Warning: Permanently added '[localhost]:26248' (ECDSA) to the list of known hosts. 2022/09/15 11:21:03 fuzzer started 2022/09/15 11:21:03 dialing manager at localhost:36559 syzkaller login: [ 38.538651] cgroup: Unknown subsys name 'net' [ 38.653481] cgroup: Unknown subsys name 'rlimit' 2022/09/15 11:21:17 syscalls: 2215 2022/09/15 11:21:17 code coverage: enabled 2022/09/15 11:21:17 comparison tracing: enabled 2022/09/15 11:21:17 extra coverage: enabled 2022/09/15 11:21:17 setuid sandbox: enabled 2022/09/15 11:21:17 namespace sandbox: enabled 2022/09/15 11:21:17 Android sandbox: enabled 2022/09/15 11:21:17 fault injection: enabled 2022/09/15 11:21:17 leak checking: enabled 2022/09/15 11:21:17 net packet injection: enabled 2022/09/15 11:21:17 net device setup: enabled 2022/09/15 11:21:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/15 11:21:17 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/15 11:21:17 USB emulation: enabled 2022/09/15 11:21:17 hci packet injection: enabled 2022/09/15 11:21:17 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220915) 2022/09/15 11:21:17 802.15.4 emulation: enabled 2022/09/15 11:21:18 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/15 11:21:18 fetching corpus: 50, signal 33457/36474 (executing program) 2022/09/15 11:21:18 fetching corpus: 100, signal 47151/51090 (executing program) 2022/09/15 11:21:18 fetching corpus: 150, signal 52290/57237 (executing program) 2022/09/15 11:21:18 fetching corpus: 200, signal 57564/63316 (executing program) 2022/09/15 11:21:18 fetching corpus: 250, signal 67537/73548 (executing program) 2022/09/15 11:21:19 fetching corpus: 300, signal 72191/78795 (executing program) 2022/09/15 11:21:19 fetching corpus: 350, signal 77896/84799 (executing program) 2022/09/15 11:21:19 fetching corpus: 400, signal 86598/93203 (executing program) 2022/09/15 11:21:19 fetching corpus: 450, signal 90519/97307 (executing program) 2022/09/15 11:21:19 fetching corpus: 500, signal 95100/101889 (executing program) 2022/09/15 11:21:20 fetching corpus: 550, signal 98456/105330 (executing program) 2022/09/15 11:21:20 fetching corpus: 600, signal 100409/107506 (executing program) 2022/09/15 11:21:20 fetching corpus: 650, signal 104818/111547 (executing program) 2022/09/15 11:21:20 fetching corpus: 700, signal 107016/113781 (executing program) 2022/09/15 11:21:20 fetching corpus: 750, signal 110473/117104 (executing program) 2022/09/15 11:21:21 fetching corpus: 800, signal 114338/120500 (executing program) 2022/09/15 11:21:21 fetching corpus: 850, signal 115820/122018 (executing program) 2022/09/15 11:21:21 fetching corpus: 900, signal 118677/124474 (executing program) 2022/09/15 11:21:21 fetching corpus: 950, signal 120361/125999 (executing program) 2022/09/15 11:21:21 fetching corpus: 1000, signal 122171/127633 (executing program) 2022/09/15 11:21:21 fetching corpus: 1050, signal 123177/128564 (executing program) 2022/09/15 11:21:21 fetching corpus: 1100, signal 124666/129856 (executing program) 2022/09/15 11:21:22 fetching corpus: 1150, signal 126905/131509 (executing program) 2022/09/15 11:21:22 fetching corpus: 1200, signal 129386/133196 (executing program) 2022/09/15 11:21:22 fetching corpus: 1250, signal 130817/134290 (executing program) 2022/09/15 11:21:22 fetching corpus: 1300, signal 132302/135343 (executing program) 2022/09/15 11:21:22 fetching corpus: 1350, signal 134224/136615 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/136757 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/136850 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/136922 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/136999 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137081 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137176 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137254 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137355 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137444 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137536 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137624 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137706 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137794 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137882 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/137961 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/138044 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/138132 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/138221 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/138294 (executing program) 2022/09/15 11:21:22 fetching corpus: 1354, signal 134327/138390 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/138460 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/138539 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/138642 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/138731 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/138806 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/138903 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/138983 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139073 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139157 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139232 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139324 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139408 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139488 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139560 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139640 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139735 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139814 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139893 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139954 (executing program) 2022/09/15 11:21:23 fetching corpus: 1354, signal 134327/139954 (executing program) 2022/09/15 11:21:26 starting 8 fuzzer processes 11:21:26 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00') preadv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/121, 0x79}, {&(0x7f0000000080)=""/121, 0x79}], 0x2, 0x0, 0x0) fdatasync(r3) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) r4 = socket$inet6(0xa, 0x1, 0x0) fchown(r4, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x81900) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:21:26 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) 11:21:26 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000140)) 11:21:26 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) [ 59.891330] audit: type=1400 audit(1663240886.081:6): avc: denied { execmem } for pid=280 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:21:26 executing program 5: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:21:26 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001600)=ANY=[@ANYBLOB="280000001100e1"], 0x28}}, 0x0) 11:21:26 executing program 4: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) preadv(r0, &(0x7f0000002640)=[{&(0x7f0000000140)=""/210, 0xd2}], 0x1, 0xfff, 0x0) 11:21:26 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) getgroups(0x0, 0x0) [ 61.246645] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 61.248145] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 61.249718] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.251647] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.252849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 61.254675] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 61.257361] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 61.259257] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 61.260582] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 61.265393] Bluetooth: hci1: HCI_REQ-0x0c1a [ 61.332191] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.347981] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 61.352455] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.353957] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 61.359267] Bluetooth: hci0: HCI_REQ-0x0c1a [ 61.365280] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 61.370290] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 61.380883] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 61.384275] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 61.390428] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 61.399362] Bluetooth: hci5: HCI_REQ-0x0c1a [ 61.454153] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 61.455505] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 61.458226] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 61.458305] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 61.461897] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 61.461985] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 61.468391] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 61.470967] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 61.472651] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 61.473928] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 61.476452] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 61.478199] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 61.481373] Bluetooth: hci6: HCI_REQ-0x0c1a [ 61.498192] Bluetooth: hci7: HCI_REQ-0x0c1a [ 63.317620] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 63.318608] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 63.319785] Bluetooth: hci1: command 0x0409 tx timeout [ 63.320882] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 63.380208] Bluetooth: hci0: command 0x0409 tx timeout [ 63.445264] Bluetooth: hci5: command 0x0409 tx timeout [ 63.508139] Bluetooth: hci6: command 0x0409 tx timeout [ 63.572067] Bluetooth: hci7: command 0x0409 tx timeout [ 65.364105] Bluetooth: hci1: command 0x041b tx timeout [ 65.428122] Bluetooth: hci0: command 0x041b tx timeout [ 65.493061] Bluetooth: hci5: command 0x041b tx timeout [ 65.556059] Bluetooth: hci6: command 0x041b tx timeout [ 65.620114] Bluetooth: hci7: command 0x041b tx timeout [ 67.412263] Bluetooth: hci1: command 0x040f tx timeout [ 67.476068] Bluetooth: hci0: command 0x040f tx timeout [ 67.540199] Bluetooth: hci5: command 0x040f tx timeout [ 67.605063] Bluetooth: hci6: command 0x040f tx timeout [ 67.668077] Bluetooth: hci7: command 0x040f tx timeout [ 68.308081] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 68.373127] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 68.374143] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 69.460133] Bluetooth: hci1: command 0x0419 tx timeout [ 69.524098] Bluetooth: hci0: command 0x0419 tx timeout [ 69.588053] Bluetooth: hci5: command 0x0419 tx timeout [ 69.652106] Bluetooth: hci6: command 0x0419 tx timeout [ 69.716066] Bluetooth: hci7: command 0x0419 tx timeout [ 71.040897] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.044363] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.046506] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.050301] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.055269] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.057327] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.061775] Bluetooth: hci2: HCI_REQ-0x0c1a [ 71.116571] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.117629] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.120291] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.121782] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.122669] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 71.124244] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.139095] Bluetooth: hci3: HCI_REQ-0x0c1a [ 71.252582] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.253953] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.256939] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.269674] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 71.270751] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 71.274118] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.289095] Bluetooth: hci4: HCI_REQ-0x0c1a [ 73.172490] Bluetooth: hci3: command 0x0409 tx timeout [ 73.172982] Bluetooth: hci2: command 0x0409 tx timeout [ 73.301095] Bluetooth: hci4: command 0x0409 tx timeout [ 75.220079] Bluetooth: hci2: command 0x041b tx timeout [ 75.220592] Bluetooth: hci3: command 0x041b tx timeout [ 75.348073] Bluetooth: hci4: command 0x041b tx timeout [ 77.268126] Bluetooth: hci3: command 0x040f tx timeout [ 77.268922] Bluetooth: hci2: command 0x040f tx timeout [ 77.396059] Bluetooth: hci4: command 0x040f tx timeout [ 79.323004] Bluetooth: hci2: command 0x0419 tx timeout [ 79.324951] Bluetooth: hci3: command 0x0419 tx timeout [ 79.444078] Bluetooth: hci4: command 0x0419 tx timeout 11:22:13 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) getgroups(0x0, 0x0) 11:22:13 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) getgroups(0x0, 0x0) 11:22:13 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) getgroups(0x0, 0x0) [ 107.673724] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 11:22:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001600)=ANY=[@ANYBLOB="280000001100e1"], 0x28}}, 0x0) [ 107.781612] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 11:22:13 executing program 7: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:14 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001600)=ANY=[@ANYBLOB="280000001100e1"], 0x28}}, 0x0) [ 107.856683] audit: type=1400 audit(1663240934.047:7): avc: denied { open } for pid=3548 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 107.858320] audit: type=1400 audit(1663240934.047:8): avc: denied { kernel } for pid=3548 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 107.874739] ------------[ cut here ]------------ [ 107.874758] [ 107.874761] ====================================================== [ 107.874765] WARNING: possible circular locking dependency detected [ 107.874769] 6.0.0-rc5-next-20220915 #1 Not tainted [ 107.874775] ------------------------------------------------------ [ 107.874778] syz-executor.7/3550 is trying to acquire lock: [ 107.874784] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 107.874823] [ 107.874823] but task is already holding lock: [ 107.874825] ffff88800f364020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 107.874852] [ 107.874852] which lock already depends on the new lock. [ 107.874852] [ 107.874855] [ 107.874855] the existing dependency chain (in reverse order) is: [ 107.874858] [ 107.874858] -> #3 (&ctx->lock){....}-{2:2}: [ 107.874872] _raw_spin_lock+0x2a/0x40 [ 107.874888] __perf_event_task_sched_out+0x53b/0x18d0 [ 107.874900] __schedule+0xedd/0x2470 [ 107.874911] schedule+0xda/0x1b0 [ 107.874921] futex_wait_queue+0xf5/0x1e0 [ 107.874932] futex_wait+0x28e/0x690 [ 107.874941] do_futex+0x2ff/0x380 [ 107.874950] __x64_sys_futex+0x1c6/0x4d0 [ 107.874960] do_syscall_64+0x3b/0x90 [ 107.874974] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 107.874991] [ 107.874991] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 107.875004] _raw_spin_lock_nested+0x30/0x40 [ 107.875019] raw_spin_rq_lock_nested+0x1e/0x30 [ 107.875032] task_fork_fair+0x63/0x4d0 [ 107.875048] sched_cgroup_fork+0x3d0/0x540 [ 107.875064] copy_process+0x4183/0x6e20 [ 107.875074] kernel_clone+0xe7/0x890 [ 107.875084] user_mode_thread+0xad/0xf0 [ 107.875094] rest_init+0x24/0x250 [ 107.875110] arch_call_rest_init+0xf/0x14 [ 107.875122] start_kernel+0x4c1/0x4e6 [ 107.875132] secondary_startup_64_no_verify+0xe0/0xeb [ 107.875146] [ 107.875146] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 107.875159] _raw_spin_lock_irqsave+0x39/0x60 [ 107.875174] try_to_wake_up+0xab/0x1920 [ 107.875187] up+0x75/0xb0 [ 107.875198] __up_console_sem+0x6e/0x80 [ 107.875213] console_unlock+0x46a/0x590 [ 107.875228] vt_ioctl+0x2822/0x2ca0 [ 107.875241] tty_ioctl+0x7c4/0x1700 [ 107.875252] __x64_sys_ioctl+0x19a/0x210 [ 107.875268] do_syscall_64+0x3b/0x90 [ 107.875281] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 107.875297] [ 107.875297] -> #0 ((console_sem).lock){....}-{2:2}: [ 107.875311] __lock_acquire+0x2a02/0x5e70 [ 107.875327] lock_acquire+0x1a2/0x530 [ 107.875342] _raw_spin_lock_irqsave+0x39/0x60 [ 107.875357] down_trylock+0xe/0x70 [ 107.875369] __down_trylock_console_sem+0x3b/0xd0 [ 107.875384] vprintk_emit+0x16b/0x560 [ 107.875400] vprintk+0x84/0xa0 [ 107.875416] _printk+0xba/0xf1 [ 107.875433] report_bug.cold+0x72/0xab [ 107.875445] handle_bug+0x3c/0x70 [ 107.875458] exc_invalid_op+0x14/0x50 [ 107.875471] asm_exc_invalid_op+0x16/0x20 [ 107.875487] group_sched_out.part.0+0x2c7/0x460 [ 107.875498] ctx_sched_out+0x8f1/0xc10 [ 107.875507] __perf_event_task_sched_out+0x6d0/0x18d0 [ 107.875519] __schedule+0xedd/0x2470 [ 107.875529] schedule+0xda/0x1b0 [ 107.875539] futex_wait_queue+0xf5/0x1e0 [ 107.875549] futex_wait+0x28e/0x690 [ 107.875558] do_futex+0x2ff/0x380 [ 107.875567] __x64_sys_futex+0x1c6/0x4d0 [ 107.875577] do_syscall_64+0x3b/0x90 [ 107.875590] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 107.875606] [ 107.875606] other info that might help us debug this: [ 107.875606] [ 107.875609] Chain exists of: [ 107.875609] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 107.875609] [ 107.875624] Possible unsafe locking scenario: [ 107.875624] [ 107.875626] CPU0 CPU1 [ 107.875629] ---- ---- [ 107.875631] lock(&ctx->lock); [ 107.875636] lock(&rq->__lock); [ 107.875643] lock(&ctx->lock); [ 107.875649] lock((console_sem).lock); [ 107.875654] [ 107.875654] *** DEADLOCK *** [ 107.875654] [ 107.875656] 2 locks held by syz-executor.7/3550: [ 107.875663] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 107.875689] #1: ffff88800f364020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 107.875716] [ 107.875716] stack backtrace: [ 107.875719] CPU: 1 PID: 3550 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220915 #1 [ 107.875732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 107.875739] Call Trace: [ 107.875742] [ 107.875747] dump_stack_lvl+0x8b/0xb3 [ 107.875761] check_noncircular+0x263/0x2e0 [ 107.875778] ? format_decode+0x26c/0xb50 [ 107.875793] ? print_circular_bug+0x450/0x450 [ 107.875809] ? enable_ptr_key_workfn+0x20/0x20 [ 107.875824] ? format_decode+0x26c/0xb50 [ 107.875840] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 107.875857] __lock_acquire+0x2a02/0x5e70 [ 107.875878] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 107.875900] lock_acquire+0x1a2/0x530 [ 107.875916] ? down_trylock+0xe/0x70 [ 107.875930] ? rcu_read_unlock+0x40/0x40 [ 107.875951] ? vprintk+0x84/0xa0 [ 107.875968] _raw_spin_lock_irqsave+0x39/0x60 [ 107.875984] ? down_trylock+0xe/0x70 [ 107.875997] down_trylock+0xe/0x70 [ 107.876010] ? vprintk+0x84/0xa0 [ 107.876026] __down_trylock_console_sem+0x3b/0xd0 [ 107.876043] vprintk_emit+0x16b/0x560 [ 107.876062] vprintk+0x84/0xa0 [ 107.876079] _printk+0xba/0xf1 [ 107.876096] ? record_print_text.cold+0x16/0x16 [ 107.876118] ? report_bug.cold+0x66/0xab [ 107.876132] ? group_sched_out.part.0+0x2c7/0x460 [ 107.876143] report_bug.cold+0x72/0xab [ 107.876158] handle_bug+0x3c/0x70 [ 107.876172] exc_invalid_op+0x14/0x50 [ 107.876187] asm_exc_invalid_op+0x16/0x20 [ 107.876204] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 107.876217] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 107.876229] RSP: 0018:ffff88803e7f78f8 EFLAGS: 00010006 [ 107.876238] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.876245] RDX: ffff888020760000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 107.876253] RBP: ffff88803e820000 R08: 0000000000000005 R09: 0000000000000001 [ 107.876260] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800f364000 [ 107.876268] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 107.876279] ? group_sched_out.part.0+0x2c7/0x460 [ 107.876292] ? group_sched_out.part.0+0x2c7/0x460 [ 107.876304] ctx_sched_out+0x8f1/0xc10 [ 107.876317] __perf_event_task_sched_out+0x6d0/0x18d0 [ 107.876332] ? lock_is_held_type+0xd7/0x130 [ 107.876350] ? __perf_cgroup_move+0x160/0x160 [ 107.876362] ? set_next_entity+0x304/0x550 [ 107.876381] ? lock_is_held_type+0xd7/0x130 [ 107.876399] __schedule+0xedd/0x2470 [ 107.876413] ? io_schedule_timeout+0x150/0x150 [ 107.876425] ? futex_wait_setup+0x166/0x230 [ 107.876439] schedule+0xda/0x1b0 [ 107.876450] futex_wait_queue+0xf5/0x1e0 [ 107.876462] futex_wait+0x28e/0x690 [ 107.876474] ? futex_wait_setup+0x230/0x230 [ 107.876487] ? wake_up_q+0x8b/0xf0 [ 107.876500] ? do_raw_spin_unlock+0x4f/0x220 [ 107.876518] ? futex_wake+0x158/0x490 [ 107.876534] ? fd_install+0x1f9/0x640 [ 107.876550] do_futex+0x2ff/0x380 [ 107.876560] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 107.876594] __x64_sys_futex+0x1c6/0x4d0 [ 107.876607] ? __x64_sys_futex_time32+0x480/0x480 [ 107.876619] ? syscall_enter_from_user_mode+0x1d/0x50 [ 107.876638] ? syscall_enter_from_user_mode+0x1d/0x50 [ 107.876658] do_syscall_64+0x3b/0x90 [ 107.876672] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 107.876689] RIP: 0033:0x7f13d9938b19 [ 107.876698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.876709] RSP: 002b:00007f13d6eae218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 107.876719] RAX: ffffffffffffffda RBX: 00007f13d9a4bf68 RCX: 00007f13d9938b19 [ 107.876727] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f13d9a4bf68 [ 107.876734] RBP: 00007f13d9a4bf60 R08: 0000000000000000 R09: 0000000000000000 [ 107.876741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f13d9a4bf6c [ 107.876749] R13: 00007ffeefe4915f R14: 00007f13d6eae300 R15: 0000000000022000 [ 107.876761] [ 107.935925] WARNING: CPU: 1 PID: 3550 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 107.936587] Modules linked in: [ 107.936824] CPU: 1 PID: 3550 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220915 #1 [ 107.937397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 107.938194] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 107.938586] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 107.939866] RSP: 0018:ffff88803e7f78f8 EFLAGS: 00010006 [ 107.940244] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.940773] RDX: ffff888020760000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 107.941286] RBP: ffff88803e820000 R08: 0000000000000005 R09: 0000000000000001 [ 107.941793] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800f364000 [ 107.942310] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 107.942820] FS: 00007f13d6eae700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 107.943401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.943811] CR2: 00007f02b24ed028 CR3: 000000003e41c000 CR4: 0000000000350ee0 [ 107.944317] Call Trace: [ 107.944506] [ 107.944682] ctx_sched_out+0x8f1/0xc10 [ 107.944969] __perf_event_task_sched_out+0x6d0/0x18d0 [ 107.945347] ? lock_is_held_type+0xd7/0x130 [ 107.945666] ? __perf_cgroup_move+0x160/0x160 [ 107.945994] ? set_next_entity+0x304/0x550 [ 107.946311] ? lock_is_held_type+0xd7/0x130 [ 107.946629] __schedule+0xedd/0x2470 [ 107.946902] ? io_schedule_timeout+0x150/0x150 [ 107.947234] ? futex_wait_setup+0x166/0x230 [ 107.947551] schedule+0xda/0x1b0 [ 107.947800] futex_wait_queue+0xf5/0x1e0 [ 107.948097] futex_wait+0x28e/0x690 [ 107.948366] ? futex_wait_setup+0x230/0x230 [ 107.948682] ? wake_up_q+0x8b/0xf0 [ 107.948953] ? do_raw_spin_unlock+0x4f/0x220 [ 107.949288] ? futex_wake+0x158/0x490 [ 107.949578] ? fd_install+0x1f9/0x640 [ 107.949863] do_futex+0x2ff/0x380 [ 107.950137] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 107.950560] __x64_sys_futex+0x1c6/0x4d0 [ 107.950863] ? __x64_sys_futex_time32+0x480/0x480 [ 107.951219] ? syscall_enter_from_user_mode+0x1d/0x50 [ 107.951606] ? syscall_enter_from_user_mode+0x1d/0x50 [ 107.951996] do_syscall_64+0x3b/0x90 [ 107.952279] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 107.952685] RIP: 0033:0x7f13d9938b19 [ 107.952963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.954325] RSP: 002b:00007f13d6eae218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 107.954891] RAX: ffffffffffffffda RBX: 00007f13d9a4bf68 RCX: 00007f13d9938b19 [ 107.955426] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f13d9a4bf68 [ 107.955949] RBP: 00007f13d9a4bf60 R08: 0000000000000000 R09: 0000000000000000 [ 107.956482] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f13d9a4bf6c [ 107.957018] R13: 00007ffeefe4915f R14: 00007f13d6eae300 R15: 0000000000022000 [ 107.957561] [ 107.957738] irq event stamp: 2356 [ 107.957999] hardirqs last enabled at (2355): [] syscall_enter_from_user_mode+0x1d/0x50 [ 107.958721] hardirqs last disabled at (2356): [] __schedule+0x1225/0x2470 [ 107.959339] softirqs last enabled at (848): [] __irq_exit_rcu+0x11b/0x180 [ 107.959979] softirqs last disabled at (745): [] __irq_exit_rcu+0x11b/0x180 [ 107.960624] ---[ end trace 0000000000000000 ]--- [ 107.976204] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 108.031090] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 11:22:14 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001600)=ANY=[@ANYBLOB="280000001100e1"], 0x28}}, 0x0) 11:22:14 executing program 7: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) [ 108.303940] loop0: detected capacity change from 0 to 40 [ 108.344319] syz-executor.0: attempt to access beyond end of device [ 108.344319] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 108.345514] Buffer I/O error on dev loop0, logical block 10, lost async page write [ 108.363101] syz-executor.0: attempt to access beyond end of device [ 108.363101] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 108.364091] Buffer I/O error on dev loop0, logical block 10, lost async page write [ 113.198541] audit: type=1400 audit(1663240939.388:9): avc: denied { block_suspend } for pid=3973 comm="syz-executor.5" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [ 113.213021] hrtimer: interrupt took 10409 ns [ 113.219839] audit: type=1400 audit(1663240939.409:10): avc: denied { write } for pid=3973 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:22:19 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00') preadv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/121, 0x79}, {&(0x7f0000000080)=""/121, 0x79}], 0x2, 0x0, 0x0) fdatasync(r3) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) r4 = socket$inet6(0xa, 0x1, 0x0) fchown(r4, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x81900) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:22:19 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) 11:22:19 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000140)) 11:22:19 executing program 7: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:19 executing program 5: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:19 executing program 4: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) preadv(r0, &(0x7f0000002640)=[{&(0x7f0000000140)=""/210, 0xd2}], 0x1, 0xfff, 0x0) 11:22:19 executing program 6: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:19 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) [ 113.273086] loop0: detected capacity change from 0 to 40 11:22:19 executing program 4: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) preadv(r0, &(0x7f0000002640)=[{&(0x7f0000000140)=""/210, 0xd2}], 0x1, 0xfff, 0x0) 11:22:19 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000140)) 11:22:19 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) [ 113.331190] syz-executor.0: attempt to access beyond end of device [ 113.331190] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 113.332147] Buffer I/O error on dev loop0, logical block 10, lost async page write 11:22:19 executing program 7: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:19 executing program 6: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:19 executing program 4: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) preadv(r0, &(0x7f0000002640)=[{&(0x7f0000000140)=""/210, 0xd2}], 0x1, 0xfff, 0x0) 11:22:20 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00') preadv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/121, 0x79}, {&(0x7f0000000080)=""/121, 0x79}], 0x2, 0x0, 0x0) fdatasync(r3) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) r4 = socket$inet6(0xa, 0x1, 0x0) fchown(r4, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x81900) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:22:20 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000140)) 11:22:20 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0) 11:22:20 executing program 6: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:20 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00') preadv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/121, 0x79}, {&(0x7f0000000080)=""/121, 0x79}], 0x2, 0x0, 0x0) fdatasync(r3) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) r4 = socket$inet6(0xa, 0x1, 0x0) fchown(r4, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x81900) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:22:20 executing program 5: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:20 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) 11:22:20 executing program 4: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) [ 114.148234] loop0: detected capacity change from 0 to 40 [ 114.150421] loop7: detected capacity change from 0 to 40 [ 114.194659] syz-executor.7: attempt to access beyond end of device [ 114.194659] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 114.195835] Buffer I/O error on dev loop7, logical block 10, lost async page write [ 114.310420] syz-executor.0: attempt to access beyond end of device [ 114.310420] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 114.312620] Buffer I/O error on dev loop0, logical block 10, lost async page write 11:22:21 executing program 1: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) [ 115.075151] loop0: detected capacity change from 0 to 40 11:22:21 executing program 6: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:21 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00') preadv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/121, 0x79}, {&(0x7f0000000080)=""/121, 0x79}], 0x2, 0x0, 0x0) fdatasync(r3) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) r4 = socket$inet6(0xa, 0x1, 0x0) fchown(r4, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x81900) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:22:21 executing program 5: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:21 executing program 4: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:21 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) 11:22:21 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00') preadv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/121, 0x79}, {&(0x7f0000000080)=""/121, 0x79}], 0x2, 0x0, 0x0) fdatasync(r3) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) r4 = socket$inet6(0xa, 0x1, 0x0) fchown(r4, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x81900) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) [ 115.108540] syz-executor.0: attempt to access beyond end of device [ 115.108540] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 115.109632] Buffer I/O error on dev loop0, logical block 10, lost async page write 11:22:21 executing program 3: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) [ 115.130863] loop7: detected capacity change from 0 to 40 11:22:21 executing program 3: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:21 executing program 1: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:21 executing program 4: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:21 executing program 0: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) [ 115.257271] syz-executor.7: attempt to access beyond end of device [ 115.257271] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 115.258421] Buffer I/O error on dev loop7, logical block 10, lost async page write 11:22:21 executing program 3: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:21 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f00000001c0)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00') preadv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/121, 0x79}, {&(0x7f0000000080)=""/121, 0x79}], 0x2, 0x0, 0x0) fdatasync(r3) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200200, 0x4) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) r4 = socket$inet6(0xa, 0x1, 0x0) fchown(r4, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000480)) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x81900) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) 11:22:21 executing program 0: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) [ 115.379847] loop7: detected capacity change from 0 to 40 11:22:21 executing program 5: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) [ 115.782667] syz-executor.7: attempt to access beyond end of device [ 115.782667] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 115.784957] Buffer I/O error on dev loop7, logical block 10, lost async page write 11:22:22 executing program 5: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) 11:22:22 executing program 3: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) 11:22:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:22 executing program 7: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:22 executing program 2: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000001780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x4365b16b0b79023e, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x62c7, 0x0, 0x0, 0x0, 0x0) 11:22:22 executing program 1: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:22 executing program 0: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:22 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) 11:22:22 executing program 7: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:22 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) 11:22:22 executing program 7: rt_sigpending(&(0x7f0000000180), 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000001e0069ff130000e1"], 0x1c}], 0x1}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000180)={'nat\x00', 0x4, "a51683ee"}, &(0x7f0000000240)=0x28) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) sendmsg$netlink(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x48100}, 0xc, &(0x7f0000000200)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="b00000002c00000326bd7000ffdbdf25714555585551785107a9f87861bad56ec11ec2d014e825bcaf2754e11fb268bf6e009d8e0fc2288768d169721dc4524f132d8ea4ac7c20ed86eba60f1420e1fc3a53deff09ac519c9792242f10cab10d8686779e2513671c9c9172ee9b08e999376a88330cde7f8789151095c99ab4dde3eed3516d812700a8fe1222507cf5450e2308000300ac1414aa14004000fc0100000000000000000000000000010000"], 0xb0}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}], 0x60, 0x4000}, 0x8000) signalfd4(r0, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) 11:22:22 executing program 2: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000001780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x4365b16b0b79023e, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x62c7, 0x0, 0x0, 0x0, 0x0) 11:22:22 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) 11:22:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0002000}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = dup2(0xffffffffffffffff, r0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r4, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000040)={0x800, 0x0, 0x5, 0x300000, 0xb, "aa62c8d0939b88115cce2d8a56e80a6a763106"}) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0) close_range(r3, r5, 0x0) epoll_pwait(r2, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0x5, &(0x7f0000000100)={[0x645]}, 0x8) 11:22:23 executing program 6: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000001780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x4365b16b0b79023e, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x62c7, 0x0, 0x0, 0x0, 0x0) 11:22:23 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x2, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @empty}}}]}]}, 0x2c}}, 0x0) 11:22:23 executing program 2: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000001780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x4365b16b0b79023e, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x62c7, 0x0, 0x0, 0x0, 0x0) 11:22:23 executing program 0: futex(0x0, 0x109, 0x0, &(0x7f0000000100)={0x77359400}, 0x0, 0x0) 11:22:23 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0xa, &(0x7f0000000340), 0x1) 11:22:23 executing program 5: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) 11:22:23 executing program 3: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) read(r1, &(0x7f00000004c0)=""/195, 0xc3) 11:22:23 executing program 0: futex(0x0, 0x109, 0x0, &(0x7f0000000100)={0x77359400}, 0x0, 0x0) 11:22:23 executing program 7: syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0) 11:22:23 executing program 7: syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0) 11:22:23 executing program 4: pipe(&(0x7f0000000000)={0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x5}, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xa) close_range(r0, 0xffffffffffffffff, 0x0) 11:22:23 executing program 0: futex(0x0, 0x109, 0x0, &(0x7f0000000100)={0x77359400}, 0x0, 0x0) 11:22:23 executing program 2: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000001780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x4365b16b0b79023e, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x62c7, 0x0, 0x0, 0x0, 0x0) 11:22:23 executing program 6: r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000001780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000000), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x4365b16b0b79023e, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x62c7, 0x0, 0x0, 0x0, 0x0) 11:22:23 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0xa, &(0x7f0000000340), 0x1) 11:22:23 executing program 7: syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0) 11:22:23 executing program 0: futex(0x0, 0x109, 0x0, &(0x7f0000000100)={0x77359400}, 0x0, 0x0) 11:22:23 executing program 4: pipe(&(0x7f0000000000)={0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x5}, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xa) close_range(r0, 0xffffffffffffffff, 0x0) 11:22:23 executing program 7: syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0) 11:22:23 executing program 0: pipe(&(0x7f0000000000)={0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x5}, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xa) close_range(r0, 0xffffffffffffffff, 0x0) 11:22:23 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0xa, &(0x7f0000000340), 0x1) VM DIAGNOSIS: 11:22:14 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000000 RCX=1ffffffff0b61947 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff817895bb RBP=0000000000000000 RSP=ffff88803e7ef718 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=ffffea0000756080 R14=ffff888036915418 R15=ffff888007c75000 RIP=ffffffff81783cff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff8ec367028 CR3=0000000017648000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6f732e616d7a6c62 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00352e6f732e616d 7a6c62696c2f756e YMM03=0000000000000000 0000000000000000 672d78756e696c2d 34365f3638782f62 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000026 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b29f1 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff88803e7f7348 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000026 R11=0000000000000001 R12=0000000000000026 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b29e0 RIP=ffffffff822b2a49 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f13d6eae700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f02b24ed028 CR3=000000003e41c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f13d9a1f7c0 00007f13d9a1f7c8 YMM02=0000000000000000 0000000000000000 00007f13d9a1f7e0 00007f13d9a1f7c0 YMM03=0000000000000000 0000000000000000 00007f13d9a1f7c8 00007f13d9a1f7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000