Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:26853' (ECDSA) to the list of known hosts. 2022/09/14 11:11:00 fuzzer started 2022/09/14 11:11:00 dialing manager at localhost:33849 syzkaller login: [ 36.046039] cgroup: Unknown subsys name 'net' [ 36.133071] cgroup: Unknown subsys name 'rlimit' 2022/09/14 11:11:14 syscalls: 2215 2022/09/14 11:11:14 code coverage: enabled 2022/09/14 11:11:14 comparison tracing: enabled 2022/09/14 11:11:14 extra coverage: enabled 2022/09/14 11:11:14 setuid sandbox: enabled 2022/09/14 11:11:14 namespace sandbox: enabled 2022/09/14 11:11:14 Android sandbox: enabled 2022/09/14 11:11:14 fault injection: enabled 2022/09/14 11:11:14 leak checking: enabled 2022/09/14 11:11:14 net packet injection: enabled 2022/09/14 11:11:14 net device setup: enabled 2022/09/14 11:11:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/14 11:11:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/14 11:11:14 USB emulation: enabled 2022/09/14 11:11:14 hci packet injection: enabled 2022/09/14 11:11:14 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914) 2022/09/14 11:11:14 802.15.4 emulation: enabled 2022/09/14 11:11:14 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/14 11:11:14 fetching corpus: 50, signal 30440/33251 (executing program) 2022/09/14 11:11:15 fetching corpus: 100, signal 42688/46265 (executing program) 2022/09/14 11:11:15 fetching corpus: 150, signal 53692/57702 (executing program) 2022/09/14 11:11:15 fetching corpus: 200, signal 61709/65898 (executing program) 2022/09/14 11:11:15 fetching corpus: 250, signal 68140/72400 (executing program) 2022/09/14 11:11:15 fetching corpus: 300, signal 74990/79095 (executing program) 2022/09/14 11:11:15 fetching corpus: 350, signal 79506/83400 (executing program) 2022/09/14 11:11:16 fetching corpus: 400, signal 83821/87404 (executing program) 2022/09/14 11:11:16 fetching corpus: 450, signal 87503/90682 (executing program) 2022/09/14 11:11:16 fetching corpus: 500, signal 90441/93433 (executing program) 2022/09/14 11:11:16 fetching corpus: 550, signal 94389/96632 (executing program) 2022/09/14 11:11:16 fetching corpus: 600, signal 97298/98988 (executing program) 2022/09/14 11:11:16 fetching corpus: 620, signal 99124/100349 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/100430 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/100522 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/100597 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/100679 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/100790 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/100867 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/100971 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101072 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101143 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101236 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101325 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101409 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101507 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101588 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101674 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101757 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101854 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/101922 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102011 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102096 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102185 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102286 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102362 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102458 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102548 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102625 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102728 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102810 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/102914 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/103004 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/103094 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/103133 (executing program) 2022/09/14 11:11:17 fetching corpus: 620, signal 99124/103133 (executing program) 2022/09/14 11:11:19 starting 8 fuzzer processes 11:11:19 executing program 0: syz_emit_ethernet(0x5e, &(0x7f0000000080)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x28, 0x3a, 0xff, @local, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @remote, @remote}}}}}}, 0x0) 11:11:19 executing program 1: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_io_uring_setup(0xeaf, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000380)) splice(r1, 0x0, r0, 0x0, 0xbf, 0x0) 11:11:19 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 11:11:19 executing program 2: syz_mount_image$tmpfs(&(0x7f0000000900), &(0x7f0000000940)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)={[], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]}) 11:11:19 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x80045440, &(0x7f0000000000)) [ 54.717696] audit: type=1400 audit(1663153879.337:6): avc: denied { execmem } for pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:11:19 executing program 6: r0 = epoll_create(0x4) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)) 11:11:19 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000003fc0)={0x18, 0x5e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x18}], 0x1}, 0x0) 11:11:19 executing program 7: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) [ 55.971346] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 55.973585] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 55.975202] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 55.976828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.979022] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 55.980146] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 55.981179] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 55.982486] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 55.984520] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 55.985693] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 55.987004] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 55.988362] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.002179] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 56.003572] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 56.004746] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 56.019587] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 56.022657] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 56.023853] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 56.025240] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 56.026308] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 56.030289] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 56.030804] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 56.031956] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 56.033332] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 56.038088] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 56.039700] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 56.040774] Bluetooth: hci2: HCI_REQ-0x0c1a [ 56.046475] Bluetooth: hci1: HCI_REQ-0x0c1a [ 56.047118] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 56.051943] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 56.058977] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 56.060965] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 56.065219] Bluetooth: hci3: HCI_REQ-0x0c1a [ 56.065340] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 56.067426] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 56.069110] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 56.074604] Bluetooth: hci5: HCI_REQ-0x0c1a [ 56.077479] Bluetooth: hci7: HCI_REQ-0x0c1a [ 56.098655] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.100518] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 56.102288] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 56.109078] Bluetooth: hci0: HCI_REQ-0x0c1a [ 58.042505] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 58.043645] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 58.107096] Bluetooth: hci3: command 0x0409 tx timeout [ 58.107538] Bluetooth: hci7: command 0x0409 tx timeout [ 58.108917] Bluetooth: hci1: command 0x0409 tx timeout [ 58.108948] Bluetooth: hci5: command 0x0409 tx timeout [ 58.110771] Bluetooth: hci2: command 0x0409 tx timeout [ 58.170434] Bluetooth: hci0: command 0x0409 tx timeout [ 60.154523] Bluetooth: hci5: command 0x041b tx timeout [ 60.155330] Bluetooth: hci1: command 0x041b tx timeout [ 60.155490] Bluetooth: hci2: command 0x041b tx timeout [ 60.156112] Bluetooth: hci7: command 0x041b tx timeout [ 60.157649] Bluetooth: hci3: command 0x041b tx timeout [ 60.219470] Bluetooth: hci0: command 0x041b tx timeout [ 62.202481] Bluetooth: hci3: command 0x040f tx timeout [ 62.202512] Bluetooth: hci7: command 0x040f tx timeout [ 62.203056] Bluetooth: hci2: command 0x040f tx timeout [ 62.205583] Bluetooth: hci1: command 0x040f tx timeout [ 62.206027] Bluetooth: hci5: command 0x040f tx timeout [ 62.267428] Bluetooth: hci0: command 0x040f tx timeout [ 63.738457] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 63.802415] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 64.251452] Bluetooth: hci5: command 0x0419 tx timeout [ 64.251957] Bluetooth: hci1: command 0x0419 tx timeout [ 64.252435] Bluetooth: hci2: command 0x0419 tx timeout [ 64.252860] Bluetooth: hci7: command 0x0419 tx timeout [ 64.253278] Bluetooth: hci3: command 0x0419 tx timeout [ 64.315414] Bluetooth: hci0: command 0x0419 tx timeout [ 68.218476] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 68.410432] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 70.789422] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 70.796644] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 70.803394] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 70.808190] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 70.809355] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 70.810973] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.816429] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.634496] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 72.826421] Bluetooth: hci6: command 0x0409 tx timeout [ 74.874527] Bluetooth: hci6: command 0x041b tx timeout [ 75.097495] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.100153] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.100919] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.102962] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.103931] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.105095] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.112457] Bluetooth: hci4: HCI_REQ-0x0c1a [ 76.923427] Bluetooth: hci6: command 0x040f tx timeout [ 77.179431] Bluetooth: hci4: command 0x0409 tx timeout [ 78.970419] Bluetooth: hci6: command 0x0419 tx timeout [ 79.226424] Bluetooth: hci4: command 0x041b tx timeout [ 81.275430] Bluetooth: hci4: command 0x040f tx timeout [ 83.322484] Bluetooth: hci4: command 0x0419 tx timeout [ 106.773738] tmpfs: Bad value for 'uid' [ 106.774811] tmpfs: Bad value for 'uid' [ 106.792541] audit: type=1400 audit(1663153931.412:7): avc: denied { open } for pid=3591 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 106.794137] audit: type=1400 audit(1663153931.413:8): avc: denied { kernel } for pid=3591 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 106.805581] ------------[ cut here ]------------ [ 106.805603] [ 106.805607] ====================================================== [ 106.805610] WARNING: possible circular locking dependency detected [ 106.805614] 6.0.0-rc5-next-20220914 #1 Not tainted [ 106.805621] ------------------------------------------------------ [ 106.805624] syz-executor.7/3594 is trying to acquire lock: [ 106.805630] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 106.805670] [ 106.805670] but task is already holding lock: [ 106.805673] ffff888020579c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 106.805701] [ 106.805701] which lock already depends on the new lock. [ 106.805701] [ 106.805704] [ 106.805704] the existing dependency chain (in reverse order) is: [ 106.805707] [ 106.805707] -> #3 (&ctx->lock){....}-{2:2}: [ 106.805721] _raw_spin_lock+0x2a/0x40 [ 106.805738] __perf_event_task_sched_out+0x53b/0x18d0 [ 106.805750] __schedule+0xedd/0x2470 [ 106.805763] schedule+0xda/0x1b0 [ 106.805774] futex_wait_queue+0xf5/0x1e0 [ 106.805788] futex_wait+0x28e/0x690 [ 106.805797] do_futex+0x2ff/0x380 [ 106.805807] __x64_sys_futex+0x1c6/0x4d0 [ 106.805816] do_syscall_64+0x3b/0x90 [ 106.805831] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 106.805848] [ 106.805848] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 106.805862] _raw_spin_lock_nested+0x30/0x40 [ 106.805877] raw_spin_rq_lock_nested+0x1e/0x30 [ 106.805890] task_fork_fair+0x63/0x4d0 [ 106.805906] sched_cgroup_fork+0x3d0/0x540 [ 106.805920] copy_process+0x4183/0x6e20 [ 106.805931] kernel_clone+0xe7/0x890 [ 106.805941] user_mode_thread+0xad/0xf0 [ 106.805951] rest_init+0x24/0x250 [ 106.805967] arch_call_rest_init+0xf/0x14 [ 106.805979] start_kernel+0x4c1/0x4e6 [ 106.805989] secondary_startup_64_no_verify+0xe0/0xeb [ 106.806003] [ 106.806003] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 106.806017] _raw_spin_lock_irqsave+0x39/0x60 [ 106.806032] try_to_wake_up+0xab/0x1920 [ 106.806045] up+0x75/0xb0 [ 106.806056] __up_console_sem+0x6e/0x80 [ 106.806072] console_unlock+0x46a/0x590 [ 106.806087] do_con_write+0xc05/0x1d50 [ 106.806099] con_write+0x21/0x40 [ 106.806108] n_tty_write+0x4d4/0xfe0 [ 106.806125] file_tty_write.constprop.0+0x49c/0x8f0 [ 106.806136] vfs_write+0x9c3/0xd90 [ 106.806155] ksys_write+0x127/0x250 [ 106.806171] do_syscall_64+0x3b/0x90 [ 106.806183] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 106.806200] [ 106.806200] -> #0 ((console_sem).lock){....}-{2:2}: [ 106.806214] __lock_acquire+0x2a02/0x5e70 [ 106.806230] lock_acquire+0x1a2/0x530 [ 106.806245] _raw_spin_lock_irqsave+0x39/0x60 [ 106.806260] down_trylock+0xe/0x70 [ 106.806272] __down_trylock_console_sem+0x3b/0xd0 [ 106.806287] vprintk_emit+0x16b/0x560 [ 106.806303] vprintk+0x84/0xa0 [ 106.806319] _printk+0xba/0xf1 [ 106.806337] report_bug.cold+0x72/0xab [ 106.806349] handle_bug+0x3c/0x70 [ 106.806361] exc_invalid_op+0x14/0x50 [ 106.806374] asm_exc_invalid_op+0x16/0x20 [ 106.806390] group_sched_out.part.0+0x2c7/0x460 [ 106.806401] ctx_sched_out+0x8f1/0xc10 [ 106.806410] __perf_event_task_sched_out+0x6d0/0x18d0 [ 106.806423] __schedule+0xedd/0x2470 [ 106.806432] schedule+0xda/0x1b0 [ 106.806442] futex_wait_queue+0xf5/0x1e0 [ 106.806452] futex_wait+0x28e/0x690 [ 106.806462] do_futex+0x2ff/0x380 [ 106.806470] __x64_sys_futex+0x1c6/0x4d0 [ 106.806480] do_syscall_64+0x3b/0x90 [ 106.806493] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 106.806510] [ 106.806510] other info that might help us debug this: [ 106.806510] [ 106.806513] Chain exists of: [ 106.806513] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 106.806513] [ 106.806528] Possible unsafe locking scenario: [ 106.806528] [ 106.806530] CPU0 CPU1 [ 106.806533] ---- ---- [ 106.806535] lock(&ctx->lock); [ 106.806541] lock(&rq->__lock); [ 106.806548] lock(&ctx->lock); [ 106.806554] lock((console_sem).lock); [ 106.806560] [ 106.806560] *** DEADLOCK *** [ 106.806560] [ 106.806562] 2 locks held by syz-executor.7/3594: [ 106.806569] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 106.806595] #1: ffff888020579c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 106.806622] [ 106.806622] stack backtrace: [ 106.806625] CPU: 0 PID: 3594 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220914 #1 [ 106.806638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 106.806647] Call Trace: [ 106.806650] [ 106.806654] dump_stack_lvl+0x8b/0xb3 [ 106.806669] check_noncircular+0x263/0x2e0 [ 106.806686] ? format_decode+0x26c/0xb50 [ 106.806702] ? print_circular_bug+0x450/0x450 [ 106.806718] ? enable_ptr_key_workfn+0x20/0x20 [ 106.806733] ? format_decode+0x26c/0xb50 [ 106.806748] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 106.806766] __lock_acquire+0x2a02/0x5e70 [ 106.806787] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 106.806809] lock_acquire+0x1a2/0x530 [ 106.806825] ? down_trylock+0xe/0x70 [ 106.806840] ? rcu_read_unlock+0x40/0x40 [ 106.806860] ? vprintk+0x84/0xa0 [ 106.806878] _raw_spin_lock_irqsave+0x39/0x60 [ 106.806893] ? down_trylock+0xe/0x70 [ 106.806906] down_trylock+0xe/0x70 [ 106.806920] ? vprintk+0x84/0xa0 [ 106.806936] __down_trylock_console_sem+0x3b/0xd0 [ 106.806953] vprintk_emit+0x16b/0x560 [ 106.806972] vprintk+0x84/0xa0 [ 106.806989] _printk+0xba/0xf1 [ 106.807006] ? record_print_text.cold+0x16/0x16 [ 106.807027] ? report_bug.cold+0x66/0xab [ 106.807042] ? group_sched_out.part.0+0x2c7/0x460 [ 106.807053] report_bug.cold+0x72/0xab [ 106.807068] handle_bug+0x3c/0x70 [ 106.807082] exc_invalid_op+0x14/0x50 [ 106.807096] asm_exc_invalid_op+0x16/0x20 [ 106.807112] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 106.807126] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 106.807138] RSP: 0018:ffff888008e8f8f8 EFLAGS: 00010006 [ 106.807147] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.807155] RDX: ffff88803c1e3580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 106.807163] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 106.807170] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff888020579c00 [ 106.807179] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 106.807190] ? group_sched_out.part.0+0x2c7/0x460 [ 106.807202] ? group_sched_out.part.0+0x2c7/0x460 [ 106.807216] ctx_sched_out+0x8f1/0xc10 [ 106.807228] __perf_event_task_sched_out+0x6d0/0x18d0 [ 106.807243] ? lock_is_held_type+0xd7/0x130 [ 106.807262] ? __perf_cgroup_move+0x160/0x160 [ 106.807273] ? set_next_entity+0x304/0x550 [ 106.807293] ? lock_is_held_type+0xd7/0x130 [ 106.807311] __schedule+0xedd/0x2470 [ 106.807324] ? io_schedule_timeout+0x150/0x150 [ 106.807335] ? futex_wait_setup+0x166/0x230 [ 106.807349] schedule+0xda/0x1b0 [ 106.807361] futex_wait_queue+0xf5/0x1e0 [ 106.807373] futex_wait+0x28e/0x690 [ 106.807385] ? futex_wait_setup+0x230/0x230 [ 106.807398] ? wake_up_q+0x8b/0xf0 [ 106.807411] ? do_raw_spin_unlock+0x4f/0x220 [ 106.807430] ? futex_wake+0x158/0x490 [ 106.807446] ? fd_install+0x1f9/0x640 [ 106.807463] do_futex+0x2ff/0x380 [ 106.807473] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 106.807489] __x64_sys_futex+0x1c6/0x4d0 [ 106.807501] ? __x64_sys_futex_time32+0x480/0x480 [ 106.807514] ? syscall_enter_from_user_mode+0x1d/0x50 [ 106.807532] ? syscall_enter_from_user_mode+0x1d/0x50 [ 106.807552] do_syscall_64+0x3b/0x90 [ 106.807566] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 106.807583] RIP: 0033:0x7f3a4b927b19 [ 106.807592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.807603] RSP: 002b:00007f3a48e9d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 106.807614] RAX: ffffffffffffffda RBX: 00007f3a4ba3af68 RCX: 00007f3a4b927b19 [ 106.807623] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3a4ba3af68 [ 106.807630] RBP: 00007f3a4ba3af60 R08: 0000000000000000 R09: 0000000000000000 [ 106.807637] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3a4ba3af6c [ 106.807644] R13: 00007ffeee6b9e9f R14: 00007f3a48e9d300 R15: 0000000000022000 [ 106.807657] [ 106.864079] WARNING: CPU: 0 PID: 3594 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 106.864682] Modules linked in: [ 106.864898] CPU: 0 PID: 3594 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220914 #1 [ 106.865421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 106.866150] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 106.866512] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 106.867690] RSP: 0018:ffff888008e8f8f8 EFLAGS: 00010006 [ 106.868091] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.868618] RDX: ffff88803c1e3580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 106.869142] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 106.869667] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff888020579c00 [ 106.870204] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 106.870741] FS: 00007f3a48e9d700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 106.871348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.871801] CR2: 00007fd204bb3070 CR3: 000000001d5f8000 CR4: 0000000000350ef0 [ 106.872336] Call Trace: [ 106.872530] [ 106.872705] ctx_sched_out+0x8f1/0xc10 [ 106.873002] __perf_event_task_sched_out+0x6d0/0x18d0 [ 106.873401] ? lock_is_held_type+0xd7/0x130 [ 106.873736] ? __perf_cgroup_move+0x160/0x160 [ 106.874073] ? set_next_entity+0x304/0x550 [ 106.874405] ? lock_is_held_type+0xd7/0x130 [ 106.874737] __schedule+0xedd/0x2470 [ 106.875026] ? io_schedule_timeout+0x150/0x150 [ 106.875370] ? futex_wait_setup+0x166/0x230 [ 106.875701] schedule+0xda/0x1b0 [ 106.875968] futex_wait_queue+0xf5/0x1e0 [ 106.876283] futex_wait+0x28e/0x690 [ 106.876565] ? futex_wait_setup+0x230/0x230 [ 106.876892] ? wake_up_q+0x8b/0xf0 [ 106.877174] ? do_raw_spin_unlock+0x4f/0x220 [ 106.877514] ? futex_wake+0x158/0x490 [ 106.877812] ? fd_install+0x1f9/0x640 [ 106.878108] do_futex+0x2ff/0x380 [ 106.878367] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 106.878789] __x64_sys_futex+0x1c6/0x4d0 [ 106.879097] ? __x64_sys_futex_time32+0x480/0x480 [ 106.879450] ? syscall_enter_from_user_mode+0x1d/0x50 [ 106.879844] ? syscall_enter_from_user_mode+0x1d/0x50 [ 106.880229] do_syscall_64+0x3b/0x90 [ 106.880513] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 106.880892] RIP: 0033:0x7f3a4b927b19 [ 106.881171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.882474] RSP: 002b:00007f3a48e9d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 106.883029] RAX: ffffffffffffffda RBX: 00007f3a4ba3af68 RCX: 00007f3a4b927b19 [ 106.883548] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3a4ba3af68 [ 106.884079] RBP: 00007f3a4ba3af60 R08: 0000000000000000 R09: 0000000000000000 [ 106.884591] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3a4ba3af6c [ 106.885113] R13: 00007ffeee6b9e9f R14: 00007f3a48e9d300 R15: 0000000000022000 [ 106.885629] [ 106.885807] irq event stamp: 2182 [ 106.886058] hardirqs last enabled at (2181): [] syscall_enter_from_user_mode+0x1d/0x50 [ 106.886751] hardirqs last disabled at (2182): [] __schedule+0x1225/0x2470 [ 106.887361] softirqs last enabled at (1736): [] __irq_exit_rcu+0x11b/0x180 [ 106.888009] softirqs last disabled at (1731): [] __irq_exit_rcu+0x11b/0x180 [ 106.888642] ---[ end trace 0000000000000000 ]--- 11:12:16 executing program 0: syz_emit_ethernet(0x5e, &(0x7f0000000080)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x28, 0x3a, 0xff, @local, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @remote, @remote}}}}}}, 0x0) 11:12:16 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000003fc0)={0x18, 0x5e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x18}], 0x1}, 0x0) 11:12:16 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 11:12:16 executing program 2: syz_mount_image$tmpfs(&(0x7f0000000900), &(0x7f0000000940)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)={[], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]}) 11:12:16 executing program 6: r0 = epoll_create(0x4) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)) 11:12:16 executing program 7: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 1: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_io_uring_setup(0xeaf, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000380)) splice(r1, 0x0, r0, 0x0, 0xbf, 0x0) 11:12:16 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x80045440, &(0x7f0000000000)) 11:12:16 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) [ 111.935063] tmpfs: Bad value for 'uid' 11:12:16 executing program 6: r0 = epoll_create(0x4) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)) 11:12:16 executing program 0: syz_emit_ethernet(0x5e, &(0x7f0000000080)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x28, 0x3a, 0xff, @local, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @remote, @remote}}}}}}, 0x0) 11:12:16 executing program 2: syz_mount_image$tmpfs(&(0x7f0000000900), &(0x7f0000000940)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)={[], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]}) 11:12:16 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000003fc0)={0x18, 0x5e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x18}], 0x1}, 0x0) 11:12:16 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x80045440, &(0x7f0000000000)) 11:12:16 executing program 7: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 6: r0 = epoll_create(0x4) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)) 11:12:16 executing program 6: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_io_uring_setup(0xeaf, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000380)) splice(r1, 0x0, r0, 0x0, 0xbf, 0x0) [ 112.044875] tmpfs: Bad value for 'uid' 11:12:16 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 11:12:16 executing program 7: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 1: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_io_uring_setup(0xeaf, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000380)) splice(r1, 0x0, r0, 0x0, 0xbf, 0x0) 11:12:16 executing program 0: syz_emit_ethernet(0x5e, &(0x7f0000000080)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x28, 0x3a, 0xff, @local, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @remote, @remote}}}}}}, 0x0) 11:12:16 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000003fc0)={0x18, 0x5e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x18}], 0x1}, 0x0) 11:12:16 executing program 2: syz_mount_image$tmpfs(&(0x7f0000000900), &(0x7f0000000940)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)={[], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]}) 11:12:16 executing program 6: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_io_uring_setup(0xeaf, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000380)) splice(r1, 0x0, r0, 0x0, 0xbf, 0x0) 11:12:16 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x80045440, &(0x7f0000000000)) [ 112.129095] tmpfs: Bad value for 'uid' 11:12:16 executing program 5: r0 = epoll_create(0x4) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)) 11:12:16 executing program 1: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_io_uring_setup(0xeaf, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000380)) splice(r1, 0x0, r0, 0x0, 0xbf, 0x0) 11:12:16 executing program 7: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 0: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 5: r0 = epoll_create(0x4) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)) 11:12:16 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 11:12:16 executing program 6: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_io_uring_setup(0xeaf, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000380)) splice(r1, 0x0, r0, 0x0, 0xbf, 0x0) 11:12:16 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 11:12:16 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setresuid(0xee00, 0xee01, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) 11:12:16 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 11:12:16 executing program 5: r0 = epoll_create(0x4) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)) 11:12:16 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 7: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 0: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setresuid(0xee00, 0xee01, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) 11:12:16 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, 0x0, 0x0, 0x0, 0x0) 11:12:16 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_io_uring_setup(0x2042, &(0x7f0000000000), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4) 11:12:17 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 11:12:17 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0xc}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 11:12:17 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, 0x0, 0x0, 0x0, 0x0) [ 112.513385] hrtimer: interrupt took 16230 ns 11:12:17 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setresuid(0xee00, 0xee01, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) 11:12:17 executing program 4: mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2002, 0x0, 0x0, 0x0) 11:12:17 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) 11:12:17 executing program 5: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10800, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000210000000000002100000000000000000000000000000000000000000000000000000000000000000100000101000001000808001800000000000018130000000000000000000015000000002200170000000000001700080000000008007809140b2a3a08020000010000010100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202073797a6b616c6c65722020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202047454e49534f494d4147452049534f20393636302f4846532046494c4553595354454d2043524541544f5220284329203139393320452e594f554e4744414c452028432920313939372d32303036204a2e50454152534f4e2f4a2e534348494c4c494e472028432920323030362d32303037204344524b4954205445414d202066696c6533202020202020202020202020202020202020202020202020202020202020202066696c6531202020202020202020202020202020202020202020202020202020202020202066696c6532202020202020202020202020202020202020202020202020202020202020202032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8000}, {&(0x7f0000010600)="ff43443030310100"/32, 0x20, 0x8800}, {&(0x7f0000010700)="01001700000001000000050018000000010046494c4530000000000000000000", 0x20, 0x9800}, {&(0x7f0000010800)="01000000001700010000050000000018000146494c4530000000000000000000", 0x20, 0xa800}, {&(0x7f0000010900)="2200170000000000001700080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012c00190000000000001964000000000000647809140b2a3a08000000010000010a46494c452e434f4c3b31002600180000000000001800080000000008007809140b2a3a08020000010000010546494c45302a001a0000000000001a0a0000000000000a7809140b2a3a08000000010000010846494c45312e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45322e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45332e3b3100"/288, 0x120, 0xb800}, {&(0x7f0000010b00)="2200180000000000001800080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012a0020000000000000201a0400000000041a7809140b2a3a08000000010000010846494c45302e3b3100"/128, 0x80, 0xc000}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xc800}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0xd000}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x10000}], 0x0, &(0x7f0000011300)) 11:12:17 executing program 0: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:17 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_io_uring_setup(0x2042, &(0x7f0000000000), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4) 11:12:17 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 11:12:17 executing program 7: r0 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@rc, 0x80, 0x0}}, 0x0) r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x7, 0x0, @fd=r3, 0x8, &(0x7f0000000140)=""/180, 0xb4, 0x9}, 0x2) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) [ 112.714666] loop5: detected capacity change from 0 to 256 11:12:17 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 11:12:17 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setresuid(0xee00, 0xee01, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) 11:12:17 executing program 4: mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2002, 0x0, 0x0, 0x0) 11:12:17 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) 11:12:17 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_io_uring_setup(0x2042, &(0x7f0000000000), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4) 11:12:17 executing program 5: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10800, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000210000000000002100000000000000000000000000000000000000000000000000000000000000000100000101000001000808001800000000000018130000000000000000000015000000002200170000000000001700080000000008007809140b2a3a08020000010000010100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202073797a6b616c6c65722020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202047454e49534f494d4147452049534f20393636302f4846532046494c4553595354454d2043524541544f5220284329203139393320452e594f554e4744414c452028432920313939372d32303036204a2e50454152534f4e2f4a2e534348494c4c494e472028432920323030362d32303037204344524b4954205445414d202066696c6533202020202020202020202020202020202020202020202020202020202020202066696c6531202020202020202020202020202020202020202020202020202020202020202066696c6532202020202020202020202020202020202020202020202020202020202020202032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8000}, {&(0x7f0000010600)="ff43443030310100"/32, 0x20, 0x8800}, {&(0x7f0000010700)="01001700000001000000050018000000010046494c4530000000000000000000", 0x20, 0x9800}, {&(0x7f0000010800)="01000000001700010000050000000018000146494c4530000000000000000000", 0x20, 0xa800}, {&(0x7f0000010900)="2200170000000000001700080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012c00190000000000001964000000000000647809140b2a3a08000000010000010a46494c452e434f4c3b31002600180000000000001800080000000008007809140b2a3a08020000010000010546494c45302a001a0000000000001a0a0000000000000a7809140b2a3a08000000010000010846494c45312e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45322e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45332e3b3100"/288, 0x120, 0xb800}, {&(0x7f0000010b00)="2200180000000000001800080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012a0020000000000000201a0400000000041a7809140b2a3a08000000010000010846494c45302e3b3100"/128, 0x80, 0xc000}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xc800}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0xd000}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x10000}], 0x0, &(0x7f0000011300)) [ 112.910025] loop5: detected capacity change from 0 to 256 11:12:18 executing program 4: mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2002, 0x0, 0x0, 0x0) [ 113.565935] loop5: detected capacity change from 0 to 256 11:12:18 executing program 0: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:18 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) 11:12:18 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_io_uring_setup(0x2042, &(0x7f0000000000), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4) 11:12:18 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) 11:12:18 executing program 5: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10800, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000210000000000002100000000000000000000000000000000000000000000000000000000000000000100000101000001000808001800000000000018130000000000000000000015000000002200170000000000001700080000000008007809140b2a3a08020000010000010100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202073797a6b616c6c65722020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202047454e49534f494d4147452049534f20393636302f4846532046494c4553595354454d2043524541544f5220284329203139393320452e594f554e4744414c452028432920313939372d32303036204a2e50454152534f4e2f4a2e534348494c4c494e472028432920323030362d32303037204344524b4954205445414d202066696c6533202020202020202020202020202020202020202020202020202020202020202066696c6531202020202020202020202020202020202020202020202020202020202020202066696c6532202020202020202020202020202020202020202020202020202020202020202032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8000}, {&(0x7f0000010600)="ff43443030310100"/32, 0x20, 0x8800}, {&(0x7f0000010700)="01001700000001000000050018000000010046494c4530000000000000000000", 0x20, 0x9800}, {&(0x7f0000010800)="01000000001700010000050000000018000146494c4530000000000000000000", 0x20, 0xa800}, {&(0x7f0000010900)="2200170000000000001700080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012c00190000000000001964000000000000647809140b2a3a08000000010000010a46494c452e434f4c3b31002600180000000000001800080000000008007809140b2a3a08020000010000010546494c45302a001a0000000000001a0a0000000000000a7809140b2a3a08000000010000010846494c45312e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45322e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45332e3b3100"/288, 0x120, 0xb800}, {&(0x7f0000010b00)="2200180000000000001800080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012a0020000000000000201a0400000000041a7809140b2a3a08000000010000010846494c45302e3b3100"/128, 0x80, 0xc000}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xc800}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0xd000}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x10000}], 0x0, &(0x7f0000011300)) 11:12:18 executing program 1: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) 11:12:18 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 5: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10800, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000210000000000002100000000000000000000000000000000000000000000000000000000000000000100000101000001000808001800000000000018130000000000000000000015000000002200170000000000001700080000000008007809140b2a3a08020000010000010100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202073797a6b616c6c65722020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202047454e49534f494d4147452049534f20393636302f4846532046494c4553595354454d2043524541544f5220284329203139393320452e594f554e4744414c452028432920313939372d32303036204a2e50454152534f4e2f4a2e534348494c4c494e472028432920323030362d32303037204344524b4954205445414d202066696c6533202020202020202020202020202020202020202020202020202020202020202066696c6531202020202020202020202020202020202020202020202020202020202020202066696c6532202020202020202020202020202020202020202020202020202020202020202032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8000}, {&(0x7f0000010600)="ff43443030310100"/32, 0x20, 0x8800}, {&(0x7f0000010700)="01001700000001000000050018000000010046494c4530000000000000000000", 0x20, 0x9800}, {&(0x7f0000010800)="01000000001700010000050000000018000146494c4530000000000000000000", 0x20, 0xa800}, {&(0x7f0000010900)="2200170000000000001700080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012c00190000000000001964000000000000647809140b2a3a08000000010000010a46494c452e434f4c3b31002600180000000000001800080000000008007809140b2a3a08020000010000010546494c45302a001a0000000000001a0a0000000000000a7809140b2a3a08000000010000010846494c45312e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45322e3b31002a001b0000000000001b28230000000023287809140b2a3a08000000010000010846494c45332e3b3100"/288, 0x120, 0xb800}, {&(0x7f0000010b00)="2200180000000000001800080000000008007809140b2a3a080200000100000101002200170000000000001700080000000008007809140b2a3a080200000100000101012a0020000000000000201a0400000000041a7809140b2a3a08000000010000010846494c45302e3b3100"/128, 0x80, 0xc000}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xc800}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0xd000}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x10000}], 0x0, &(0x7f0000011300)) 11:12:18 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) 11:12:18 executing program 4: mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2002, 0x0, 0x0, 0x0) 11:12:18 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) 11:12:18 executing program 1: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) 11:12:18 executing program 6: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) 11:12:18 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r0, 0x0) 11:12:18 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 1: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) 11:12:18 executing program 0: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:18 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, &(0x7f00000009c0)={{0x0, 0x0, 0x0, 0xf5ffffff}, "c372a768"}, 0x24) 11:12:18 executing program 3: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xf38053fb67f3a4db}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:18 executing program 6: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) 11:12:18 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 1: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) 11:12:18 executing program 6: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x16) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8) 11:12:18 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, &(0x7f00000009c0)={{0x0, 0x0, 0x0, 0xf5ffffff}, "c372a768"}, 0x24) 11:12:18 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:18 executing program 3: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xf38053fb67f3a4db}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 0: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, &(0x7f00000009c0)={{0x0, 0x0, 0x0, 0xf5ffffff}, "c372a768"}, 0x24) 11:12:19 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, &(0x7f00000009c0)={{0x0, 0x0, 0x0, 0xf5ffffff}, "c372a768"}, 0x24) 11:12:19 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x401a012, r1, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000000), 0x1) 11:12:19 executing program 3: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xf38053fb67f3a4db}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:19 executing program 1: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xf38053fb67f3a4db}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 11:12:19 executing program 0: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:12:19 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 11:12:19 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x8, 0x0) 11:12:19 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:19 executing program 1: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xf38053fb67f3a4db}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 3: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xf38053fb67f3a4db}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 11:12:19 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:19 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:19 executing program 1: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xf38053fb67f3a4db}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:19 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x8, 0x0) [ 115.611520] syz-executor.5 (4184) used greatest stack depth: 24464 bytes left 11:12:20 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 11:12:20 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:20 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:20 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x8, 0x0) 11:12:20 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 11:12:20 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000e80)=""/113) 11:12:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:12:20 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:20 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 11:12:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x8, 0x0) 11:12:20 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000e80)=""/113) 11:12:20 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000000)='\x00\x00\x00\x00', 0x4}], 0x1}}], 0x1, 0x0) 11:12:20 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:20 executing program 7: syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc8}, @l2cap_cid_signaling={{}, [@l2cap_move_chan_rsp, @l2cap_info_rsp={{0xb, 0xff}, {0x0, 0x0, "3e8cb266f40ce20ba7f00f5c94d2282228a26ad1bd7eeb031b6f5a344588f8a9c457dd7b0774db6348ef028d7b564ac4122f2b5813464cb3f38467b4c2d297e42df5733a5eab0bf9f2a2f932df1460411f7624b5d6d9fb00b5093d7c3187f74731b78a7beb8e3b2190aa0ba6dd7ea057a969883988bcd68efb2c35da7ac29e2e9f363c4b1e8e837b75e445f583be8ebdd1f0a555b890b07539c341e9e5394e7b509656da05b0a4818c74ae2d3a33be50c0cd2fc4607ee07223854d68c317191497bbbcca4198c786e37bfd9e0f2db96a2e6542b2919d43a851dad80d0a638dee81400a6c858cfb981ec65da7e5eae5811914f5ec5c71596e2d2d33c8ba01a8b3407729c751e89c9b8b05401cb352cd593d49b2350ad4c9b996b00646b144215a6078384fa2cb1677bbfbbc2a72c4081e599ebfb39fff392f66205640c9540fc796e350d0c8afb8662d67baf09fce53dfe5a6819a14d7f8771a064f059445373ab815bf809b33d8b1d908c4a95c80476f68d4858573340aac2244144d718b8b72c68eca86f1a7d96de2041d5825872a6cc8828d4a9873dab0757128e71c1cf950230d88a5b1088333b26d13cf3ea090757aab7c05a561367101dd81b4ef8c11680d627cfc47493cffcd97e26a84c52fe7cc30038439b8e18601708255861301a481523d2d3d1362c18b001d6b87e52fd0e5db8715122d0db0663b2d27c239531321e30c81daca5b630f0231467917c0c1ac8f3edd30fea8623af2db5535a523ef22c206bd0a9867f9b4ca0b579603492d051edb2b4e0713a9fb6b2bfae17d84a17460a3bc35a75328f61462f1ac5f8f276cad5b164a741074c80b48b9416ae9916c970c76a6f6e29f682a62e3d8bc6860dc22e77cfe8637f420343c0932552a0bc646508df94e98539b24d190a4bc509ea1f2e7ddcd3e5accf149b9e02abd6c57623cbcecf6a36dcc526fa307fb7d5d19c647c35e7ead08383df0ea445735e7c22c04276794e082c71c0c845f3390e3bbd1959b05b81ed7382c02715d2c23f4cf1e087c2112bc34566a4666061414d1d29426a8f5bdee889c84cde902a5d56080663bb68cc5b6ae99251569675a808a13e050a86d00ba3d7fe95d6af45e922c587d68598076f8858bdd3791eb83ee1052546574975a4d41b8d48dd715ba24f1ca6d108b61b84a9f3270581311e5c6fe9db6694dff2e8e1580562adc1cf25512cf9f9674adfee70f9c790828fc0c0ec326db1fcd174b70af784f6e701327f917c8d91471894815fef3efdc5eafce3a7383a985faef8d337dfe73f2659be4b383e682f2c3af8d85a48833ab3a58ae7e9c51fee4d6d1c3ee1b87d3a174374d33b7162e86c85e92575ee240019a46c59ea55096b18a9a9c9e8ca50b305af5eabf02aa499b1c8cad928bb93c4a5b97e5578fbd51ac531495ed6caac7922e82230d64f4e01ccc59fe41213a0a979c28a2364bda2ce2415bedfc28af77a6ca59f36ce997765d4defb63cba0b16cbc7efba8d7af88881ec9238577e86fc608d17fe849291a59292b2aabd0eccb9f1f95ffbeaf5d6a6f5259d8ec5fa066e9d80d54b38da2080c3eb28ca89f2258387705634b316bf5fde73a5aca74a498e545e5ea130fde6e9e1dcd7afb26a64435bc6071771271de7b440c0905cbff95e1bd7402d52dce8e44d422f97e05b7312d6e311fa73dbf093de080e239efa6d937c647bc3970f09e80b5b7dc7a68e83b235854cf4b59394381503c7e5c94c7f167d0bcc9bf0a96b96e73e83e834f127caddc1feb13a5da49c3079e9cb075e7c03f62a855451aef2f90e9949b702b9bf196b9a2a0080272b3ca37b4b07077a5f2bf4dcf35e8af877df534ad53b70c344bcfb05fdead627ba2d1163060d8d74e70d8829f412af5c990004a3ff4f6cade8cc6267a12bcf5727b84d8850a1335a939aa2f39e355b6b5b125c82eb543c5f1f1cd805db56d54cbb702830ebe20809db82ed7ccee9600b9428b95ee99d313328812040e24cb282524c5e793724f06b3ef11b71812c083c942d7216f90a308f3052712cbc062cef9251324c70beac61b29deff3d6660d437a86088b07f5333b7376bc78718a87beeb28b522a6ee771fdef22349ad460c7e6ca9aa9f4cdde3bd3b5c752dd9070f7353f090d6cbb7653365192f78a5b23521e0975fdf076f709092283d4fd903f1a2add6d0df5c38d3898d618da3e75db89655b104020da265e9bb60c53ba29203da8f2969ede773c716ce7516f0f0bded8171564a9e10989947b131681f0e4ba26cae46541838ecbc16757bfbe48aae90c4374385a78691c26e642b37cb95d58036973e53b770e77cecd6c6e631f8483f6dc218bd18e6289d131fa74add365c64599315144c97401bb72f880e373e66df4427e4de1024f433bd242fea7a6c6c21dfe28a5210a4be0537fdced34778f4e14c70553d5a17fab0d1e4390e4628897dcca359f9ad37af407dcac8d51a1aa1876ea8cc048dd25958db6239b82a611e6d296521e96a2fa89ddd1b5733b55a2ce3f758a133c06eac13d9463bfd4072198d25b4be9f6e03a669dd240e8cb9127013fa8ab8314da702c6563cc3e7da979df14ccf6bb4cce7d7eee500386b92d7923c6e717668edd51c65efe0ac3615a22a1b911ea2d0336918f6164aa75cee7460fa9466bddf9dd03aa67c30e01525e50ad6bb00dbbfd0ae8d0c229959082b291fcdf716ea8928f2e1abc1a8d1cbe41bcf6ffa9bd37cc426749d8420a7d13fefe5b9fe5a98b8149b04ee038491f0b0630ebd06fc746c2fb2574ec658c72389afc7d77df23f0c3d64e11d2553d5d3ae9d4d409cbd9885283d1f038c54d2b6dc30889411f45cb7e24b69e268ffea08b767cd23daba06453bb1c2c497cd7daa39566a5a0256d837e2756038cd308d84efbc861c76498aeda37e1a0ec576362fd3a6805c08abbd4aa76437e1dd54e087fe43992ffe2240dbd83b1f21a4495f0d9420a41b5ef57a0a01a9cb942a417665459ae6068f5f024d34a43b4fcb081024dcc7d74cfb287d82d7a3d9a8893e88f635f26502a76b369d3cd6a4c433ddbd83fd839ea12b6d05decc731477c7825f94aabd2cfa5c2180d7709cbaf77a36bfc2bba10850e050e5728c5cbfbb4eb689c7e08a92526744aeb1f001571b637f7f767a5ef3d2f54a821bf3c174c5b3f28f92b95e30fe6fbb45f67d25e1cdf3eb3907ccf6ddba02b47bb16c50da3223349fafed3994e2282709a84f23662011f10e22471d46114bbe98176a30e480e8c7b7f816a678493d8ca9e9dca17a97359b03d5fce39dd38ccc86e4049e2fecf2ff857c575d234dff61a56b8156a4b5aca529fba19fcb07d7cb27cdad3194fa84de01896eb28ece8180dfe43aa946a9af82742cc0727ede5f3092c2bbe1b8149507065097f555fd00bac8ec857d0db7cc97cb4209a606608d609d84443f9cfa00f6c4981b9a74ea719622d2c5a361f97800eef26b3df99b6bd2896dad8c02a9d7266dd565e6bc9a6e822019dba453d505f613783b408526b924244c822aa7d34b4494a55c8434afd3d10952ca81cd965e0cfababbd92c271459446ee95ed0a276c5b61d229b66d755d6313fd7e0ee5f53ca05de9ed2f2923cc0e01e4353116aa5a3e1be8556db4d0ec02bc8c9c17fabd8b0ea41a8de7df53b7d99e74dbdbe9feb0b6fb17349233a902552af2123a1bb41c5b562ace0f135415c1988b6ea380cb496aee1626ec3a5c2dd11627f70f62bc802893be0d80d90245ab8c25a9ae214d93d0663e8478ef528e91e3641d5ef7d8bcb36d9f717525da9be047050bd5fea0bad1ec985a3d60583ce3c75c0636141435f0458b8c0b5d2e0eba1237c91388c3aee65348d524489fb6e20be12e8dccdb2e74b499c3d32b8c3ec05f8bcb54ddc138eed486aa1432d92f0c2612226efdbb109c79128fa26601dd9afd6c5def89419bea1a477e8d388499431b50ba3554bd8358871bf2bec47273b49bd9b969b3d15dc92e568302559d7ea71d01f9b6f75e9251a5b1d7929d19890dc1f893e86329d6842a4a0d8ddedb18173160c2e8bb28b24123ba8500426ee0bd6be00fc56c4f0e074a29b41c2195d4b0468ac1c0b4afec2b8f5fea9800f645af57b9364f1dff280fba0e259224b1dce439463d53217b0dc120346861a1ac1aece23d470c2e27d10488e361b6452be4f2986c6f4720b8f35a9c06851abadd0aa9ce9a7545ee52045e9720b468e3752c0d0dbcdc23ae70fae1a26a60b31a4b98e31db9fcafd71d4b838e23ef13a33728cd88a76c96c1a73ded0f7ef7001d18e307406a0bf20efd275a1e32c9ce497f740ab757a27d7709408b10de271843f5bd202df420e4d2d71460aed587bc65bca48542462ef6ca1332854cd26ee57de7efc36f3fbc76fbab97dca76e05229fca2a2e2a6a057d5e53f9722fe7dcc00f147f6f05d74ddd00278414235d70e275afd1f4bad9fee5ba98ff6be13758dd4feda3d6a48bcbd86b1eee0813e4bdaf68ecf9023be3d1210c98fddc1a37e5f4e5ec8b7b5905222751d221f8e854d6ac0aa40145ef047762c03a73372f46e2851a6aed7d7df71ff0127a23e160b2f2cf76d8be20d1b5a9e8027e7a981ca4b18d7b3910a822a76afd713251612036d3401598ed8c572b18e48883d0b9230fa914ee4f176fc2848d5b378c892a7569ac575859fcaa6356a0101644fd6ce5aa3e26fc58298642706b2b4125ffa3c3e5f27fa80ae7b9014c71edbff15bd8fa72a8b348948cf4011daafcb802f2171bf6f691beace405d5919eba320c4810ff37006b247d65178a78598ebeea4e03c9ae75154498678abfb00ca28a93700b30161c3554f9646dde6443a2b718621dc27449be7abe94c0e89e42b3370d7083b9eb875ac8e1eacafadfcc344ad31d181617c5c4dffe03ccdc1bfded50042355b36d65291afb616d35eed9d3b1ce41cd60e363042aef2b24083fc7d4affea5b3315b4af3b5cc8805da17f4b7d73a7e24a63236d64f481d49fe600a9c787ef3819588a874fc2075cfb9ae27370c6998599c94b5fe30d331bfdc31dbbe143ad715210a7457346303bb44d8ac9e621aa3849d9a13219c285527431ea409ac3c07920e24a91cbb30edf5730dfc490b0b84d9fce9965bea6152159b6da47c93f5eff18612f703aa91a4347fd183ada769666643b90559eaa8781c6f2cf5d0980f655ed1f0b6b91b01c8857ed0a4ef79aef42ee0c7d271f1f97ea6b3fd6b1dc5f9adaef02159c7966a8203f0a5153e6eceda27e1cf0e1714e3100534f04d1a9834554d0ff2d7c4d94f5d099429f90e04d42856b3244fdac8fcf01c4724d4946cb13a22f4b9b0a2f1ceb5cfbfc41832e38e06b9a7fefab3d0beceb3f9ab38f150c506886c9c371cc2cab3665f10875c7eaa77dbd66c34b328fd7664d43100f7718f90c7a07f29c0591e50bfb6ec31ee28381c37c813d9fb3ff283d570eeb0af1cecb2c0294f279e5aacc077debe1c154bfd9d27d8e174bea598cd35108be284dcdbc4a7d995fe849b01d124aa28c8ebf91d10655b326a5f6da74c078b2fe199f294c65c1081dff1a2043eba8cda5836f687a33934d4705ec3f2cad9d1f0ce54d0c587fea1897b1b067eed8fb45eea1310b810c9a5e6b308648a7057959f5f474aa6dfd95ef22a32947a0a9a8d8e8efc04d6482eeb75182c6d40ca1cc9a0cc83a184ef587ccf69a4d42d5ade808ad79baccedefc973e683b51869fae6df2774f305411b0a52f49b3a5bb89c983b5ef83d46ded2ca02251071ac6979f825d0de760a2003b494b955fae9a6aa"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_efs, @l2cap_conf_flushto]}}, @l2cap_create_chan_req, @l2cap_move_chan_rsp, @l2cap_cmd_rej_unk, @l2cap_create_chan_req, @l2cap_create_chan_req, @l2cap_move_chan_req, @l2cap_cmd_rej_unk]}}, 0x22) [ 115.809956] Bluetooth: Frame is too long (len 29, expected len 4) [ 115.811483] Bluetooth: Frame is too long (len 29, expected len 4) [ 116.280406] syz-executor.5 (4221) used greatest stack depth: 24304 bytes left 11:12:20 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @broadcast, r2}, 0xc) 11:12:20 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 11:12:20 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000000)='\x00\x00\x00\x00', 0x4}], 0x1}}], 0x1, 0x0) 11:12:20 executing program 7: syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc8}, @l2cap_cid_signaling={{}, [@l2cap_move_chan_rsp, @l2cap_info_rsp={{0xb, 0xff}, {0x0, 0x0, "3e8cb266f40ce20ba7f00f5c94d2282228a26ad1bd7eeb031b6f5a344588f8a9c457dd7b0774db6348ef028d7b564ac4122f2b5813464cb3f38467b4c2d297e42df5733a5eab0bf9f2a2f932df1460411f7624b5d6d9fb00b5093d7c3187f74731b78a7beb8e3b2190aa0ba6dd7ea057a969883988bcd68efb2c35da7ac29e2e9f363c4b1e8e837b75e445f583be8ebdd1f0a555b890b07539c341e9e5394e7b509656da05b0a4818c74ae2d3a33be50c0cd2fc4607ee07223854d68c317191497bbbcca4198c786e37bfd9e0f2db96a2e6542b2919d43a851dad80d0a638dee81400a6c858cfb981ec65da7e5eae5811914f5ec5c71596e2d2d33c8ba01a8b3407729c751e89c9b8b05401cb352cd593d49b2350ad4c9b996b00646b144215a6078384fa2cb1677bbfbbc2a72c4081e599ebfb39fff392f66205640c9540fc796e350d0c8afb8662d67baf09fce53dfe5a6819a14d7f8771a064f059445373ab815bf809b33d8b1d908c4a95c80476f68d4858573340aac2244144d718b8b72c68eca86f1a7d96de2041d5825872a6cc8828d4a9873dab0757128e71c1cf950230d88a5b1088333b26d13cf3ea090757aab7c05a561367101dd81b4ef8c11680d627cfc47493cffcd97e26a84c52fe7cc30038439b8e18601708255861301a481523d2d3d1362c18b001d6b87e52fd0e5db8715122d0db0663b2d27c239531321e30c81daca5b630f0231467917c0c1ac8f3edd30fea8623af2db5535a523ef22c206bd0a9867f9b4ca0b579603492d051edb2b4e0713a9fb6b2bfae17d84a17460a3bc35a75328f61462f1ac5f8f276cad5b164a741074c80b48b9416ae9916c970c76a6f6e29f682a62e3d8bc6860dc22e77cfe8637f420343c0932552a0bc646508df94e98539b24d190a4bc509ea1f2e7ddcd3e5accf149b9e02abd6c57623cbcecf6a36dcc526fa307fb7d5d19c647c35e7ead08383df0ea445735e7c22c04276794e082c71c0c845f3390e3bbd1959b05b81ed7382c02715d2c23f4cf1e087c2112bc34566a4666061414d1d29426a8f5bdee889c84cde902a5d56080663bb68cc5b6ae99251569675a808a13e050a86d00ba3d7fe95d6af45e922c587d68598076f8858bdd3791eb83ee1052546574975a4d41b8d48dd715ba24f1ca6d108b61b84a9f3270581311e5c6fe9db6694dff2e8e1580562adc1cf25512cf9f9674adfee70f9c790828fc0c0ec326db1fcd174b70af784f6e701327f917c8d91471894815fef3efdc5eafce3a7383a985faef8d337dfe73f2659be4b383e682f2c3af8d85a48833ab3a58ae7e9c51fee4d6d1c3ee1b87d3a174374d33b7162e86c85e92575ee240019a46c59ea55096b18a9a9c9e8ca50b305af5eabf02aa499b1c8cad928bb93c4a5b97e5578fbd51ac531495ed6caac7922e82230d64f4e01ccc59fe41213a0a979c28a2364bda2ce2415bedfc28af77a6ca59f36ce997765d4defb63cba0b16cbc7efba8d7af88881ec9238577e86fc608d17fe849291a59292b2aabd0eccb9f1f95ffbeaf5d6a6f5259d8ec5fa066e9d80d54b38da2080c3eb28ca89f2258387705634b316bf5fde73a5aca74a498e545e5ea130fde6e9e1dcd7afb26a64435bc6071771271de7b440c0905cbff95e1bd7402d52dce8e44d422f97e05b7312d6e311fa73dbf093de080e239efa6d937c647bc3970f09e80b5b7dc7a68e83b235854cf4b59394381503c7e5c94c7f167d0bcc9bf0a96b96e73e83e834f127caddc1feb13a5da49c3079e9cb075e7c03f62a855451aef2f90e9949b702b9bf196b9a2a0080272b3ca37b4b07077a5f2bf4dcf35e8af877df534ad53b70c344bcfb05fdead627ba2d1163060d8d74e70d8829f412af5c990004a3ff4f6cade8cc6267a12bcf5727b84d8850a1335a939aa2f39e355b6b5b125c82eb543c5f1f1cd805db56d54cbb702830ebe20809db82ed7ccee9600b9428b95ee99d313328812040e24cb282524c5e793724f06b3ef11b71812c083c942d7216f90a308f3052712cbc062cef9251324c70beac61b29deff3d6660d437a86088b07f5333b7376bc78718a87beeb28b522a6ee771fdef22349ad460c7e6ca9aa9f4cdde3bd3b5c752dd9070f7353f090d6cbb7653365192f78a5b23521e0975fdf076f709092283d4fd903f1a2add6d0df5c38d3898d618da3e75db89655b104020da265e9bb60c53ba29203da8f2969ede773c716ce7516f0f0bded8171564a9e10989947b131681f0e4ba26cae46541838ecbc16757bfbe48aae90c4374385a78691c26e642b37cb95d58036973e53b770e77cecd6c6e631f8483f6dc218bd18e6289d131fa74add365c64599315144c97401bb72f880e373e66df4427e4de1024f433bd242fea7a6c6c21dfe28a5210a4be0537fdced34778f4e14c70553d5a17fab0d1e4390e4628897dcca359f9ad37af407dcac8d51a1aa1876ea8cc048dd25958db6239b82a611e6d296521e96a2fa89ddd1b5733b55a2ce3f758a133c06eac13d9463bfd4072198d25b4be9f6e03a669dd240e8cb9127013fa8ab8314da702c6563cc3e7da979df14ccf6bb4cce7d7eee500386b92d7923c6e717668edd51c65efe0ac3615a22a1b911ea2d0336918f6164aa75cee7460fa9466bddf9dd03aa67c30e01525e50ad6bb00dbbfd0ae8d0c229959082b291fcdf716ea8928f2e1abc1a8d1cbe41bcf6ffa9bd37cc426749d8420a7d13fefe5b9fe5a98b8149b04ee038491f0b0630ebd06fc746c2fb2574ec658c72389afc7d77df23f0c3d64e11d2553d5d3ae9d4d409cbd9885283d1f038c54d2b6dc30889411f45cb7e24b69e268ffea08b767cd23daba06453bb1c2c497cd7daa39566a5a0256d837e2756038cd308d84efbc861c76498aeda37e1a0ec576362fd3a6805c08abbd4aa76437e1dd54e087fe43992ffe2240dbd83b1f21a4495f0d9420a41b5ef57a0a01a9cb942a417665459ae6068f5f024d34a43b4fcb081024dcc7d74cfb287d82d7a3d9a8893e88f635f26502a76b369d3cd6a4c433ddbd83fd839ea12b6d05decc731477c7825f94aabd2cfa5c2180d7709cbaf77a36bfc2bba10850e050e5728c5cbfbb4eb689c7e08a92526744aeb1f001571b637f7f767a5ef3d2f54a821bf3c174c5b3f28f92b95e30fe6fbb45f67d25e1cdf3eb3907ccf6ddba02b47bb16c50da3223349fafed3994e2282709a84f23662011f10e22471d46114bbe98176a30e480e8c7b7f816a678493d8ca9e9dca17a97359b03d5fce39dd38ccc86e4049e2fecf2ff857c575d234dff61a56b8156a4b5aca529fba19fcb07d7cb27cdad3194fa84de01896eb28ece8180dfe43aa946a9af82742cc0727ede5f3092c2bbe1b8149507065097f555fd00bac8ec857d0db7cc97cb4209a606608d609d84443f9cfa00f6c4981b9a74ea719622d2c5a361f97800eef26b3df99b6bd2896dad8c02a9d7266dd565e6bc9a6e822019dba453d505f613783b408526b924244c822aa7d34b4494a55c8434afd3d10952ca81cd965e0cfababbd92c271459446ee95ed0a276c5b61d229b66d755d6313fd7e0ee5f53ca05de9ed2f2923cc0e01e4353116aa5a3e1be8556db4d0ec02bc8c9c17fabd8b0ea41a8de7df53b7d99e74dbdbe9feb0b6fb17349233a902552af2123a1bb41c5b562ace0f135415c1988b6ea380cb496aee1626ec3a5c2dd11627f70f62bc802893be0d80d90245ab8c25a9ae214d93d0663e8478ef528e91e3641d5ef7d8bcb36d9f717525da9be047050bd5fea0bad1ec985a3d60583ce3c75c0636141435f0458b8c0b5d2e0eba1237c91388c3aee65348d524489fb6e20be12e8dccdb2e74b499c3d32b8c3ec05f8bcb54ddc138eed486aa1432d92f0c2612226efdbb109c79128fa26601dd9afd6c5def89419bea1a477e8d388499431b50ba3554bd8358871bf2bec47273b49bd9b969b3d15dc92e568302559d7ea71d01f9b6f75e9251a5b1d7929d19890dc1f893e86329d6842a4a0d8ddedb18173160c2e8bb28b24123ba8500426ee0bd6be00fc56c4f0e074a29b41c2195d4b0468ac1c0b4afec2b8f5fea9800f645af57b9364f1dff280fba0e259224b1dce439463d53217b0dc120346861a1ac1aece23d470c2e27d10488e361b6452be4f2986c6f4720b8f35a9c06851abadd0aa9ce9a7545ee52045e9720b468e3752c0d0dbcdc23ae70fae1a26a60b31a4b98e31db9fcafd71d4b838e23ef13a33728cd88a76c96c1a73ded0f7ef7001d18e307406a0bf20efd275a1e32c9ce497f740ab757a27d7709408b10de271843f5bd202df420e4d2d71460aed587bc65bca48542462ef6ca1332854cd26ee57de7efc36f3fbc76fbab97dca76e05229fca2a2e2a6a057d5e53f9722fe7dcc00f147f6f05d74ddd00278414235d70e275afd1f4bad9fee5ba98ff6be13758dd4feda3d6a48bcbd86b1eee0813e4bdaf68ecf9023be3d1210c98fddc1a37e5f4e5ec8b7b5905222751d221f8e854d6ac0aa40145ef047762c03a73372f46e2851a6aed7d7df71ff0127a23e160b2f2cf76d8be20d1b5a9e8027e7a981ca4b18d7b3910a822a76afd713251612036d3401598ed8c572b18e48883d0b9230fa914ee4f176fc2848d5b378c892a7569ac575859fcaa6356a0101644fd6ce5aa3e26fc58298642706b2b4125ffa3c3e5f27fa80ae7b9014c71edbff15bd8fa72a8b348948cf4011daafcb802f2171bf6f691beace405d5919eba320c4810ff37006b247d65178a78598ebeea4e03c9ae75154498678abfb00ca28a93700b30161c3554f9646dde6443a2b718621dc27449be7abe94c0e89e42b3370d7083b9eb875ac8e1eacafadfcc344ad31d181617c5c4dffe03ccdc1bfded50042355b36d65291afb616d35eed9d3b1ce41cd60e363042aef2b24083fc7d4affea5b3315b4af3b5cc8805da17f4b7d73a7e24a63236d64f481d49fe600a9c787ef3819588a874fc2075cfb9ae27370c6998599c94b5fe30d331bfdc31dbbe143ad715210a7457346303bb44d8ac9e621aa3849d9a13219c285527431ea409ac3c07920e24a91cbb30edf5730dfc490b0b84d9fce9965bea6152159b6da47c93f5eff18612f703aa91a4347fd183ada769666643b90559eaa8781c6f2cf5d0980f655ed1f0b6b91b01c8857ed0a4ef79aef42ee0c7d271f1f97ea6b3fd6b1dc5f9adaef02159c7966a8203f0a5153e6eceda27e1cf0e1714e3100534f04d1a9834554d0ff2d7c4d94f5d099429f90e04d42856b3244fdac8fcf01c4724d4946cb13a22f4b9b0a2f1ceb5cfbfc41832e38e06b9a7fefab3d0beceb3f9ab38f150c506886c9c371cc2cab3665f10875c7eaa77dbd66c34b328fd7664d43100f7718f90c7a07f29c0591e50bfb6ec31ee28381c37c813d9fb3ff283d570eeb0af1cecb2c0294f279e5aacc077debe1c154bfd9d27d8e174bea598cd35108be284dcdbc4a7d995fe849b01d124aa28c8ebf91d10655b326a5f6da74c078b2fe199f294c65c1081dff1a2043eba8cda5836f687a33934d4705ec3f2cad9d1f0ce54d0c587fea1897b1b067eed8fb45eea1310b810c9a5e6b308648a7057959f5f474aa6dfd95ef22a32947a0a9a8d8e8efc04d6482eeb75182c6d40ca1cc9a0cc83a184ef587ccf69a4d42d5ade808ad79baccedefc973e683b51869fae6df2774f305411b0a52f49b3a5bb89c983b5ef83d46ded2ca02251071ac6979f825d0de760a2003b494b955fae9a6aa"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_efs, @l2cap_conf_flushto]}}, @l2cap_create_chan_req, @l2cap_move_chan_rsp, @l2cap_cmd_rej_unk, @l2cap_create_chan_req, @l2cap_create_chan_req, @l2cap_move_chan_req, @l2cap_cmd_rej_unk]}}, 0x22) 11:12:20 executing program 4: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x19}, &(0x7f0000000700)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:20 executing program 2: r0 = syz_io_uring_setup(0xe8f, &(0x7f00000005c0), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000c66000/0x4000)=nil, &(0x7f00000006c0)=0x0, &(0x7f00000003c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000580)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x0, @fd, 0x0, 0x0}, 0x7) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000380)='./file0\x00'}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:12:20 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000e80)=""/113) [ 116.332939] Bluetooth: Frame is too long (len 29, expected len 4) 11:12:21 executing program 7: syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc8}, @l2cap_cid_signaling={{}, [@l2cap_move_chan_rsp, @l2cap_info_rsp={{0xb, 0xff}, {0x0, 0x0, "3e8cb266f40ce20ba7f00f5c94d2282228a26ad1bd7eeb031b6f5a344588f8a9c457dd7b0774db6348ef028d7b564ac4122f2b5813464cb3f38467b4c2d297e42df5733a5eab0bf9f2a2f932df1460411f7624b5d6d9fb00b5093d7c3187f74731b78a7beb8e3b2190aa0ba6dd7ea057a969883988bcd68efb2c35da7ac29e2e9f363c4b1e8e837b75e445f583be8ebdd1f0a555b890b07539c341e9e5394e7b509656da05b0a4818c74ae2d3a33be50c0cd2fc4607ee07223854d68c317191497bbbcca4198c786e37bfd9e0f2db96a2e6542b2919d43a851dad80d0a638dee81400a6c858cfb981ec65da7e5eae5811914f5ec5c71596e2d2d33c8ba01a8b3407729c751e89c9b8b05401cb352cd593d49b2350ad4c9b996b00646b144215a6078384fa2cb1677bbfbbc2a72c4081e599ebfb39fff392f66205640c9540fc796e350d0c8afb8662d67baf09fce53dfe5a6819a14d7f8771a064f059445373ab815bf809b33d8b1d908c4a95c80476f68d4858573340aac2244144d718b8b72c68eca86f1a7d96de2041d5825872a6cc8828d4a9873dab0757128e71c1cf950230d88a5b1088333b26d13cf3ea090757aab7c05a561367101dd81b4ef8c11680d627cfc47493cffcd97e26a84c52fe7cc30038439b8e18601708255861301a481523d2d3d1362c18b001d6b87e52fd0e5db8715122d0db0663b2d27c239531321e30c81daca5b630f0231467917c0c1ac8f3edd30fea8623af2db5535a523ef22c206bd0a9867f9b4ca0b579603492d051edb2b4e0713a9fb6b2bfae17d84a17460a3bc35a75328f61462f1ac5f8f276cad5b164a741074c80b48b9416ae9916c970c76a6f6e29f682a62e3d8bc6860dc22e77cfe8637f420343c0932552a0bc646508df94e98539b24d190a4bc509ea1f2e7ddcd3e5accf149b9e02abd6c57623cbcecf6a36dcc526fa307fb7d5d19c647c35e7ead08383df0ea445735e7c22c04276794e082c71c0c845f3390e3bbd1959b05b81ed7382c02715d2c23f4cf1e087c2112bc34566a4666061414d1d29426a8f5bdee889c84cde902a5d56080663bb68cc5b6ae99251569675a808a13e050a86d00ba3d7fe95d6af45e922c587d68598076f8858bdd3791eb83ee1052546574975a4d41b8d48dd715ba24f1ca6d108b61b84a9f3270581311e5c6fe9db6694dff2e8e1580562adc1cf25512cf9f9674adfee70f9c790828fc0c0ec326db1fcd174b70af784f6e701327f917c8d91471894815fef3efdc5eafce3a7383a985faef8d337dfe73f2659be4b383e682f2c3af8d85a48833ab3a58ae7e9c51fee4d6d1c3ee1b87d3a174374d33b7162e86c85e92575ee240019a46c59ea55096b18a9a9c9e8ca50b305af5eabf02aa499b1c8cad928bb93c4a5b97e5578fbd51ac531495ed6caac7922e82230d64f4e01ccc59fe41213a0a979c28a2364bda2ce2415bedfc28af77a6ca59f36ce997765d4defb63cba0b16cbc7efba8d7af88881ec9238577e86fc608d17fe849291a59292b2aabd0eccb9f1f95ffbeaf5d6a6f5259d8ec5fa066e9d80d54b38da2080c3eb28ca89f2258387705634b316bf5fde73a5aca74a498e545e5ea130fde6e9e1dcd7afb26a64435bc6071771271de7b440c0905cbff95e1bd7402d52dce8e44d422f97e05b7312d6e311fa73dbf093de080e239efa6d937c647bc3970f09e80b5b7dc7a68e83b235854cf4b59394381503c7e5c94c7f167d0bcc9bf0a96b96e73e83e834f127caddc1feb13a5da49c3079e9cb075e7c03f62a855451aef2f90e9949b702b9bf196b9a2a0080272b3ca37b4b07077a5f2bf4dcf35e8af877df534ad53b70c344bcfb05fdead627ba2d1163060d8d74e70d8829f412af5c990004a3ff4f6cade8cc6267a12bcf5727b84d8850a1335a939aa2f39e355b6b5b125c82eb543c5f1f1cd805db56d54cbb702830ebe20809db82ed7ccee9600b9428b95ee99d313328812040e24cb282524c5e793724f06b3ef11b71812c083c942d7216f90a308f3052712cbc062cef9251324c70beac61b29deff3d6660d437a86088b07f5333b7376bc78718a87beeb28b522a6ee771fdef22349ad460c7e6ca9aa9f4cdde3bd3b5c752dd9070f7353f090d6cbb7653365192f78a5b23521e0975fdf076f709092283d4fd903f1a2add6d0df5c38d3898d618da3e75db89655b104020da265e9bb60c53ba29203da8f2969ede773c716ce7516f0f0bded8171564a9e10989947b131681f0e4ba26cae46541838ecbc16757bfbe48aae90c4374385a78691c26e642b37cb95d58036973e53b770e77cecd6c6e631f8483f6dc218bd18e6289d131fa74add365c64599315144c97401bb72f880e373e66df4427e4de1024f433bd242fea7a6c6c21dfe28a5210a4be0537fdced34778f4e14c70553d5a17fab0d1e4390e4628897dcca359f9ad37af407dcac8d51a1aa1876ea8cc048dd25958db6239b82a611e6d296521e96a2fa89ddd1b5733b55a2ce3f758a133c06eac13d9463bfd4072198d25b4be9f6e03a669dd240e8cb9127013fa8ab8314da702c6563cc3e7da979df14ccf6bb4cce7d7eee500386b92d7923c6e717668edd51c65efe0ac3615a22a1b911ea2d0336918f6164aa75cee7460fa9466bddf9dd03aa67c30e01525e50ad6bb00dbbfd0ae8d0c229959082b291fcdf716ea8928f2e1abc1a8d1cbe41bcf6ffa9bd37cc426749d8420a7d13fefe5b9fe5a98b8149b04ee038491f0b0630ebd06fc746c2fb2574ec658c72389afc7d77df23f0c3d64e11d2553d5d3ae9d4d409cbd9885283d1f038c54d2b6dc30889411f45cb7e24b69e268ffea08b767cd23daba06453bb1c2c497cd7daa39566a5a0256d837e2756038cd308d84efbc861c76498aeda37e1a0ec576362fd3a6805c08abbd4aa76437e1dd54e087fe43992ffe2240dbd83b1f21a4495f0d9420a41b5ef57a0a01a9cb942a417665459ae6068f5f024d34a43b4fcb081024dcc7d74cfb287d82d7a3d9a8893e88f635f26502a76b369d3cd6a4c433ddbd83fd839ea12b6d05decc731477c7825f94aabd2cfa5c2180d7709cbaf77a36bfc2bba10850e050e5728c5cbfbb4eb689c7e08a92526744aeb1f001571b637f7f767a5ef3d2f54a821bf3c174c5b3f28f92b95e30fe6fbb45f67d25e1cdf3eb3907ccf6ddba02b47bb16c50da3223349fafed3994e2282709a84f23662011f10e22471d46114bbe98176a30e480e8c7b7f816a678493d8ca9e9dca17a97359b03d5fce39dd38ccc86e4049e2fecf2ff857c575d234dff61a56b8156a4b5aca529fba19fcb07d7cb27cdad3194fa84de01896eb28ece8180dfe43aa946a9af82742cc0727ede5f3092c2bbe1b8149507065097f555fd00bac8ec857d0db7cc97cb4209a606608d609d84443f9cfa00f6c4981b9a74ea719622d2c5a361f97800eef26b3df99b6bd2896dad8c02a9d7266dd565e6bc9a6e822019dba453d505f613783b408526b924244c822aa7d34b4494a55c8434afd3d10952ca81cd965e0cfababbd92c271459446ee95ed0a276c5b61d229b66d755d6313fd7e0ee5f53ca05de9ed2f2923cc0e01e4353116aa5a3e1be8556db4d0ec02bc8c9c17fabd8b0ea41a8de7df53b7d99e74dbdbe9feb0b6fb17349233a902552af2123a1bb41c5b562ace0f135415c1988b6ea380cb496aee1626ec3a5c2dd11627f70f62bc802893be0d80d90245ab8c25a9ae214d93d0663e8478ef528e91e3641d5ef7d8bcb36d9f717525da9be047050bd5fea0bad1ec985a3d60583ce3c75c0636141435f0458b8c0b5d2e0eba1237c91388c3aee65348d524489fb6e20be12e8dccdb2e74b499c3d32b8c3ec05f8bcb54ddc138eed486aa1432d92f0c2612226efdbb109c79128fa26601dd9afd6c5def89419bea1a477e8d388499431b50ba3554bd8358871bf2bec47273b49bd9b969b3d15dc92e568302559d7ea71d01f9b6f75e9251a5b1d7929d19890dc1f893e86329d6842a4a0d8ddedb18173160c2e8bb28b24123ba8500426ee0bd6be00fc56c4f0e074a29b41c2195d4b0468ac1c0b4afec2b8f5fea9800f645af57b9364f1dff280fba0e259224b1dce439463d53217b0dc120346861a1ac1aece23d470c2e27d10488e361b6452be4f2986c6f4720b8f35a9c06851abadd0aa9ce9a7545ee52045e9720b468e3752c0d0dbcdc23ae70fae1a26a60b31a4b98e31db9fcafd71d4b838e23ef13a33728cd88a76c96c1a73ded0f7ef7001d18e307406a0bf20efd275a1e32c9ce497f740ab757a27d7709408b10de271843f5bd202df420e4d2d71460aed587bc65bca48542462ef6ca1332854cd26ee57de7efc36f3fbc76fbab97dca76e05229fca2a2e2a6a057d5e53f9722fe7dcc00f147f6f05d74ddd00278414235d70e275afd1f4bad9fee5ba98ff6be13758dd4feda3d6a48bcbd86b1eee0813e4bdaf68ecf9023be3d1210c98fddc1a37e5f4e5ec8b7b5905222751d221f8e854d6ac0aa40145ef047762c03a73372f46e2851a6aed7d7df71ff0127a23e160b2f2cf76d8be20d1b5a9e8027e7a981ca4b18d7b3910a822a76afd713251612036d3401598ed8c572b18e48883d0b9230fa914ee4f176fc2848d5b378c892a7569ac575859fcaa6356a0101644fd6ce5aa3e26fc58298642706b2b4125ffa3c3e5f27fa80ae7b9014c71edbff15bd8fa72a8b348948cf4011daafcb802f2171bf6f691beace405d5919eba320c4810ff37006b247d65178a78598ebeea4e03c9ae75154498678abfb00ca28a93700b30161c3554f9646dde6443a2b718621dc27449be7abe94c0e89e42b3370d7083b9eb875ac8e1eacafadfcc344ad31d181617c5c4dffe03ccdc1bfded50042355b36d65291afb616d35eed9d3b1ce41cd60e363042aef2b24083fc7d4affea5b3315b4af3b5cc8805da17f4b7d73a7e24a63236d64f481d49fe600a9c787ef3819588a874fc2075cfb9ae27370c6998599c94b5fe30d331bfdc31dbbe143ad715210a7457346303bb44d8ac9e621aa3849d9a13219c285527431ea409ac3c07920e24a91cbb30edf5730dfc490b0b84d9fce9965bea6152159b6da47c93f5eff18612f703aa91a4347fd183ada769666643b90559eaa8781c6f2cf5d0980f655ed1f0b6b91b01c8857ed0a4ef79aef42ee0c7d271f1f97ea6b3fd6b1dc5f9adaef02159c7966a8203f0a5153e6eceda27e1cf0e1714e3100534f04d1a9834554d0ff2d7c4d94f5d099429f90e04d42856b3244fdac8fcf01c4724d4946cb13a22f4b9b0a2f1ceb5cfbfc41832e38e06b9a7fefab3d0beceb3f9ab38f150c506886c9c371cc2cab3665f10875c7eaa77dbd66c34b328fd7664d43100f7718f90c7a07f29c0591e50bfb6ec31ee28381c37c813d9fb3ff283d570eeb0af1cecb2c0294f279e5aacc077debe1c154bfd9d27d8e174bea598cd35108be284dcdbc4a7d995fe849b01d124aa28c8ebf91d10655b326a5f6da74c078b2fe199f294c65c1081dff1a2043eba8cda5836f687a33934d4705ec3f2cad9d1f0ce54d0c587fea1897b1b067eed8fb45eea1310b810c9a5e6b308648a7057959f5f474aa6dfd95ef22a32947a0a9a8d8e8efc04d6482eeb75182c6d40ca1cc9a0cc83a184ef587ccf69a4d42d5ade808ad79baccedefc973e683b51869fae6df2774f305411b0a52f49b3a5bb89c983b5ef83d46ded2ca02251071ac6979f825d0de760a2003b494b955fae9a6aa"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_efs, @l2cap_conf_flushto]}}, @l2cap_create_chan_req, @l2cap_move_chan_rsp, @l2cap_cmd_rej_unk, @l2cap_create_chan_req, @l2cap_create_chan_req, @l2cap_move_chan_req, @l2cap_cmd_rej_unk]}}, 0x22) 11:12:21 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000e80)=""/113) 11:12:21 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000000)='\x00\x00\x00\x00', 0x4}], 0x1}}], 0x1, 0x0) 11:12:21 executing program 4: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x19}, &(0x7f0000000700)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000002580)={0x1, &(0x7f0000002540)=[{0x8}]}, 0x10) 11:12:21 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000002e00)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000)) [ 116.473586] Bluetooth: Frame is too long (len 29, expected len 4) 11:12:21 executing program 2: r0 = syz_io_uring_setup(0xe8f, &(0x7f00000005c0), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000c66000/0x4000)=nil, &(0x7f00000006c0)=0x0, &(0x7f00000003c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000580)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x0, @fd, 0x0, 0x0}, 0x7) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000380)='./file0\x00'}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:21 executing program 7: syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc8}, @l2cap_cid_signaling={{}, [@l2cap_move_chan_rsp, @l2cap_info_rsp={{0xb, 0xff}, {0x0, 0x0, "3e8cb266f40ce20ba7f00f5c94d2282228a26ad1bd7eeb031b6f5a344588f8a9c457dd7b0774db6348ef028d7b564ac4122f2b5813464cb3f38467b4c2d297e42df5733a5eab0bf9f2a2f932df1460411f7624b5d6d9fb00b5093d7c3187f74731b78a7beb8e3b2190aa0ba6dd7ea057a969883988bcd68efb2c35da7ac29e2e9f363c4b1e8e837b75e445f583be8ebdd1f0a555b890b07539c341e9e5394e7b509656da05b0a4818c74ae2d3a33be50c0cd2fc4607ee07223854d68c317191497bbbcca4198c786e37bfd9e0f2db96a2e6542b2919d43a851dad80d0a638dee81400a6c858cfb981ec65da7e5eae5811914f5ec5c71596e2d2d33c8ba01a8b3407729c751e89c9b8b05401cb352cd593d49b2350ad4c9b996b00646b144215a6078384fa2cb1677bbfbbc2a72c4081e599ebfb39fff392f66205640c9540fc796e350d0c8afb8662d67baf09fce53dfe5a6819a14d7f8771a064f059445373ab815bf809b33d8b1d908c4a95c80476f68d4858573340aac2244144d718b8b72c68eca86f1a7d96de2041d5825872a6cc8828d4a9873dab0757128e71c1cf950230d88a5b1088333b26d13cf3ea090757aab7c05a561367101dd81b4ef8c11680d627cfc47493cffcd97e26a84c52fe7cc30038439b8e18601708255861301a481523d2d3d1362c18b001d6b87e52fd0e5db8715122d0db0663b2d27c239531321e30c81daca5b630f0231467917c0c1ac8f3edd30fea8623af2db5535a523ef22c206bd0a9867f9b4ca0b579603492d051edb2b4e0713a9fb6b2bfae17d84a17460a3bc35a75328f61462f1ac5f8f276cad5b164a741074c80b48b9416ae9916c970c76a6f6e29f682a62e3d8bc6860dc22e77cfe8637f420343c0932552a0bc646508df94e98539b24d190a4bc509ea1f2e7ddcd3e5accf149b9e02abd6c57623cbcecf6a36dcc526fa307fb7d5d19c647c35e7ead08383df0ea445735e7c22c04276794e082c71c0c845f3390e3bbd1959b05b81ed7382c02715d2c23f4cf1e087c2112bc34566a4666061414d1d29426a8f5bdee889c84cde902a5d56080663bb68cc5b6ae99251569675a808a13e050a86d00ba3d7fe95d6af45e922c587d68598076f8858bdd3791eb83ee1052546574975a4d41b8d48dd715ba24f1ca6d108b61b84a9f3270581311e5c6fe9db6694dff2e8e1580562adc1cf25512cf9f9674adfee70f9c790828fc0c0ec326db1fcd174b70af784f6e701327f917c8d91471894815fef3efdc5eafce3a7383a985faef8d337dfe73f2659be4b383e682f2c3af8d85a48833ab3a58ae7e9c51fee4d6d1c3ee1b87d3a174374d33b7162e86c85e92575ee240019a46c59ea55096b18a9a9c9e8ca50b305af5eabf02aa499b1c8cad928bb93c4a5b97e5578fbd51ac531495ed6caac7922e82230d64f4e01ccc59fe41213a0a979c28a2364bda2ce2415bedfc28af77a6ca59f36ce997765d4defb63cba0b16cbc7efba8d7af88881ec9238577e86fc608d17fe849291a59292b2aabd0eccb9f1f95ffbeaf5d6a6f5259d8ec5fa066e9d80d54b38da2080c3eb28ca89f2258387705634b316bf5fde73a5aca74a498e545e5ea130fde6e9e1dcd7afb26a64435bc6071771271de7b440c0905cbff95e1bd7402d52dce8e44d422f97e05b7312d6e311fa73dbf093de080e239efa6d937c647bc3970f09e80b5b7dc7a68e83b235854cf4b59394381503c7e5c94c7f167d0bcc9bf0a96b96e73e83e834f127caddc1feb13a5da49c3079e9cb075e7c03f62a855451aef2f90e9949b702b9bf196b9a2a0080272b3ca37b4b07077a5f2bf4dcf35e8af877df534ad53b70c344bcfb05fdead627ba2d1163060d8d74e70d8829f412af5c990004a3ff4f6cade8cc6267a12bcf5727b84d8850a1335a939aa2f39e355b6b5b125c82eb543c5f1f1cd805db56d54cbb702830ebe20809db82ed7ccee9600b9428b95ee99d313328812040e24cb282524c5e793724f06b3ef11b71812c083c942d7216f90a308f3052712cbc062cef9251324c70beac61b29deff3d6660d437a86088b07f5333b7376bc78718a87beeb28b522a6ee771fdef22349ad460c7e6ca9aa9f4cdde3bd3b5c752dd9070f7353f090d6cbb7653365192f78a5b23521e0975fdf076f709092283d4fd903f1a2add6d0df5c38d3898d618da3e75db89655b104020da265e9bb60c53ba29203da8f2969ede773c716ce7516f0f0bded8171564a9e10989947b131681f0e4ba26cae46541838ecbc16757bfbe48aae90c4374385a78691c26e642b37cb95d58036973e53b770e77cecd6c6e631f8483f6dc218bd18e6289d131fa74add365c64599315144c97401bb72f880e373e66df4427e4de1024f433bd242fea7a6c6c21dfe28a5210a4be0537fdced34778f4e14c70553d5a17fab0d1e4390e4628897dcca359f9ad37af407dcac8d51a1aa1876ea8cc048dd25958db6239b82a611e6d296521e96a2fa89ddd1b5733b55a2ce3f758a133c06eac13d9463bfd4072198d25b4be9f6e03a669dd240e8cb9127013fa8ab8314da702c6563cc3e7da979df14ccf6bb4cce7d7eee500386b92d7923c6e717668edd51c65efe0ac3615a22a1b911ea2d0336918f6164aa75cee7460fa9466bddf9dd03aa67c30e01525e50ad6bb00dbbfd0ae8d0c229959082b291fcdf716ea8928f2e1abc1a8d1cbe41bcf6ffa9bd37cc426749d8420a7d13fefe5b9fe5a98b8149b04ee038491f0b0630ebd06fc746c2fb2574ec658c72389afc7d77df23f0c3d64e11d2553d5d3ae9d4d409cbd9885283d1f038c54d2b6dc30889411f45cb7e24b69e268ffea08b767cd23daba06453bb1c2c497cd7daa39566a5a0256d837e2756038cd308d84efbc861c76498aeda37e1a0ec576362fd3a6805c08abbd4aa76437e1dd54e087fe43992ffe2240dbd83b1f21a4495f0d9420a41b5ef57a0a01a9cb942a417665459ae6068f5f024d34a43b4fcb081024dcc7d74cfb287d82d7a3d9a8893e88f635f26502a76b369d3cd6a4c433ddbd83fd839ea12b6d05decc731477c7825f94aabd2cfa5c2180d7709cbaf77a36bfc2bba10850e050e5728c5cbfbb4eb689c7e08a92526744aeb1f001571b637f7f767a5ef3d2f54a821bf3c174c5b3f28f92b95e30fe6fbb45f67d25e1cdf3eb3907ccf6ddba02b47bb16c50da3223349fafed3994e2282709a84f23662011f10e22471d46114bbe98176a30e480e8c7b7f816a678493d8ca9e9dca17a97359b03d5fce39dd38ccc86e4049e2fecf2ff857c575d234dff61a56b8156a4b5aca529fba19fcb07d7cb27cdad3194fa84de01896eb28ece8180dfe43aa946a9af82742cc0727ede5f3092c2bbe1b8149507065097f555fd00bac8ec857d0db7cc97cb4209a606608d609d84443f9cfa00f6c4981b9a74ea719622d2c5a361f97800eef26b3df99b6bd2896dad8c02a9d7266dd565e6bc9a6e822019dba453d505f613783b408526b924244c822aa7d34b4494a55c8434afd3d10952ca81cd965e0cfababbd92c271459446ee95ed0a276c5b61d229b66d755d6313fd7e0ee5f53ca05de9ed2f2923cc0e01e4353116aa5a3e1be8556db4d0ec02bc8c9c17fabd8b0ea41a8de7df53b7d99e74dbdbe9feb0b6fb17349233a902552af2123a1bb41c5b562ace0f135415c1988b6ea380cb496aee1626ec3a5c2dd11627f70f62bc802893be0d80d90245ab8c25a9ae214d93d0663e8478ef528e91e3641d5ef7d8bcb36d9f717525da9be047050bd5fea0bad1ec985a3d60583ce3c75c0636141435f0458b8c0b5d2e0eba1237c91388c3aee65348d524489fb6e20be12e8dccdb2e74b499c3d32b8c3ec05f8bcb54ddc138eed486aa1432d92f0c2612226efdbb109c79128fa26601dd9afd6c5def89419bea1a477e8d388499431b50ba3554bd8358871bf2bec47273b49bd9b969b3d15dc92e568302559d7ea71d01f9b6f75e9251a5b1d7929d19890dc1f893e86329d6842a4a0d8ddedb18173160c2e8bb28b24123ba8500426ee0bd6be00fc56c4f0e074a29b41c2195d4b0468ac1c0b4afec2b8f5fea9800f645af57b9364f1dff280fba0e259224b1dce439463d53217b0dc120346861a1ac1aece23d470c2e27d10488e361b6452be4f2986c6f4720b8f35a9c06851abadd0aa9ce9a7545ee52045e9720b468e3752c0d0dbcdc23ae70fae1a26a60b31a4b98e31db9fcafd71d4b838e23ef13a33728cd88a76c96c1a73ded0f7ef7001d18e307406a0bf20efd275a1e32c9ce497f740ab757a27d7709408b10de271843f5bd202df420e4d2d71460aed587bc65bca48542462ef6ca1332854cd26ee57de7efc36f3fbc76fbab97dca76e05229fca2a2e2a6a057d5e53f9722fe7dcc00f147f6f05d74ddd00278414235d70e275afd1f4bad9fee5ba98ff6be13758dd4feda3d6a48bcbd86b1eee0813e4bdaf68ecf9023be3d1210c98fddc1a37e5f4e5ec8b7b5905222751d221f8e854d6ac0aa40145ef047762c03a73372f46e2851a6aed7d7df71ff0127a23e160b2f2cf76d8be20d1b5a9e8027e7a981ca4b18d7b3910a822a76afd713251612036d3401598ed8c572b18e48883d0b9230fa914ee4f176fc2848d5b378c892a7569ac575859fcaa6356a0101644fd6ce5aa3e26fc58298642706b2b4125ffa3c3e5f27fa80ae7b9014c71edbff15bd8fa72a8b348948cf4011daafcb802f2171bf6f691beace405d5919eba320c4810ff37006b247d65178a78598ebeea4e03c9ae75154498678abfb00ca28a93700b30161c3554f9646dde6443a2b718621dc27449be7abe94c0e89e42b3370d7083b9eb875ac8e1eacafadfcc344ad31d181617c5c4dffe03ccdc1bfded50042355b36d65291afb616d35eed9d3b1ce41cd60e363042aef2b24083fc7d4affea5b3315b4af3b5cc8805da17f4b7d73a7e24a63236d64f481d49fe600a9c787ef3819588a874fc2075cfb9ae27370c6998599c94b5fe30d331bfdc31dbbe143ad715210a7457346303bb44d8ac9e621aa3849d9a13219c285527431ea409ac3c07920e24a91cbb30edf5730dfc490b0b84d9fce9965bea6152159b6da47c93f5eff18612f703aa91a4347fd183ada769666643b90559eaa8781c6f2cf5d0980f655ed1f0b6b91b01c8857ed0a4ef79aef42ee0c7d271f1f97ea6b3fd6b1dc5f9adaef02159c7966a8203f0a5153e6eceda27e1cf0e1714e3100534f04d1a9834554d0ff2d7c4d94f5d099429f90e04d42856b3244fdac8fcf01c4724d4946cb13a22f4b9b0a2f1ceb5cfbfc41832e38e06b9a7fefab3d0beceb3f9ab38f150c506886c9c371cc2cab3665f10875c7eaa77dbd66c34b328fd7664d43100f7718f90c7a07f29c0591e50bfb6ec31ee28381c37c813d9fb3ff283d570eeb0af1cecb2c0294f279e5aacc077debe1c154bfd9d27d8e174bea598cd35108be284dcdbc4a7d995fe849b01d124aa28c8ebf91d10655b326a5f6da74c078b2fe199f294c65c1081dff1a2043eba8cda5836f687a33934d4705ec3f2cad9d1f0ce54d0c587fea1897b1b067eed8fb45eea1310b810c9a5e6b308648a7057959f5f474aa6dfd95ef22a32947a0a9a8d8e8efc04d6482eeb75182c6d40ca1cc9a0cc83a184ef587ccf69a4d42d5ade808ad79baccedefc973e683b51869fae6df2774f305411b0a52f49b3a5bb89c983b5ef83d46ded2ca02251071ac6979f825d0de760a2003b494b955fae9a6aa"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_efs, @l2cap_conf_flushto]}}, @l2cap_create_chan_req, @l2cap_move_chan_rsp, @l2cap_cmd_rej_unk, @l2cap_create_chan_req, @l2cap_create_chan_req, @l2cap_move_chan_req, @l2cap_cmd_rej_unk]}}, 0x22) 11:12:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000002580)={0x1, &(0x7f0000002540)=[{0x8}]}, 0x10) 11:12:21 executing program 4: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x19}, &(0x7f0000000700)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) [ 116.606201] Bluetooth: Frame is too long (len 29, expected len 4) 11:12:21 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000002e00)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000)) 11:12:21 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000002e00)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000)) 11:12:21 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000000)='\x00\x00\x00\x00', 0x4}], 0x1}}], 0x1, 0x0) 11:12:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000002580)={0x1, &(0x7f0000002540)=[{0x8}]}, 0x10) 11:12:21 executing program 2: r0 = syz_io_uring_setup(0xe8f, &(0x7f00000005c0), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000c66000/0x4000)=nil, &(0x7f00000006c0)=0x0, &(0x7f00000003c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000580)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x0, @fd, 0x0, 0x0}, 0x7) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000380)='./file0\x00'}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 11:12:21 executing program 4: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x19}, &(0x7f0000000700)='./file0\x00', 0x18}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:12:21 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)='%', 0x1}], 0x1, 0x10000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:12:21 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000002e00)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000)) VM DIAGNOSIS: 11:12:11 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b24f1 RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff888008e8f348 R8 =0000000000000001 R9 =000000000000000a R10=000000000000005b R11=0000000000000001 R12=000000000000005b R13=ffffffff87641b20 R14=0000000000000010 R15=ffffffff822b24e0 RIP=ffffffff822b2549 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3a48e9d700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd204bb3070 CR3=000000001d5f8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 ffffffff00000309 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000020000340 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000007 RBX=ffff88806cf3e2b0 RCX=0000000000000000 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff81780631 RBP=ffff88800847b640 RSP=ffff88803d1d7930 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=00000000ffffffff R13=0000000000000200 R14=ffff888018b8b580 R15=ffff88806cf3e2d0 RIP=ffffffff814cee9e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f28624b2540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055d7a64094c8 CR3=000000000dc20000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM01=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000ff00000000ff YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000