 0x0, r3})

18:29:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000040))
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000140))
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f00000000c0)={0x1, 0x0, 0x2, 0xe, {0x6, 0x0, 0x101, 0x7}})
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f00000001c0)={0x8, 0x0, '\x00', {0x0, @bt={0x9, 0x800, 0x1, 0x3, 0x80000001, 0xfff, 0x8, 0x358a, 0x46a9, 0xed55, 0x7fff, 0x4, 0x80, 0x10000, 0x8, 0xb, {0x0, 0x20}, 0x9}}})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x18, "06828993ab00"})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGPTPEER(r4, 0x5441, 0x101)
timerfd_gettime(r1, &(0x7f0000000100))
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000180))

18:29:54 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair(0x25, 0x1, 0x8e, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socketpair(0x29, 0x80000, 0x3, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
connect$bt_sco(r2, &(0x7f0000000100), 0x8)

[ 2140.844449] FAULT_INJECTION: forcing a failure.
[ 2140.844449] name failslab, interval 1, probability 0, space 0, times 0
[ 2140.856090] CPU: 1 PID: 22082 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2140.863974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2140.873335] Call Trace:
[ 2140.875920]  dump_stack+0x1b2/0x281
[ 2140.879535]  should_fail.cold+0x10a/0x149
[ 2140.883663]  should_failslab+0xd6/0x130
[ 2140.887616]  kmem_cache_alloc+0x28e/0x3c0
[ 2140.891742]  __d_alloc+0x2a/0xa20
[ 2140.895174]  ? d_lookup+0x172/0x220
[ 2140.898781]  d_alloc+0x46/0x240
[ 2140.902038]  __lookup_hash+0x101/0x270
[ 2140.905919]  ? __inode_permission+0xcd/0x2f0
[ 2140.910307]  lookup_one_len+0x279/0x3a0
[ 2140.914283]  ? lookup_one_len_unlocked+0x410/0x410
[ 2140.919310]  start_creating+0xb0/0x200
[ 2140.923193]  __debugfs_create_file+0x4f/0x440
[ 2140.927677]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2140.932674]  ldisc_open+0x20a/0x860
[ 2140.936282]  ? caifdev_setup+0x3b0/0x3b0
[ 2140.940324]  ? lock_downgrade+0x740/0x740
[ 2140.944456]  ? caifdev_setup+0x3b0/0x3b0
[ 2140.948615]  tty_ldisc_open+0x6c/0xb0
[ 2140.952428]  tty_set_ldisc+0x287/0x5d0
[ 2140.956294]  tty_ioctl+0xa2a/0x1430
[ 2140.959905]  ? tty_fasync+0x2c0/0x2c0
[ 2140.963693]  ? proc_fail_nth_write+0x7b/0x180
[ 2140.968170]  ? trace_hardirqs_on+0x10/0x10
[ 2140.972386]  ? fsnotify+0x974/0x11b0
[ 2140.976102]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2140.981025]  ? SyS_write+0x1b7/0x210
[ 2140.984743]  ? tty_fasync+0x2c0/0x2c0
[ 2140.988524]  do_vfs_ioctl+0x75a/0xff0
[ 2140.992305]  ? lock_acquire+0x170/0x3f0
[ 2140.996258]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2141.000647]  ? __fget+0x265/0x3e0
[ 2141.004079]  ? do_vfs_ioctl+0xff0/0xff0
[ 2141.008034]  ? security_file_ioctl+0x83/0xb0
[ 2141.012430]  SyS_ioctl+0x7f/0xb0
[ 2141.015779]  ? do_vfs_ioctl+0xff0/0xff0
[ 2141.019742]  do_syscall_64+0x1d5/0x640
[ 2141.023611]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2141.028785] RIP: 0033:0x7f1c69918049
[ 2141.032474] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2141.040161] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2141.047413] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2141.054677] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2141.061927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2141.069175] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:55 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:55 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
socket$nl_rdma(0x10, 0x3, 0x14)
socketpair(0x6, 0x3, 0x401, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="58000000111400082cbd7000ffdbdf250800010001000000080001000100000008003e000300020008004b002800000008004a0000000000080003000200000008004a000100000008004a00020000000800030003000000"], 0x58}, 0x1, 0x0, 0x0, 0x20000090}, 0x8000)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000280)=@multiplanar_fd={0xfffffbff, 0x5, 0x4, 0x4, 0x7, {0x0, 0x2710}, {0x2, 0x0, 0x4, 0x7, 0x1, 0x8, "0a062885"}, 0x4, 0x4, {&(0x7f0000000200)=[{0x200, 0x1ff, {}, 0x2}, {0x1, 0x4}]}, 0x2, 0x0, r3})

18:29:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000040)) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000140)) (async)
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f00000000c0)={0x1, 0x0, 0x2, 0xe, {0x6, 0x0, 0x101, 0x7}})
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f00000001c0)={0x8, 0x0, '\x00', {0x0, @bt={0x9, 0x800, 0x1, 0x3, 0x80000001, 0xfff, 0x8, 0x358a, 0x46a9, 0xed55, 0x7fff, 0x4, 0x80, 0x10000, 0x8, 0xb, {0x0, 0x20}, 0x9}}}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x18, "06828993ab00"}) (async)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGPTPEER(r4, 0x5441, 0x101)
timerfd_gettime(r1, &(0x7f0000000100))
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000180))

18:29:55 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair(0x25, 0x1, 0x8e, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair(0x29, 0x80000, 0x3, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
connect$bt_sco(r2, &(0x7f0000000100), 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socketpair(0x25, 0x1, 0x8e, &(0x7f0000000080)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
socketpair(0x29, 0x80000, 0x3, &(0x7f00000000c0)) (async)
connect$bt_sco(r2, &(0x7f0000000100), 0x8) (async)

18:29:55 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))

18:29:55 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 8)

18:29:55 executing program 1:
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f0000000100)={0x0, 0x0, {0x2, 0x1000, 0x300a, 0x0, 0xb, 0x7, 0x2, 0x6}})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r2=>0x0, <r3=>0x0})
ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000000200)=0x2)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000180)={0x0, 0x3, 0x4, 0x10, 0x1, {r2, r3/1000+10000}, {0x1, 0xc, 0x81, 0xaf, 0x2, 0x7, "15954fc5"}, 0x400, 0x4, {}, 0x80000000})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r5, 0x400, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000801}, 0x44800)

18:29:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000040))
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f0000000080))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000140))
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f00000000c0)={0x1, 0x0, 0x2, 0xe, {0x6, 0x0, 0x101, 0x7}})
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f00000001c0)={0x8, 0x0, '\x00', {0x0, @bt={0x9, 0x800, 0x1, 0x3, 0x80000001, 0xfff, 0x8, 0x358a, 0x46a9, 0xed55, 0x7fff, 0x4, 0x80, 0x10000, 0x8, 0xb, {0x0, 0x20}, 0x9}}})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x18, "06828993ab00"})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGPTPEER(r4, 0x5441, 0x101)
timerfd_gettime(r1, &(0x7f0000000100))
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000040)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f0000000080)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000140)) (async)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f00000000c0)={0x1, 0x0, 0x2, 0xe, {0x6, 0x0, 0x101, 0x7}}) (async)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f00000001c0)={0x8, 0x0, '\x00', {0x0, @bt={0x9, 0x800, 0x1, 0x3, 0x80000001, 0xfff, 0x8, 0x358a, 0x46a9, 0xed55, 0x7fff, 0x4, 0x80, 0x10000, 0x8, 0xb, {0x0, 0x20}, 0x9}}}) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x18, "06828993ab00"}) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TIOCGPTPEER(r4, 0x5441, 0x101) (async)
timerfd_gettime(r1, &(0x7f0000000100)) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000180)) (async)

18:29:55 executing program 2:
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0xbb, 0x9ed0, 0x1, 0x2, 0x1, 0x1, 0x6, 0x2, 0x7fffffff, 0x9, 0x7fff, 0x0, 0x4, 0x20, 0x4, 0x11, {0x4}, 0x2, 0x89}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1001000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x200}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004806}, 0x40)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
socket$bt_hidp(0x1f, 0x3, 0x6)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
socketpair(0x2c, 0x80000, 0x4, &(0x7f0000000700)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000006c0)={0x2, &(0x7f0000000200)=[{@none}, {}]})
getsockopt$sock_timeval(r0, 0x1, 0x57, 0x0, &(0x7f0000000000))

18:29:55 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0)) (async)

18:29:55 executing program 0:
ioctl$VIDIOC_G_PARM(0xffffffffffffffff, 0xc0cc5615, &(0x7f0000000100)={0x8, @raw_data="01fda6dd6b53a67d4de28d0af7e06dd706d8547f16e5d333e239e4b1cdcd87ab35d27cba0162649683e08178107e159d9a2289489a0a2a31ce0d19b9e322f158e0d61b153df52ab6ee8f10d0d3fc2fe153c96d8dd0a156213c5c25caef829efbc15bf1821a1898b0c20bfb3ce3b0ca42401fe0cd2b575a15ad44c42ac31ddd2cc05370d6da06c9027a39c9272f7dc8033443a5456e170ade4596d7278eecdeb5ac17a6cb7e27c78a0b37416ac3eb0a0e0ee505b7738ca4d32c3880db807dcaeba10dd8cc96bf6f91"})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000200)={0x0, @bt={0x7, 0x3, 0x1, 0x1, 0x4, 0x2, 0xb4a, 0xff, 0x218, 0xed52, 0xb0e, 0x9, 0xfffffffa, 0x9, 0x10, 0x10, {0xd200, 0x8f}, 0xf7, 0x7}})

18:29:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_pts(r0, 0x102)
syz_open_pts(r2, 0x180)

18:29:55 executing program 2:
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0xbb, 0x9ed0, 0x1, 0x2, 0x1, 0x1, 0x6, 0x2, 0x7fffffff, 0x9, 0x7fff, 0x0, 0x4, 0x20, 0x4, 0x11, {0x4}, 0x2, 0x89}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1001000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x200}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004806}, 0x40)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
socket$bt_hidp(0x1f, 0x3, 0x6)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
socketpair(0x2c, 0x80000, 0x4, &(0x7f0000000700)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000006c0)={0x2, &(0x7f0000000200)=[{@none}, {}]})
getsockopt$sock_timeval(r0, 0x1, 0x57, 0x0, &(0x7f0000000000))
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0xbb, 0x9ed0, 0x1, 0x2, 0x1, 0x1, 0x6, 0x2, 0x7fffffff, 0x9, 0x7fff, 0x0, 0x4, 0x20, 0x4, 0x11, {0x4}, 0x2, 0x89}}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1001000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x200}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004806}, 0x40) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
socketpair(0x2c, 0x80000, 0x4, &(0x7f0000000700)) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000006c0)={0x2, &(0x7f0000000200)=[{@none}, {}]}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x57, 0x0, &(0x7f0000000000)) (async)

18:29:55 executing program 0:
ioctl$VIDIOC_G_PARM(0xffffffffffffffff, 0xc0cc5615, &(0x7f0000000100)={0x8, @raw_data="01fda6dd6b53a67d4de28d0af7e06dd706d8547f16e5d333e239e4b1cdcd87ab35d27cba0162649683e08178107e159d9a2289489a0a2a31ce0d19b9e322f158e0d61b153df52ab6ee8f10d0d3fc2fe153c96d8dd0a156213c5c25caef829efbc15bf1821a1898b0c20bfb3ce3b0ca42401fe0cd2b575a15ad44c42ac31ddd2cc05370d6da06c9027a39c9272f7dc8033443a5456e170ade4596d7278eecdeb5ac17a6cb7e27c78a0b37416ac3eb0a0e0ee505b7738ca4d32c3880db807dcaeba10dd8cc96bf6f91"}) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000200)={0x0, @bt={0x7, 0x3, 0x1, 0x1, 0x4, 0x2, 0xb4a, 0xff, 0x218, 0xed52, 0xb0e, 0x9, 0xfffffffa, 0x9, 0x10, 0x10, {0xd200, 0x8f}, 0xf7, 0x7}})

18:29:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = syz_open_pts(r0, 0x102)
syz_open_pts(r2, 0x180)

[ 2141.702849] FAULT_INJECTION: forcing a failure.
[ 2141.702849] name failslab, interval 1, probability 0, space 0, times 0
[ 2141.737732] CPU: 1 PID: 22147 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
18:29:55 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0)) (async)

[ 2141.745632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2141.754981] Call Trace:
[ 2141.757570]  dump_stack+0x1b2/0x281
[ 2141.761201]  should_fail.cold+0x10a/0x149
[ 2141.765354]  should_failslab+0xd6/0x130
[ 2141.769329]  kmem_cache_alloc+0x28e/0x3c0
[ 2141.773478]  alloc_inode+0xa0/0x170
[ 2141.777100]  new_inode+0x1d/0xf0
[ 2141.780462]  debugfs_get_inode+0x1a/0x130
[ 2141.784612]  __debugfs_create_file+0x93/0x440
[ 2141.789116]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2141.789128]  ldisc_open+0x20a/0x860
[ 2141.797745]  ? caifdev_setup+0x3b0/0x3b0
18:29:55 executing program 0:
ioctl$VIDIOC_G_PARM(0xffffffffffffffff, 0xc0cc5615, &(0x7f0000000100)={0x8, @raw_data="01fda6dd6b53a67d4de28d0af7e06dd706d8547f16e5d333e239e4b1cdcd87ab35d27cba0162649683e08178107e159d9a2289489a0a2a31ce0d19b9e322f158e0d61b153df52ab6ee8f10d0d3fc2fe153c96d8dd0a156213c5c25caef829efbc15bf1821a1898b0c20bfb3ce3b0ca42401fe0cd2b575a15ad44c42ac31ddd2cc05370d6da06c9027a39c9272f7dc8033443a5456e170ade4596d7278eecdeb5ac17a6cb7e27c78a0b37416ac3eb0a0e0ee505b7738ca4d32c3880db807dcaeba10dd8cc96bf6f91"})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000200)={0x0, @bt={0x7, 0x3, 0x1, 0x1, 0x4, 0x2, 0xb4a, 0xff, 0x218, 0xed52, 0xb0e, 0x9, 0xfffffffa, 0x9, 0x10, 0x10, {0xd200, 0x8f}, 0xf7, 0x7}})
ioctl$VIDIOC_G_PARM(0xffffffffffffffff, 0xc0cc5615, &(0x7f0000000100)={0x8, @raw_data="01fda6dd6b53a67d4de28d0af7e06dd706d8547f16e5d333e239e4b1cdcd87ab35d27cba0162649683e08178107e159d9a2289489a0a2a31ce0d19b9e322f158e0d61b153df52ab6ee8f10d0d3fc2fe153c96d8dd0a156213c5c25caef829efbc15bf1821a1898b0c20bfb3ce3b0ca42401fe0cd2b575a15ad44c42ac31ddd2cc05370d6da06c9027a39c9272f7dc8033443a5456e170ade4596d7278eecdeb5ac17a6cb7e27c78a0b37416ac3eb0a0e0ee505b7738ca4d32c3880db807dcaeba10dd8cc96bf6f91"}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000200)={0x0, @bt={0x7, 0x3, 0x1, 0x1, 0x4, 0x2, 0xb4a, 0xff, 0x218, 0xed52, 0xb0e, 0x9, 0xfffffffa, 0x9, 0x10, 0x10, {0xd200, 0x8f}, 0xf7, 0x7}}) (async)

[ 2141.801817]  ? lock_downgrade+0x740/0x740
[ 2141.801828]  ? caifdev_setup+0x3b0/0x3b0
[ 2141.801839]  tty_ldisc_open+0x6c/0xb0
[ 2141.801850]  tty_set_ldisc+0x287/0x5d0
[ 2141.801861]  tty_ioctl+0xa2a/0x1430
[ 2141.801870]  ? tty_fasync+0x2c0/0x2c0
[ 2141.801880]  ? proc_fail_nth_write+0x7b/0x180
[ 2141.801890]  ? trace_hardirqs_on+0x10/0x10
[ 2141.801904]  ? fsnotify+0x974/0x11b0
[ 2141.801913]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2141.801922]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2141.801932]  ? SyS_write+0x1b7/0x210
[ 2141.801943]  ? tty_fasync+0x2c0/0x2c0
[ 2141.801953]  do_vfs_ioctl+0x75a/0xff0
[ 2141.801963]  ? lock_acquire+0x170/0x3f0
[ 2141.801973]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2141.801986]  ? __fget+0x265/0x3e0
[ 2141.801997]  ? do_vfs_ioctl+0xff0/0xff0
[ 2141.802008]  ? security_file_ioctl+0x83/0xb0
[ 2141.802018]  SyS_ioctl+0x7f/0xb0
[ 2141.802025]  ? do_vfs_ioctl+0xff0/0xff0
[ 2141.802036]  do_syscall_64+0x1d5/0x640
[ 2141.802052]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2141.802060] RIP: 0033:0x7f1c69918049
[ 2141.802063] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2141.802072] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2141.802077] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2141.802081] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2141.802086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
18:29:55 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 9)

[ 2141.802092] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
[ 2142.040993] FAULT_INJECTION: forcing a failure.
[ 2142.040993] name failslab, interval 1, probability 0, space 0, times 0
[ 2142.052683] CPU: 1 PID: 22202 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2142.060556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2142.069918] Call Trace:
[ 2142.072492]  dump_stack+0x1b2/0x281
[ 2142.076103]  should_fail.cold+0x10a/0x149
[ 2142.080231]  should_failslab+0xd6/0x130
[ 2142.084190]  kmem_cache_alloc+0x28e/0x3c0
[ 2142.088333]  __d_alloc+0x2a/0xa20
[ 2142.091766]  ? d_lookup+0x172/0x220
[ 2142.095371]  d_alloc+0x46/0x240
[ 2142.098631]  __lookup_hash+0x101/0x270
[ 2142.102508]  ? __inode_permission+0xcd/0x2f0
[ 2142.106897]  lookup_one_len+0x279/0x3a0
[ 2142.110852]  ? lookup_one_len_unlocked+0x410/0x410
[ 2142.115769]  start_creating+0xb0/0x200
[ 2142.119636]  __debugfs_create_file+0x4f/0x440
[ 2142.124125]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2142.129137]  ldisc_open+0x247/0x860
[ 2142.132744]  ? caifdev_setup+0x3b0/0x3b0
[ 2142.136786]  ? lock_downgrade+0x740/0x740
[ 2142.140927]  ? caifdev_setup+0x3b0/0x3b0
[ 2142.144983]  tty_ldisc_open+0x6c/0xb0
[ 2142.148760]  tty_set_ldisc+0x287/0x5d0
[ 2142.152647]  tty_ioctl+0xa2a/0x1430
[ 2142.156253]  ? tty_fasync+0x2c0/0x2c0
[ 2142.160044]  ? proc_fail_nth_write+0x7b/0x180
[ 2142.164519]  ? trace_hardirqs_on+0x10/0x10
[ 2142.168738]  ? fsnotify+0x974/0x11b0
[ 2142.172427]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2142.177342]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2142.182337]  ? SyS_write+0x1b7/0x210
[ 2142.186048]  ? tty_fasync+0x2c0/0x2c0
[ 2142.189844]  do_vfs_ioctl+0x75a/0xff0
[ 2142.193624]  ? lock_acquire+0x170/0x3f0
[ 2142.197578]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2142.201965]  ? __fget+0x265/0x3e0
[ 2142.205396]  ? do_vfs_ioctl+0xff0/0xff0
[ 2142.209349]  ? security_file_ioctl+0x83/0xb0
[ 2142.213738]  SyS_ioctl+0x7f/0xb0
[ 2142.217080]  ? do_vfs_ioctl+0xff0/0xff0
[ 2142.221035]  do_syscall_64+0x1d5/0x640
[ 2142.224906]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2142.230077] RIP: 0033:0x7f1c69918049
[ 2142.233770] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2142.241466] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2142.248722] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2142.255969] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2142.263221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2142.270474] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:55 executing program 1:
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f0000000100)={0x0, 0x0, {0x2, 0x1000, 0x300a, 0x0, 0xb, 0x7, 0x2, 0x6}}) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async, rerun: 64)
clock_gettime(0x0, &(0x7f0000000080)={<r2=>0x0, <r3=>0x0}) (rerun: 64)
ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000000200)=0x2) (async)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000180)={0x0, 0x3, 0x4, 0x10, 0x1, {r2, r3/1000+10000}, {0x1, 0xc, 0x81, 0xaf, 0x2, 0x7, "15954fc5"}, 0x400, 0x4, {}, 0x80000000}) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async, rerun: 64)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async, rerun: 64)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r5, 0x400, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000801}, 0x44800)

18:29:55 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'wlan1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40000c0)

18:29:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_pts(r0, 0x102)
syz_open_pts(r2, 0x180)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
syz_open_pts(r0, 0x102) (async)
syz_open_pts(r2, 0x180) (async)

18:29:55 executing program 2:
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0xbb, 0x9ed0, 0x1, 0x2, 0x1, 0x1, 0x6, 0x2, 0x7fffffff, 0x9, 0x7fff, 0x0, 0x4, 0x20, 0x4, 0x11, {0x4}, 0x2, 0x89}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1001000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x200}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004806}, 0x40)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
socket$bt_hidp(0x1f, 0x3, 0x6)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
socketpair(0x2c, 0x80000, 0x4, &(0x7f0000000700)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000006c0)={0x2, &(0x7f0000000200)=[{@none}, {}]})
getsockopt$sock_timeval(r0, 0x1, 0x57, 0x0, &(0x7f0000000000))
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0xbb, 0x9ed0, 0x1, 0x2, 0x1, 0x1, 0x6, 0x2, 0x7fffffff, 0x9, 0x7fff, 0x0, 0x4, 0x20, 0x4, 0x11, {0x4}, 0x2, 0x89}}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1001000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x200}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004806}, 0x40) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
socketpair(0x2c, 0x80000, 0x4, &(0x7f0000000700)) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000006c0)={0x2, &(0x7f0000000200)=[{@none}, {}]}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x57, 0x0, &(0x7f0000000000)) (async)

18:29:55 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x7f}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:55 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 10)

18:29:55 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'wlan1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40000c0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) (async)
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'wlan1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40000c0) (async)

18:29:55 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x17, "06828993ab00"})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000000)={0x5, 0x2, 0x4})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:56 executing program 1:
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f0000000100)={0x0, 0x0, {0x2, 0x1000, 0x300a, 0x0, 0xb, 0x7, 0x2, 0x6}})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r2=>0x0, <r3=>0x0})
ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000000200)=0x2)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000180)={0x0, 0x3, 0x4, 0x10, 0x1, {r2, r3/1000+10000}, {0x1, 0xc, 0x81, 0xaf, 0x2, 0x7, "15954fc5"}, 0x400, 0x4, {}, 0x80000000})
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r5, 0x400, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000801}, 0x44800)
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f0000000100)={0x0, 0x0, {0x2, 0x1000, 0x300a, 0x0, 0xb, 0x7, 0x2, 0x6}}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
clock_gettime(0x0, &(0x7f0000000080)) (async)
ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000000200)=0x2) (async)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000180)={0x0, 0x3, 0x4, 0x10, 0x1, {r2, r3/1000+10000}, {0x1, 0xc, 0x81, 0xaf, 0x2, 0x7, "15954fc5"}, 0x400, 0x4, {}, 0x80000000}) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x24}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r5, 0x400, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000801}, 0x44800) (async)

18:29:56 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000)={0x4})
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000080)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x17, "06828993ab00"}) (async, rerun: 32)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000000)={0x5, 0x2, 0x4}) (rerun: 32)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:56 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'wlan1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40000c0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) (async)
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'wlan1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40000c0) (async)

18:29:56 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
socketpair(0x2a, 0x1, 0x85, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000080)) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x17, "06828993ab00"}) (async, rerun: 32)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000000)={0x5, 0x2, 0x4}) (async, rerun: 32)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180))

18:29:56 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
socketpair(0x2a, 0x1, 0x85, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
socketpair(0x2a, 0x1, 0x85, &(0x7f0000000000)) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:56 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000)={0x4})
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

[ 2142.645440] FAULT_INJECTION: forcing a failure.
[ 2142.645440] name failslab, interval 1, probability 0, space 0, times 0
[ 2142.657207] CPU: 0 PID: 22296 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2142.665104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2142.674541] Call Trace:
[ 2142.677114]  dump_stack+0x1b2/0x281
[ 2142.680810]  should_fail.cold+0x10a/0x149
[ 2142.684942]  should_failslab+0xd6/0x130
[ 2142.688913]  kmem_cache_alloc+0x28e/0x3c0
[ 2142.693049]  alloc_inode+0xa0/0x170
[ 2142.696668]  new_inode+0x1d/0xf0
[ 2142.700015]  debugfs_get_inode+0x1a/0x130
[ 2142.704141]  __debugfs_create_file+0x93/0x440
[ 2142.708617]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2142.713621]  ldisc_open+0x247/0x860
[ 2142.717252]  ? caifdev_setup+0x3b0/0x3b0
[ 2142.721306]  ? lock_downgrade+0x740/0x740
[ 2142.725433]  ? caifdev_setup+0x3b0/0x3b0
[ 2142.729474]  tty_ldisc_open+0x6c/0xb0
[ 2142.733267]  tty_set_ldisc+0x287/0x5d0
[ 2142.737145]  tty_ioctl+0xa2a/0x1430
[ 2142.740761]  ? tty_fasync+0x2c0/0x2c0
[ 2142.744541]  ? proc_fail_nth_write+0x7b/0x180
[ 2142.749018]  ? trace_hardirqs_on+0x10/0x10
[ 2142.753252]  ? fsnotify+0x974/0x11b0
[ 2142.756956]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2142.761868]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2142.766884]  ? SyS_write+0x1b7/0x210
[ 2142.770590]  ? tty_fasync+0x2c0/0x2c0
[ 2142.774380]  do_vfs_ioctl+0x75a/0xff0
[ 2142.778161]  ? lock_acquire+0x170/0x3f0
[ 2142.782115]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2142.786504]  ? __fget+0x265/0x3e0
[ 2142.789935]  ? do_vfs_ioctl+0xff0/0xff0
[ 2142.793894]  ? security_file_ioctl+0x83/0xb0
[ 2142.798281]  SyS_ioctl+0x7f/0xb0
[ 2142.801623]  ? do_vfs_ioctl+0xff0/0xff0
[ 2142.805576]  do_syscall_64+0x1d5/0x640
[ 2142.809444]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2142.814610] RIP: 0033:0x7f1c69918049
[ 2142.818296] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2142.825982] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2142.833237] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2142.840491] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2142.847738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2142.854984] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:56 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x7f}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:56 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000)={0x4}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:56 executing program 4:
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x80000)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000080)=@overlay={0xffffffe0, 0x2, 0x4, 0x10, 0x3, {0x77359400}, {0x1, 0x2, 0x40, 0x8, 0x80, 0x6, "6207ac43"}, 0x0, 0x3, {}, 0x7, 0x0, r0})
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x9, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:56 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
socketpair(0x2a, 0x1, 0x85, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
socketpair(0x2a, 0x1, 0x85, &(0x7f0000000000)) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:29:56 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 11)

18:29:56 executing program 4:
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x80000)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000080)=@overlay={0xffffffe0, 0x2, 0x4, 0x10, 0x3, {0x77359400}, {0x1, 0x2, 0x40, 0x8, 0x80, 0x6, "6207ac43"}, 0x0, 0x3, {}, 0x7, 0x0, r0}) (async)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) (async, rerun: 64)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (rerun: 64)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:56 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r1, &(0x7f0000000100)={0x1f, @none}, 0x8)
r2 = timerfd_create(0x5, 0xc00)
timerfd_gettime(r2, &(0x7f0000000140))
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
timerfd_gettime(0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x140e, 0x1, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x20008040)

18:29:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x9, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:56 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x7f}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:29:56 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1412, 0x800, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x80)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

18:29:56 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r1, 0x0) (async, rerun: 64)
bind$bt_sco(r1, &(0x7f0000000100)={0x1f, @none}, 0x8) (async, rerun: 64)
r2 = timerfd_create(0x5, 0xc00)
timerfd_gettime(r2, &(0x7f0000000140)) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
timerfd_gettime(0xffffffffffffffff, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x140e, 0x1, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x20008040)

18:29:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x9, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:56 executing program 4:
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x80000)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000080)=@overlay={0xffffffe0, 0x2, 0x4, 0x10, 0x3, {0x77359400}, {0x1, 0x2, 0x40, 0x8, 0x80, 0x6, "6207ac43"}, 0x0, 0x3, {}, 0x7, 0x0, r0})
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000040), 0x80000) (async)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000080)=@overlay={0xffffffe0, 0x2, 0x4, 0x10, 0x3, {0x77359400}, {0x1, 0x2, 0x40, 0x8, 0x80, 0x6, "6207ac43"}, 0x0, 0x3, {}, 0x7, 0x0, r0}) (async)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:29:56 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000080)="1b")
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCSRS485(r4, 0x542f, &(0x7f0000000100)={0x1, 0x6})
r5 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x0)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f00000000c0)={0x5, 0x3, 0x800})
ioctl$TIOCGWINSZ(r5, 0x5413, &(0x7f0000000000))

[ 2143.524515] FAULT_INJECTION: forcing a failure.
[ 2143.524515] name failslab, interval 1, probability 0, space 0, times 0
[ 2143.536000] CPU: 1 PID: 22355 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2143.536006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2143.536010] Call Trace:
[ 2143.536027]  dump_stack+0x1b2/0x281
[ 2143.536042]  should_fail.cold+0x10a/0x149
[ 2143.536058]  should_failslab+0xd6/0x130
[ 2143.536071]  kmem_cache_alloc+0x28e/0x3c0
[ 2143.536084]  alloc_inode+0xa0/0x170
[ 2143.536094]  new_inode+0x1d/0xf0
[ 2143.536103]  debugfs_get_inode+0x1a/0x130
[ 2143.536113]  __debugfs_create_file+0x93/0x440
[ 2143.536124]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2143.592316]  ldisc_open+0x247/0x860
[ 2143.592328]  ? caifdev_setup+0x3b0/0x3b0
[ 2143.599995]  ? lock_downgrade+0x740/0x740
[ 2143.604133]  ? caifdev_setup+0x3b0/0x3b0
[ 2143.608190]  tty_ldisc_open+0x6c/0xb0
[ 2143.611973]  tty_set_ldisc+0x287/0x5d0
[ 2143.615838]  tty_ioctl+0xa2a/0x1430
[ 2143.619461]  ? tty_fasync+0x2c0/0x2c0
[ 2143.623246]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 2143.628240]  ? _raw_spin_unlock_irq+0x5a/0x80
[ 2143.632729]  ? finish_task_switch+0x178/0x610
[ 2143.637200]  ? finish_task_switch+0x14d/0x610
[ 2143.641678]  ? switch_mm_irqs_off+0x601/0xeb0
[ 2143.646153]  ? __schedule+0x893/0x1de0
[ 2143.650021]  ? retint_kernel+0x2d/0x2d
[ 2143.653885]  ? tty_fasync+0x2c0/0x2c0
[ 2143.657687]  do_vfs_ioctl+0x75a/0xff0
[ 2143.661470]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2143.666202]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2143.670597]  ? retint_kernel+0x2d/0x2d
[ 2143.674477]  ? do_vfs_ioctl+0x2/0xff0
[ 2143.678261]  SyS_ioctl+0x7f/0xb0
[ 2143.681604]  ? do_vfs_ioctl+0xff0/0xff0
[ 2143.685555]  do_syscall_64+0x1d5/0x640
[ 2143.689424]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2143.694588] RIP: 0033:0x7f1c69918049
[ 2143.698282] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2143.705965] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2143.713238] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
18:29:57 executing program 4:
ioctl$TIOCSISO7816(0xffffffffffffffff, 0xc0285443, &(0x7f0000000000)={0x100, 0x7, 0xff, 0x1, 0x7f})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000040)={@any, 0x1000})
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x1411, 0x100, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x851)
syz_open_pts(r1, 0x34e00)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

[ 2143.720581] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2143.727825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2143.735072] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:57 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
bind$bt_sco(r1, &(0x7f0000000080), 0x8)
ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000000))

18:29:57 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r2 = epoll_create1(0x0)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000080)="1b") (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0) (async)
ioctl$TIOCSRS485(r4, 0x542f, &(0x7f0000000100)={0x1, 0x6}) (async)
r5 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x0) (async)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f00000000c0)={0x5, 0x3, 0x800})
ioctl$TIOCGWINSZ(r5, 0x5413, &(0x7f0000000000))

18:29:57 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
bind$bt_sco(r1, &(0x7f0000000100)={0x1f, @none}, 0x8) (async)
r2 = timerfd_create(0x5, 0xc00)
timerfd_gettime(r2, &(0x7f0000000140)) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
timerfd_gettime(0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x140e, 0x1, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x20008040)

18:29:57 executing program 4:
ioctl$TIOCSISO7816(0xffffffffffffffff, 0xc0285443, &(0x7f0000000000)={0x100, 0x7, 0xff, 0x1, 0x7f})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000040)={@any, 0x1000})
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x1411, 0x100, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x851)
syz_open_pts(r1, 0x34e00)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
ioctl$TIOCSISO7816(0xffffffffffffffff, 0xc0285443, &(0x7f0000000000)={0x100, 0x7, 0xff, 0x1, 0x7f}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000040)={@any, 0x1000}) (async)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x1411, 0x100, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x851) (async)
syz_open_pts(r1, 0x34e00) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:29:57 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 12)

18:29:57 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000080)="1b")
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCSRS485(r4, 0x542f, &(0x7f0000000100)={0x1, 0x6})
r5 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x0)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f00000000c0)={0x5, 0x3, 0x800})
ioctl$TIOCGWINSZ(r5, 0x5413, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000080)="1b") (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
ioctl$TIOCSRS485(r4, 0x542f, &(0x7f0000000100)={0x1, 0x6}) (async)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x0) (async)
syz_open_dev$ptys(0xc, 0x3, 0x1) (async)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f00000000c0)={0x5, 0x3, 0x800}) (async)
ioctl$TIOCGWINSZ(r5, 0x5413, &(0x7f0000000000)) (async)

[ 2144.189361] FAULT_INJECTION: forcing a failure.
[ 2144.189361] name failslab, interval 1, probability 0, space 0, times 0
[ 2144.200798] CPU: 1 PID: 22410 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2144.200805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2144.200808] Call Trace:
18:29:57 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r1, 0xc040564b, &(0x7f0000000040)={0x1, 0x0, 0x2009, 0x1d, 0x4721, {0x3, 0x4}})

18:29:57 executing program 4:
ioctl$TIOCSISO7816(0xffffffffffffffff, 0xc0285443, &(0x7f0000000000)={0x100, 0x7, 0xff, 0x1, 0x7f})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000040)={@any, 0x1000})
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x1411, 0x100, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x851)
syz_open_pts(r1, 0x34e00) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:29:57 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1412, 0x800, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x80)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

[ 2144.200822]  dump_stack+0x1b2/0x281
[ 2144.200840]  should_fail.cold+0x10a/0x149
[ 2144.200854]  should_failslab+0xd6/0x130
[ 2144.200867]  kmem_cache_alloc+0x28e/0x3c0
[ 2144.200881]  alloc_inode+0xa0/0x170
[ 2144.200892]  new_inode+0x1d/0xf0
[ 2144.200902]  debugfs_get_inode+0x1a/0x130
[ 2144.200913]  __debugfs_create_file+0x93/0x440
18:29:57 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r1, 0xc040564b, &(0x7f0000000040)={0x1, 0x0, 0x2009, 0x1d, 0x4721, {0x3, 0x4}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r0, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)) (async)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) (async)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r1, 0xc040564b, &(0x7f0000000040)={0x1, 0x0, 0x2009, 0x1d, 0x4721, {0x3, 0x4}}) (async)

[ 2144.200922]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2144.200934]  debugfs_create_x32+0x4b/0x80
[ 2144.200946]  ldisc_open+0x281/0x860
[ 2144.200957]  ? caifdev_setup+0x3b0/0x3b0
18:29:57 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

18:29:57 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r1, 0xc040564b, &(0x7f0000000040)={0x1, 0x0, 0x2009, 0x1d, 0x4721, {0x3, 0x4}})

[ 2144.200971]  ? lock_downgrade+0x740/0x740
[ 2144.200981]  ? caifdev_setup+0x3b0/0x3b0
[ 2144.200993]  tty_ldisc_open+0x6c/0xb0
[ 2144.201003]  tty_set_ldisc+0x287/0x5d0
[ 2144.201015]  tty_ioctl+0xa2a/0x1430
[ 2144.201025]  ? tty_fasync+0x2c0/0x2c0
[ 2144.201036]  ? proc_fail_nth_write+0x7b/0x180
[ 2144.201046]  ? trace_hardirqs_on+0x10/0x10
[ 2144.201060]  ? fsnotify+0x974/0x11b0
[ 2144.201070]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2144.201079]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2144.201089]  ? SyS_write+0x1b7/0x210
[ 2144.201101]  ? tty_fasync+0x2c0/0x2c0
[ 2144.201111]  do_vfs_ioctl+0x75a/0xff0
[ 2144.201120]  ? lock_acquire+0x170/0x3f0
[ 2144.201130]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2144.201143]  ? __fget+0x265/0x3e0
[ 2144.201154]  ? do_vfs_ioctl+0xff0/0xff0
[ 2144.201165]  ? security_file_ioctl+0x83/0xb0
[ 2144.201176]  SyS_ioctl+0x7f/0xb0
[ 2144.201183]  ? do_vfs_ioctl+0xff0/0xff0
[ 2144.201195]  do_syscall_64+0x1d5/0x640
[ 2144.201210]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2144.201218] RIP: 0033:0x7f1c69918049
[ 2144.201223] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2144.201233] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2144.201239] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2144.201244] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2144.201250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2144.201255] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:58 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
bind$bt_sco(r1, &(0x7f0000000080), 0x8)
ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000000))

18:29:58 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

18:29:58 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
epoll_create1(0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa})
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x6, &(0x7f0000000040)=0x7fff, 0x4)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:58 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGWINSZ(r2, 0x5413, &(0x7f0000000000))

18:29:58 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 13)

18:29:58 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
epoll_create1(0x0) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r1, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa})
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x6, &(0x7f0000000040)=0x7fff, 0x4)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:58 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGWINSZ(r2, 0x5413, &(0x7f0000000000))

18:29:58 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)

[ 2145.042927] FAULT_INJECTION: forcing a failure.
[ 2145.042927] name failslab, interval 1, probability 0, space 0, times 0
[ 2145.059532] CPU: 0 PID: 22476 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2145.067426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2145.076774] Call Trace:
[ 2145.079348]  dump_stack+0x1b2/0x281
[ 2145.082960]  should_fail.cold+0x10a/0x149
[ 2145.087091]  should_failslab+0xd6/0x130
[ 2145.091058]  kmem_cache_alloc+0x28e/0x3c0
[ 2145.095190]  __d_alloc+0x2a/0xa20
[ 2145.098622]  ? d_lookup+0x172/0x220
[ 2145.102229]  d_alloc+0x46/0x240
[ 2145.105489]  __lookup_hash+0x101/0x270
[ 2145.109353]  ? __inode_permission+0xcd/0x2f0
[ 2145.113740]  lookup_one_len+0x279/0x3a0
[ 2145.117695]  ? lookup_one_len_unlocked+0x410/0x410
[ 2145.122606]  start_creating+0xb0/0x200
[ 2145.126474]  __debugfs_create_file+0x4f/0x440
[ 2145.130946]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2145.135942]  debugfs_create_x8+0x4b/0x80
[ 2145.139986]  ldisc_open+0x2bb/0x860
18:29:58 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1412, 0x800, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x80) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

18:29:58 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGWINSZ(r2, 0x5413, &(0x7f0000000000))

18:29:58 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f0000000040)=0x79)

18:29:58 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async, rerun: 32)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f0000000040)=0x79) (rerun: 32)

[ 2145.143611]  ? caifdev_setup+0x3b0/0x3b0
[ 2145.147675]  ? lock_downgrade+0x740/0x740
[ 2145.151822]  ? caifdev_setup+0x3b0/0x3b0
[ 2145.155884]  tty_ldisc_open+0x6c/0xb0
[ 2145.159696]  tty_set_ldisc+0x287/0x5d0
[ 2145.163585]  tty_ioctl+0xa2a/0x1430
[ 2145.167215]  ? tty_fasync+0x2c0/0x2c0
[ 2145.171025]  ? proc_fail_nth_write+0x7b/0x180
[ 2145.175518]  ? trace_hardirqs_on+0x10/0x10
[ 2145.179765]  ? fsnotify+0x974/0x11b0
[ 2145.183476]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2145.188412]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2145.188424]  ? SyS_write+0x1b7/0x210
[ 2145.188438]  ? tty_fasync+0x2c0/0x2c0
[ 2145.188448]  do_vfs_ioctl+0x75a/0xff0
[ 2145.188459]  ? lock_acquire+0x170/0x3f0
[ 2145.188470]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2145.188482]  ? __fget+0x265/0x3e0
[ 2145.188494]  ? do_vfs_ioctl+0xff0/0xff0
[ 2145.188505]  ? security_file_ioctl+0x83/0xb0
[ 2145.188516]  SyS_ioctl+0x7f/0xb0
[ 2145.188524]  ? do_vfs_ioctl+0xff0/0xff0
[ 2145.188536]  do_syscall_64+0x1d5/0x640
[ 2145.188551]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2145.188560] RIP: 0033:0x7f1c69918049
[ 2145.188565] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2145.188576] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2145.188581] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2145.188587] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2145.188592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2145.188598] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:29:59 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
bind$bt_sco(r1, &(0x7f0000000080), 0x8) (async)
ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000000))

18:29:59 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async, rerun: 32)
epoll_create1(0x0) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa}) (async)
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x6, &(0x7f0000000040)=0x7fff, 0x4)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:29:59 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f0000000040)=0x79)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r0, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r1, 0x1, 0x42, 0x0, &(0x7f0000000040)=0x79) (async)

18:29:59 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0xfffe, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:59 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 14)

18:29:59 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0xfffe, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:29:59 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x2000)
connect$bt_sco(r1, &(0x7f0000000040)={0x1f, @none}, 0x8)

[ 2145.895702] FAULT_INJECTION: forcing a failure.
[ 2145.895702] name failslab, interval 1, probability 0, space 0, times 0
[ 2145.918542] CPU: 1 PID: 22521 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2145.926471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2145.935823] Call Trace:
[ 2145.938413]  dump_stack+0x1b2/0x281
[ 2145.942085]  should_fail.cold+0x10a/0x149
[ 2145.946244]  should_failslab+0xd6/0x130
[ 2145.950240]  kmem_cache_alloc+0x28e/0x3c0
[ 2145.950252]  alloc_inode+0xa0/0x170
[ 2145.950262]  new_inode+0x1d/0xf0
[ 2145.961375]  debugfs_get_inode+0x1a/0x130
[ 2145.961386]  __debugfs_create_file+0x93/0x440
18:29:59 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f0000000240))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={0xfffffffffffffffc}, 0x1, 0x0, 0x0, 0x20000084}, 0x800)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000200)={0x80000000, &(0x7f0000000140), &(0x7f0000000180)})

18:29:59 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x2000)
connect$bt_sco(r1, &(0x7f0000000040)={0x1f, @none}, 0x8)

18:29:59 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000000)={0x3, "51864d09ac96c6140166a0a7895ce4825182199cfcd2064d7fd56d664fe1d200", 0x1})
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f00000001c0))

[ 2145.961396]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2145.961408]  debugfs_create_x8+0x4b/0x80
[ 2145.961421]  ldisc_open+0x2bb/0x860
[ 2145.961432]  ? caifdev_setup+0x3b0/0x3b0
18:29:59 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f0000000240))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={0xfffffffffffffffc}, 0x1, 0x0, 0x0, 0x20000084}, 0x800)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000200)={0x80000000, &(0x7f0000000140), &(0x7f0000000180)})

[ 2145.961446]  ? lock_downgrade+0x740/0x740
[ 2145.961456]  ? caifdev_setup+0x3b0/0x3b0
[ 2145.961468]  tty_ldisc_open+0x6c/0xb0
18:29:59 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x2000)
connect$bt_sco(r1, &(0x7f0000000040)={0x1f, @none}, 0x8)

[ 2145.961478]  tty_set_ldisc+0x287/0x5d0
[ 2145.961490]  tty_ioctl+0xa2a/0x1430
[ 2145.961501]  ? tty_fasync+0x2c0/0x2c0
[ 2145.961512]  ? proc_fail_nth_write+0x7b/0x180
[ 2145.961522]  ? trace_hardirqs_on+0x10/0x10
[ 2145.961537]  ? fsnotify+0x974/0x11b0
[ 2145.961546]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2145.961555]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2145.961565]  ? SyS_write+0x1b7/0x210
[ 2145.961576]  ? tty_fasync+0x2c0/0x2c0
[ 2145.961586]  do_vfs_ioctl+0x75a/0xff0
[ 2145.961596]  ? lock_acquire+0x170/0x3f0
[ 2145.961607]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2145.961618]  ? __fget+0x265/0x3e0
[ 2145.961629]  ? do_vfs_ioctl+0xff0/0xff0
[ 2145.961640]  ? security_file_ioctl+0x83/0xb0
[ 2145.961651]  SyS_ioctl+0x7f/0xb0
[ 2145.961658]  ? do_vfs_ioctl+0xff0/0xff0
[ 2145.961669]  do_syscall_64+0x1d5/0x640
[ 2145.961685]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2145.961693] RIP: 0033:0x7f1c69918049
[ 2145.961699] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2145.961719] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2145.961725] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2145.961730] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2145.961736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2145.961741] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:00 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000100)={0x0, @reserved})

18:30:00 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan3\x00', <r1=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x21, 0x7fffffff}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048040}, 0x8004)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000040)={0x4, 0x2, 0x7})
getsockopt$sock_timeval(r2, 0x1, 0x1, 0x0, &(0x7f0000000000))

18:30:00 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f0000000240))
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={0xfffffffffffffffc}, 0x1, 0x0, 0x0, 0x20000084}, 0x800)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000200)={0x80000000, &(0x7f0000000140), &(0x7f0000000180)})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f0000000240)) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={0xfffffffffffffffc}, 0x1, 0x0, 0x0, 0x20000084}, 0x800) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000200)={0x80000000, &(0x7f0000000140), &(0x7f0000000180)}) (async)

18:30:00 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async, rerun: 32)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 32)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000000)={0x3, "51864d09ac96c6140166a0a7895ce4825182199cfcd2064d7fd56d664fe1d200", 0x1}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f00000001c0))

18:30:00 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0xfffe, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:30:00 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 15)

18:30:00 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan3\x00', <r1=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x21, 0x7fffffff}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048040}, 0x8004) (async, rerun: 64)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000040)={0x4, 0x2, 0x7})
getsockopt$sock_timeval(r2, 0x1, 0x1, 0x0, &(0x7f0000000000))

18:30:00 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000100)={0x0, @reserved})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000100)={0x0, @reserved}) (async)

18:30:00 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:30:00 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000000)={0x3, "51864d09ac96c6140166a0a7895ce4825182199cfcd2064d7fd56d664fe1d200", 0x1})
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000000)={0x3, "51864d09ac96c6140166a0a7895ce4825182199cfcd2064d7fd56d664fe1d200", 0x1}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f00000001c0)) (async)

18:30:00 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000100)={0x0, @reserved})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000100)={0x0, @reserved}) (async)

18:30:00 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0xfffffffffffffe11, r1, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x0, 0x2, 'veth1_to_bridge\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000100)={r0, r0, 0x5, 0x1000, &(0x7f0000000940)="8571b8b16cef52a873ee737504c95e0ad9bbe6d501229b86bbce433ea8d9755321ce91cbded6c780416a39d0f0ed96da4ebf80edeb43688131eab8028d44f91d47bcc5d19eb6e64876566dbc2f236f6a47a01b54831297c3661c188c9c2b6980ba325e65f061cc2be02affb1d04030868a4c747175fd3b561cbbe7bc5ac18432f2ef3666481e5965177dbfacfd099255f888f19eabbf16918dc586d1b064a46527d5f8b0d8469c7799534d99b7ba76c7aba935cfe955706068f93597e300dd4017a1d7e81b8b47567edea7b2f16101c79ab1e83c35e31936d3b7996cfac2c11bc99cca90d5f4225d8336181eb7bb49132f34bd7eef213b6a8d1ea08f48990374dba1594135f5b476dbeb0b987dc56b0f1d1cf3dc46f51cd58164e10395a240e1c42fcb87fe27372b9f2f599f437b1e05d69ec8763e6ce04ea6b539ee9a46c1f8dddf3ccaf3337e674833d6cdb635da187d79cd7d02274e3110516ad3fee12499a6da96223771f89130a1da74c2fa95ca139036552533c627581c6196c463780e90897e1a86618652d90e863481a38126a285119a071984e00803c67316a5d23a6cc9fbb858a572ec2ba3f582f06d8a1110a121ca595ed72ff74e3f7cd37898f7a2b7c1463e218515af588bae223263c80eb2cedd1e81555aa96f47ba782fee9f9fbd4cbef28eb4656581dd79159b702e8818bc84796b5ce6a17771991353cad18103310ae22606e65d11d40fd544e15b259b1c16ea76935987be192dff0feeabbaa3c2fee88da42f16d0ea04e13f6963a922462535d50a8ba5dbb6fc9ad554d9a4700e98882ebb69c87258d8220056296313dea135bc79d49b1d89c3b8e456608a362b3a6c54cfc12083c66f9c5cecfd558caf9845d2f7b36074df834e384eb799a45c142bedb3089292ed51835a3dc7cd1076695eefe3b83d921013797ac1c9e26857b051ed62fb3675c0f597860f1ada881d7fcbef69d808432f91ae59ed45436e06112c258ab75af7ff10bd03fe2243162836447978a2d19614e66fa66556b8451817fc77e66dd8691c44c40b84e628915cf77e0920422aec538eddba01970480c994ca16e3f539ef1129548a1b767bb6d31a5f53876fe092a9b710b385f9fcfc8338a131cd12372f710b8f01d6895ca3e0f8e102c378e6af3de5c6a35a32ff73b31c1958338dc1bef96eb7e4e9830d62eefdbac49948886902a072267431cbbc551397ea3255c0a6b5068823f4737c7e12722f8929512501865b11dd3eb12d2014adc07cfe97e2b91322fe6c3d2555611a9b810b3c59becc81879845531ba70adb699ddc562beb135fc74954933f43b0e559d79f1f724ca149bed7bb1fb5f471aa54f0c3809a7ae3b8f28c442400d67ac42c44f24de3d4bb8dc37335128eabc231af97cbcb52b057cb968af1cc08dcc9e020318058ef719edd32e99646f1af2449b49df0f54ce5206f43fb68cb1138254b23f3a246da43786be4a1ec82be2d3cfd113ce56836c76c40cbea737b94abcbdaa2b9f78c76817feae93a7da17647a962d387966729f9c429538037d2e34bbbf82d87763ed50533570dc182b66a873f6cd124c1aaf75a5c79d8e5538199cde7d2408a2a43ba13dad4b51677cfaf163f7cfaffd4b840211006689b7b40e7d373464a83ca08a37299b6adf85245e19563faa3ca3c7504cc16a4a487ee6eb62f85ac112617b1f14874d717ab9fb41e756eea52aea6603ff51211e61bc3b97542a40af026e877e10e5a66062adafbbda5338ef01af8fbdf75c10d111eb0fcdf9f212b909e7a8308e4c16b44114bbaaf703379310d937c8e65319474b8f9b12179cca314a407c9fe9015b21e9ce9ae0f803f3777497e59a0d2438828e8a00fc5d45673428ab5873accdc52b0714fca34d9c4e3d61a9f6564e09dc3aef5bf63c907a3a1e0dca7d891164c52070d81ced7641450c3446a6c77c4165cab98ddf831215a5acc24ab308b8a0313898b6a4d7e96511f7471573c7bea84e563b6ed002c53f6375dfcc34c9fef5ff5cd0bf6ae405b868f60a2b758ca626c076e91e1d553448461b4676385fd6ecfb616cafc203973859843fb596c7298fe7b603ba012309c88e019dbd7f886417b6e23c35974e6965752ca6c25805a9a227c647368ff511ebfce10fc5652b9abf749a65671cca4ea7b8bc86df5a66e1c4488b498a58bfe60558c50d02d05c830aef06b2fd8aea693242194d824a244e149083e62c0ea8489446b7c6a96612d5c5f06fb5efb2fbb8706050a0d560738929772dda13e57a6fdb9e41457728fd603bdd0ad453bb012ee51583fd1d1f4beb286904d6fd89207fcb03744658a45b0f030fbfe981a9b256d1e6c96b18de1f7f8cbcffdfd07fef84a71f3d86bfecebefad46e1fe0586347d5b5c9bef464ed466418b27604ddd9fafc53b416d7e18d5dfdb97ac8f0474b5d93b0558675125adf59e7a79c6a4c95ee2145c5226d3e13804c6cb392d70b5028701882e0ee94171a9647e40a9f04414859dda1d69475c8f3f351cf75b7b84a94b51863984c715b1fcf509bd195c528fc29968cb1e01ee7eee3f35c34544cc3006c4aa83bf7306cfbdb42950c2fe84ef14a9d14477d5005b09e484f33185d7d8fb7183485746576d7ef697125ac5bdacfddb396a485905fecf9fedb84295ceec8d976eaf2a8d300f408973189a7f65c2ade9265fc469bcf84d464a42c371ee71346332780c2be2a17f37859e39ea7e0707be060f64c39c8aed34b7b414dc73bd8bd2d480d78d063ae5cbe8263df43226beb7796a666ccf60493b620bff7d3b43e0f4d16f881435851735a6512a6e8786cb7ed7c7a31a69ee4e36d703306b7ca2c3f40b9377aaab9fe0431cf6a7fd837a31fa7767fa43a3407798b14ef004d459dcfe83e448dec3f2a60fabf61568d0c8e1916cdcafcd16ec9ee866765cdb6ff9b81c1d9870a4c917fed5e5498d5667c5f884d648312efb7ad774a655966a4cfe4499d67816dfeaaa0d21badc39b18ae9c4f862830dbc71f22ce3810c89779ffc44a687c03992bff7b3182b37329b45a4e1d66c7bb1fae9c31a3f8036161569cef4e00263e21e8dfb1cddca306ed22a27057b2b0921723eb8677fa74b7decd62687681eb6e4d54715a4646281c7fa56d3991a1429f7f07a7666b2c6bc89e8f5610bc43b668775a8ba88a230490978adbb1ee46917c82c6f449826e58fd2d410ee68b23842e08139e96afb26a6e3b05b0149d331925354869b3d27351b0c3e3200d59e9666ae4918098202b0219cdda4842f083ff15251b4a3ce4dbc3afa8a2ea9f3e6f9c43dd57b1c8b19623d1b163a420e146e447c51eccddeca1f12ba3258fec780b2d52182a094df55b54045ea8ed28c2ea73fcf635f19ef1a290647be5ad63b5b21f74a236e6ee72690aa58ebf75285ad61a5c22801ae36f8db707c0ecb5c799c5a1bfec8ba977733805334ab047e78c6347a48e27997ef91d0fbc646ab15a888c3724f78efadaf0e9202112b99d3f1b0d2571feac416b5822ca51796e6d47b07c94ea7380fcaffe9db513befbba35a22240fc0447df5f0d2f4f3bae7f9d22e516c7533aacdee7c2db52f6a40db189c6ec1ad067d1c272e22bf3b83576dd6d42e54092f699f7c57255d631f3e54f0c84ef8fcd37da96144e40eafaec8218578f077c80597e6dbd974aed6a98210fa18dbbe9cee97b3b943522c929897c8fe3619b7e5ff27f1cd10fbc0c7004dbc8af94ee8bd28d4c3282d90a4a5552a345bc11002f01e936605299b103e6f18873c67a827d1b461000d575dacfd75b8d5bf6ea345d25a9b3000842c3268c6e3d4c3d15fd49b4aea33920c1d9916bd719949085f4e4b4a239c76c99a6e0abd4120701e0b0bd13ec16b0c91300b1b79a127ee7a89810bf9cfe2872ee0b96f306d3bc8aae7737b3980fb1a0a801fe17695bea0835c96061e5e4f8ac3cb1353c5d51eff5d495a8df77263355e2369231c40775280ab25a6725d82c08b80a48735da2b06f0f8485c09a9dff62f1de1d75c04af50b4f3a580728c283203752d18285c833069e2183fe464dc7ef2bef471baba6079ac511e9f2e28712eb46a090042f39912d167bc0b4a75b33ef44616ccf5424e82298fb586f630ee552aedb23182f9ae635401015551c3373452d5c60ac89dc27b23517c55b72f7d8b16b98ac803b00ae3c3dcf7b23437691eca933efc9b1fd2ac449435062dfb8f02e7c16deef13c542567bf8f0dbea93d7b90f290b5c908176bcb4ff255f4ad30523321da63f770f3ad9bdc2f5333fb7e19800a51356e0bb9b56505036233f428625d8ad3448c7b143776b7d6def887e62f2c94c6d99a70fab78820bba9f6d7201233e0257a5ea61479135302359146644852b825cc1e1caea60eba36ff840964cfd00a7f1dc707a7f982e90375c4e0722904f878e7f0122ea191c6675beab253589ca7ee6ec285d30ce87dfe251c3a4f9f4163958c57b0da7d312570db74d9e21a5441b9260b5a3306d1127c88f4af922349398d5109a47f2753dbc916ed489f00a8f1ac6f9cd987eb46e1fe6afd7ae8b0dd435c235fdcbe310d8bb2e6ea26047a0a8b6a4f3a57aacbeb3d515deae123bca38c76b309358815357abfad9114be5706a1210fde40447f13e321b6b6f4aa87bfd01f501cdd205250d1ae89ee640bf235c263181932df8b0539a05e5c6786248fe6a190c625c41c86c50320f2850ebfb99aaf742acae108c293f1fa6b61e3b1423f0b9f2b76948ef2946efc0583cd83290c27662959e5598d822560707f236f5fffebf5a375b83b4618ff11c4047b35e4285c3ecd0f118beaec545ece4de7a18c05dafaaf49d853b80e147072aefadb2ff5facb5682b7cb6589817a7544c011383619053aaaaaf80a86a2ef151cd1a5a86641b5ad8ce4e9096c1bbd7bc9c791cf9d73672a0d53343c65811c836e999d1ae6439f16f8ef8fa8b996fd5c9d64f8b021485f8188e9d44ba0b4579ed9465e9a55cdf9acb798ec2646c00160c849112cdcbbf9ad90cb67d08048d8d6348fc1414aa8230017b0f42f4893d2b14782c69564befe37ebdf242f3a4fce49db7a7de5fdc5a2dd1a4b3bdc15d2b1da3ff09fa25a50688c4236bc48c4f9e697abc416e32c92f3001f24206b21e792f7739d4d8d7a418571d30f4a6e80e4696498e180fa23347860b7bd3ee32cf7e799ba23a7daaaf1f6bfb7c699aca6964b35fe501b91a18029a0c3b2fbb6ba33b5b6d6e74d8355b208e80528c675ac790583ea14a01ba743e01ce2943dd10dfc67df8735e6ae115e41c7dc3e76bf60b7f66fcf225439adfc35ed0d0a3ba23a8a9d56c30deb00b062ab5ff17620b529950bc74eb7b94a694743b9b49fbae6c839b8f720fc8f9827b6d79e2bdefcc7ff5dbd4a0fd8e202d94c48d3257c0249cefb3643bee56d049d6df80fbe58ce7fd23f7e08c5c19d41ffa3f945e2b7ca5170883abf7d981e0a5ca0ded8553f80a68bb363c68896f740d35a2eb8c0b14a9f6a7bb0eb322373f6f27cbfc03061850209abd606f375d30fe0925ac8516e14840edf40c0eacd71679bc3faae34d433f3e64dea6ca879ed328a2f2cb1a0c0993d9e9101bd19afa24aad40aba03552a58025a63939746a1059aabbdb52cd5ea648ab1cf984b7596490079cf755c51dea56c02fc06c4acd2a0efa502b40e968296303bf86444770ae6a04a8ab7fc560b249c6bb0d3c519e2dd0fb8bc92e17bcebaa36a41a40976fefff637e81fe64bcaa3189a74ec5c8d694f5e9dd64648314e858d3acd9870191a88f764076562669b87", 0x0, 0x9, 0x7, 0xd3c9, 0x9, 0x4, 0x800, 'syz1\x00'})
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000))
connect$bt_sco(r2, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
socketpair(0x1d, 0x80000, 0xfffffff7, &(0x7f0000000080))

18:30:00 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:30:00 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan3\x00', <r1=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x21, 0x7fffffff}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048040}, 0x8004)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000040)={0x4, 0x2, 0x7}) (async)
getsockopt$sock_timeval(r2, 0x1, 0x1, 0x0, &(0x7f0000000000))

[ 2146.871180] FAULT_INJECTION: forcing a failure.
[ 2146.871180] name failslab, interval 1, probability 0, space 0, times 0
[ 2146.914344] CPU: 1 PID: 22610 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2146.922255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2146.922259] Call Trace:
[ 2146.922275]  dump_stack+0x1b2/0x281
[ 2146.922290]  should_fail.cold+0x10a/0x149
[ 2146.922304]  should_failslab+0xd6/0x130
[ 2146.922316]  kmem_cache_alloc+0x28e/0x3c0
[ 2146.922328]  __d_alloc+0x2a/0xa20
[ 2146.922337]  ? d_lookup+0x172/0x220
[ 2146.922348]  d_alloc+0x46/0x240
[ 2146.922360]  __lookup_hash+0x101/0x270
[ 2146.922368]  ? __inode_permission+0xcd/0x2f0
[ 2146.922379]  lookup_one_len+0x279/0x3a0
[ 2146.922390]  ? lookup_one_len_unlocked+0x410/0x410
[ 2146.922404]  start_creating+0xb0/0x200
[ 2146.922414]  __debugfs_create_file+0x4f/0x440
[ 2146.922423]  ? debugfs_create_file_unsafe+0x37/0x60
[ 2146.922434]  debugfs_create_x8+0x4b/0x80
[ 2146.922445]  ldisc_open+0x2bb/0x860
[ 2146.922455]  ? caifdev_setup+0x3b0/0x3b0
[ 2146.922469]  ? lock_downgrade+0x740/0x740
[ 2146.922478]  ? caifdev_setup+0x3b0/0x3b0
[ 2146.922489]  tty_ldisc_open+0x6c/0xb0
[ 2146.922499]  tty_set_ldisc+0x287/0x5d0
[ 2146.922510]  tty_ioctl+0xa2a/0x1430
[ 2146.922524]  ? tty_fasync+0x2c0/0x2c0
[ 2146.922538]  ? proc_fail_nth_write+0x7b/0x180
[ 2146.922548]  ? trace_hardirqs_on+0x10/0x10
[ 2146.922562]  ? fsnotify+0x974/0x11b0
[ 2146.922570]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2146.922579]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2146.922589]  ? SyS_write+0x1b7/0x210
[ 2146.922600]  ? tty_fasync+0x2c0/0x2c0
[ 2146.922610]  do_vfs_ioctl+0x75a/0xff0
[ 2146.922620]  ? lock_acquire+0x170/0x3f0
[ 2146.922630]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2146.922642]  ? __fget+0x265/0x3e0
[ 2146.922661]  ? do_vfs_ioctl+0xff0/0xff0
[ 2146.922673]  ? security_file_ioctl+0x83/0xb0
[ 2146.922685]  SyS_ioctl+0x7f/0xb0
[ 2146.922693]  ? do_vfs_ioctl+0xff0/0xff0
[ 2146.922705]  do_syscall_64+0x1d5/0x640
[ 2146.922722]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2146.922730] RIP: 0033:0x7f1c69918049
[ 2146.922735] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2146.922746] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2146.922751] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2146.922757] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2146.922762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2146.922768] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:01 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000100)={0x29b554ee, 0x4, 0x4, 0x10, 0x7, {}, {0x2, 0x1, 0x3, 0x5, 0x80, 0x4, "bc8c7e99"}, 0x293d, 0x4, {}, 0xfffff801})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:01 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x58, 0x1404, 0x8, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
r1 = socket(0x1e, 0x6, 0xfffffda1)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0000fddbdf2502000080a7ff5df5fb02a3dd181fac9b7a15653a924bb64ea95a86dff6290deefb2ec1ce89935cee1d8e018dd0f7aaba2c35cfc2461afdde5a9c782c1cb00387e34de5cd8bb9924c160a86ce7ed0464927faffffff424f61180c82333d480964a671f2e8007cacc1f490f57c0dda8f55bd577063bad1bef5c8eac698359d908e1a20e121a2949481be46e129476a7a2ab8530cf813b2a888124ddc1e8de4c54dda3052dc6a5c0c183884a76e2d4b258c6fb71a1b66a7c886888b36b7da4815a10d9baa991b8b0ee781f9e843d73b6062f5c678ef3ca642d3f37501fecb0381935bf3d0450110ade70aa45403fdce6a5dd4cad3ec11c847291079f12fb9c97d7f4db043cf81e6e10bcf49d2ca229b0f285e6672cc5fa1c3aa62d59342a0898964b72f4cf0830f832fcb518fc5374adb72a4818669342912c17dd28f6b3a2e557b9a10fd6669fe0f000000261e15eca07a879341a79c9094c41ebfa27f8ea105b8651b09d6a189fc4da2d62e5e0ce2f9242123b51ce9fb28634919cf75cfde0100000000000000d29b03e635e5f3000000"], 0x14}, 0x1, 0x0, 0x0, 0x190}, 0x40811)

18:30:01 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1, 0x81, 0x8, 0x7a4, "7c30ca6b8664c8df6bf8a664fc59bea3e63a58046b136a0a10bd9f565a781ce4860c18152be33ec5d43387757c875f82e09f0ed9a94ebf7d89e1a308f369475bf42c2735e1f54df895a37bc6158b8604bf0aa580ce863142e509e1c3d4e0d82f6e6857e8a9fa422a364d55cad1331aa3a4762bd11d29c67b05df34c7036bf1c3"})

18:30:01 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0xfffffffffffffe11, r1, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x0, 0x2, 'veth1_to_bridge\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000) (async, rerun: 64)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000100)={r0, r0, 0x5, 0x1000, &(0x7f0000000940)="8571b8b16cef52a873ee737504c95e0ad9bbe6d501229b86bbce433ea8d9755321ce91cbded6c780416a39d0f0ed96da4ebf80edeb43688131eab8028d44f91d47bcc5d19eb6e64876566dbc2f236f6a47a01b54831297c3661c188c9c2b6980ba325e65f061cc2be02affb1d04030868a4c747175fd3b561cbbe7bc5ac18432f2ef3666481e5965177dbfacfd099255f888f19eabbf16918dc586d1b064a46527d5f8b0d8469c7799534d99b7ba76c7aba935cfe955706068f93597e300dd4017a1d7e81b8b47567edea7b2f16101c79ab1e83c35e31936d3b7996cfac2c11bc99cca90d5f4225d8336181eb7bb49132f34bd7eef213b6a8d1ea08f48990374dba1594135f5b476dbeb0b987dc56b0f1d1cf3dc46f51cd58164e10395a240e1c42fcb87fe27372b9f2f599f437b1e05d69ec8763e6ce04ea6b539ee9a46c1f8dddf3ccaf3337e674833d6cdb635da187d79cd7d02274e3110516ad3fee12499a6da96223771f89130a1da74c2fa95ca139036552533c627581c6196c463780e90897e1a86618652d90e863481a38126a285119a071984e00803c67316a5d23a6cc9fbb858a572ec2ba3f582f06d8a1110a121ca595ed72ff74e3f7cd37898f7a2b7c1463e218515af588bae223263c80eb2cedd1e81555aa96f47ba782fee9f9fbd4cbef28eb4656581dd79159b702e8818bc84796b5ce6a17771991353cad18103310ae22606e65d11d40fd544e15b259b1c16ea76935987be192dff0feeabbaa3c2fee88da42f16d0ea04e13f6963a922462535d50a8ba5dbb6fc9ad554d9a4700e98882ebb69c87258d8220056296313dea135bc79d49b1d89c3b8e456608a362b3a6c54cfc12083c66f9c5cecfd558caf9845d2f7b36074df834e384eb799a45c142bedb3089292ed51835a3dc7cd1076695eefe3b83d921013797ac1c9e26857b051ed62fb3675c0f597860f1ada881d7fcbef69d808432f91ae59ed45436e06112c258ab75af7ff10bd03fe2243162836447978a2d19614e66fa66556b8451817fc77e66dd8691c44c40b84e628915cf77e0920422aec538eddba01970480c994ca16e3f539ef1129548a1b767bb6d31a5f53876fe092a9b710b385f9fcfc8338a131cd12372f710b8f01d6895ca3e0f8e102c378e6af3de5c6a35a32ff73b31c1958338dc1bef96eb7e4e9830d62eefdbac49948886902a072267431cbbc551397ea3255c0a6b5068823f4737c7e12722f8929512501865b11dd3eb12d2014adc07cfe97e2b91322fe6c3d2555611a9b810b3c59becc81879845531ba70adb699ddc562beb135fc74954933f43b0e559d79f1f724ca149bed7bb1fb5f471aa54f0c3809a7ae3b8f28c442400d67ac42c44f24de3d4bb8dc37335128eabc231af97cbcb52b057cb968af1cc08dcc9e020318058ef719edd32e99646f1af2449b49df0f54ce5206f43fb68cb1138254b23f3a246da43786be4a1ec82be2d3cfd113ce56836c76c40cbea737b94abcbdaa2b9f78c76817feae93a7da17647a962d387966729f9c429538037d2e34bbbf82d87763ed50533570dc182b66a873f6cd124c1aaf75a5c79d8e5538199cde7d2408a2a43ba13dad4b51677cfaf163f7cfaffd4b840211006689b7b40e7d373464a83ca08a37299b6adf85245e19563faa3ca3c7504cc16a4a487ee6eb62f85ac112617b1f14874d717ab9fb41e756eea52aea6603ff51211e61bc3b97542a40af026e877e10e5a66062adafbbda5338ef01af8fbdf75c10d111eb0fcdf9f212b909e7a8308e4c16b44114bbaaf703379310d937c8e65319474b8f9b12179cca314a407c9fe9015b21e9ce9ae0f803f3777497e59a0d2438828e8a00fc5d45673428ab5873accdc52b0714fca34d9c4e3d61a9f6564e09dc3aef5bf63c907a3a1e0dca7d891164c52070d81ced7641450c3446a6c77c4165cab98ddf831215a5acc24ab308b8a0313898b6a4d7e96511f7471573c7bea84e563b6ed002c53f6375dfcc34c9fef5ff5cd0bf6ae405b868f60a2b758ca626c076e91e1d553448461b4676385fd6ecfb616cafc203973859843fb596c7298fe7b603ba012309c88e019dbd7f886417b6e23c35974e6965752ca6c25805a9a227c647368ff511ebfce10fc5652b9abf749a65671cca4ea7b8bc86df5a66e1c4488b498a58bfe60558c50d02d05c830aef06b2fd8aea693242194d824a244e149083e62c0ea8489446b7c6a96612d5c5f06fb5efb2fbb8706050a0d560738929772dda13e57a6fdb9e41457728fd603bdd0ad453bb012ee51583fd1d1f4beb286904d6fd89207fcb03744658a45b0f030fbfe981a9b256d1e6c96b18de1f7f8cbcffdfd07fef84a71f3d86bfecebefad46e1fe0586347d5b5c9bef464ed466418b27604ddd9fafc53b416d7e18d5dfdb97ac8f0474b5d93b0558675125adf59e7a79c6a4c95ee2145c5226d3e13804c6cb392d70b5028701882e0ee94171a9647e40a9f04414859dda1d69475c8f3f351cf75b7b84a94b51863984c715b1fcf509bd195c528fc29968cb1e01ee7eee3f35c34544cc3006c4aa83bf7306cfbdb42950c2fe84ef14a9d14477d5005b09e484f33185d7d8fb7183485746576d7ef697125ac5bdacfddb396a485905fecf9fedb84295ceec8d976eaf2a8d300f408973189a7f65c2ade9265fc469bcf84d464a42c371ee71346332780c2be2a17f37859e39ea7e0707be060f64c39c8aed34b7b414dc73bd8bd2d480d78d063ae5cbe8263df43226beb7796a666ccf60493b620bff7d3b43e0f4d16f881435851735a6512a6e8786cb7ed7c7a31a69ee4e36d703306b7ca2c3f40b9377aaab9fe0431cf6a7fd837a31fa7767fa43a3407798b14ef004d459dcfe83e448dec3f2a60fabf61568d0c8e1916cdcafcd16ec9ee866765cdb6ff9b81c1d9870a4c917fed5e5498d5667c5f884d648312efb7ad774a655966a4cfe4499d67816dfeaaa0d21badc39b18ae9c4f862830dbc71f22ce3810c89779ffc44a687c03992bff7b3182b37329b45a4e1d66c7bb1fae9c31a3f8036161569cef4e00263e21e8dfb1cddca306ed22a27057b2b0921723eb8677fa74b7decd62687681eb6e4d54715a4646281c7fa56d3991a1429f7f07a7666b2c6bc89e8f5610bc43b668775a8ba88a230490978adbb1ee46917c82c6f449826e58fd2d410ee68b23842e08139e96afb26a6e3b05b0149d331925354869b3d27351b0c3e3200d59e9666ae4918098202b0219cdda4842f083ff15251b4a3ce4dbc3afa8a2ea9f3e6f9c43dd57b1c8b19623d1b163a420e146e447c51eccddeca1f12ba3258fec780b2d52182a094df55b54045ea8ed28c2ea73fcf635f19ef1a290647be5ad63b5b21f74a236e6ee72690aa58ebf75285ad61a5c22801ae36f8db707c0ecb5c799c5a1bfec8ba977733805334ab047e78c6347a48e27997ef91d0fbc646ab15a888c3724f78efadaf0e9202112b99d3f1b0d2571feac416b5822ca51796e6d47b07c94ea7380fcaffe9db513befbba35a22240fc0447df5f0d2f4f3bae7f9d22e516c7533aacdee7c2db52f6a40db189c6ec1ad067d1c272e22bf3b83576dd6d42e54092f699f7c57255d631f3e54f0c84ef8fcd37da96144e40eafaec8218578f077c80597e6dbd974aed6a98210fa18dbbe9cee97b3b943522c929897c8fe3619b7e5ff27f1cd10fbc0c7004dbc8af94ee8bd28d4c3282d90a4a5552a345bc11002f01e936605299b103e6f18873c67a827d1b461000d575dacfd75b8d5bf6ea345d25a9b3000842c3268c6e3d4c3d15fd49b4aea33920c1d9916bd719949085f4e4b4a239c76c99a6e0abd4120701e0b0bd13ec16b0c91300b1b79a127ee7a89810bf9cfe2872ee0b96f306d3bc8aae7737b3980fb1a0a801fe17695bea0835c96061e5e4f8ac3cb1353c5d51eff5d495a8df77263355e2369231c40775280ab25a6725d82c08b80a48735da2b06f0f8485c09a9dff62f1de1d75c04af50b4f3a580728c283203752d18285c833069e2183fe464dc7ef2bef471baba6079ac511e9f2e28712eb46a090042f39912d167bc0b4a75b33ef44616ccf5424e82298fb586f630ee552aedb23182f9ae635401015551c3373452d5c60ac89dc27b23517c55b72f7d8b16b98ac803b00ae3c3dcf7b23437691eca933efc9b1fd2ac449435062dfb8f02e7c16deef13c542567bf8f0dbea93d7b90f290b5c908176bcb4ff255f4ad30523321da63f770f3ad9bdc2f5333fb7e19800a51356e0bb9b56505036233f428625d8ad3448c7b143776b7d6def887e62f2c94c6d99a70fab78820bba9f6d7201233e0257a5ea61479135302359146644852b825cc1e1caea60eba36ff840964cfd00a7f1dc707a7f982e90375c4e0722904f878e7f0122ea191c6675beab253589ca7ee6ec285d30ce87dfe251c3a4f9f4163958c57b0da7d312570db74d9e21a5441b9260b5a3306d1127c88f4af922349398d5109a47f2753dbc916ed489f00a8f1ac6f9cd987eb46e1fe6afd7ae8b0dd435c235fdcbe310d8bb2e6ea26047a0a8b6a4f3a57aacbeb3d515deae123bca38c76b309358815357abfad9114be5706a1210fde40447f13e321b6b6f4aa87bfd01f501cdd205250d1ae89ee640bf235c263181932df8b0539a05e5c6786248fe6a190c625c41c86c50320f2850ebfb99aaf742acae108c293f1fa6b61e3b1423f0b9f2b76948ef2946efc0583cd83290c27662959e5598d822560707f236f5fffebf5a375b83b4618ff11c4047b35e4285c3ecd0f118beaec545ece4de7a18c05dafaaf49d853b80e147072aefadb2ff5facb5682b7cb6589817a7544c011383619053aaaaaf80a86a2ef151cd1a5a86641b5ad8ce4e9096c1bbd7bc9c791cf9d73672a0d53343c65811c836e999d1ae6439f16f8ef8fa8b996fd5c9d64f8b021485f8188e9d44ba0b4579ed9465e9a55cdf9acb798ec2646c00160c849112cdcbbf9ad90cb67d08048d8d6348fc1414aa8230017b0f42f4893d2b14782c69564befe37ebdf242f3a4fce49db7a7de5fdc5a2dd1a4b3bdc15d2b1da3ff09fa25a50688c4236bc48c4f9e697abc416e32c92f3001f24206b21e792f7739d4d8d7a418571d30f4a6e80e4696498e180fa23347860b7bd3ee32cf7e799ba23a7daaaf1f6bfb7c699aca6964b35fe501b91a18029a0c3b2fbb6ba33b5b6d6e74d8355b208e80528c675ac790583ea14a01ba743e01ce2943dd10dfc67df8735e6ae115e41c7dc3e76bf60b7f66fcf225439adfc35ed0d0a3ba23a8a9d56c30deb00b062ab5ff17620b529950bc74eb7b94a694743b9b49fbae6c839b8f720fc8f9827b6d79e2bdefcc7ff5dbd4a0fd8e202d94c48d3257c0249cefb3643bee56d049d6df80fbe58ce7fd23f7e08c5c19d41ffa3f945e2b7ca5170883abf7d981e0a5ca0ded8553f80a68bb363c68896f740d35a2eb8c0b14a9f6a7bb0eb322373f6f27cbfc03061850209abd606f375d30fe0925ac8516e14840edf40c0eacd71679bc3faae34d433f3e64dea6ca879ed328a2f2cb1a0c0993d9e9101bd19afa24aad40aba03552a58025a63939746a1059aabbdb52cd5ea648ab1cf984b7596490079cf755c51dea56c02fc06c4acd2a0efa502b40e968296303bf86444770ae6a04a8ab7fc560b249c6bb0d3c519e2dd0fb8bc92e17bcebaa36a41a40976fefff637e81fe64bcaa3189a74ec5c8d694f5e9dd64648314e858d3acd9870191a88f764076562669b87", 0x0, 0x9, 0x7, 0xd3c9, 0x9, 0x4, 0x800, 'syz1\x00'}) (async, rerun: 64)
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0) (async)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000)) (async)
connect$bt_sco(r2, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
socketpair(0x1d, 0x80000, 0xfffffff7, &(0x7f0000000080))

18:30:01 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180))

18:30:01 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 16)

18:30:01 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0xfffffffffffffe11, r1, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x0, 0x2, 'veth1_to_bridge\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000100)={r0, r0, 0x5, 0x1000, &(0x7f0000000940)="8571b8b16cef52a873ee737504c95e0ad9bbe6d501229b86bbce433ea8d9755321ce91cbded6c780416a39d0f0ed96da4ebf80edeb43688131eab8028d44f91d47bcc5d19eb6e64876566dbc2f236f6a47a01b54831297c3661c188c9c2b6980ba325e65f061cc2be02affb1d04030868a4c747175fd3b561cbbe7bc5ac18432f2ef3666481e5965177dbfacfd099255f888f19eabbf16918dc586d1b064a46527d5f8b0d8469c7799534d99b7ba76c7aba935cfe955706068f93597e300dd4017a1d7e81b8b47567edea7b2f16101c79ab1e83c35e31936d3b7996cfac2c11bc99cca90d5f4225d8336181eb7bb49132f34bd7eef213b6a8d1ea08f48990374dba1594135f5b476dbeb0b987dc56b0f1d1cf3dc46f51cd58164e10395a240e1c42fcb87fe27372b9f2f599f437b1e05d69ec8763e6ce04ea6b539ee9a46c1f8dddf3ccaf3337e674833d6cdb635da187d79cd7d02274e3110516ad3fee12499a6da96223771f89130a1da74c2fa95ca139036552533c627581c6196c463780e90897e1a86618652d90e863481a38126a285119a071984e00803c67316a5d23a6cc9fbb858a572ec2ba3f582f06d8a1110a121ca595ed72ff74e3f7cd37898f7a2b7c1463e218515af588bae223263c80eb2cedd1e81555aa96f47ba782fee9f9fbd4cbef28eb4656581dd79159b702e8818bc84796b5ce6a17771991353cad18103310ae22606e65d11d40fd544e15b259b1c16ea76935987be192dff0feeabbaa3c2fee88da42f16d0ea04e13f6963a922462535d50a8ba5dbb6fc9ad554d9a4700e98882ebb69c87258d8220056296313dea135bc79d49b1d89c3b8e456608a362b3a6c54cfc12083c66f9c5cecfd558caf9845d2f7b36074df834e384eb799a45c142bedb3089292ed51835a3dc7cd1076695eefe3b83d921013797ac1c9e26857b051ed62fb3675c0f597860f1ada881d7fcbef69d808432f91ae59ed45436e06112c258ab75af7ff10bd03fe2243162836447978a2d19614e66fa66556b8451817fc77e66dd8691c44c40b84e628915cf77e0920422aec538eddba01970480c994ca16e3f539ef1129548a1b767bb6d31a5f53876fe092a9b710b385f9fcfc8338a131cd12372f710b8f01d6895ca3e0f8e102c378e6af3de5c6a35a32ff73b31c1958338dc1bef96eb7e4e9830d62eefdbac49948886902a072267431cbbc551397ea3255c0a6b5068823f4737c7e12722f8929512501865b11dd3eb12d2014adc07cfe97e2b91322fe6c3d2555611a9b810b3c59becc81879845531ba70adb699ddc562beb135fc74954933f43b0e559d79f1f724ca149bed7bb1fb5f471aa54f0c3809a7ae3b8f28c442400d67ac42c44f24de3d4bb8dc37335128eabc231af97cbcb52b057cb968af1cc08dcc9e020318058ef719edd32e99646f1af2449b49df0f54ce5206f43fb68cb1138254b23f3a246da43786be4a1ec82be2d3cfd113ce56836c76c40cbea737b94abcbdaa2b9f78c76817feae93a7da17647a962d387966729f9c429538037d2e34bbbf82d87763ed50533570dc182b66a873f6cd124c1aaf75a5c79d8e5538199cde7d2408a2a43ba13dad4b51677cfaf163f7cfaffd4b840211006689b7b40e7d373464a83ca08a37299b6adf85245e19563faa3ca3c7504cc16a4a487ee6eb62f85ac112617b1f14874d717ab9fb41e756eea52aea6603ff51211e61bc3b97542a40af026e877e10e5a66062adafbbda5338ef01af8fbdf75c10d111eb0fcdf9f212b909e7a8308e4c16b44114bbaaf703379310d937c8e65319474b8f9b12179cca314a407c9fe9015b21e9ce9ae0f803f3777497e59a0d2438828e8a00fc5d45673428ab5873accdc52b0714fca34d9c4e3d61a9f6564e09dc3aef5bf63c907a3a1e0dca7d891164c52070d81ced7641450c3446a6c77c4165cab98ddf831215a5acc24ab308b8a0313898b6a4d7e96511f7471573c7bea84e563b6ed002c53f6375dfcc34c9fef5ff5cd0bf6ae405b868f60a2b758ca626c076e91e1d553448461b4676385fd6ecfb616cafc203973859843fb596c7298fe7b603ba012309c88e019dbd7f886417b6e23c35974e6965752ca6c25805a9a227c647368ff511ebfce10fc5652b9abf749a65671cca4ea7b8bc86df5a66e1c4488b498a58bfe60558c50d02d05c830aef06b2fd8aea693242194d824a244e149083e62c0ea8489446b7c6a96612d5c5f06fb5efb2fbb8706050a0d560738929772dda13e57a6fdb9e41457728fd603bdd0ad453bb012ee51583fd1d1f4beb286904d6fd89207fcb03744658a45b0f030fbfe981a9b256d1e6c96b18de1f7f8cbcffdfd07fef84a71f3d86bfecebefad46e1fe0586347d5b5c9bef464ed466418b27604ddd9fafc53b416d7e18d5dfdb97ac8f0474b5d93b0558675125adf59e7a79c6a4c95ee2145c5226d3e13804c6cb392d70b5028701882e0ee94171a9647e40a9f04414859dda1d69475c8f3f351cf75b7b84a94b51863984c715b1fcf509bd195c528fc29968cb1e01ee7eee3f35c34544cc3006c4aa83bf7306cfbdb42950c2fe84ef14a9d14477d5005b09e484f33185d7d8fb7183485746576d7ef697125ac5bdacfddb396a485905fecf9fedb84295ceec8d976eaf2a8d300f408973189a7f65c2ade9265fc469bcf84d464a42c371ee71346332780c2be2a17f37859e39ea7e0707be060f64c39c8aed34b7b414dc73bd8bd2d480d78d063ae5cbe8263df43226beb7796a666ccf60493b620bff7d3b43e0f4d16f881435851735a6512a6e8786cb7ed7c7a31a69ee4e36d703306b7ca2c3f40b9377aaab9fe0431cf6a7fd837a31fa7767fa43a3407798b14ef004d459dcfe83e448dec3f2a60fabf61568d0c8e1916cdcafcd16ec9ee866765cdb6ff9b81c1d9870a4c917fed5e5498d5667c5f884d648312efb7ad774a655966a4cfe4499d67816dfeaaa0d21badc39b18ae9c4f862830dbc71f22ce3810c89779ffc44a687c03992bff7b3182b37329b45a4e1d66c7bb1fae9c31a3f8036161569cef4e00263e21e8dfb1cddca306ed22a27057b2b0921723eb8677fa74b7decd62687681eb6e4d54715a4646281c7fa56d3991a1429f7f07a7666b2c6bc89e8f5610bc43b668775a8ba88a230490978adbb1ee46917c82c6f449826e58fd2d410ee68b23842e08139e96afb26a6e3b05b0149d331925354869b3d27351b0c3e3200d59e9666ae4918098202b0219cdda4842f083ff15251b4a3ce4dbc3afa8a2ea9f3e6f9c43dd57b1c8b19623d1b163a420e146e447c51eccddeca1f12ba3258fec780b2d52182a094df55b54045ea8ed28c2ea73fcf635f19ef1a290647be5ad63b5b21f74a236e6ee72690aa58ebf75285ad61a5c22801ae36f8db707c0ecb5c799c5a1bfec8ba977733805334ab047e78c6347a48e27997ef91d0fbc646ab15a888c3724f78efadaf0e9202112b99d3f1b0d2571feac416b5822ca51796e6d47b07c94ea7380fcaffe9db513befbba35a22240fc0447df5f0d2f4f3bae7f9d22e516c7533aacdee7c2db52f6a40db189c6ec1ad067d1c272e22bf3b83576dd6d42e54092f699f7c57255d631f3e54f0c84ef8fcd37da96144e40eafaec8218578f077c80597e6dbd974aed6a98210fa18dbbe9cee97b3b943522c929897c8fe3619b7e5ff27f1cd10fbc0c7004dbc8af94ee8bd28d4c3282d90a4a5552a345bc11002f01e936605299b103e6f18873c67a827d1b461000d575dacfd75b8d5bf6ea345d25a9b3000842c3268c6e3d4c3d15fd49b4aea33920c1d9916bd719949085f4e4b4a239c76c99a6e0abd4120701e0b0bd13ec16b0c91300b1b79a127ee7a89810bf9cfe2872ee0b96f306d3bc8aae7737b3980fb1a0a801fe17695bea0835c96061e5e4f8ac3cb1353c5d51eff5d495a8df77263355e2369231c40775280ab25a6725d82c08b80a48735da2b06f0f8485c09a9dff62f1de1d75c04af50b4f3a580728c283203752d18285c833069e2183fe464dc7ef2bef471baba6079ac511e9f2e28712eb46a090042f39912d167bc0b4a75b33ef44616ccf5424e82298fb586f630ee552aedb23182f9ae635401015551c3373452d5c60ac89dc27b23517c55b72f7d8b16b98ac803b00ae3c3dcf7b23437691eca933efc9b1fd2ac449435062dfb8f02e7c16deef13c542567bf8f0dbea93d7b90f290b5c908176bcb4ff255f4ad30523321da63f770f3ad9bdc2f5333fb7e19800a51356e0bb9b56505036233f428625d8ad3448c7b143776b7d6def887e62f2c94c6d99a70fab78820bba9f6d7201233e0257a5ea61479135302359146644852b825cc1e1caea60eba36ff840964cfd00a7f1dc707a7f982e90375c4e0722904f878e7f0122ea191c6675beab253589ca7ee6ec285d30ce87dfe251c3a4f9f4163958c57b0da7d312570db74d9e21a5441b9260b5a3306d1127c88f4af922349398d5109a47f2753dbc916ed489f00a8f1ac6f9cd987eb46e1fe6afd7ae8b0dd435c235fdcbe310d8bb2e6ea26047a0a8b6a4f3a57aacbeb3d515deae123bca38c76b309358815357abfad9114be5706a1210fde40447f13e321b6b6f4aa87bfd01f501cdd205250d1ae89ee640bf235c263181932df8b0539a05e5c6786248fe6a190c625c41c86c50320f2850ebfb99aaf742acae108c293f1fa6b61e3b1423f0b9f2b76948ef2946efc0583cd83290c27662959e5598d822560707f236f5fffebf5a375b83b4618ff11c4047b35e4285c3ecd0f118beaec545ece4de7a18c05dafaaf49d853b80e147072aefadb2ff5facb5682b7cb6589817a7544c011383619053aaaaaf80a86a2ef151cd1a5a86641b5ad8ce4e9096c1bbd7bc9c791cf9d73672a0d53343c65811c836e999d1ae6439f16f8ef8fa8b996fd5c9d64f8b021485f8188e9d44ba0b4579ed9465e9a55cdf9acb798ec2646c00160c849112cdcbbf9ad90cb67d08048d8d6348fc1414aa8230017b0f42f4893d2b14782c69564befe37ebdf242f3a4fce49db7a7de5fdc5a2dd1a4b3bdc15d2b1da3ff09fa25a50688c4236bc48c4f9e697abc416e32c92f3001f24206b21e792f7739d4d8d7a418571d30f4a6e80e4696498e180fa23347860b7bd3ee32cf7e799ba23a7daaaf1f6bfb7c699aca6964b35fe501b91a18029a0c3b2fbb6ba33b5b6d6e74d8355b208e80528c675ac790583ea14a01ba743e01ce2943dd10dfc67df8735e6ae115e41c7dc3e76bf60b7f66fcf225439adfc35ed0d0a3ba23a8a9d56c30deb00b062ab5ff17620b529950bc74eb7b94a694743b9b49fbae6c839b8f720fc8f9827b6d79e2bdefcc7ff5dbd4a0fd8e202d94c48d3257c0249cefb3643bee56d049d6df80fbe58ce7fd23f7e08c5c19d41ffa3f945e2b7ca5170883abf7d981e0a5ca0ded8553f80a68bb363c68896f740d35a2eb8c0b14a9f6a7bb0eb322373f6f27cbfc03061850209abd606f375d30fe0925ac8516e14840edf40c0eacd71679bc3faae34d433f3e64dea6ca879ed328a2f2cb1a0c0993d9e9101bd19afa24aad40aba03552a58025a63939746a1059aabbdb52cd5ea648ab1cf984b7596490079cf755c51dea56c02fc06c4acd2a0efa502b40e968296303bf86444770ae6a04a8ab7fc560b249c6bb0d3c519e2dd0fb8bc92e17bcebaa36a41a40976fefff637e81fe64bcaa3189a74ec5c8d694f5e9dd64648314e858d3acd9870191a88f764076562669b87", 0x0, 0x9, 0x7, 0xd3c9, 0x9, 0x4, 0x800, 'syz1\x00'})
pipe2(&(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000))
connect$bt_sco(r2, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
socketpair(0x1d, 0x80000, 0xfffffff7, &(0x7f0000000080))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
syz_genetlink_get_family_id$smc(&(0x7f0000000200), 0xffffffffffffffff) (async)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0xfffffffffffffe11, r1, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x0, 0x2, 'veth1_to_bridge\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000) (async)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000100)={r0, r0, 0x5, 0x1000, &(0x7f0000000940)="8571b8b16cef52a873ee737504c95e0ad9bbe6d501229b86bbce433ea8d9755321ce91cbded6c780416a39d0f0ed96da4ebf80edeb43688131eab8028d44f91d47bcc5d19eb6e64876566dbc2f236f6a47a01b54831297c3661c188c9c2b6980ba325e65f061cc2be02affb1d04030868a4c747175fd3b561cbbe7bc5ac18432f2ef3666481e5965177dbfacfd099255f888f19eabbf16918dc586d1b064a46527d5f8b0d8469c7799534d99b7ba76c7aba935cfe955706068f93597e300dd4017a1d7e81b8b47567edea7b2f16101c79ab1e83c35e31936d3b7996cfac2c11bc99cca90d5f4225d8336181eb7bb49132f34bd7eef213b6a8d1ea08f48990374dba1594135f5b476dbeb0b987dc56b0f1d1cf3dc46f51cd58164e10395a240e1c42fcb87fe27372b9f2f599f437b1e05d69ec8763e6ce04ea6b539ee9a46c1f8dddf3ccaf3337e674833d6cdb635da187d79cd7d02274e3110516ad3fee12499a6da96223771f89130a1da74c2fa95ca139036552533c627581c6196c463780e90897e1a86618652d90e863481a38126a285119a071984e00803c67316a5d23a6cc9fbb858a572ec2ba3f582f06d8a1110a121ca595ed72ff74e3f7cd37898f7a2b7c1463e218515af588bae223263c80eb2cedd1e81555aa96f47ba782fee9f9fbd4cbef28eb4656581dd79159b702e8818bc84796b5ce6a17771991353cad18103310ae22606e65d11d40fd544e15b259b1c16ea76935987be192dff0feeabbaa3c2fee88da42f16d0ea04e13f6963a922462535d50a8ba5dbb6fc9ad554d9a4700e98882ebb69c87258d8220056296313dea135bc79d49b1d89c3b8e456608a362b3a6c54cfc12083c66f9c5cecfd558caf9845d2f7b36074df834e384eb799a45c142bedb3089292ed51835a3dc7cd1076695eefe3b83d921013797ac1c9e26857b051ed62fb3675c0f597860f1ada881d7fcbef69d808432f91ae59ed45436e06112c258ab75af7ff10bd03fe2243162836447978a2d19614e66fa66556b8451817fc77e66dd8691c44c40b84e628915cf77e0920422aec538eddba01970480c994ca16e3f539ef1129548a1b767bb6d31a5f53876fe092a9b710b385f9fcfc8338a131cd12372f710b8f01d6895ca3e0f8e102c378e6af3de5c6a35a32ff73b31c1958338dc1bef96eb7e4e9830d62eefdbac49948886902a072267431cbbc551397ea3255c0a6b5068823f4737c7e12722f8929512501865b11dd3eb12d2014adc07cfe97e2b91322fe6c3d2555611a9b810b3c59becc81879845531ba70adb699ddc562beb135fc74954933f43b0e559d79f1f724ca149bed7bb1fb5f471aa54f0c3809a7ae3b8f28c442400d67ac42c44f24de3d4bb8dc37335128eabc231af97cbcb52b057cb968af1cc08dcc9e020318058ef719edd32e99646f1af2449b49df0f54ce5206f43fb68cb1138254b23f3a246da43786be4a1ec82be2d3cfd113ce56836c76c40cbea737b94abcbdaa2b9f78c76817feae93a7da17647a962d387966729f9c429538037d2e34bbbf82d87763ed50533570dc182b66a873f6cd124c1aaf75a5c79d8e5538199cde7d2408a2a43ba13dad4b51677cfaf163f7cfaffd4b840211006689b7b40e7d373464a83ca08a37299b6adf85245e19563faa3ca3c7504cc16a4a487ee6eb62f85ac112617b1f14874d717ab9fb41e756eea52aea6603ff51211e61bc3b97542a40af026e877e10e5a66062adafbbda5338ef01af8fbdf75c10d111eb0fcdf9f212b909e7a8308e4c16b44114bbaaf703379310d937c8e65319474b8f9b12179cca314a407c9fe9015b21e9ce9ae0f803f3777497e59a0d2438828e8a00fc5d45673428ab5873accdc52b0714fca34d9c4e3d61a9f6564e09dc3aef5bf63c907a3a1e0dca7d891164c52070d81ced7641450c3446a6c77c4165cab98ddf831215a5acc24ab308b8a0313898b6a4d7e96511f7471573c7bea84e563b6ed002c53f6375dfcc34c9fef5ff5cd0bf6ae405b868f60a2b758ca626c076e91e1d553448461b4676385fd6ecfb616cafc203973859843fb596c7298fe7b603ba012309c88e019dbd7f886417b6e23c35974e6965752ca6c25805a9a227c647368ff511ebfce10fc5652b9abf749a65671cca4ea7b8bc86df5a66e1c4488b498a58bfe60558c50d02d05c830aef06b2fd8aea693242194d824a244e149083e62c0ea8489446b7c6a96612d5c5f06fb5efb2fbb8706050a0d560738929772dda13e57a6fdb9e41457728fd603bdd0ad453bb012ee51583fd1d1f4beb286904d6fd89207fcb03744658a45b0f030fbfe981a9b256d1e6c96b18de1f7f8cbcffdfd07fef84a71f3d86bfecebefad46e1fe0586347d5b5c9bef464ed466418b27604ddd9fafc53b416d7e18d5dfdb97ac8f0474b5d93b0558675125adf59e7a79c6a4c95ee2145c5226d3e13804c6cb392d70b5028701882e0ee94171a9647e40a9f04414859dda1d69475c8f3f351cf75b7b84a94b51863984c715b1fcf509bd195c528fc29968cb1e01ee7eee3f35c34544cc3006c4aa83bf7306cfbdb42950c2fe84ef14a9d14477d5005b09e484f33185d7d8fb7183485746576d7ef697125ac5bdacfddb396a485905fecf9fedb84295ceec8d976eaf2a8d300f408973189a7f65c2ade9265fc469bcf84d464a42c371ee71346332780c2be2a17f37859e39ea7e0707be060f64c39c8aed34b7b414dc73bd8bd2d480d78d063ae5cbe8263df43226beb7796a666ccf60493b620bff7d3b43e0f4d16f881435851735a6512a6e8786cb7ed7c7a31a69ee4e36d703306b7ca2c3f40b9377aaab9fe0431cf6a7fd837a31fa7767fa43a3407798b14ef004d459dcfe83e448dec3f2a60fabf61568d0c8e1916cdcafcd16ec9ee866765cdb6ff9b81c1d9870a4c917fed5e5498d5667c5f884d648312efb7ad774a655966a4cfe4499d67816dfeaaa0d21badc39b18ae9c4f862830dbc71f22ce3810c89779ffc44a687c03992bff7b3182b37329b45a4e1d66c7bb1fae9c31a3f8036161569cef4e00263e21e8dfb1cddca306ed22a27057b2b0921723eb8677fa74b7decd62687681eb6e4d54715a4646281c7fa56d3991a1429f7f07a7666b2c6bc89e8f5610bc43b668775a8ba88a230490978adbb1ee46917c82c6f449826e58fd2d410ee68b23842e08139e96afb26a6e3b05b0149d331925354869b3d27351b0c3e3200d59e9666ae4918098202b0219cdda4842f083ff15251b4a3ce4dbc3afa8a2ea9f3e6f9c43dd57b1c8b19623d1b163a420e146e447c51eccddeca1f12ba3258fec780b2d52182a094df55b54045ea8ed28c2ea73fcf635f19ef1a290647be5ad63b5b21f74a236e6ee72690aa58ebf75285ad61a5c22801ae36f8db707c0ecb5c799c5a1bfec8ba977733805334ab047e78c6347a48e27997ef91d0fbc646ab15a888c3724f78efadaf0e9202112b99d3f1b0d2571feac416b5822ca51796e6d47b07c94ea7380fcaffe9db513befbba35a22240fc0447df5f0d2f4f3bae7f9d22e516c7533aacdee7c2db52f6a40db189c6ec1ad067d1c272e22bf3b83576dd6d42e54092f699f7c57255d631f3e54f0c84ef8fcd37da96144e40eafaec8218578f077c80597e6dbd974aed6a98210fa18dbbe9cee97b3b943522c929897c8fe3619b7e5ff27f1cd10fbc0c7004dbc8af94ee8bd28d4c3282d90a4a5552a345bc11002f01e936605299b103e6f18873c67a827d1b461000d575dacfd75b8d5bf6ea345d25a9b3000842c3268c6e3d4c3d15fd49b4aea33920c1d9916bd719949085f4e4b4a239c76c99a6e0abd4120701e0b0bd13ec16b0c91300b1b79a127ee7a89810bf9cfe2872ee0b96f306d3bc8aae7737b3980fb1a0a801fe17695bea0835c96061e5e4f8ac3cb1353c5d51eff5d495a8df77263355e2369231c40775280ab25a6725d82c08b80a48735da2b06f0f8485c09a9dff62f1de1d75c04af50b4f3a580728c283203752d18285c833069e2183fe464dc7ef2bef471baba6079ac511e9f2e28712eb46a090042f39912d167bc0b4a75b33ef44616ccf5424e82298fb586f630ee552aedb23182f9ae635401015551c3373452d5c60ac89dc27b23517c55b72f7d8b16b98ac803b00ae3c3dcf7b23437691eca933efc9b1fd2ac449435062dfb8f02e7c16deef13c542567bf8f0dbea93d7b90f290b5c908176bcb4ff255f4ad30523321da63f770f3ad9bdc2f5333fb7e19800a51356e0bb9b56505036233f428625d8ad3448c7b143776b7d6def887e62f2c94c6d99a70fab78820bba9f6d7201233e0257a5ea61479135302359146644852b825cc1e1caea60eba36ff840964cfd00a7f1dc707a7f982e90375c4e0722904f878e7f0122ea191c6675beab253589ca7ee6ec285d30ce87dfe251c3a4f9f4163958c57b0da7d312570db74d9e21a5441b9260b5a3306d1127c88f4af922349398d5109a47f2753dbc916ed489f00a8f1ac6f9cd987eb46e1fe6afd7ae8b0dd435c235fdcbe310d8bb2e6ea26047a0a8b6a4f3a57aacbeb3d515deae123bca38c76b309358815357abfad9114be5706a1210fde40447f13e321b6b6f4aa87bfd01f501cdd205250d1ae89ee640bf235c263181932df8b0539a05e5c6786248fe6a190c625c41c86c50320f2850ebfb99aaf742acae108c293f1fa6b61e3b1423f0b9f2b76948ef2946efc0583cd83290c27662959e5598d822560707f236f5fffebf5a375b83b4618ff11c4047b35e4285c3ecd0f118beaec545ece4de7a18c05dafaaf49d853b80e147072aefadb2ff5facb5682b7cb6589817a7544c011383619053aaaaaf80a86a2ef151cd1a5a86641b5ad8ce4e9096c1bbd7bc9c791cf9d73672a0d53343c65811c836e999d1ae6439f16f8ef8fa8b996fd5c9d64f8b021485f8188e9d44ba0b4579ed9465e9a55cdf9acb798ec2646c00160c849112cdcbbf9ad90cb67d08048d8d6348fc1414aa8230017b0f42f4893d2b14782c69564befe37ebdf242f3a4fce49db7a7de5fdc5a2dd1a4b3bdc15d2b1da3ff09fa25a50688c4236bc48c4f9e697abc416e32c92f3001f24206b21e792f7739d4d8d7a418571d30f4a6e80e4696498e180fa23347860b7bd3ee32cf7e799ba23a7daaaf1f6bfb7c699aca6964b35fe501b91a18029a0c3b2fbb6ba33b5b6d6e74d8355b208e80528c675ac790583ea14a01ba743e01ce2943dd10dfc67df8735e6ae115e41c7dc3e76bf60b7f66fcf225439adfc35ed0d0a3ba23a8a9d56c30deb00b062ab5ff17620b529950bc74eb7b94a694743b9b49fbae6c839b8f720fc8f9827b6d79e2bdefcc7ff5dbd4a0fd8e202d94c48d3257c0249cefb3643bee56d049d6df80fbe58ce7fd23f7e08c5c19d41ffa3f945e2b7ca5170883abf7d981e0a5ca0ded8553f80a68bb363c68896f740d35a2eb8c0b14a9f6a7bb0eb322373f6f27cbfc03061850209abd606f375d30fe0925ac8516e14840edf40c0eacd71679bc3faae34d433f3e64dea6ca879ed328a2f2cb1a0c0993d9e9101bd19afa24aad40aba03552a58025a63939746a1059aabbdb52cd5ea648ab1cf984b7596490079cf755c51dea56c02fc06c4acd2a0efa502b40e968296303bf86444770ae6a04a8ab7fc560b249c6bb0d3c519e2dd0fb8bc92e17bcebaa36a41a40976fefff637e81fe64bcaa3189a74ec5c8d694f5e9dd64648314e858d3acd9870191a88f764076562669b87", 0x0, 0x9, 0x7, 0xd3c9, 0x9, 0x4, 0x800, 'syz1\x00'}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r3, 0x0) (async)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000)) (async)
connect$bt_sco(r2, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)
socketpair(0x1d, 0x80000, 0xfffffff7, &(0x7f0000000080)) (async)

18:30:01 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x58, 0x1404, 0x8, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
r1 = socket(0x1e, 0x6, 0xfffffda1)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0000fddbdf2502000080a7ff5df5fb02a3dd181fac9b7a15653a924bb64ea95a86dff6290deefb2ec1ce89935cee1d8e018dd0f7aaba2c35cfc2461afdde5a9c782c1cb00387e34de5cd8bb9924c160a86ce7ed0464927faffffff424f61180c82333d480964a671f2e8007cacc1f490f57c0dda8f55bd577063bad1bef5c8eac698359d908e1a20e121a2949481be46e129476a7a2ab8530cf813b2a888124ddc1e8de4c54dda3052dc6a5c0c183884a76e2d4b258c6fb71a1b66a7c886888b36b7da4815a10d9baa991b8b0ee781f9e843d73b6062f5c678ef3ca642d3f37501fecb0381935bf3d0450110ade70aa45403fdce6a5dd4cad3ec11c847291079f12fb9c97d7f4db043cf81e6e10bcf49d2ca229b0f285e6672cc5fa1c3aa62d59342a0898964b72f4cf0830f832fcb518fc5374adb72a4818669342912c17dd28f6b3a2e557b9a10fd6669fe0f000000261e15eca07a879341a79c9094c41ebfa27f8ea105b8651b09d6a189fc4da2d62e5e0ce2f9242123b51ce9fb28634919cf75cfde0100000000000000d29b03e635e5f3000000"], 0x14}, 0x1, 0x0, 0x0, 0x190}, 0x40811)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x58, 0x1404, 0x8, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x8004}, 0x0) (async)
socket(0x1e, 0x6, 0xfffffda1) (async)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0000fddbdf2502000080a7ff5df5fb02a3dd181fac9b7a15653a924bb64ea95a86dff6290deefb2ec1ce89935cee1d8e018dd0f7aaba2c35cfc2461afdde5a9c782c1cb00387e34de5cd8bb9924c160a86ce7ed0464927faffffff424f61180c82333d480964a671f2e8007cacc1f490f57c0dda8f55bd577063bad1bef5c8eac698359d908e1a20e121a2949481be46e129476a7a2ab8530cf813b2a888124ddc1e8de4c54dda3052dc6a5c0c183884a76e2d4b258c6fb71a1b66a7c886888b36b7da4815a10d9baa991b8b0ee781f9e843d73b6062f5c678ef3ca642d3f37501fecb0381935bf3d0450110ade70aa45403fdce6a5dd4cad3ec11c847291079f12fb9c97d7f4db043cf81e6e10bcf49d2ca229b0f285e6672cc5fa1c3aa62d59342a0898964b72f4cf0830f832fcb518fc5374adb72a4818669342912c17dd28f6b3a2e557b9a10fd6669fe0f000000261e15eca07a879341a79c9094c41ebfa27f8ea105b8651b09d6a189fc4da2d62e5e0ce2f9242123b51ce9fb28634919cf75cfde0100000000000000d29b03e635e5f3000000"], 0x14}, 0x1, 0x0, 0x0, 0x190}, 0x40811) (async)

18:30:01 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x1412, 0x2, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x400c011)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:30:01 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1, 0x81, 0x8, 0x7a4, "7c30ca6b8664c8df6bf8a664fc59bea3e63a58046b136a0a10bd9f565a781ce4860c18152be33ec5d43387757c875f82e09f0ed9a94ebf7d89e1a308f369475bf42c2735e1f54df895a37bc6158b8604bf0aa580ce863142e509e1c3d4e0d82f6e6857e8a9fa422a364d55cad1331aa3a4762bd11d29c67b05df34c7036bf1c3"})

18:30:01 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
connect$bt_sco(r1, &(0x7f0000000000), 0x8)

18:30:01 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x1412, 0x2, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x400c011)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
epoll_create1(0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x1412, 0x2, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x400c011) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)

[ 2147.748536] FAULT_INJECTION: forcing a failure.
[ 2147.748536] name failslab, interval 1, probability 0, space 0, times 0
[ 2147.760726] CPU: 1 PID: 22681 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2147.760763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2147.760767] Call Trace:
[ 2147.760782]  dump_stack+0x1b2/0x281
[ 2147.760797]  should_fail.cold+0x10a/0x149
[ 2147.760812]  should_failslab+0xd6/0x130
[ 2147.760825]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 2147.760839]  device_add+0xd72/0x15c0
[ 2147.760853]  ? device_is_dependent+0x2a0/0x2a0
[ 2147.760870]  netdev_register_kobject+0x181/0x410
[ 2147.760883]  register_netdevice+0x955/0xe40
[ 2147.760896]  ? netdev_change_features+0xa0/0xa0
[ 2147.760911]  ldisc_open+0x3e3/0x860
[ 2147.760921]  ? caifdev_setup+0x3b0/0x3b0
[ 2147.760936]  ? lock_downgrade+0x740/0x740
[ 2147.760946]  ? caifdev_setup+0x3b0/0x3b0
[ 2147.760958]  tty_ldisc_open+0x6c/0xb0
[ 2147.760969]  tty_set_ldisc+0x287/0x5d0
[ 2147.760981]  tty_ioctl+0xa2a/0x1430
[ 2147.760992]  ? tty_fasync+0x2c0/0x2c0
[ 2147.761002]  ? proc_fail_nth_write+0x7b/0x180
[ 2147.761012]  ? trace_hardirqs_on+0x10/0x10
[ 2147.761027]  ? fsnotify+0x974/0x11b0
[ 2147.761036]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2147.761045]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2147.761055]  ? SyS_write+0x1b7/0x210
[ 2147.761074]  ? tty_fasync+0x2c0/0x2c0
[ 2147.761085]  do_vfs_ioctl+0x75a/0xff0
[ 2147.761096]  ? lock_acquire+0x170/0x3f0
[ 2147.761106]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2147.761119]  ? __fget+0x265/0x3e0
[ 2147.761132]  ? do_vfs_ioctl+0xff0/0xff0
[ 2147.761144]  ? security_file_ioctl+0x83/0xb0
[ 2147.761155]  SyS_ioctl+0x7f/0xb0
[ 2147.761164]  ? do_vfs_ioctl+0xff0/0xff0
[ 2147.761176]  do_syscall_64+0x1d5/0x640
[ 2147.761191]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2147.761199] RIP: 0033:0x7f1c69918049
[ 2147.761204] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2147.761215] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2147.761221] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2147.761227] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2147.761232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2147.761239] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:01 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r1, 0x0)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000100)={0x29b554ee, 0x4, 0x4, 0x10, 0x7, {}, {0x2, 0x1, 0x3, 0x5, 0x80, 0x4, "bc8c7e99"}, 0x293d, 0x4, {}, 0xfffff801}) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:01 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000000000), 0x8)

18:30:01 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1, 0x81, 0x8, 0x7a4, "7c30ca6b8664c8df6bf8a664fc59bea3e63a58046b136a0a10bd9f565a781ce4860c18152be33ec5d43387757c875f82e09f0ed9a94ebf7d89e1a308f369475bf42c2735e1f54df895a37bc6158b8604bf0aa580ce863142e509e1c3d4e0d82f6e6857e8a9fa422a364d55cad1331aa3a4762bd11d29c67b05df34c7036bf1c3"})

18:30:01 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x58, 0x1404, 0x8, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x8004}, 0x0) (async)
r1 = socket(0x1e, 0x6, 0xfffffda1)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0000fddbdf2502000080a7ff5df5fb02a3dd181fac9b7a15653a924bb64ea95a86dff6290deefb2ec1ce89935cee1d8e018dd0f7aaba2c35cfc2461afdde5a9c782c1cb00387e34de5cd8bb9924c160a86ce7ed0464927faffffff424f61180c82333d480964a671f2e8007cacc1f490f57c0dda8f55bd577063bad1bef5c8eac698359d908e1a20e121a2949481be46e129476a7a2ab8530cf813b2a888124ddc1e8de4c54dda3052dc6a5c0c183884a76e2d4b258c6fb71a1b66a7c886888b36b7da4815a10d9baa991b8b0ee781f9e843d73b6062f5c678ef3ca642d3f37501fecb0381935bf3d0450110ade70aa45403fdce6a5dd4cad3ec11c847291079f12fb9c97d7f4db043cf81e6e10bcf49d2ca229b0f285e6672cc5fa1c3aa62d59342a0898964b72f4cf0830f832fcb518fc5374adb72a4818669342912c17dd28f6b3a2e557b9a10fd6669fe0f000000261e15eca07a879341a79c9094c41ebfa27f8ea105b8651b09d6a189fc4da2d62e5e0ce2f9242123b51ce9fb28634919cf75cfde0100000000000000d29b03e635e5f3000000"], 0x14}, 0x1, 0x0, 0x0, 0x190}, 0x40811)

18:30:01 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0) (async)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x1412, 0x2, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x400c011)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:30:01 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 17)

18:30:01 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
connect$bt_sco(r1, &(0x7f0000000000), 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000000000), 0x8) (async)

18:30:02 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x40, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="3b813e2155c9"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xffff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3ef}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x4040084)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

[ 2148.548272] FAULT_INJECTION: forcing a failure.
[ 2148.548272] name failslab, interval 1, probability 0, space 0, times 0
[ 2148.564258] CPU: 0 PID: 22699 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2148.572159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2148.581511] Call Trace:
[ 2148.584100]  dump_stack+0x1b2/0x281
[ 2148.587732]  should_fail.cold+0x10a/0x149
[ 2148.591882]  should_failslab+0xd6/0x130
18:30:02 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x40, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="3b813e2155c9"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xffff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3ef}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x4040084) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:30:02 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x40, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="3b813e2155c9"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xffff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3ef}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x4040084) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

[ 2148.595859]  kmem_cache_alloc+0x28e/0x3c0
[ 2148.600013]  __kernfs_new_node+0x6f/0x470
[ 2148.604158]  kernfs_new_node+0x7b/0xe0
[ 2148.608043]  __kernfs_create_file+0x3d/0x320
[ 2148.612454]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2148.617128]  internal_create_group+0x22b/0x710
[ 2148.621713]  sysfs_create_groups+0x92/0x130
[ 2148.626032]  device_add+0x7e5/0x15c0
[ 2148.629752]  ? device_is_dependent+0x2a0/0x2a0
[ 2148.634337]  netdev_register_kobject+0x181/0x410
[ 2148.639092]  register_netdevice+0x955/0xe40
[ 2148.643413]  ? netdev_change_features+0xa0/0xa0
18:30:02 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
clock_gettime(0x6, &(0x7f0000000000))
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

[ 2148.648087]  ldisc_open+0x3e3/0x860
[ 2148.651713]  ? caifdev_setup+0x3b0/0x3b0
[ 2148.655772]  ? lock_downgrade+0x740/0x740
[ 2148.659917]  ? caifdev_setup+0x3b0/0x3b0
[ 2148.663991]  tty_ldisc_open+0x6c/0xb0
[ 2148.664002]  tty_set_ldisc+0x287/0x5d0
[ 2148.671669]  tty_ioctl+0xa2a/0x1430
[ 2148.675292]  ? tty_fasync+0x2c0/0x2c0
[ 2148.679089]  ? proc_fail_nth_write+0x7b/0x180
[ 2148.683581]  ? trace_hardirqs_on+0x10/0x10
[ 2148.687849]  ? fsnotify+0x974/0x11b0
[ 2148.691567]  ? proc_tgid_io_accounting+0x7a0/0x7a0
18:30:02 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
clock_gettime(0x6, &(0x7f0000000000)) (async, rerun: 32)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (rerun: 32)

[ 2148.696497]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2148.701509]  ? SyS_write+0x1b7/0x210
[ 2148.705222]  ? tty_fasync+0x2c0/0x2c0
[ 2148.709019]  do_vfs_ioctl+0x75a/0xff0
[ 2148.712820]  ? lock_acquire+0x170/0x3f0
[ 2148.716825]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2148.721231]  ? __fget+0x265/0x3e0
[ 2148.724681]  ? do_vfs_ioctl+0xff0/0xff0
[ 2148.728656]  ? security_file_ioctl+0x83/0xb0
[ 2148.733055]  SyS_ioctl+0x7f/0xb0
[ 2148.736402]  ? do_vfs_ioctl+0xff0/0xff0
[ 2148.740367]  do_syscall_64+0x1d5/0x640
[ 2148.744323]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2148.749490] RIP: 0033:0x7f1c69918049
[ 2148.753181] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2148.760865] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2148.768114] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2148.775364] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2148.782609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2148.789854] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:02 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000100)={0x29b554ee, 0x4, 0x4, 0x10, 0x7, {}, {0x2, 0x1, 0x3, 0x5, 0x80, 0x4, "bc8c7e99"}, 0x293d, 0x4, {}, 0xfffff801})
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:02 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
clock_gettime(0x6, &(0x7f0000000000))
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:30:02 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:02 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x20, r2, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040011}, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
getsockopt$sock_timeval(r4, 0x1, 0x43, &(0x7f0000000340), &(0x7f00000003c0)=0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010000010000000000000f000000"], 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00042bbd7000fddbdf250f00000005002d000000000005002f00000000000500000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40011}, 0x80)
connect$bt_sco(r4, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x230000, 0x0)

18:30:02 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r1 = epoll_create1(0x0)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000000)={0x3, 0x5, 0xffff})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x10002011})
ioctl$TIOCGPTPEER(r0, 0x5441, 0xf14)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_S_MODULATOR(r3, 0x40445637, &(0x7f0000000100)={0x80000001, "8082d9eb5e660aeb7d8f1bad3b0d043a7f518383751c6346fa0d4f85d2f5c5e8", 0x800, 0xd2e1, 0xfff, 0x1, 0x5})
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000200))
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)

18:30:02 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 18)

18:30:02 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000000)={0x3, 0x5, 0xffff}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x10002011})
ioctl$TIOCGPTPEER(r0, 0x5441, 0xf14)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r2, 0x0) (async, rerun: 64)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (rerun: 64)
ioctl$VIDIOC_S_MODULATOR(r3, 0x40445637, &(0x7f0000000100)={0x80000001, "8082d9eb5e660aeb7d8f1bad3b0d043a7f518383751c6346fa0d4f85d2f5c5e8", 0x800, 0xd2e1, 0xfff, 0x1, 0x5}) (async)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000200)) (async)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)

18:30:02 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x125321851ce60617)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000180)=@multiplanar_fd={0x1, 0xc, 0x4, 0x8, 0x7, {0x77359400}, {0x1, 0x2, 0x2, 0x2, 0x0, 0x19, "6425f82f"}, 0xfff, 0x4, {&(0x7f0000000100)=[{0x0, 0x9, {r1}, 0x313}, {0xf3e, 0x4, {r2}, 0xb4e}]}, 0xffff, 0x0, r3})

18:30:02 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$KDDELIO(r1, 0x4b35, 0x5)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:30:02 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async, rerun: 64)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (rerun: 64)
timerfd_gettime(r2, 0x0) (async, rerun: 64)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x125321851ce60617) (rerun: 64)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000180)=@multiplanar_fd={0x1, 0xc, 0x4, 0x8, 0x7, {0x77359400}, {0x1, 0x2, 0x2, 0x2, 0x0, 0x19, "6425f82f"}, 0xfff, 0x4, {&(0x7f0000000100)=[{0x0, 0x9, {r1}, 0x313}, {0xf3e, 0x4, {r2}, 0xb4e}]}, 0xffff, 0x0, r3})

18:30:02 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x20, r2, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040011}, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
getsockopt$sock_timeval(r4, 0x1, 0x43, &(0x7f0000000340), &(0x7f00000003c0)=0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010000010000000000000f000000"], 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00042bbd7000fddbdf250f00000005002d000000000005002f00000000000500000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40011}, 0x80)
connect$bt_sco(r4, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x230000, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0) (async)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x20, r2, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040011}, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
pipe2(&(0x7f0000000080), 0x0) (async)
getsockopt$sock_timeval(r4, 0x1, 0x43, &(0x7f0000000340), &(0x7f00000003c0)=0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010000010000000000000f000000"], 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00042bbd7000fddbdf250f00000005002d000000000005002f00000000000500000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40011}, 0x80) (async)
connect$bt_sco(r4, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x230000, 0x0) (async)

18:30:02 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
r1 = epoll_create1(0x0)
ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000000)={0x3, 0x5, 0xffff}) (async)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x10002011})
ioctl$TIOCGPTPEER(r0, 0x5441, 0xf14)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async, rerun: 64)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (rerun: 64)
ioctl$VIDIOC_S_MODULATOR(r3, 0x40445637, &(0x7f0000000100)={0x80000001, "8082d9eb5e660aeb7d8f1bad3b0d043a7f518383751c6346fa0d4f85d2f5c5e8", 0x800, 0xd2e1, 0xfff, 0x1, 0x5})
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000200)) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) (rerun: 64)

18:30:03 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$KDDELIO(r1, 0x4b35, 0x5)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r0, 0x0) (async)
pipe2(&(0x7f0000000000), 0x0) (async)
ioctl$KDDELIO(r1, 0x4b35, 0x5) (async)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0)) (async)

18:30:03 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x125321851ce60617)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000180)=@multiplanar_fd={0x1, 0xc, 0x4, 0x8, 0x7, {0x77359400}, {0x1, 0x2, 0x2, 0x2, 0x0, 0x19, "6425f82f"}, 0xfff, 0x4, {&(0x7f0000000100)=[{0x0, 0x9, {r1}, 0x313}, {0xf3e, 0x4, {r2}, 0xb4e}]}, 0xffff, 0x0, r3})

[ 2149.611549] FAULT_INJECTION: forcing a failure.
[ 2149.611549] name failslab, interval 1, probability 0, space 0, times 0
[ 2149.622867] CPU: 0 PID: 22790 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2149.630750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2149.640109] Call Trace:
[ 2149.642694]  dump_stack+0x1b2/0x281
[ 2149.646309]  should_fail.cold+0x10a/0x149
[ 2149.650437]  should_failslab+0xd6/0x130
[ 2149.654391]  kmem_cache_alloc+0x28e/0x3c0
[ 2149.658521]  __kernfs_new_node+0x6f/0x470
[ 2149.662650]  kernfs_new_node+0x7b/0xe0
[ 2149.666519]  __kernfs_create_file+0x3d/0x320
[ 2149.670905]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2149.675555]  internal_create_group+0x22b/0x710
[ 2149.680127]  sysfs_create_groups+0x92/0x130
[ 2149.684428]  device_add+0x7e5/0x15c0
[ 2149.688119]  ? device_is_dependent+0x2a0/0x2a0
[ 2149.692697]  netdev_register_kobject+0x181/0x410
[ 2149.697437]  register_netdevice+0x955/0xe40
[ 2149.701765]  ? netdev_change_features+0xa0/0xa0
[ 2149.706425]  ldisc_open+0x3e3/0x860
[ 2149.710053]  ? caifdev_setup+0x3b0/0x3b0
[ 2149.714095]  ? lock_downgrade+0x740/0x740
[ 2149.718222]  ? caifdev_setup+0x3b0/0x3b0
[ 2149.722267]  tty_ldisc_open+0x6c/0xb0
[ 2149.726049]  tty_set_ldisc+0x287/0x5d0
[ 2149.729931]  tty_ioctl+0xa2a/0x1430
[ 2149.733535]  ? tty_fasync+0x2c0/0x2c0
[ 2149.737508]  ? proc_fail_nth_write+0x7b/0x180
[ 2149.741982]  ? trace_hardirqs_on+0x10/0x10
[ 2149.746219]  ? fsnotify+0x974/0x11b0
[ 2149.749909]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2149.754824]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2149.759826]  ? SyS_write+0x1b7/0x210
[ 2149.763527]  ? tty_fasync+0x2c0/0x2c0
[ 2149.767314]  do_vfs_ioctl+0x75a/0xff0
[ 2149.771097]  ? lock_acquire+0x170/0x3f0
[ 2149.775049]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2149.779445]  ? __fget+0x265/0x3e0
[ 2149.782880]  ? do_vfs_ioctl+0xff0/0xff0
[ 2149.786922]  ? security_file_ioctl+0x83/0xb0
[ 2149.791307]  SyS_ioctl+0x7f/0xb0
[ 2149.794652]  ? do_vfs_ioctl+0xff0/0xff0
[ 2149.798606]  do_syscall_64+0x1d5/0x640
[ 2149.802481]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2149.807651] RIP: 0033:0x7f1c69918049
[ 2149.811348] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2149.819048] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2149.826296] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2149.833560] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2149.840809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2149.848060] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:03 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000000), 0x8) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)

18:30:03 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x20, r2, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040011}, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
getsockopt$sock_timeval(r4, 0x1, 0x43, &(0x7f0000000340), &(0x7f00000003c0)=0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010000010000000000000f000000"], 0x14}}, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00042bbd7000fddbdf250f00000005002d000000000005002f00000000000500000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40011}, 0x80)
connect$bt_sco(r4, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x230000, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r2, 0x709}, 0x14}}, 0x0) (async)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x20, r2, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040011}, 0x0) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r4, 0x0) (async)
pipe2(&(0x7f0000000080), 0x0) (async)
getsockopt$sock_timeval(r4, 0x1, 0x43, &(0x7f0000000340), &(0x7f00000003c0)=0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010000010000000000000f000000"], 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00042bbd7000fddbdf250f00000005002d000000000005002f00000000000500000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40011}, 0x80) (async)
connect$bt_sco(r4, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x230000, 0x0) (async)

18:30:03 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004040}, 0x0)

18:30:03 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r1)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000080))
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000000)={0xe28, 0x3f, 0x81, 0x3, 0x20, "679340883113a3ac843bf3f9acd60ea74a914c", 0x33f, 0xa6})

18:30:03 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
ioctl$KDDELIO(r1, 0x4b35, 0x5) (async)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:30:03 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 19)

18:30:03 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000000), 0x8) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:03 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r1)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000080))
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180))
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000000)={0xe28, 0x3f, 0x81, 0x3, 0x20, "679340883113a3ac843bf3f9acd60ea74a914c", 0x33f, 0xa6})

18:30:03 executing program 2:
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x400200, 0x0)
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000000))
ioctl$KDDELIO(r0, 0x4b35, 0x48)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00d', @ANYRES16=0x0, @ANYBLOB="00022bbd7040fd07000022a163de00eb3818b600000008003a00070629a7"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x40)

[ 2150.279008] FAULT_INJECTION: forcing a failure.
[ 2150.279008] name failslab, interval 1, probability 0, space 0, times 0
[ 2150.317255] CPU: 0 PID: 22805 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2150.325174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2150.334530] Call Trace:
[ 2150.337119]  dump_stack+0x1b2/0x281
[ 2150.340753]  should_fail.cold+0x10a/0x149
[ 2150.344906]  should_failslab+0xd6/0x130
[ 2150.348890]  kmem_cache_alloc+0x28e/0x3c0
[ 2150.353041]  __kernfs_new_node+0x6f/0x470
[ 2150.357210]  kernfs_new_node+0x7b/0xe0
[ 2150.357221]  __kernfs_create_file+0x3d/0x320
[ 2150.365539]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2150.365553]  internal_create_group+0x22b/0x710
[ 2150.365566]  sysfs_create_groups+0x92/0x130
18:30:03 executing program 2:
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x400200, 0x0)
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000000))
ioctl$KDDELIO(r0, 0x4b35, 0x48)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00d', @ANYRES16=0x0, @ANYBLOB="00022bbd7040fd07000022a163de00eb3818b600000008003a00070629a7"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x40)

18:30:03 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r1)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000080)) (async)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000180)) (async)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000000)={0xe28, 0x3f, 0x81, 0x3, 0x20, "679340883113a3ac843bf3f9acd60ea74a914c", 0x33f, 0xa6})

[ 2150.365577]  device_add+0x7e5/0x15c0
[ 2150.365588]  ? device_is_dependent+0x2a0/0x2a0
[ 2150.365602]  netdev_register_kobject+0x181/0x410
[ 2150.365615]  register_netdevice+0x955/0xe40
[ 2150.396465]  ? netdev_change_features+0xa0/0xa0
[ 2150.401236]  ldisc_open+0x3e3/0x860
[ 2150.404864]  ? caifdev_setup+0x3b0/0x3b0
[ 2150.408930]  ? lock_downgrade+0x740/0x740
[ 2150.413076]  ? caifdev_setup+0x3b0/0x3b0
[ 2150.417132]  tty_ldisc_open+0x6c/0xb0
[ 2150.420935]  tty_set_ldisc+0x287/0x5d0
[ 2150.424846]  tty_ioctl+0xa2a/0x1430
18:30:03 executing program 2:
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x400200, 0x0)
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000000)) (async)
ioctl$KDDELIO(r0, 0x4b35, 0x48) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async, rerun: 32)
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00d', @ANYRES16=0x0, @ANYBLOB="00022bbd7040fd07000022a163de00eb3818b600000008003a00070629a7"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x40) (rerun: 32)

18:30:03 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x0, "06828993ab00"})
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

[ 2150.424857]  ? tty_fasync+0x2c0/0x2c0
[ 2150.424870]  ? proc_fail_nth_write+0x7b/0x180
[ 2150.436822]  ? trace_hardirqs_on+0x10/0x10
[ 2150.436836]  ? fsnotify+0x974/0x11b0
[ 2150.444794]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2150.449765]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2150.454820]  ? SyS_write+0x1b7/0x210
[ 2150.458561]  ? tty_fasync+0x2c0/0x2c0
[ 2150.462402]  do_vfs_ioctl+0x75a/0xff0
[ 2150.466245]  ? lock_acquire+0x170/0x3f0
[ 2150.470270]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2150.474706]  ? __fget+0x265/0x3e0
[ 2150.478208]  ? do_vfs_ioctl+0xff0/0xff0
[ 2150.482236]  ? security_file_ioctl+0x83/0xb0
[ 2150.486691]  SyS_ioctl+0x7f/0xb0
[ 2150.490124]  ? do_vfs_ioctl+0xff0/0xff0
[ 2150.494109]  do_syscall_64+0x1d5/0x640
[ 2150.498082]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2150.503331] RIP: 0033:0x7f1c69918049
[ 2150.503342] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2150.514741] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2150.522045] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
18:30:04 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x0, "06828993ab00"}) (async, rerun: 64)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0) (rerun: 64)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

[ 2150.529322] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2150.536592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2150.543897] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:04 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004040}, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004040}, 0x0) (async)

18:30:04 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:30:04 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000040))

18:30:04 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000300))
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80050}, 0x0)
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032abd7000ffdbdf250800000008000300", @ANYRES32=0x0, @ANYBLOB="05002a00010000008b71042083dfe3791dbeab7893413d5b46cad6946c99ec35480196ba900dbf71b76b5ce2ef38fdefb8d490f4c9cda6ba7761ec6c7e2f22a6b763e759bf5e1c79a2252675170b8662a46c653bd7c40354cf46e97960357c382d477d5bbbbeb0f20d5a17af7dcb65"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
pipe2(&(0x7f0000000340)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x84800)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x1402, 0x8, 0x70bd2a, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008080}, 0x1)

18:30:04 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 20)

18:30:04 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x0, "06828993ab00"}) (async)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))

18:30:04 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000300))
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80050}, 0x0)
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032abd7000ffdbdf250800000008000300", @ANYRES32=0x0, @ANYBLOB="05002a00010000008b71042083dfe3791dbeab7893413d5b46cad6946c99ec35480196ba900dbf71b76b5ce2ef38fdefb8d490f4c9cda6ba7761ec6c7e2f22a6b763e759bf5e1c79a2252675170b8662a46c653bd7c40354cf46e97960357c382d477d5bbbbeb0f20d5a17af7dcb65"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
pipe2(&(0x7f0000000340)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x84800)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x1402, 0x8, 0x70bd2a, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008080}, 0x1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000300)) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80050}, 0x0) (async)
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032abd7000ffdbdf250800000008000300", @ANYRES32=0x0, @ANYBLOB="05002a00010000008b71042083dfe3791dbeab7893413d5b46cad6946c99ec35480196ba900dbf71b76b5ce2ef38fdefb8d490f4c9cda6ba7761ec6c7e2f22a6b763e759bf5e1c79a2252675170b8662a46c653bd7c40354cf46e97960357c382d477d5bbbbeb0f20d5a17af7dcb65"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) (async)
pipe2(&(0x7f0000000340), 0x84800) (async)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x1402, 0x8, 0x70bd2a, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008080}, 0x1) (async)

18:30:04 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004040}, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004040}, 0x0) (async)

18:30:04 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "06828993ab00"})
r2 = epoll_create1(0x0)
ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000080)="1b")
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r3, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r4, 0x0)
ioctl$TIOCSRS485(r4, 0x542f, &(0x7f0000000100)={0x1, 0x6})
r5 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x0)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f00000000c0)={0x5, 0x3, 0x800})
ioctl$TIOCGWINSZ(r5, 0x5413, &(0x7f0000000000))

18:30:04 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

18:30:04 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)

18:30:04 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000300))
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80050}, 0x0) (async)
sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032abd7000ffdbdf250800000008000300", @ANYRES32=0x0, @ANYBLOB="05002a00010000008b71042083dfe3791dbeab7893413d5b46cad6946c99ec35480196ba900dbf71b76b5ce2ef38fdefb8d490f4c9cda6ba7761ec6c7e2f22a6b763e759bf5e1c79a2252675170b8662a46c653bd7c40354cf46e97960357c382d477d5bbbbeb0f20d5a17af7dcb65"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) (async)
pipe2(&(0x7f0000000340)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x84800)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x1402, 0x8, 0x70bd2a, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008080}, 0x1)

18:30:04 executing program 3:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000)={0x4})
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:30:04 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, &(0x7f00000001c0))

[ 2151.328444] FAULT_INJECTION: forcing a failure.
[ 2151.328444] name failslab, interval 1, probability 0, space 0, times 0
[ 2151.344633] CPU: 1 PID: 22900 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2151.352523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2151.362003] Call Trace:
[ 2151.364577]  dump_stack+0x1b2/0x281
[ 2151.368186]  should_fail.cold+0x10a/0x149
[ 2151.372328]  should_failslab+0xd6/0x130
[ 2151.376297]  kmem_cache_alloc+0x28e/0x3c0
[ 2151.380428]  __kernfs_new_node+0x6f/0x470
[ 2151.384576]  kernfs_new_node+0x7b/0xe0
[ 2151.388443]  __kernfs_create_file+0x3d/0x320
[ 2151.392835]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2151.397485]  internal_create_group+0x22b/0x710
[ 2151.402050]  sysfs_create_groups+0x92/0x130
[ 2151.406363]  device_add+0x7e5/0x15c0
[ 2151.410068]  ? device_is_dependent+0x2a0/0x2a0
[ 2151.414638]  netdev_register_kobject+0x181/0x410
[ 2151.419384]  register_netdevice+0x955/0xe40
[ 2151.423712]  ? netdev_change_features+0xa0/0xa0
[ 2151.428363]  ldisc_open+0x3e3/0x860
[ 2151.431970]  ? caifdev_setup+0x3b0/0x3b0
[ 2151.436015]  ? lock_downgrade+0x740/0x740
[ 2151.440141]  ? caifdev_setup+0x3b0/0x3b0
[ 2151.444185]  tty_ldisc_open+0x6c/0xb0
[ 2151.447982]  tty_set_ldisc+0x287/0x5d0
[ 2151.451850]  tty_ioctl+0xa2a/0x1430
[ 2151.455460]  ? tty_fasync+0x2c0/0x2c0
[ 2151.459248]  ? proc_fail_nth_write+0x7b/0x180
[ 2151.463722]  ? trace_hardirqs_on+0x10/0x10
[ 2151.467938]  ? fsnotify+0x974/0x11b0
[ 2151.471651]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2151.476577]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2151.481578]  ? SyS_write+0x1b7/0x210
[ 2151.485273]  ? tty_fasync+0x2c0/0x2c0
[ 2151.489055]  do_vfs_ioctl+0x75a/0xff0
[ 2151.492836]  ? lock_acquire+0x170/0x3f0
[ 2151.496790]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2151.501176]  ? __fget+0x265/0x3e0
[ 2151.504609]  ? do_vfs_ioctl+0xff0/0xff0
[ 2151.508570]  ? security_file_ioctl+0x83/0xb0
[ 2151.512961]  SyS_ioctl+0x7f/0xb0
[ 2151.516306]  ? do_vfs_ioctl+0xff0/0xff0
[ 2151.520278]  do_syscall_64+0x1d5/0x640
[ 2151.524171]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2151.529340] RIP: 0033:0x7f1c69918049
[ 2151.533028] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2151.540719] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2151.547974] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2151.555237] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2151.562487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2151.569736] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:05 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000040))

18:30:05 executing program 3:
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0xbb, 0x9ed0, 0x1, 0x2, 0x1, 0x1, 0x6, 0x2, 0x7fffffff, 0x9, 0x7fff, 0x0, 0x4, 0x20, 0x4, 0x11, {0x4}, 0x2, 0x89}})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1001000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x200}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004806}, 0x40)
r0 = socket$bt_hidp(0x1f, 0x3, 0x6)
socket$bt_hidp(0x1f, 0x3, 0x6)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
socketpair(0x2c, 0x80000, 0x4, &(0x7f0000000700)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000006c0)={0x2, &(0x7f0000000200)=[{@none}, {}]})
getsockopt$sock_timeval(r0, 0x1, 0x57, 0x0, &(0x7f0000000000))

18:30:05 executing program 4:
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x1401, 0x200, 0x70bd2b, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x20080}, 0x4040012)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:30:05 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f00000000c0)=""/132, &(0x7f0000000080)=0x84)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f00000001c0))

18:30:05 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 21)

18:30:05 executing program 4:
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x1401, 0x200, 0x70bd2b, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x20080}, 0x4040012) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:30:05 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:05 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f00000000c0)=""/132, &(0x7f0000000080)=0x84)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f00000001c0))

[ 2152.022604] FAULT_INJECTION: forcing a failure.
[ 2152.022604] name failslab, interval 1, probability 0, space 0, times 0
[ 2152.034191] CPU: 1 PID: 22929 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2152.042072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2152.051413] Call Trace:
[ 2152.053981]  dump_stack+0x1b2/0x281
[ 2152.057595]  should_fail.cold+0x10a/0x149
[ 2152.061734]  should_failslab+0xd6/0x130
[ 2152.065706]  kmem_cache_alloc+0x28e/0x3c0
[ 2152.069852]  __kernfs_new_node+0x6f/0x470
[ 2152.073981]  kernfs_new_node+0x7b/0xe0
[ 2152.077848]  __kernfs_create_file+0x3d/0x320
[ 2152.082245]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2152.086901]  internal_create_group+0x22b/0x710
[ 2152.091463]  sysfs_create_groups+0x92/0x130
[ 2152.100026]  device_add+0x7e5/0x15c0
[ 2152.103727]  ? device_is_dependent+0x2a0/0x2a0
[ 2152.108293]  netdev_register_kobject+0x181/0x410
[ 2152.113038]  register_netdevice+0x955/0xe40
[ 2152.117342]  ? netdev_change_features+0xa0/0xa0
[ 2152.122001]  ldisc_open+0x3e3/0x860
[ 2152.125626]  ? caifdev_setup+0x3b0/0x3b0
[ 2152.129683]  ? lock_downgrade+0x740/0x740
[ 2152.133824]  ? caifdev_setup+0x3b0/0x3b0
[ 2152.137888]  tty_ldisc_open+0x6c/0xb0
[ 2152.141785]  tty_set_ldisc+0x287/0x5d0
[ 2152.145672]  tty_ioctl+0xa2a/0x1430
[ 2152.149291]  ? tty_fasync+0x2c0/0x2c0
[ 2152.153095]  ? proc_fail_nth_write+0x7b/0x180
[ 2152.157589]  ? trace_hardirqs_on+0x10/0x10
[ 2152.161825]  ? fsnotify+0x974/0x11b0
[ 2152.165533]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2152.170456]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2152.175471]  ? SyS_write+0x1b7/0x210
[ 2152.179183]  ? tty_fasync+0x2c0/0x2c0
[ 2152.182982]  do_vfs_ioctl+0x75a/0xff0
[ 2152.186791]  ? lock_acquire+0x170/0x3f0
[ 2152.190767]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2152.195176]  ? __fget+0x265/0x3e0
[ 2152.198628]  ? do_vfs_ioctl+0xff0/0xff0
[ 2152.202601]  ? security_file_ioctl+0x83/0xb0
[ 2152.207008]  SyS_ioctl+0x7f/0xb0
[ 2152.210375]  ? do_vfs_ioctl+0xff0/0xff0
[ 2152.214345]  do_syscall_64+0x1d5/0x640
[ 2152.218233]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
18:30:05 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)

18:30:05 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:05 executing program 4:
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x1401, 0x200, 0x70bd2b, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x20080}, 0x4040012)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x1401, 0x200, 0x70bd2b, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x20080}, 0x4040012) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)

18:30:05 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f00000000c0)=""/132, &(0x7f0000000080)=0x84)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f00000001c0))

[ 2152.223414] RIP: 0033:0x7f1c69918049
[ 2152.227119] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2152.234822] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2152.242085] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2152.249374] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2152.256641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2152.263904] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:06 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000040))

18:30:06 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:06 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prctl$PR_GET_FPEMU(0x9, &(0x7f0000000000))
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x1, @pix_mp={0x303, 0x3, 0x31363553, 0x8, 0xb, [{0x6, 0x1}, {0x2, 0x10001}, {0x1, 0x8000008}, {0x4, 0x6}, {0x4, 0x763}, {0x5}, {0x9}, {0x5, 0x8}], 0x8, 0x0, 0x2, 0x0, 0x4}})
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:30:06 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r3, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000004650134713d5dc977ee3000000001b0000000c0006000000", @ANYRES32=r7, @ANYBLOB="100023800c0004000000000000000000"], 0x38}}, 0x0)
sendmsg$IEEE802154_SET_MACPARAMS(r5, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_TXPOWER={0x5}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x3}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x5}, @IEEE802154_ATTR_CSMA_RETRIES={0x5}, @IEEE802154_ATTR_LBT_ENABLED={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x80}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x3}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x40)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r9, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r4, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000828bd7000fddbdf252000000008000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=r7, @ANYBLOB="08000300", @ANYRES32=r10, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="0c00060002000000000000000c00060002000000000000000c000600030000000000000008000300", @ANYRES32=0x0, @ANYBLOB="98a5a636566ad211d004b65754b05d6d1e27f75e2d748fee03a1ab7321e4b0c974ffe97620ef428365fb00e52c2f43760cfbf2ed3f693dd87a1202e4d077459140f9"], 0x70}, 0x1, 0x0, 0x0, 0x4000105}, 0x880)

18:30:06 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 22)

18:30:06 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
prctl$PR_GET_FPEMU(0x9, &(0x7f0000000000))
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x1, @pix_mp={0x303, 0x3, 0x31363553, 0x8, 0xb, [{0x6, 0x1}, {0x2, 0x10001}, {0x1, 0x8000008}, {0x4, 0x6}, {0x4, 0x763}, {0x5}, {0x9}, {0x5, 0x8}], 0x8, 0x0, 0x2, 0x0, 0x4}}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:30:06 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:06 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r3, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000004650134713d5dc977ee3000000001b0000000c0006000000", @ANYRES32=r7, @ANYBLOB="100023800c0004000000000000000000"], 0x38}}, 0x0) (async)
sendmsg$IEEE802154_SET_MACPARAMS(r5, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_TXPOWER={0x5}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x3}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x5}, @IEEE802154_ATTR_CSMA_RETRIES={0x5}, @IEEE802154_ATTR_LBT_ENABLED={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x80}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x3}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) (async)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0}) (async)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r9, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r4, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000828bd7000fddbdf252000000008000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=r7, @ANYBLOB="08000300", @ANYRES32=r10, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="0c00060002000000000000000c00060002000000000000000c000600030000000000000008000300", @ANYRES32=0x0, @ANYBLOB="98a5a636566ad211d004b65754b05d6d1e27f75e2d748fee03a1ab7321e4b0c974ffe97620ef428365fb00e52c2f43760cfbf2ed3f693dd87a1202e4d077459140f9"], 0x70}, 0x1, 0x0, 0x0, 0x4000105}, 0x880)

[ 2152.845530] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2152.911009] FAULT_INJECTION: forcing a failure.
[ 2152.911009] name failslab, interval 1, probability 0, space 0, times 0
[ 2152.922907] CPU: 1 PID: 22965 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2152.930799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2152.940147] Call Trace:
[ 2152.942745]  dump_stack+0x1b2/0x281
[ 2152.946383]  should_fail.cold+0x10a/0x149
[ 2152.946729] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2152.950531]  should_failslab+0xd6/0x130
[ 2152.950544]  kmem_cache_alloc+0x28e/0x3c0
[ 2152.950557]  __kernfs_new_node+0x6f/0x470
[ 2152.950571]  kernfs_new_node+0x7b/0xe0
[ 2152.950581]  __kernfs_create_file+0x3d/0x320
[ 2152.950592]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2152.950605]  internal_create_group+0x22b/0x710
[ 2152.950619]  sysfs_create_groups+0x92/0x130
[ 2152.950631]  device_add+0x7e5/0x15c0
[ 2152.950642]  ? device_is_dependent+0x2a0/0x2a0
[ 2153.001428]  netdev_register_kobject+0x181/0x410
[ 2153.006267]  register_netdevice+0x955/0xe40
[ 2153.010579]  ? netdev_change_features+0xa0/0xa0
[ 2153.015235]  ldisc_open+0x3e3/0x860
[ 2153.018845]  ? caifdev_setup+0x3b0/0x3b0
[ 2153.022910]  ? lock_downgrade+0x740/0x740
[ 2153.027222]  ? caifdev_setup+0x3b0/0x3b0
[ 2153.031274]  tty_ldisc_open+0x6c/0xb0
[ 2153.035074]  tty_set_ldisc+0x287/0x5d0
[ 2153.038963]  tty_ioctl+0xa2a/0x1430
[ 2153.042582]  ? tty_fasync+0x2c0/0x2c0
[ 2153.046369]  ? proc_fail_nth_write+0x7b/0x180
[ 2153.050845]  ? trace_hardirqs_on+0x10/0x10
[ 2153.055062]  ? fsnotify+0x974/0x11b0
[ 2153.058762]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2153.063681]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2153.068683]  ? SyS_write+0x1b7/0x210
[ 2153.072397]  ? tty_fasync+0x2c0/0x2c0
[ 2153.076199]  do_vfs_ioctl+0x75a/0xff0
[ 2153.079988]  ? lock_acquire+0x170/0x3f0
[ 2153.083949]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2153.088343]  ? __fget+0x265/0x3e0
[ 2153.091781]  ? do_vfs_ioctl+0xff0/0xff0
[ 2153.095738]  ? security_file_ioctl+0x83/0xb0
[ 2153.100139]  SyS_ioctl+0x7f/0xb0
[ 2153.103491]  ? do_vfs_ioctl+0xff0/0xff0
[ 2153.107450]  do_syscall_64+0x1d5/0x640
[ 2153.111345]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2153.116513] RIP: 0033:0x7f1c69918049
[ 2153.120206] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2153.127903] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2153.135153] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2153.142414] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2153.149691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:30:06 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)

18:30:06 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prctl$PR_GET_FPEMU(0x9, &(0x7f0000000000))
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x1, @pix_mp={0x303, 0x3, 0x31363553, 0x8, 0xb, [{0x6, 0x1}, {0x2, 0x10001}, {0x1, 0x8000008}, {0x4, 0x6}, {0x4, 0x763}, {0x5}, {0x9}, {0x5, 0x8}], 0x8, 0x0, 0x2, 0x0, 0x4}})
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
prctl$PR_GET_FPEMU(0x9, &(0x7f0000000000)) (async)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x1, @pix_mp={0x303, 0x3, 0x31363553, 0x8, 0xb, [{0x6, 0x1}, {0x2, 0x10001}, {0x1, 0x8000008}, {0x4, 0x6}, {0x4, 0x763}, {0x5}, {0x9}, {0x5, 0x8}], 0x8, 0x0, 0x2, 0x0, 0x4}}) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)

18:30:06 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:06 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r3, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={0x0}}, 0x80001) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000004650134713d5dc977ee3000000001b0000000c0006000000", @ANYRES32=r7, @ANYBLOB="100023800c0004000000000000000000"], 0x38}}, 0x0) (async)
sendmsg$IEEE802154_SET_MACPARAMS(r5, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_TXPOWER={0x5}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x3}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x5}, @IEEE802154_ATTR_CSMA_RETRIES={0x5}, @IEEE802154_ATTR_LBT_ENABLED={0x5}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x80}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x3}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) (async)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r9, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x0) (async)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r4, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000828bd7000fddbdf252000000008000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=r7, @ANYBLOB="08000300", @ANYRES32=r10, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="0c00060002000000000000000c00060002000000000000000c000600030000000000000008000300", @ANYRES32=0x0, @ANYBLOB="98a5a636566ad211d004b65754b05d6d1e27f75e2d748fee03a1ab7321e4b0c974ffe97620ef428365fb00e52c2f43760cfbf2ed3f693dd87a1202e4d077459140f9"], 0x70}, 0x1, 0x0, 0x0, 0x4000105}, 0x880)

[ 2153.156964] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
[ 2153.271127] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2153.339373] Bluetooth: hci5 command 0x0405 tx timeout
18:30:07 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r1 = socket(0xb, 0xa, 0x5)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xd6})

18:30:07 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 23)

18:30:07 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:07 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))

18:30:07 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1411, 0x10, 0x70bd25, 0x25cfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x3b}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)

18:30:07 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:07 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))

18:30:07 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1411, 0x10, 0x70bd25, 0x25cfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x3b}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)

[ 2153.737692] FAULT_INJECTION: forcing a failure.
[ 2153.737692] name failslab, interval 1, probability 0, space 0, times 0
[ 2153.793936] CPU: 1 PID: 23002 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2153.801838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2153.811273] Call Trace:
[ 2153.813871]  dump_stack+0x1b2/0x281
[ 2153.817512]  should_fail.cold+0x10a/0x149
[ 2153.821666]  should_failslab+0xd6/0x130
[ 2153.825649]  kmem_cache_alloc+0x28e/0x3c0
[ 2153.829796]  __kernfs_new_node+0x6f/0x470
[ 2153.833933]  kernfs_new_node+0x7b/0xe0
[ 2153.837817]  __kernfs_create_file+0x3d/0x320
[ 2153.842207]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2153.846860]  internal_create_group+0x22b/0x710
[ 2153.851427]  sysfs_create_groups+0x92/0x130
[ 2153.855732]  device_add+0x7e5/0x15c0
[ 2153.859428]  ? device_is_dependent+0x2a0/0x2a0
[ 2153.863997]  netdev_register_kobject+0x181/0x410
[ 2153.868741]  register_netdevice+0x955/0xe40
[ 2153.873048]  ? netdev_change_features+0xa0/0xa0
[ 2153.877702]  ldisc_open+0x3e3/0x860
[ 2153.881332]  ? caifdev_setup+0x3b0/0x3b0
[ 2153.885380]  ? lock_downgrade+0x740/0x740
[ 2153.889511]  ? caifdev_setup+0x3b0/0x3b0
[ 2153.893568]  tty_ldisc_open+0x6c/0xb0
[ 2153.897351]  tty_set_ldisc+0x287/0x5d0
[ 2153.901221]  tty_ioctl+0xa2a/0x1430
[ 2153.904832]  ? tty_fasync+0x2c0/0x2c0
[ 2153.908614]  ? proc_fail_nth_write+0x7b/0x180
[ 2153.913096]  ? trace_hardirqs_on+0x10/0x10
[ 2153.917330]  ? fsnotify+0x974/0x11b0
[ 2153.921023]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2153.925931]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2153.930928]  ? SyS_write+0x1b7/0x210
[ 2153.934631]  ? tty_fasync+0x2c0/0x2c0
[ 2153.938432]  do_vfs_ioctl+0x75a/0xff0
[ 2153.942223]  ? lock_acquire+0x170/0x3f0
[ 2153.946193]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2153.950583]  ? __fget+0x265/0x3e0
[ 2153.954031]  ? do_vfs_ioctl+0xff0/0xff0
[ 2153.957988]  ? security_file_ioctl+0x83/0xb0
[ 2153.962376]  SyS_ioctl+0x7f/0xb0
[ 2153.965723]  ? do_vfs_ioctl+0xff0/0xff0
[ 2153.969679]  do_syscall_64+0x1d5/0x640
[ 2153.973577]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2153.978747] RIP: 0033:0x7f1c69918049
[ 2153.982450] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
18:30:07 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r1, &(0x7f0000000000), 0x8)

18:30:07 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:07 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1411, 0x10, 0x70bd25, 0x25cfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x3b}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1411, 0x10, 0x70bd25, 0x25cfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x3b}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) (async)

18:30:07 executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r0, 0x0) (async)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000001c0)) (async)

[ 2153.990140] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2153.997390] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2154.004649] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2154.011897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2154.019149] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:08 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
r1 = socket(0xb, 0xa, 0x5)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xd6})

18:30:08 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_open_pts(0xffffffffffffffff, 0x200000)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:30:08 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000000), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:08 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 24)

18:30:08 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r1, &(0x7f0000000000), 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
bind$bt_sco(r1, &(0x7f0000000000), 0x8) (async)

18:30:08 executing program 2:
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000000)={0x2, 0x0, [0x93a, 0x668, 0x6, 0x6, 0x6, 0xba, 0x3ff, 0x4]})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:30:08 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
syz_open_pts(0xffffffffffffffff, 0x200000)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:30:08 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r1 = socket(0xb, 0xa, 0x5)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xd6})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
socket(0xb, 0xa, 0x5) (async)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xd6}) (async)

18:30:08 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000000), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:08 executing program 2:
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000000)={0x2, 0x0, [0x93a, 0x668, 0x6, 0x6, 0x6, 0xba, 0x3ff, 0x4]})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r0, 0x0) (async)
ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000000)={0x2, 0x0, [0x93a, 0x668, 0x6, 0x6, 0x6, 0xba, 0x3ff, 0x4]}) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)

18:30:08 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x3, 0x6, 0x200000, 0xfffffffa, 0x2, "dffc7ca8327333db6fbae78d1e0c5b1fcf6ffe"})

18:30:08 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_open_pts(0xffffffffffffffff, 0x200000) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)

18:30:08 executing program 3:
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000080))
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000000), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:08 executing program 2:
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0) (async)
ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000000)={0x2, 0x0, [0x93a, 0x668, 0x6, 0x6, 0x6, 0xba, 0x3ff, 0x4]}) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r1, 0x1, 0x1, 0x0, &(0x7f00000001c0))

18:30:08 executing program 2:
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r0, 0x0, 0xffffffffffffffbc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x28, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000801}, 0x40)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5efb8f65}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4804}, 0x28040080)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r4, 0x1, 0x1, 0x0, &(0x7f00000001c0))
socketpair(0x1e, 0x800, 0x4, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
bind$bt_sco(r5, &(0x7f0000000040), 0x8)

[ 2154.757698] FAULT_INJECTION: forcing a failure.
[ 2154.757698] name failslab, interval 1, probability 0, space 0, times 0
[ 2154.773653] CPU: 1 PID: 23071 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2154.781548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2154.790904] Call Trace:
[ 2154.793493]  dump_stack+0x1b2/0x281
[ 2154.797124]  should_fail.cold+0x10a/0x149
[ 2154.801275]  should_failslab+0xd6/0x130
[ 2154.805250]  kmem_cache_alloc+0x28e/0x3c0
[ 2154.809401]  __kernfs_new_node+0x6f/0x470
[ 2154.813550]  kernfs_new_node+0x7b/0xe0
[ 2154.817444]  __kernfs_create_file+0x3d/0x320
[ 2154.821854]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2154.826524]  internal_create_group+0x22b/0x710
[ 2154.831108]  sysfs_create_groups+0x92/0x130
[ 2154.835424]  device_add+0x7e5/0x15c0
[ 2154.839136]  ? device_is_dependent+0x2a0/0x2a0
[ 2154.843719]  netdev_register_kobject+0x181/0x410
[ 2154.848480]  register_netdevice+0x955/0xe40
[ 2154.852793]  ? netdev_change_features+0xa0/0xa0
[ 2154.857535]  ldisc_open+0x3e3/0x860
[ 2154.861145]  ? caifdev_setup+0x3b0/0x3b0
[ 2154.865202]  ? lock_downgrade+0x740/0x740
[ 2154.869334]  ? caifdev_setup+0x3b0/0x3b0
[ 2154.873395]  tty_ldisc_open+0x6c/0xb0
[ 2154.877187]  tty_set_ldisc+0x287/0x5d0
[ 2154.881060]  tty_ioctl+0xa2a/0x1430
[ 2154.884679]  ? tty_fasync+0x2c0/0x2c0
[ 2154.888460]  ? proc_fail_nth_write+0x7b/0x180
[ 2154.892935]  ? trace_hardirqs_on+0x10/0x10
[ 2154.897152]  ? fsnotify+0x974/0x11b0
[ 2154.900842]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2154.905755]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2154.910761]  ? SyS_write+0x1b7/0x210
[ 2154.914454]  ? tty_fasync+0x2c0/0x2c0
[ 2154.918231]  do_vfs_ioctl+0x75a/0xff0
[ 2154.922013]  ? lock_acquire+0x170/0x3f0
[ 2154.925968]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2154.930355]  ? __fget+0x265/0x3e0
[ 2154.933787]  ? do_vfs_ioctl+0xff0/0xff0
[ 2154.937739]  ? security_file_ioctl+0x83/0xb0
[ 2154.942124]  SyS_ioctl+0x7f/0xb0
[ 2154.945468]  ? do_vfs_ioctl+0xff0/0xff0
[ 2154.949418]  do_syscall_64+0x1d5/0x640
[ 2154.953305]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
18:30:08 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 25)

[ 2154.958476] RIP: 0033:0x7f1c69918049
[ 2154.962163] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2154.969850] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2154.977101] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2154.984348] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2154.991597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2154.998845] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
[ 2155.055879] FAULT_INJECTION: forcing a failure.
[ 2155.055879] name failslab, interval 1, probability 0, space 0, times 0
[ 2155.067683] CPU: 0 PID: 23086 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2155.075556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2155.084888] Call Trace:
[ 2155.087475]  dump_stack+0x1b2/0x281
[ 2155.091087]  should_fail.cold+0x10a/0x149
[ 2155.095218]  should_failslab+0xd6/0x130
[ 2155.099178]  kmem_cache_alloc+0x28e/0x3c0
[ 2155.103307]  __kernfs_new_node+0x6f/0x470
[ 2155.107438]  kernfs_new_node+0x7b/0xe0
[ 2155.111303]  __kernfs_create_file+0x3d/0x320
[ 2155.115692]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2155.120350]  internal_create_group+0x22b/0x710
[ 2155.124934]  sysfs_create_groups+0x92/0x130
[ 2155.129261]  device_add+0x7e5/0x15c0
[ 2155.132966]  ? device_is_dependent+0x2a0/0x2a0
[ 2155.137535]  netdev_register_kobject+0x181/0x410
[ 2155.142279]  register_netdevice+0x955/0xe40
[ 2155.146583]  ? netdev_change_features+0xa0/0xa0
[ 2155.151236]  ldisc_open+0x3e3/0x860
[ 2155.154843]  ? caifdev_setup+0x3b0/0x3b0
[ 2155.158888]  ? lock_downgrade+0x740/0x740
[ 2155.163016]  ? caifdev_setup+0x3b0/0x3b0
[ 2155.167075]  tty_ldisc_open+0x6c/0xb0
[ 2155.170866]  tty_set_ldisc+0x287/0x5d0
[ 2155.174733]  tty_ioctl+0xa2a/0x1430
[ 2155.178449]  ? tty_fasync+0x2c0/0x2c0
[ 2155.182237]  ? proc_fail_nth_write+0x7b/0x180
[ 2155.187234]  ? trace_hardirqs_on+0x10/0x10
[ 2155.191452]  ? fsnotify+0x974/0x11b0
[ 2155.195143]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2155.200067]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2155.205061]  ? SyS_write+0x1b7/0x210
[ 2155.208751]  ? tty_fasync+0x2c0/0x2c0
[ 2155.212545]  do_vfs_ioctl+0x75a/0xff0
[ 2155.216327]  ? lock_acquire+0x170/0x3f0
[ 2155.220284]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2155.224673]  ? __fget+0x265/0x3e0
[ 2155.228109]  ? do_vfs_ioctl+0xff0/0xff0
[ 2155.232073]  ? security_file_ioctl+0x83/0xb0
[ 2155.236471]  SyS_ioctl+0x7f/0xb0
[ 2155.239832]  ? do_vfs_ioctl+0xff0/0xff0
[ 2155.243806]  do_syscall_64+0x1d5/0x640
[ 2155.247680]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2155.252847] RIP: 0033:0x7f1c69918049
[ 2155.256540] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2155.264243] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2155.271490] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2155.278749] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2155.286005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2155.293277] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:08 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r1, &(0x7f0000000000), 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
bind$bt_sco(r1, &(0x7f0000000000), 0x8) (async)

18:30:08 executing program 3:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:08 executing program 2:
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r0, 0x0, 0xffffffffffffffbc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x28, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000801}, 0x40)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5efb8f65}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4804}, 0x28040080)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r4, 0x1, 0x1, 0x0, &(0x7f00000001c0))
socketpair(0x1e, 0x800, 0x4, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
bind$bt_sco(r5, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
bind$bt_sco(r0, 0x0, 0xffffffffffffffbc) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x28, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000801}, 0x40) (async)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5efb8f65}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4804}, 0x28040080) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r4, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
socketpair(0x1e, 0x800, 0x4, &(0x7f0000000000)) (async)
bind$bt_sco(r5, &(0x7f0000000040), 0x8) (async)

18:30:08 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40)

18:30:08 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 26)

18:30:08 executing program 3:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

[ 2155.544504] FAULT_INJECTION: forcing a failure.
[ 2155.544504] name failslab, interval 1, probability 0, space 0, times 0
[ 2155.555834] CPU: 0 PID: 23113 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2155.563713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2155.573066] Call Trace:
[ 2155.575652]  dump_stack+0x1b2/0x281
[ 2155.579281]  should_fail.cold+0x10a/0x149
[ 2155.583435]  should_failslab+0xd6/0x130
[ 2155.587416]  kmem_cache_alloc+0x28e/0x3c0
18:30:09 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x3, 0x6, 0x200000, 0xfffffffa, 0x2, "dffc7ca8327333db6fbae78d1e0c5b1fcf6ffe"})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
connect$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x3, 0x6, 0x200000, 0xfffffffa, 0x2, "dffc7ca8327333db6fbae78d1e0c5b1fcf6ffe"}) (async)

18:30:09 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1) (async)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40) (async)

18:30:09 executing program 3:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:09 executing program 2:
pipe2(&(0x7f0000000900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
bind$bt_sco(r0, 0x0, 0xffffffffffffffbc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x28, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000801}, 0x40)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5efb8f65}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4804}, 0x28040080)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r4, 0x1, 0x1, 0x0, &(0x7f00000001c0))
socketpair(0x1e, 0x800, 0x4, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
bind$bt_sco(r5, &(0x7f0000000040), 0x8)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r1, 0x0) (async)
bind$bt_sco(r0, 0x0, 0xffffffffffffffbc) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}}, 0x0) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x28, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000801}, 0x40) (async)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5efb8f65}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4804}, 0x28040080) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r4, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
socketpair(0x1e, 0x800, 0x4, &(0x7f0000000000)) (async)
bind$bt_sco(r5, &(0x7f0000000040), 0x8) (async)

[ 2155.591566]  __kernfs_new_node+0x6f/0x470
[ 2155.595719]  kernfs_new_node+0x7b/0xe0
[ 2155.599605]  __kernfs_create_file+0x3d/0x320
[ 2155.604010]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2155.608683]  internal_create_group+0x22b/0x710
[ 2155.613271]  sysfs_create_groups+0x92/0x130
[ 2155.617606]  device_add+0x7e5/0x15c0
[ 2155.621322]  ? device_is_dependent+0x2a0/0x2a0
[ 2155.625908]  netdev_register_kobject+0x181/0x410
[ 2155.630668]  register_netdevice+0x955/0xe40
[ 2155.635077]  ? netdev_change_features+0xa0/0xa0
[ 2155.639743]  ldisc_open+0x3e3/0x860
18:30:09 executing program 3:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000000), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

[ 2155.643366]  ? caifdev_setup+0x3b0/0x3b0
[ 2155.647426]  ? lock_downgrade+0x740/0x740
[ 2155.651576]  ? caifdev_setup+0x3b0/0x3b0
[ 2155.655635]  tty_ldisc_open+0x6c/0xb0
[ 2155.659433]  tty_set_ldisc+0x287/0x5d0
[ 2155.663327]  tty_ioctl+0xa2a/0x1430
[ 2155.666954]  ? tty_fasync+0x2c0/0x2c0
[ 2155.670757]  ? proc_fail_nth_write+0x7b/0x180
[ 2155.675259]  ? trace_hardirqs_on+0x10/0x10
[ 2155.679498]  ? fsnotify+0x974/0x11b0
[ 2155.683816]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2155.688739]  ? debug_check_no_obj_freed+0x2c0/0x680
18:30:09 executing program 3:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, 0x0, 0x0)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

[ 2155.693752]  ? SyS_write+0x1b7/0x210
[ 2155.697463]  ? tty_fasync+0x2c0/0x2c0
[ 2155.701264]  do_vfs_ioctl+0x75a/0xff0
[ 2155.705061]  ? lock_acquire+0x170/0x3f0
[ 2155.709028]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2155.713597]  ? __fget+0x265/0x3e0
[ 2155.717052]  ? do_vfs_ioctl+0xff0/0xff0
[ 2155.721030]  ? security_file_ioctl+0x83/0xb0
[ 2155.725436]  SyS_ioctl+0x7f/0xb0
[ 2155.728798]  ? do_vfs_ioctl+0xff0/0xff0
[ 2155.732769]  do_syscall_64+0x1d5/0x640
[ 2155.736663]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2155.741845] RIP: 0033:0x7f1c69918049
[ 2155.745550] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2155.753252] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2155.760516] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2155.767780] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2155.775041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2155.782303] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
18:30:09 executing program 3:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, 0x0, 0x0)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @none}, 0x8)

18:30:09 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}]}, 0x24}}, 0x4000)

18:30:09 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
connect$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x3, 0x6, 0x200000, 0xfffffffa, 0x2, "dffc7ca8327333db6fbae78d1e0c5b1fcf6ffe"})

18:30:09 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1) (async)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40) (async)

18:30:09 executing program 0:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
socketpair(0xa, 0x3, 0xb1f0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000001240)={0x3, 0x0, {0x1, 0x7ff, 0x3, 0x8000}})
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000180)=""/4096, &(0x7f0000001180)=0x1000)
connect$bt_sco(r0, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0x8)
ioctl$VIDIOC_TRY_ENCODER_CMD(0xffffffffffffffff, 0xc028564e, &(0x7f0000000140)={0x3, 0x1, [0x8, 0x8, 0xfac69714, 0x1, 0x5, 0xa6b, 0x0, 0x6]})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
clock_gettime(0x0, &(0x7f0000000100)={<r3=>0x0, <r4=>0x0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000011c0)=@overlay={0x14e, 0x7, 0x4, 0x2, 0x8, {r3, r4/1000+10000}, {0x5, 0x2, 0x4, 0x1f, 0xe4, 0x2, "62978b71"}, 0x62a, 0x3, {}, 0x401, 0x0, r5})

18:30:09 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 27)

18:30:09 executing program 0:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000))
socketpair(0xa, 0x3, 0xb1f0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000001240)={0x3, 0x0, {0x1, 0x7ff, 0x3, 0x8000}})
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000180)=""/4096, &(0x7f0000001180)=0x1000)
connect$bt_sco(r0, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0x8)
ioctl$VIDIOC_TRY_ENCODER_CMD(0xffffffffffffffff, 0xc028564e, &(0x7f0000000140)={0x3, 0x1, [0x8, 0x8, 0xfac69714, 0x1, 0x5, 0xa6b, 0x0, 0x6]})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0)
clock_gettime(0x0, &(0x7f0000000100)={<r3=>0x0, <r4=>0x0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000011c0)=@overlay={0x14e, 0x7, 0x4, 0x2, 0x8, {r3, r4/1000+10000}, {0x5, 0x2, 0x4, 0x1f, 0xe4, 0x2, "62978b71"}, 0x62a, 0x3, {}, 0x401, 0x0, r5})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8) (async)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000)) (async)
socketpair(0xa, 0x3, 0xb1f0, &(0x7f00000000c0)) (async)
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000001240)={0x3, 0x0, {0x1, 0x7ff, 0x3, 0x8000}}) (async)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000180)=""/4096, &(0x7f0000001180)=0x1000) (async)
connect$bt_sco(r0, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0x8) (async)
ioctl$VIDIOC_TRY_ENCODER_CMD(0xffffffffffffffff, 0xc028564e, &(0x7f0000000140)={0x3, 0x1, [0x8, 0x8, 0xfac69714, 0x1, 0x5, 0xa6b, 0x0, 0x6]}) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r2, 0x0) (async)
clock_gettime(0x0, &(0x7f0000000100)) (async)
pipe2(&(0x7f0000000900), 0x0) (async)
timerfd_gettime(r5, 0x0) (async)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000011c0)=@overlay={0x14e, 0x7, 0x4, 0x2, 0x8, {r3, r4/1000+10000}, {0x5, 0x2, 0x4, 0x1f, 0xe4, 0x2, "62978b71"}, 0x62a, 0x3, {}, 0x401, 0x0, r5}) (async)

18:30:09 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}]}, 0x24}}, 0x4000)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
getsockopt$sock_timeval(r0, 0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}]}, 0x24}}, 0x4000) (async)

18:30:09 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xf53}, @BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2}, 0x1)

18:30:09 executing program 0:
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000)) (async)
socketpair(0xa, 0x3, 0xb1f0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000001240)={0x3, 0x0, {0x1, 0x7ff, 0x3, 0x8000}}) (async)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000180)=""/4096, &(0x7f0000001180)=0x1000) (async)
connect$bt_sco(r0, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0x8) (async)
ioctl$VIDIOC_TRY_ENCODER_CMD(0xffffffffffffffff, 0xc028564e, &(0x7f0000000140)={0x3, 0x1, [0x8, 0x8, 0xfac69714, 0x1, 0x5, 0xa6b, 0x0, 0x6]}) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r2, 0x0) (async)
clock_gettime(0x0, &(0x7f0000000100)={<r3=>0x0, <r4=>0x0})
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r5, 0x0)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000011c0)=@overlay={0x14e, 0x7, 0x4, 0x2, 0x8, {r3, r4/1000+10000}, {0x5, 0x2, 0x4, 0x1f, 0xe4, 0x2, "62978b71"}, 0x62a, 0x3, {}, 0x401, 0x0, r5})

[ 2156.459853] ==================================================================
[ 2156.467248] BUG: KASAN: use-after-free in __lock_acquire+0x2c57/0x3f20
[ 2156.473900] Read of size 8 at addr ffff888077e2a260 by task kworker/0:1/23736
[ 2156.481163] 
[ 2156.482786] CPU: 0 PID: 23736 Comm: kworker/0:1 Not tainted 4.14.271-syzkaller #0
[ 2156.490391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2156.499740] Workqueue: events sco_sock_timeout
[ 2156.504313] Call Trace:
[ 2156.506893]  dump_stack+0x1b2/0x281
[ 2156.510520]  print_address_description.cold+0x54/0x1d3
[ 2156.515787]  kasan_report_error.cold+0x8a/0x191
[ 2156.520448]  ? __lock_acquire+0x2c57/0x3f20
[ 2156.524775]  __asan_report_load8_noabort+0x68/0x70
[ 2156.524784]  ? __lock_acquire+0x2c57/0x3f20
[ 2156.524791]  __lock_acquire+0x2c57/0x3f20
[ 2156.524802]  ? trace_hardirqs_on+0x10/0x10
[ 2156.524809]  ? debug_object_deactivate+0x1da/0x2e0
[ 2156.524815]  ? trace_hardirqs_on+0x10/0x10
[ 2156.524826]  ? sco_sock_timeout+0x5d/0x1a0
[ 2156.524832]  lock_acquire+0x170/0x3f0
[ 2156.524839]  ? sco_sock_timeout+0x7b/0x1a0
[ 2156.524847]  _raw_spin_lock+0x2a/0x40
[ 2156.524853]  ? sco_sock_timeout+0x7b/0x1a0
[ 2156.524859]  sco_sock_timeout+0x7b/0x1a0
[ 2156.524867]  process_one_work+0x793/0x14a0
[ 2156.524876]  ? work_busy+0x320/0x320
[ 2156.524881]  ? worker_thread+0x158/0xff0
[ 2156.524888]  ? _raw_spin_unlock_irq+0x24/0x80
[ 2156.524895]  worker_thread+0x5cc/0xff0
[ 2156.524904]  ? rescuer_thread+0xc80/0xc80
[ 2156.524910]  kthread+0x30d/0x420
[ 2156.524915]  ? kthread_create_on_node+0xd0/0xd0
[ 2156.524921]  ret_from_fork+0x24/0x30
[ 2156.524927] 
[ 2156.524930] Allocated by task 22353:
[ 2156.524937]  kasan_kmalloc+0xeb/0x160
[ 2156.524944]  __kmalloc+0x15a/0x400
[ 2156.524950]  sk_prot_alloc+0x1ba/0x290
[ 2156.524955]  sk_alloc+0x36/0xcd0
[ 2156.524961]  sco_sock_alloc.constprop.0+0x31/0x200
[ 2156.524966]  sco_sock_create+0xc5/0x180
[ 2156.524972]  bt_sock_create+0x13b/0x280
[ 2156.524983]  __sock_create+0x303/0x620
[ 2156.524988]  SyS_socket+0xd1/0x1b0
[ 2156.524995]  do_syscall_64+0x1d5/0x640
[ 2156.525000]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2156.525001] 
[ 2156.525004] Freed by task 22357:
[ 2156.525009]  kasan_slab_free+0xc3/0x1a0
[ 2156.525014]  kfree+0xc9/0x250
[ 2156.525020]  __sk_destruct+0x5e3/0x760
[ 2156.525025]  __sk_free+0xd9/0x2d0
[ 2156.525030]  sk_free+0x2b/0x40
[ 2156.525035]  sco_sock_kill.part.0+0x97/0xb0
[ 2156.525040]  sco_sock_release+0x17d/0x2f0
[ 2156.525044]  __sock_release+0xcd/0x2b0
[ 2156.525048]  sock_close+0x15/0x20
[ 2156.525055]  __fput+0x25f/0x7a0
[ 2156.525060]  task_work_run+0x11f/0x190
[ 2156.525066]  do_exit+0xa44/0x2850
[ 2156.525072]  do_group_exit+0x100/0x2e0
[ 2156.525077]  get_signal+0x38d/0x1ca0
[ 2156.525082]  do_signal+0x7c/0x1550
[ 2156.525091]  exit_to_usermode_loop+0x160/0x200
[ 2156.540461] FAULT_INJECTION: forcing a failure.
[ 2156.540461] name failslab, interval 1, probability 0, space 0, times 0
[ 2156.542669]  do_syscall_64+0x4a3/0x640
[ 2156.542677]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2156.542679] 
[ 2156.542684] The buggy address belongs to the object at ffff888077e2a1c0
[ 2156.542684]  which belongs to the cache kmalloc-2048 of size 2048
[ 2156.542690] The buggy address is located 160 bytes inside of
[ 2156.542690]  2048-byte region [ffff888077e2a1c0, ffff888077e2a9c0)
[ 2156.542692] The buggy address belongs to the page:
[ 2156.542697] page:ffffea0001df8a80 count:1 mapcount:0 mapping:ffff888077e2a1c0 index:0x0 compound_mapcount: 0
[ 2156.542705] flags: 0xfff00000008100(slab|head)
[ 2156.542716] raw: 00fff00000008100 ffff888077e2a1c0 0000000000000000 0000000100000003
[ 2156.547718] CPU: 1 PID: 23187 Comm: syz-executor.5 Not tainted 4.14.271-syzkaller #0
[ 2156.551847] raw: ffffea0002cf7fa0 ffffea0002be28a0 ffff88813fe74c40 0000000000000000
[ 2156.556058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2156.559827] page dumped because: kasan: bad access detected
[ 2156.559832] 
[ 2156.564042] Call Trace:
[ 2156.567809] Memory state around the buggy address:
[ 2156.567815]  ffff888077e2a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2156.572040]  dump_stack+0x1b2/0x281
[ 2156.576072]  ffff888077e2a180: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 2156.580294]  should_fail.cold+0x10a/0x149
[ 2156.583982] >ffff888077e2a200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2156.588034]  should_failslab+0xd6/0x130
[ 2156.592487]                                                        ^
[ 2156.592494]  ffff888077e2a280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2156.596365]  kmem_cache_alloc+0x28e/0x3c0
[ 2156.600483]  ffff888077e2a300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2156.603835]  __kernfs_new_node+0x6f/0x470
[ 2156.608469] ==================================================================
[ 2156.608475] Disabling lock debugging due to kernel taint
[ 2156.612177]  kernfs_new_node+0x7b/0xe0
[ 2156.613790] Kernel panic - not syncing: panic_on_warn set ...
[ 2156.613790] 
[ 2156.617484]  __kernfs_create_file+0x3d/0x320
[ 2156.930547]  sysfs_add_file_mode_ns+0x1e1/0x450
[ 2156.935198]  internal_create_group+0x22b/0x710
[ 2156.939761]  sysfs_create_groups+0x92/0x130
[ 2156.944078]  device_add+0x7e5/0x15c0
[ 2156.947774]  ? device_is_dependent+0x2a0/0x2a0
[ 2156.952351]  netdev_register_kobject+0x181/0x410
[ 2156.957087]  register_netdevice+0x955/0xe40
[ 2156.961390]  ? netdev_change_features+0xa0/0xa0
[ 2156.966040]  ldisc_open+0x3e3/0x860
[ 2156.969658]  ? caifdev_setup+0x3b0/0x3b0
[ 2156.973701]  ? lock_downgrade+0x740/0x740
[ 2156.977828]  ? caifdev_setup+0x3b0/0x3b0
[ 2156.981870]  tty_ldisc_open+0x6c/0xb0
[ 2156.985647]  tty_set_ldisc+0x287/0x5d0
[ 2156.989515]  tty_ioctl+0xa2a/0x1430
[ 2156.993136]  ? tty_fasync+0x2c0/0x2c0
[ 2156.996918]  ? proc_fail_nth_write+0x7b/0x180
[ 2157.001399]  ? trace_hardirqs_on+0x10/0x10
[ 2157.005614]  ? fsnotify+0x974/0x11b0
[ 2157.009307]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 2157.014213]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 2157.019308]  ? SyS_write+0x1b7/0x210
[ 2157.023005]  ? tty_fasync+0x2c0/0x2c0
[ 2157.026784]  do_vfs_ioctl+0x75a/0xff0
[ 2157.030563]  ? lock_acquire+0x170/0x3f0
[ 2157.034516]  ? ioctl_preallocate+0x1a0/0x1a0
[ 2157.038912]  ? __fget+0x265/0x3e0
[ 2157.042346]  ? do_vfs_ioctl+0xff0/0xff0
[ 2157.046302]  ? security_file_ioctl+0x83/0xb0
[ 2157.050689]  SyS_ioctl+0x7f/0xb0
[ 2157.054036]  ? do_vfs_ioctl+0xff0/0xff0
[ 2157.057992]  do_syscall_64+0x1d5/0x640
[ 2157.061865]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 2157.067031] RIP: 0033:0x7f1c69918049
[ 2157.070720] RSP: 002b:00007f1c6828d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2157.078405] RAX: ffffffffffffffda RBX: 00007f1c69a2af60 RCX: 00007f1c69918049
[ 2157.085664] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003
[ 2157.092913] RBP: 00007f1c6828d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2157.100163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2157.107427] R13: 00007ffe3cdc3b9f R14: 00007f1c6828d300 R15: 0000000000022000
[ 2157.114685] CPU: 0 PID: 23736 Comm: kworker/0:1 Tainted: G    B           4.14.271-syzkaller #0
[ 2157.123548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2157.132902] Workqueue: events sco_sock_timeout
[ 2157.137477] Call Trace:
[ 2157.140058]  dump_stack+0x1b2/0x281
[ 2157.143677]  panic+0x1f9/0x42d
[ 2157.146863]  ? add_taint.cold+0x16/0x16
[ 2157.150830]  ? lock_downgrade+0x740/0x740
[ 2157.154968]  kasan_end_report+0x43/0x49
18:30:10 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, &(0x7f00000001c0)=0x62) (async)
pipe2(&(0x7f0000000900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_gettime(r1, 0x0) (async)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xf53}, @BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2}, 0x1)

18:30:10 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x14) (fail_nth: 28)

[ 2157.158934]  kasan_report_error.cold+0xa7/0x191
[ 2157.163594]  ? __lock_acquire+0x2c57/0x3f20
[ 2157.167904]  __asan_report_load8_noabort+0x68/0x70
[ 2157.172824]  ? __lock_acquire+0x2c57/0x3f20
[ 2157.177137]  __lock_acquire+0x2c57/0x3f20
[ 2157.181280]  ? trace_hardirqs_on+0x10/0x10
[ 2157.181288]  ? debug_object_deactivate+0x1da/0x2e0
[ 2157.181295]  ? trace_hardirqs_on+0x10/0x10
[ 2157.181307]  ? sco_sock_timeout+0x5d/0x1a0
[ 2157.198864]  lock_acquire+0x170/0x3f0
[ 2157.202656]  ? sco_sock_timeout+0x7b/0x1a0
[ 2157.206876]  _raw_spin_lock+0x2a/0x40
[ 2157.210670]  ? sco_sock_timeout+0x7b/0x1a0
[ 2157.214892]  sco_sock_timeout+0x7b/0x1a0
[ 2157.218977]  process_one_work+0x793/0x14a0
[ 2157.223210]  ? work_busy+0x320/0x320
[ 2157.226914]  ? worker_thread+0x158/0xff0
[ 2157.230963]  ? _raw_spin_unlock_irq+0x24/0x80
[ 2157.235448]  worker_thread+0x5cc/0xff0
[ 2157.239332]  ? rescuer_thread+0xc80/0xc80
[ 2157.243466]  kthread+0x30d/0x420
[ 2157.246819]  ? kthread_create_on_node+0xd0/0xd0
[ 2157.251476]  ret_from_fork+0x24/0x30
[ 2157.255347] Kernel Offset: disabled
[ 2157.262315] Rebooting in 86400 seconds..