syzkaller login: [ 34.774892] sshd (242) used greatest stack depth: 23992 bytes left Warning: Permanently added '[localhost]:62973' (ECDSA) to the list of known hosts. 2022/09/12 18:06:01 fuzzer started 2022/09/12 18:06:01 dialing manager at localhost:38027 [ 37.028679] cgroup: Unknown subsys name 'net' [ 37.129352] cgroup: Unknown subsys name 'rlimit' 2022/09/12 18:06:16 syscalls: 2215 2022/09/12 18:06:16 code coverage: enabled 2022/09/12 18:06:16 comparison tracing: enabled 2022/09/12 18:06:16 extra coverage: enabled 2022/09/12 18:06:16 setuid sandbox: enabled 2022/09/12 18:06:16 namespace sandbox: enabled 2022/09/12 18:06:16 Android sandbox: enabled 2022/09/12 18:06:16 fault injection: enabled 2022/09/12 18:06:16 leak checking: enabled 2022/09/12 18:06:16 net packet injection: enabled 2022/09/12 18:06:16 net device setup: enabled 2022/09/12 18:06:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/12 18:06:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/12 18:06:16 USB emulation: enabled 2022/09/12 18:06:16 hci packet injection: enabled 2022/09/12 18:06:16 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912) 2022/09/12 18:06:16 802.15.4 emulation: enabled 2022/09/12 18:06:16 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/12 18:06:16 fetching corpus: 49, signal 29654/33190 (executing program) 2022/09/12 18:06:16 fetching corpus: 99, signal 44813/49778 (executing program) 2022/09/12 18:06:16 fetching corpus: 149, signal 52442/58831 (executing program) 2022/09/12 18:06:17 fetching corpus: 199, signal 63326/70936 (executing program) 2022/09/12 18:06:17 fetching corpus: 249, signal 70127/78951 (executing program) 2022/09/12 18:06:17 fetching corpus: 299, signal 73803/83874 (executing program) 2022/09/12 18:06:17 fetching corpus: 349, signal 80997/92066 (executing program) 2022/09/12 18:06:17 fetching corpus: 399, signal 86763/98841 (executing program) 2022/09/12 18:06:17 fetching corpus: 449, signal 93102/106065 (executing program) 2022/09/12 18:06:18 fetching corpus: 499, signal 98653/112491 (executing program) 2022/09/12 18:06:18 fetching corpus: 549, signal 101980/116776 (executing program) 2022/09/12 18:06:18 fetching corpus: 599, signal 104745/120497 (executing program) 2022/09/12 18:06:18 fetching corpus: 649, signal 107561/124241 (executing program) 2022/09/12 18:06:18 fetching corpus: 698, signal 110863/128389 (executing program) 2022/09/12 18:06:18 fetching corpus: 748, signal 113553/131953 (executing program) 2022/09/12 18:06:18 fetching corpus: 798, signal 115658/134920 (executing program) 2022/09/12 18:06:19 fetching corpus: 848, signal 118424/138456 (executing program) 2022/09/12 18:06:19 fetching corpus: 898, signal 121491/142213 (executing program) 2022/09/12 18:06:19 fetching corpus: 948, signal 124056/145481 (executing program) 2022/09/12 18:06:19 fetching corpus: 998, signal 126424/148550 (executing program) 2022/09/12 18:06:19 fetching corpus: 1048, signal 129528/152247 (executing program) 2022/09/12 18:06:19 fetching corpus: 1098, signal 131658/155048 (executing program) 2022/09/12 18:06:20 fetching corpus: 1147, signal 134040/158091 (executing program) 2022/09/12 18:06:20 fetching corpus: 1197, signal 136142/160834 (executing program) 2022/09/12 18:06:20 fetching corpus: 1246, signal 138528/163733 (executing program) 2022/09/12 18:06:20 fetching corpus: 1295, signal 140615/166348 (executing program) 2022/09/12 18:06:20 fetching corpus: 1345, signal 142048/168407 (executing program) 2022/09/12 18:06:20 fetching corpus: 1394, signal 143675/170710 (executing program) 2022/09/12 18:06:20 fetching corpus: 1444, signal 145670/173210 (executing program) 2022/09/12 18:06:21 fetching corpus: 1494, signal 147470/175561 (executing program) 2022/09/12 18:06:21 fetching corpus: 1543, signal 148897/177534 (executing program) 2022/09/12 18:06:21 fetching corpus: 1593, signal 150518/179610 (executing program) 2022/09/12 18:06:21 fetching corpus: 1643, signal 151987/181647 (executing program) 2022/09/12 18:06:21 fetching corpus: 1693, signal 154062/184070 (executing program) 2022/09/12 18:06:21 fetching corpus: 1743, signal 155782/186183 (executing program) 2022/09/12 18:06:21 fetching corpus: 1793, signal 157643/188431 (executing program) 2022/09/12 18:06:22 fetching corpus: 1842, signal 159065/190301 (executing program) 2022/09/12 18:06:22 fetching corpus: 1892, signal 161063/192533 (executing program) 2022/09/12 18:06:22 fetching corpus: 1942, signal 162733/194485 (executing program) 2022/09/12 18:06:22 fetching corpus: 1991, signal 163737/195973 (executing program) 2022/09/12 18:06:22 fetching corpus: 2040, signal 164944/197600 (executing program) 2022/09/12 18:06:22 fetching corpus: 2089, signal 167106/199847 (executing program) 2022/09/12 18:06:23 fetching corpus: 2138, signal 168543/201609 (executing program) 2022/09/12 18:06:23 fetching corpus: 2187, signal 169951/203271 (executing program) 2022/09/12 18:06:23 fetching corpus: 2237, signal 171025/204711 (executing program) 2022/09/12 18:06:23 fetching corpus: 2287, signal 172510/206378 (executing program) 2022/09/12 18:06:23 fetching corpus: 2337, signal 173581/207789 (executing program) 2022/09/12 18:06:23 fetching corpus: 2386, signal 174750/209300 (executing program) 2022/09/12 18:06:23 fetching corpus: 2435, signal 175844/210729 (executing program) 2022/09/12 18:06:24 fetching corpus: 2485, signal 177001/212172 (executing program) 2022/09/12 18:06:24 fetching corpus: 2535, signal 177902/213425 (executing program) 2022/09/12 18:06:24 fetching corpus: 2585, signal 179590/215163 (executing program) 2022/09/12 18:06:24 fetching corpus: 2632, signal 180807/216542 (executing program) 2022/09/12 18:06:24 fetching corpus: 2682, signal 181765/217809 (executing program) 2022/09/12 18:06:24 fetching corpus: 2732, signal 182438/218863 (executing program) 2022/09/12 18:06:24 fetching corpus: 2782, signal 183409/220023 (executing program) 2022/09/12 18:06:25 fetching corpus: 2832, signal 184520/221324 (executing program) 2022/09/12 18:06:25 fetching corpus: 2882, signal 185279/222448 (executing program) 2022/09/12 18:06:25 fetching corpus: 2932, signal 186214/223598 (executing program) 2022/09/12 18:06:25 fetching corpus: 2982, signal 187279/224760 (executing program) 2022/09/12 18:06:25 fetching corpus: 3031, signal 188143/225879 (executing program) 2022/09/12 18:06:25 fetching corpus: 3081, signal 189071/227005 (executing program) 2022/09/12 18:06:25 fetching corpus: 3131, signal 189839/227998 (executing program) 2022/09/12 18:06:25 fetching corpus: 3181, signal 190786/229134 (executing program) 2022/09/12 18:06:25 fetching corpus: 3231, signal 191581/230180 (executing program) 2022/09/12 18:06:26 fetching corpus: 3281, signal 192097/231010 (executing program) 2022/09/12 18:06:26 fetching corpus: 3331, signal 193292/232206 (executing program) 2022/09/12 18:06:26 fetching corpus: 3381, signal 194100/233136 (executing program) 2022/09/12 18:06:26 fetching corpus: 3431, signal 195507/234433 (executing program) 2022/09/12 18:06:26 fetching corpus: 3480, signal 196516/235482 (executing program) 2022/09/12 18:06:26 fetching corpus: 3530, signal 196936/236180 (executing program) 2022/09/12 18:06:26 fetching corpus: 3580, signal 197618/237077 (executing program) 2022/09/12 18:06:26 fetching corpus: 3629, signal 198504/238023 (executing program) 2022/09/12 18:06:27 fetching corpus: 3679, signal 199117/238852 (executing program) 2022/09/12 18:06:27 fetching corpus: 3729, signal 199719/239666 (executing program) 2022/09/12 18:06:27 fetching corpus: 3779, signal 200610/240563 (executing program) 2022/09/12 18:06:27 fetching corpus: 3829, signal 201686/241475 (executing program) 2022/09/12 18:06:27 fetching corpus: 3879, signal 202869/242478 (executing program) 2022/09/12 18:06:27 fetching corpus: 3929, signal 204115/243495 (executing program) 2022/09/12 18:06:27 fetching corpus: 3979, signal 204784/244244 (executing program) 2022/09/12 18:06:28 fetching corpus: 4029, signal 205339/244944 (executing program) 2022/09/12 18:06:28 fetching corpus: 4079, signal 206070/245678 (executing program) 2022/09/12 18:06:28 fetching corpus: 4129, signal 206599/246420 (executing program) 2022/09/12 18:06:28 fetching corpus: 4179, signal 207533/247271 (executing program) 2022/09/12 18:06:28 fetching corpus: 4229, signal 208485/248089 (executing program) 2022/09/12 18:06:28 fetching corpus: 4279, signal 209167/248780 (executing program) 2022/09/12 18:06:28 fetching corpus: 4328, signal 209797/249468 (executing program) 2022/09/12 18:06:29 fetching corpus: 4378, signal 210981/250302 (executing program) 2022/09/12 18:06:29 fetching corpus: 4428, signal 211690/251014 (executing program) 2022/09/12 18:06:29 fetching corpus: 4478, signal 212588/251737 (executing program) 2022/09/12 18:06:29 fetching corpus: 4528, signal 213057/252333 (executing program) 2022/09/12 18:06:29 fetching corpus: 4578, signal 214202/253218 (executing program) 2022/09/12 18:06:29 fetching corpus: 4628, signal 214924/253862 (executing program) 2022/09/12 18:06:29 fetching corpus: 4678, signal 215397/254457 (executing program) 2022/09/12 18:06:29 fetching corpus: 4728, signal 216505/255231 (executing program) 2022/09/12 18:06:30 fetching corpus: 4778, signal 217195/255857 (executing program) 2022/09/12 18:06:30 fetching corpus: 4828, signal 217629/256394 (executing program) 2022/09/12 18:06:30 fetching corpus: 4878, signal 218433/256990 (executing program) 2022/09/12 18:06:30 fetching corpus: 4928, signal 219104/257542 (executing program) 2022/09/12 18:06:30 fetching corpus: 4978, signal 219744/258098 (executing program) 2022/09/12 18:06:30 fetching corpus: 5028, signal 220651/258729 (executing program) 2022/09/12 18:06:30 fetching corpus: 5078, signal 221275/259311 (executing program) 2022/09/12 18:06:31 fetching corpus: 5128, signal 222025/259892 (executing program) 2022/09/12 18:06:31 fetching corpus: 5178, signal 222566/260411 (executing program) 2022/09/12 18:06:31 fetching corpus: 5228, signal 223651/260923 (executing program) 2022/09/12 18:06:31 fetching corpus: 5278, signal 224196/261362 (executing program) 2022/09/12 18:06:31 fetching corpus: 5328, signal 224754/261818 (executing program) 2022/09/12 18:06:31 fetching corpus: 5378, signal 225265/262254 (executing program) 2022/09/12 18:06:31 fetching corpus: 5428, signal 225968/262732 (executing program) 2022/09/12 18:06:32 fetching corpus: 5478, signal 226452/263185 (executing program) 2022/09/12 18:06:32 fetching corpus: 5528, signal 227151/263681 (executing program) 2022/09/12 18:06:32 fetching corpus: 5578, signal 227755/264082 (executing program) 2022/09/12 18:06:32 fetching corpus: 5628, signal 228319/264525 (executing program) 2022/09/12 18:06:32 fetching corpus: 5678, signal 229002/264939 (executing program) 2022/09/12 18:06:32 fetching corpus: 5728, signal 229752/265389 (executing program) 2022/09/12 18:06:32 fetching corpus: 5778, signal 230358/265788 (executing program) 2022/09/12 18:06:32 fetching corpus: 5828, signal 231180/266202 (executing program) 2022/09/12 18:06:33 fetching corpus: 5878, signal 231678/266574 (executing program) 2022/09/12 18:06:33 fetching corpus: 5928, signal 232238/266932 (executing program) 2022/09/12 18:06:33 fetching corpus: 5978, signal 232766/267288 (executing program) 2022/09/12 18:06:33 fetching corpus: 6028, signal 233438/267642 (executing program) 2022/09/12 18:06:33 fetching corpus: 6078, signal 233860/267968 (executing program) 2022/09/12 18:06:33 fetching corpus: 6128, signal 234894/268348 (executing program) 2022/09/12 18:06:33 fetching corpus: 6178, signal 235318/268635 (executing program) 2022/09/12 18:06:33 fetching corpus: 6228, signal 235995/268958 (executing program) 2022/09/12 18:06:34 fetching corpus: 6278, signal 236411/269278 (executing program) 2022/09/12 18:06:34 fetching corpus: 6328, signal 236997/269592 (executing program) 2022/09/12 18:06:34 fetching corpus: 6378, signal 237728/269873 (executing program) 2022/09/12 18:06:34 fetching corpus: 6428, signal 238136/270139 (executing program) 2022/09/12 18:06:34 fetching corpus: 6478, signal 238905/270389 (executing program) 2022/09/12 18:06:34 fetching corpus: 6528, signal 239367/270576 (executing program) 2022/09/12 18:06:34 fetching corpus: 6578, signal 239864/270599 (executing program) 2022/09/12 18:06:35 fetching corpus: 6628, signal 240314/270630 (executing program) 2022/09/12 18:06:35 fetching corpus: 6678, signal 241347/270652 (executing program) 2022/09/12 18:06:35 fetching corpus: 6728, signal 241728/270670 (executing program) 2022/09/12 18:06:35 fetching corpus: 6778, signal 242365/270721 (executing program) 2022/09/12 18:06:35 fetching corpus: 6828, signal 242923/270732 (executing program) 2022/09/12 18:06:35 fetching corpus: 6878, signal 243508/270734 (executing program) 2022/09/12 18:06:35 fetching corpus: 6928, signal 243877/270740 (executing program) 2022/09/12 18:06:36 fetching corpus: 6978, signal 244478/270747 (executing program) 2022/09/12 18:06:36 fetching corpus: 7028, signal 245124/270748 (executing program) 2022/09/12 18:06:36 fetching corpus: 7078, signal 245485/270766 (executing program) 2022/09/12 18:06:36 fetching corpus: 7128, signal 245916/270771 (executing program) 2022/09/12 18:06:36 fetching corpus: 7178, signal 246244/270777 (executing program) 2022/09/12 18:06:36 fetching corpus: 7228, signal 246947/270820 (executing program) 2022/09/12 18:06:36 fetching corpus: 7278, signal 247405/270834 (executing program) 2022/09/12 18:06:36 fetching corpus: 7328, signal 248011/270842 (executing program) 2022/09/12 18:06:37 fetching corpus: 7378, signal 248510/270855 (executing program) 2022/09/12 18:06:37 fetching corpus: 7428, signal 248877/270869 (executing program) 2022/09/12 18:06:37 fetching corpus: 7478, signal 249328/270874 (executing program) 2022/09/12 18:06:37 fetching corpus: 7528, signal 249817/270880 (executing program) 2022/09/12 18:06:37 fetching corpus: 7578, signal 250150/270891 (executing program) 2022/09/12 18:06:37 fetching corpus: 7628, signal 250501/270899 (executing program) 2022/09/12 18:06:37 fetching corpus: 7678, signal 251037/270907 (executing program) 2022/09/12 18:06:37 fetching corpus: 7728, signal 251375/270911 (executing program) 2022/09/12 18:06:37 fetching corpus: 7778, signal 251941/270932 (executing program) 2022/09/12 18:06:38 fetching corpus: 7828, signal 252340/271042 (executing program) 2022/09/12 18:06:38 fetching corpus: 7878, signal 252699/271052 (executing program) 2022/09/12 18:06:38 fetching corpus: 7928, signal 253160/271113 (executing program) 2022/09/12 18:06:38 fetching corpus: 7978, signal 253530/271131 (executing program) 2022/09/12 18:06:38 fetching corpus: 8028, signal 254110/271154 (executing program) 2022/09/12 18:06:38 fetching corpus: 8078, signal 254629/271154 (executing program) 2022/09/12 18:06:38 fetching corpus: 8128, signal 255022/271177 (executing program) 2022/09/12 18:06:39 fetching corpus: 8178, signal 255499/271191 (executing program) 2022/09/12 18:06:39 fetching corpus: 8228, signal 255850/271196 (executing program) 2022/09/12 18:06:39 fetching corpus: 8278, signal 256352/271204 (executing program) 2022/09/12 18:06:39 fetching corpus: 8328, signal 256886/271219 (executing program) 2022/09/12 18:06:39 fetching corpus: 8378, signal 257487/271219 (executing program) 2022/09/12 18:06:39 fetching corpus: 8428, signal 257861/271219 (executing program) 2022/09/12 18:06:39 fetching corpus: 8478, signal 258275/271225 (executing program) 2022/09/12 18:06:39 fetching corpus: 8528, signal 258747/271225 (executing program) 2022/09/12 18:06:40 fetching corpus: 8578, signal 259140/271230 (executing program) 2022/09/12 18:06:40 fetching corpus: 8628, signal 259723/271232 (executing program) 2022/09/12 18:06:40 fetching corpus: 8678, signal 260154/271245 (executing program) 2022/09/12 18:06:40 fetching corpus: 8728, signal 260443/271247 (executing program) 2022/09/12 18:06:40 fetching corpus: 8778, signal 260853/271268 (executing program) 2022/09/12 18:06:40 fetching corpus: 8791, signal 260952/271268 (executing program) 2022/09/12 18:06:40 fetching corpus: 8791, signal 260952/271268 (executing program) 2022/09/12 18:06:43 starting 8 fuzzer processes 18:06:43 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_int(r0, 0x0, 0x12, 0x0, &(0x7f0000000400)) 18:06:43 executing program 1: prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x2) 18:06:43 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, 0x0) 18:06:43 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000100), 0x7) 18:06:43 executing program 4: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) [ 78.812812] audit: type=1400 audit(1663006003.798:6): avc: denied { execmem } for pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:06:43 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="02000400"], 0x3c, 0x0) 18:06:43 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000004140)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000044c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) 18:06:43 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x0, 0x0, 0x0, 0x300}}) [ 80.179081] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 80.182283] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 80.183629] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 80.185004] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.192690] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.194900] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 80.195888] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.198888] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 80.200413] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.201501] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 80.203446] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 80.204960] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 80.209018] Bluetooth: hci1: HCI_REQ-0x0c1a [ 80.213328] Bluetooth: hci0: HCI_REQ-0x0c1a [ 80.358514] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 80.361932] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 80.370225] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 80.377899] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 80.392506] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 80.393538] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 80.395247] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 80.396736] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 80.398423] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 80.399873] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 80.408398] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 80.410391] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 80.412512] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 80.415047] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 80.416305] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 80.418322] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 80.420150] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 80.421429] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 80.426657] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 80.428110] Bluetooth: hci6: HCI_REQ-0x0c1a [ 80.431814] Bluetooth: hci4: HCI_REQ-0x0c1a [ 80.433467] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 80.447102] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 80.457914] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 80.460582] Bluetooth: hci5: HCI_REQ-0x0c1a [ 80.483913] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 80.485133] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 80.502804] Bluetooth: hci7: HCI_REQ-0x0c1a [ 82.262313] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 82.262853] Bluetooth: hci0: command 0x0409 tx timeout [ 82.263272] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 82.265013] Bluetooth: hci1: command 0x0409 tx timeout [ 82.453802] Bluetooth: hci4: command 0x0409 tx timeout [ 82.517748] Bluetooth: hci5: command 0x0409 tx timeout [ 82.517792] Bluetooth: hci7: command 0x0409 tx timeout [ 82.519261] Bluetooth: hci6: command 0x0409 tx timeout [ 84.309801] Bluetooth: hci1: command 0x041b tx timeout [ 84.310359] Bluetooth: hci0: command 0x041b tx timeout [ 84.501808] Bluetooth: hci4: command 0x041b tx timeout [ 84.565872] Bluetooth: hci6: command 0x041b tx timeout [ 84.566932] Bluetooth: hci7: command 0x041b tx timeout [ 84.567376] Bluetooth: hci5: command 0x041b tx timeout [ 85.667058] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.671779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.673089] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.683489] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.694912] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.706159] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.714277] Bluetooth: hci3: HCI_REQ-0x0c1a [ 86.357756] Bluetooth: hci0: command 0x040f tx timeout [ 86.358280] Bluetooth: hci1: command 0x040f tx timeout [ 86.549748] Bluetooth: hci4: command 0x040f tx timeout [ 86.613775] Bluetooth: hci5: command 0x040f tx timeout [ 86.614269] Bluetooth: hci7: command 0x040f tx timeout [ 86.615036] Bluetooth: hci6: command 0x040f tx timeout [ 87.381757] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 87.765768] Bluetooth: hci3: command 0x0409 tx timeout [ 88.405754] Bluetooth: hci1: command 0x0419 tx timeout [ 88.406248] Bluetooth: hci0: command 0x0419 tx timeout [ 88.597799] Bluetooth: hci4: command 0x0419 tx timeout [ 88.661884] Bluetooth: hci6: command 0x0419 tx timeout [ 88.662342] Bluetooth: hci7: command 0x0419 tx timeout [ 88.662805] Bluetooth: hci5: command 0x0419 tx timeout [ 89.813776] Bluetooth: hci3: command 0x041b tx timeout [ 90.186884] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.188399] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.189249] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.190973] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.192542] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 90.193380] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.204479] Bluetooth: hci2: HCI_REQ-0x0c1a [ 91.861761] Bluetooth: hci3: command 0x040f tx timeout [ 92.245784] Bluetooth: hci2: command 0x0409 tx timeout [ 93.910060] Bluetooth: hci3: command 0x0419 tx timeout [ 94.293742] Bluetooth: hci2: command 0x041b tx timeout [ 96.341756] Bluetooth: hci2: command 0x040f tx timeout [ 98.389792] Bluetooth: hci2: command 0x0419 tx timeout [ 132.744644] audit: type=1400 audit(1663006057.730:7): avc: denied { open } for pid=3731 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 132.746332] audit: type=1400 audit(1663006057.730:8): avc: denied { kernel } for pid=3731 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 132.758188] ------------[ cut here ]------------ [ 132.758211] [ 132.758214] ====================================================== [ 132.758218] WARNING: possible circular locking dependency detected [ 132.758222] 6.0.0-rc5-next-20220912 #1 Not tainted [ 132.758229] ------------------------------------------------------ [ 132.758232] syz-executor.4/3732 is trying to acquire lock: [ 132.758238] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 132.758277] [ 132.758277] but task is already holding lock: [ 132.758280] ffff88800f6b2820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 132.758307] [ 132.758307] which lock already depends on the new lock. [ 132.758307] [ 132.758310] [ 132.758310] the existing dependency chain (in reverse order) is: [ 132.758313] [ 132.758313] -> #3 (&ctx->lock){....}-{2:2}: [ 132.758326] _raw_spin_lock+0x2a/0x40 [ 132.758343] __perf_event_task_sched_out+0x53b/0x18d0 [ 132.758355] __schedule+0xedd/0x2470 [ 132.758364] schedule+0xda/0x1b0 [ 132.758373] futex_wait_queue+0xf5/0x1e0 [ 132.758385] futex_wait+0x28e/0x690 [ 132.758395] do_futex+0x2ff/0x380 [ 132.758404] __x64_sys_futex+0x1c6/0x4d0 [ 132.758413] do_syscall_64+0x3b/0x90 [ 132.758426] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.758444] [ 132.758444] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 132.758457] _raw_spin_lock_nested+0x30/0x40 [ 132.758472] raw_spin_rq_lock_nested+0x1e/0x30 [ 132.758484] task_fork_fair+0x63/0x4d0 [ 132.758501] sched_cgroup_fork+0x3d0/0x540 [ 132.758515] copy_process+0x3f9e/0x6df0 [ 132.758525] kernel_clone+0xe7/0x890 [ 132.758535] user_mode_thread+0xad/0xf0 [ 132.758545] rest_init+0x24/0x250 [ 132.758561] arch_call_rest_init+0xf/0x14 [ 132.758580] start_kernel+0x4c1/0x4e6 [ 132.758597] secondary_startup_64_no_verify+0xe0/0xeb [ 132.758611] [ 132.758611] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 132.758624] _raw_spin_lock_irqsave+0x39/0x60 [ 132.758639] try_to_wake_up+0xab/0x1920 [ 132.758652] up+0x75/0xb0 [ 132.758664] __up_console_sem+0x6e/0x80 [ 132.758680] console_unlock+0x46a/0x590 [ 132.758700] vt_ioctl+0x2822/0x2ca0 [ 132.758712] tty_ioctl+0x7c4/0x1700 [ 132.758723] __x64_sys_ioctl+0x19a/0x210 [ 132.758738] do_syscall_64+0x3b/0x90 [ 132.758750] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.758767] [ 132.758767] -> #0 ((console_sem).lock){....}-{2:2}: [ 132.758781] __lock_acquire+0x2a02/0x5e70 [ 132.758798] lock_acquire+0x1a2/0x530 [ 132.758814] _raw_spin_lock_irqsave+0x39/0x60 [ 132.758828] down_trylock+0xe/0x70 [ 132.758841] __down_trylock_console_sem+0x3b/0xd0 [ 132.758857] vprintk_emit+0x16b/0x560 [ 132.758874] vprintk+0x84/0xa0 [ 132.758890] _printk+0xba/0xf1 [ 132.758908] report_bug.cold+0x72/0xab [ 132.758920] handle_bug+0x3c/0x70 [ 132.758932] exc_invalid_op+0x14/0x50 [ 132.758945] asm_exc_invalid_op+0x16/0x20 [ 132.758962] group_sched_out.part.0+0x2c7/0x460 [ 132.758972] ctx_sched_out+0x8f1/0xc10 [ 132.758982] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.758994] __schedule+0xedd/0x2470 [ 132.759003] schedule+0xda/0x1b0 [ 132.759012] futex_wait_queue+0xf5/0x1e0 [ 132.759022] futex_wait+0x28e/0x690 [ 132.759032] do_futex+0x2ff/0x380 [ 132.759041] __x64_sys_futex+0x1c6/0x4d0 [ 132.759051] do_syscall_64+0x3b/0x90 [ 132.759064] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.759081] [ 132.759081] other info that might help us debug this: [ 132.759081] [ 132.759083] Chain exists of: [ 132.759083] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 132.759083] [ 132.759098] Possible unsafe locking scenario: [ 132.759098] [ 132.759100] CPU0 CPU1 [ 132.759102] ---- ---- [ 132.759104] lock(&ctx->lock); [ 132.759110] lock(&rq->__lock); [ 132.759116] lock(&ctx->lock); [ 132.759122] lock((console_sem).lock); [ 132.759128] [ 132.759128] *** DEADLOCK *** [ 132.759128] [ 132.759130] 2 locks held by syz-executor.4/3732: [ 132.759137] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 132.759162] #1: ffff88800f6b2820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 132.759189] [ 132.759189] stack backtrace: [ 132.759192] CPU: 0 PID: 3732 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220912 #1 [ 132.759205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 132.759212] Call Trace: [ 132.759216] [ 132.759220] dump_stack_lvl+0x8b/0xb3 [ 132.759234] check_noncircular+0x263/0x2e0 [ 132.759251] ? format_decode+0x26c/0xb50 [ 132.759265] ? print_circular_bug+0x450/0x450 [ 132.759283] ? enable_ptr_key_workfn+0x20/0x20 [ 132.759298] ? format_decode+0x26c/0xb50 [ 132.759313] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 132.759331] __lock_acquire+0x2a02/0x5e70 [ 132.759353] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 132.759376] lock_acquire+0x1a2/0x530 [ 132.759393] ? down_trylock+0xe/0x70 [ 132.759408] ? rcu_read_unlock+0x40/0x40 [ 132.759429] ? vprintk+0x84/0xa0 [ 132.759447] _raw_spin_lock_irqsave+0x39/0x60 [ 132.759462] ? down_trylock+0xe/0x70 [ 132.759476] down_trylock+0xe/0x70 [ 132.759490] ? vprintk+0x84/0xa0 [ 132.759507] __down_trylock_console_sem+0x3b/0xd0 [ 132.759525] vprintk_emit+0x16b/0x560 [ 132.759544] vprintk+0x84/0xa0 [ 132.759562] _printk+0xba/0xf1 [ 132.759580] ? record_print_text.cold+0x16/0x16 [ 132.759602] ? report_bug.cold+0x66/0xab [ 132.759616] ? group_sched_out.part.0+0x2c7/0x460 [ 132.759627] report_bug.cold+0x72/0xab [ 132.759642] handle_bug+0x3c/0x70 [ 132.759656] exc_invalid_op+0x14/0x50 [ 132.759670] asm_exc_invalid_op+0x16/0x20 [ 132.759687] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 132.759700] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 132.759712] RSP: 0018:ffff8880424278f8 EFLAGS: 00010006 [ 132.759721] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.759728] RDX: ffff888008b48000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 132.759736] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 132.759743] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800f6b2800 [ 132.759751] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 132.759762] ? group_sched_out.part.0+0x2c7/0x460 [ 132.759775] ? group_sched_out.part.0+0x2c7/0x460 [ 132.759788] ctx_sched_out+0x8f1/0xc10 [ 132.759801] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.759816] ? lock_is_held_type+0xd7/0x130 [ 132.759834] ? __perf_cgroup_move+0x160/0x160 [ 132.759846] ? set_next_entity+0x304/0x550 [ 132.759866] ? lock_is_held_type+0xd7/0x130 [ 132.759885] __schedule+0xedd/0x2470 [ 132.759898] ? io_schedule_timeout+0x150/0x150 [ 132.759909] ? futex_wait_setup+0x166/0x230 [ 132.759923] schedule+0xda/0x1b0 [ 132.759934] futex_wait_queue+0xf5/0x1e0 [ 132.759946] futex_wait+0x28e/0x690 [ 132.759958] ? futex_wait_setup+0x230/0x230 [ 132.759971] ? wake_up_q+0x8b/0xf0 [ 132.759985] ? do_raw_spin_unlock+0x4f/0x220 [ 132.760004] ? futex_wake+0x158/0x490 [ 132.760020] ? fd_install+0x1f9/0x640 [ 132.760051] do_futex+0x2ff/0x380 [ 132.760062] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 132.760077] __x64_sys_futex+0x1c6/0x4d0 [ 132.760090] ? __x64_sys_futex_time32+0x480/0x480 [ 132.760102] ? syscall_enter_from_user_mode+0x1d/0x50 [ 132.760121] ? syscall_enter_from_user_mode+0x1d/0x50 [ 132.760141] do_syscall_64+0x3b/0x90 [ 132.760155] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.760172] RIP: 0033:0x7f4d99023b19 [ 132.760181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.760192] RSP: 002b:00007f4d96599218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 132.760202] RAX: ffffffffffffffda RBX: 00007f4d99136f68 RCX: 00007f4d99023b19 [ 132.760210] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4d99136f68 [ 132.760217] RBP: 00007f4d99136f60 R08: 0000000000000000 R09: 0000000000000000 [ 132.760225] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4d99136f6c [ 132.760232] R13: 00007ffc506f7fff R14: 00007f4d96599300 R15: 0000000000022000 [ 132.760245] [ 132.819638] WARNING: CPU: 0 PID: 3732 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 132.820334] Modules linked in: [ 132.820581] CPU: 0 PID: 3732 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220912 #1 [ 132.821184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 132.822008] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 132.822414] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 132.823758] RSP: 0018:ffff8880424278f8 EFLAGS: 00010006 [ 132.824169] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.824708] RDX: ffff888008b48000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 132.825215] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 132.825732] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800f6b2800 [ 132.826262] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 132.826793] FS: 00007f4d96599700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 132.827388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.827827] CR2: 000055c1228d84c8 CR3: 0000000041e82000 CR4: 0000000000350ef0 [ 132.828373] Call Trace: [ 132.828565] [ 132.828740] ctx_sched_out+0x8f1/0xc10 [ 132.829037] __perf_event_task_sched_out+0x6d0/0x18d0 [ 132.829431] ? lock_is_held_type+0xd7/0x130 [ 132.829763] ? __perf_cgroup_move+0x160/0x160 [ 132.830104] ? set_next_entity+0x304/0x550 [ 132.830425] ? lock_is_held_type+0xd7/0x130 [ 132.830753] __schedule+0xedd/0x2470 [ 132.831034] ? io_schedule_timeout+0x150/0x150 [ 132.831380] ? futex_wait_setup+0x166/0x230 [ 132.831704] schedule+0xda/0x1b0 [ 132.831972] futex_wait_queue+0xf5/0x1e0 [ 132.832290] futex_wait+0x28e/0x690 [ 132.832574] ? futex_wait_setup+0x230/0x230 [ 132.832904] ? wake_up_q+0x8b/0xf0 [ 132.833175] ? do_raw_spin_unlock+0x4f/0x220 [ 132.833510] ? futex_wake+0x158/0x490 [ 132.833803] ? fd_install+0x1f9/0x640 [ 132.834100] do_futex+0x2ff/0x380 [ 132.834372] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 132.834802] __x64_sys_futex+0x1c6/0x4d0 [ 132.835113] ? __x64_sys_futex_time32+0x480/0x480 [ 132.835481] ? syscall_enter_from_user_mode+0x1d/0x50 [ 132.835873] ? syscall_enter_from_user_mode+0x1d/0x50 [ 132.836273] do_syscall_64+0x3b/0x90 [ 132.836556] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 132.836953] RIP: 0033:0x7f4d99023b19 [ 132.837235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.838581] RSP: 002b:00007f4d96599218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 132.839149] RAX: ffffffffffffffda RBX: 00007f4d99136f68 RCX: 00007f4d99023b19 [ 132.839689] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4d99136f68 [ 132.840235] RBP: 00007f4d99136f60 R08: 0000000000000000 R09: 0000000000000000 [ 132.840776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4d99136f6c [ 132.841309] R13: 00007ffc506f7fff R14: 00007f4d96599300 R15: 0000000000022000 [ 132.841852] [ 132.842034] irq event stamp: 790 [ 132.842290] hardirqs last enabled at (789): [] syscall_enter_from_user_mode+0x1d/0x50 [ 132.843004] hardirqs last disabled at (790): [] __schedule+0x1225/0x2470 [ 132.843624] softirqs last enabled at (666): [] __irq_exit_rcu+0x11b/0x180 [ 132.844267] softirqs last disabled at (625): [] __irq_exit_rcu+0x11b/0x180 [ 132.844923] ---[ end trace 0000000000000000 ]--- [ 133.828343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.829410] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.840620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.841676] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.347769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.348523] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.348556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.352061] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.171715] hrtimer: interrupt took 17473 ns 18:07:41 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="02000400"], 0x3c, 0x0) 18:07:41 executing program 0: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:41 executing program 4: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:41 executing program 1: syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8}}}, 0x7) 18:07:41 executing program 2: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:41 executing program 6: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:41 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000100), 0x7) 18:07:41 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x0, 0x0, 0x0, 0x300}}) 18:07:41 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x0, 0x0, 0x0, 0x300}}) 18:07:41 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0xa]}}}}]}) 18:07:41 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000100), 0x7) 18:07:41 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="02000400"], 0x3c, 0x0) [ 136.609981] tmpfs: Bad value for 'mpol' [ 136.615611] tmpfs: Bad value for 'mpol' 18:07:41 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x0, 0x0, 0x0, 0x300}}) 18:07:41 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0xa]}}}}]}) 18:07:41 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000100), 0x7) 18:07:41 executing program 5: mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="02000400"], 0x3c, 0x0) 18:07:41 executing program 2: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:41 executing program 0: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:41 executing program 4: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:41 executing program 6: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) [ 136.969783] tmpfs: Bad value for 'mpol' 18:07:42 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0xa]}}}}]}) 18:07:42 executing program 0: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:42 executing program 6: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) [ 137.077222] tmpfs: Bad value for 'mpol' 18:07:42 executing program 2: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) 18:07:42 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0xa]}}}}]}) 18:07:42 executing program 4: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x2, 0xffffffffffffffff, 0x6}) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000040)=0x3) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, &(0x7f0000000380)=0x2530a494, 0xffffffffffffffff, &(0x7f00000003c0)=0x9, 0x2, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r3, 0x0, 0x3, &(0x7f0000000240)={0x6, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @local}}}, 0x108) sendmmsg$inet(r3, &(0x7f0000004cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)="36304289f00583e4c55ad67e8824d6d15c54193b71e254a9", 0x18}], 0x1}}], 0x1, 0xe00) [ 137.196323] tmpfs: Bad value for 'mpol' 18:07:42 executing program 7: clock_nanosleep(0x36, 0x0, 0x0, 0x0) 18:07:42 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000380)=0xffffffff, 0x4) 18:07:42 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random="94031c855deb"}, 0x14) 18:07:42 executing program 6: syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000001300)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001040)={0x58, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_IE={0x2a, 0x2a, [@preq={0x82, 0x20}, @perr={0x84, 0x2}]}]}, 0x58}}, 0x0) 18:07:42 executing program 5: io_setup(0x5, &(0x7f0000000000)=0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) io_submit(r0, 0x2, &(0x7f0000000340)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff}]) 18:07:42 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000100000005000000000004000040000020000000dbf4655fdbf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000244b8e9b57f04b59aa229cc218853f95010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011500)="ed41000000080000dbf4655fdbf4655fdbf4655f00000000000004", 0x1b, 0x2080}, {&(0x7f0000012400)="504d4d00504d4dff", 0x8, 0x20000}], 0x0, &(0x7f0000012f00)) 18:07:42 executing program 1: syslog(0x3, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0xa, &(0x7f0000000480)=""/174, 0xae) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') r1 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r2 = openat$cgroup_ro(r0, &(0x7f0000000440)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000001a80)=[{{&(0x7f0000001980)={0xa, 0x4e24, 0x8000, @empty, 0x4}, 0x1c, &(0x7f0000001a40)=[{&(0x7f00000019c0)="3f1e009eee5fb0726a77781289732178d87af7b74f6d7d8356299be2513d69279d8a66e9a29d4af0f5", 0x29}, {&(0x7f0000001a00)="0692b1d14e663cfa45996f1168287e2855d026469f601692952d02e55dd7825f", 0x20}], 0x2}}], 0x1, 0xc001) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xb) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, &(0x7f0000000540)=""/251, 0xfb) 18:07:42 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lchown(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) 18:07:42 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000380)=0xffffffff, 0x4) 18:07:42 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) mount_setattr(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080), 0x20) 18:07:42 executing program 4: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:useradd_exec_t:s0\x00', 0x24) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000003480)={@private0}, 0x14) 18:07:42 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000380)=0xffffffff, 0x4) 18:07:42 executing program 5: io_setup(0x5, &(0x7f0000000000)=0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) io_submit(r0, 0x2, &(0x7f0000000340)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff}]) 18:07:42 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'hsr0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0xfffffe8e}], 0x1}}], 0x1, 0x0) recvfrom(r1, &(0x7f00000003c0)=""/77, 0x6bc2bb1, 0x324, 0x0, 0x37) timer_create(0x0, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="100000004a75b7972d407543113b7c9760a67cdbdab463d3db0effd18682368c9df07c33c149ee2139", @ANYRES16=0x0, @ANYBLOB="010025bd7000fedbdf25650000000c009900090000003c000000080001000000000008000100080000002d66f0c0254f74f4b71d79f1fb3a8f4d48f5603c8747870ab2527cf003ebf352cae02d3030f7bbc34bb9d54a93969dbd5dba7e83926d5ae5573859c337212986bd42d27e729853a36bd9533057ea030cd5694af2fe88e4da5516a6855b4515dcba32bb61da6b613bf3c7a313985c686cbf2eca3b5b5b0d0a7fc53e"], 0x30}}, 0x400c040) 18:07:43 executing program 4: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:useradd_exec_t:s0\x00', 0x24) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000003480)={@private0}, 0x14) 18:07:43 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000380)=0xffffffff, 0x4) 18:07:43 executing program 5: io_setup(0x5, &(0x7f0000000000)=0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) io_submit(r0, 0x2, &(0x7f0000000340)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff}]) [ 138.122924] audit: type=1400 audit(1663006062.924:9): avc: denied { create } for pid=4046 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:useradd_exec_t:s0 tclass=rawip_socket permissive=1 [ 138.126949] audit: type=1400 audit(1663006062.928:10): avc: denied { setopt } for pid=4046 comm="syz-executor.4" lport=58 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:useradd_exec_t:s0 tclass=rawip_socket permissive=1 18:07:45 executing program 4: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:useradd_exec_t:s0\x00', 0x24) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000003480)={@private0}, 0x14) 18:07:45 executing program 3: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:useradd_exec_t:s0\x00', 0x24) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000003480)={@private0}, 0x14) 18:07:45 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125) close_range(r1, 0xffffffffffffffff, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r2}, 0x68) syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa) socket$nl_route(0x10, 0x3, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0) 18:07:45 executing program 6: syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000001300)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001040)={0x58, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_IE={0x2a, 0x2a, [@preq={0x82, 0x20}, @perr={0x84, 0x2}]}]}, 0x58}}, 0x0) 18:07:45 executing program 7: clock_nanosleep(0x36, 0x0, 0x0, 0x0) 18:07:45 executing program 1: syslog(0x3, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0xa, &(0x7f0000000480)=""/174, 0xae) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') r1 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r2 = openat$cgroup_ro(r0, &(0x7f0000000440)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000001a80)=[{{&(0x7f0000001980)={0xa, 0x4e24, 0x8000, @empty, 0x4}, 0x1c, &(0x7f0000001a40)=[{&(0x7f00000019c0)="3f1e009eee5fb0726a77781289732178d87af7b74f6d7d8356299be2513d69279d8a66e9a29d4af0f5", 0x29}, {&(0x7f0000001a00)="0692b1d14e663cfa45996f1168287e2855d026469f601692952d02e55dd7825f", 0x20}], 0x2}}], 0x1, 0xc001) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xb) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, &(0x7f0000000540)=""/251, 0xfb) 18:07:45 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'hsr0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0xfffffe8e}], 0x1}}], 0x1, 0x0) recvfrom(r1, &(0x7f00000003c0)=""/77, 0x6bc2bb1, 0x324, 0x0, 0x37) timer_create(0x0, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="100000004a75b7972d407543113b7c9760a67cdbdab463d3db0effd18682368c9df07c33c149ee2139", @ANYRES16=0x0, @ANYBLOB="010025bd7000fedbdf25650000000c009900090000003c000000080001000000000008000100080000002d66f0c0254f74f4b71d79f1fb3a8f4d48f5603c8747870ab2527cf003ebf352cae02d3030f7bbc34bb9d54a93969dbd5dba7e83926d5ae5573859c337212986bd42d27e729853a36bd9533057ea030cd5694af2fe88e4da5516a6855b4515dcba32bb61da6b613bf3c7a313985c686cbf2eca3b5b5b0d0a7fc53e"], 0x30}}, 0x400c040) 18:07:45 executing program 5: io_setup(0x5, &(0x7f0000000000)=0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) io_submit(r0, 0x2, &(0x7f0000000340)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff}]) 18:07:45 executing program 7: clock_nanosleep(0x36, 0x0, 0x0, 0x0) 18:07:45 executing program 4: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:useradd_exec_t:s0\x00', 0x24) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000003480)={@private0}, 0x14) 18:07:45 executing program 3: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:useradd_exec_t:s0\x00', 0x24) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000003480)={@private0}, 0x14) [ 140.664309] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in; [ 140.664309] program syz-executor.0 not setting count and/or reply_len properly 18:07:45 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'hsr0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0xfffffe8e}], 0x1}}], 0x1, 0x0) recvfrom(r1, &(0x7f00000003c0)=""/77, 0x6bc2bb1, 0x324, 0x0, 0x37) timer_create(0x0, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="100000004a75b7972d407543113b7c9760a67cdbdab463d3db0effd18682368c9df07c33c149ee2139", @ANYRES16=0x0, @ANYBLOB="010025bd7000fedbdf25650000000c009900090000003c000000080001000000000008000100080000002d66f0c0254f74f4b71d79f1fb3a8f4d48f5603c8747870ab2527cf003ebf352cae02d3030f7bbc34bb9d54a93969dbd5dba7e83926d5ae5573859c337212986bd42d27e729853a36bd9533057ea030cd5694af2fe88e4da5516a6855b4515dcba32bb61da6b613bf3c7a313985c686cbf2eca3b5b5b0d0a7fc53e"], 0x30}}, 0x400c040) 18:07:45 executing program 6: syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000001300)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001040)={0x58, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_IE={0x2a, 0x2a, [@preq={0x82, 0x20}, @perr={0x84, 0x2}]}]}, 0x58}}, 0x0) [ 140.838524] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in; [ 140.838524] program syz-executor.0 not setting count and/or reply_len properly 18:07:45 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125) close_range(r1, 0xffffffffffffffff, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r2}, 0x68) syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa) socket$nl_route(0x10, 0x3, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0) 18:07:45 executing program 6: syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000001300)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001040)={0x58, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_IE={0x2a, 0x2a, [@preq={0x82, 0x20}, @perr={0x84, 0x2}]}]}, 0x58}}, 0x0) 18:07:45 executing program 7: clock_nanosleep(0x36, 0x0, 0x0, 0x0) 18:07:45 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125) close_range(r1, 0xffffffffffffffff, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r2}, 0x68) syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa) socket$nl_route(0x10, 0x3, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0) [ 140.968901] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in; [ 140.968901] program syz-executor.5 not setting count and/or reply_len properly [ 140.974488] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in; [ 140.974488] program syz-executor.0 not setting count and/or reply_len properly 18:07:46 executing program 3: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:useradd_exec_t:s0\x00', 0x24) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000003480)={@private0}, 0x14) 18:07:46 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'hsr0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0xfffffe8e}], 0x1}}], 0x1, 0x0) recvfrom(r1, &(0x7f00000003c0)=""/77, 0x6bc2bb1, 0x324, 0x0, 0x37) timer_create(0x0, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="100000004a75b7972d407543113b7c9760a67cdbdab463d3db0effd18682368c9df07c33c149ee2139", @ANYRES16=0x0, @ANYBLOB="010025bd7000fedbdf25650000000c009900090000003c000000080001000000000008000100080000002d66f0c0254f74f4b71d79f1fb3a8f4d48f5603c8747870ab2527cf003ebf352cae02d3030f7bbc34bb9d54a93969dbd5dba7e83926d5ae5573859c337212986bd42d27e729853a36bd9533057ea030cd5694af2fe88e4da5516a6855b4515dcba32bb61da6b613bf3c7a313985c686cbf2eca3b5b5b0d0a7fc53e"], 0x30}}, 0x400c040) 18:07:47 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125) close_range(r1, 0xffffffffffffffff, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r2}, 0x68) syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa) socket$nl_route(0x10, 0x3, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0) 18:07:47 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125) close_range(r1, 0xffffffffffffffff, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r2}, 0x68) syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa) socket$nl_route(0x10, 0x3, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0) 18:07:47 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0) 18:07:47 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$vga_arbiter(0xffffffffffffffff, 0x0, 0xc) r2 = dup(r1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xb, r0, 0x5) getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) 18:07:47 executing program 1: syslog(0x3, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0xa, &(0x7f0000000480)=""/174, 0xae) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') r1 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r2 = openat$cgroup_ro(r0, &(0x7f0000000440)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000001a80)=[{{&(0x7f0000001980)={0xa, 0x4e24, 0x8000, @empty, 0x4}, 0x1c, &(0x7f0000001a40)=[{&(0x7f00000019c0)="3f1e009eee5fb0726a77781289732178d87af7b74f6d7d8356299be2513d69279d8a66e9a29d4af0f5", 0x29}, {&(0x7f0000001a00)="0692b1d14e663cfa45996f1168287e2855d026469f601692952d02e55dd7825f", 0x20}], 0x2}}], 0x1, 0xc001) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xb) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, &(0x7f0000000540)=""/251, 0xfb) 18:07:47 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'hsr0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0xfffffe8e}], 0x1}}], 0x1, 0x0) recvfrom(r1, &(0x7f00000003c0)=""/77, 0x6bc2bb1, 0x324, 0x0, 0x37) timer_create(0x0, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="100000004a75b7972d407543113b7c9760a67cdbdab463d3db0effd18682368c9df07c33c149ee2139", @ANYRES16=0x0, @ANYBLOB="010025bd7000fedbdf25650000000c009900090000003c000000080001000000000008000100080000002d66f0c0254f74f4b71d79f1fb3a8f4d48f5603c8747870ab2527cf003ebf352cae02d3030f7bbc34bb9d54a93969dbd5dba7e83926d5ae5573859c337212986bd42d27e729853a36bd9533057ea030cd5694af2fe88e4da5516a6855b4515dcba32bb61da6b613bf3c7a313985c686cbf2eca3b5b5b0d0a7fc53e"], 0x30}}, 0x400c040) 18:07:47 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'hsr0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0xfffffe8e}], 0x1}}], 0x1, 0x0) recvfrom(r1, &(0x7f00000003c0)=""/77, 0x6bc2bb1, 0x324, 0x0, 0x37) timer_create(0x0, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="100000004a75b7972d407543113b7c9760a67cdbdab463d3db0effd18682368c9df07c33c149ee2139", @ANYRES16=0x0, @ANYBLOB="010025bd7000fedbdf25650000000c009900090000003c000000080001000000000008000100080000002d66f0c0254f74f4b71d79f1fb3a8f4d48f5603c8747870ab2527cf003ebf352cae02d3030f7bbc34bb9d54a93969dbd5dba7e83926d5ae5573859c337212986bd42d27e729853a36bd9533057ea030cd5694af2fe88e4da5516a6855b4515dcba32bb61da6b613bf3c7a313985c686cbf2eca3b5b5b0d0a7fc53e"], 0x30}}, 0x400c040) 18:07:47 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) fchdir(r0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000100)={'hsr0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @broadcast}, 0x10) fcntl$setstatus(r2, 0x4, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="e9", 0xfffffe8e}], 0x1}}], 0x1, 0x0) recvfrom(r1, &(0x7f00000003c0)=""/77, 0x6bc2bb1, 0x324, 0x0, 0x37) timer_create(0x0, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="100000004a75b7972d407543113b7c9760a67cdbdab463d3db0effd18682368c9df07c33c149ee2139", @ANYRES16=0x0, @ANYBLOB="010025bd7000fedbdf25650000000c009900090000003c000000080001000000000008000100080000002d66f0c0254f74f4b71d79f1fb3a8f4d48f5603c8747870ab2527cf003ebf352cae02d3030f7bbc34bb9d54a93969dbd5dba7e83926d5ae5573859c337212986bd42d27e729853a36bd9533057ea030cd5694af2fe88e4da5516a6855b4515dcba32bb61da6b613bf3c7a313985c686cbf2eca3b5b5b0d0a7fc53e"], 0x30}}, 0x400c040) [ 142.247325] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in; [ 142.247325] program syz-executor.5 not setting count and/or reply_len properly 18:07:47 executing program 7: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14) 18:07:47 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$vga_arbiter(0xffffffffffffffff, 0x0, 0xc) r2 = dup(r1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xb, r0, 0x5) getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) 18:07:47 executing program 7: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14) 18:07:47 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000500000008"], 0x125) close_range(r1, 0xffffffffffffffff, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0xd000)=nil, &(0x7f0000fee000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240)="bedcc1df281fd63d64ef45214a2151fed81d07a1e445c64adf7f352195c27564237bd025a7e4b043a2d57cf04e661516d73d9423b06e9ace607ba8754f49817b0b15b1a6a114caec173f12e7bc45133f5c613f75c193f9fe25ce5967876ce53e2d61bbe479ec5156fbe09ff94a5eef955ac01811bac72793273844a71a8c2171ce878f48d4a691f2d33f1712dbe1256996dc65ad839754fff74edcefc0da149816c175764c57f145820eaedaf2ddf4bd96096347251663e65686d684a596922c13c6ff79ef63252e4cb93b20c4a4d9be22e0fedbfcbf53da26f04b3a7eb781f1d120e477d94ccfd739cb1046f6f42787", 0xf0, r2}, 0x68) syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x9, 0x85, 0xf7, 0x0, 0x81, 0xc00, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x5, 0x69e}, 0x5499, 0x1, 0x423d, 0x8, 0x7, 0x8, 0x1, 0x0, 0xc0000000, 0x0, 0xfffffffffffffffd}, 0x0, 0xc, r0, 0xa) socket$nl_route(0x10, 0x3, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0) [ 142.508020] sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in; [ 142.508020] program syz-executor.5 not setting count and/or reply_len properly VM DIAGNOSIS: 18:07:38 Registers: info registers vcpu 0 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888042427348 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000032 R11=0000000000000001 R12=0000000000000032 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30 RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f4d96599700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055c1228d84c8 CR3=0000000041e82000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f4d9910a7c0 00007f4d9910a7c8 YMM02=0000000000000000 0000000000000000 00007f4d9910a7e0 00007f4d9910a7c0 YMM03=0000000000000000 0000000000000000 00007f4d9910a7c8 00007f4d9910a7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3eda0 RCX=0000000000000000 RDX=ffff888020485040 RSI=ffffffff813bccdb RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888042cd7960 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffed100d9c7db5 R13=ffff88806ce3eda8 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff813bccdd RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 000055555687d400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4d9912f04c CR3=0000000041e82000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ff00000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0100ff0000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 7463656a6e695f31 313230385f7a7973 YMM03=0000000000000000 0000000000000000 00007f4d9910a7c8 00007f4d9910a7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000