Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:20560' (ECDSA) to the list of known hosts. 2022/11/28 11:45:26 fuzzer started 2022/11/28 11:45:26 dialing manager at localhost:33427 syzkaller login: [ 40.267661] cgroup: Unknown subsys name 'net' [ 40.391028] cgroup: Unknown subsys name 'rlimit' 2022/11/28 11:45:43 syscalls: 2217 2022/11/28 11:45:43 code coverage: enabled 2022/11/28 11:45:43 comparison tracing: enabled 2022/11/28 11:45:43 extra coverage: enabled 2022/11/28 11:45:43 setuid sandbox: enabled 2022/11/28 11:45:43 namespace sandbox: enabled 2022/11/28 11:45:43 Android sandbox: enabled 2022/11/28 11:45:43 fault injection: enabled 2022/11/28 11:45:43 leak checking: enabled 2022/11/28 11:45:43 net packet injection: enabled 2022/11/28 11:45:43 net device setup: enabled 2022/11/28 11:45:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/11/28 11:45:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/11/28 11:45:43 USB emulation: enabled 2022/11/28 11:45:43 hci packet injection: enabled 2022/11/28 11:45:43 wifi device emulation: enabled 2022/11/28 11:45:43 802.15.4 emulation: enabled 2022/11/28 11:45:43 fetching corpus: 0, signal 0/2000 (executing program) 2022/11/28 11:45:43 fetching corpus: 37, signal 25031/28682 (executing program) 2022/11/28 11:45:43 fetching corpus: 82, signal 37625/42869 (executing program) 2022/11/28 11:45:43 fetching corpus: 132, signal 47413/54099 (executing program) 2022/11/28 11:45:43 fetching corpus: 182, signal 55681/63771 (executing program) 2022/11/28 11:45:43 fetching corpus: 232, signal 62269/71663 (executing program) 2022/11/28 11:45:44 fetching corpus: 282, signal 68197/78903 (executing program) 2022/11/28 11:45:44 fetching corpus: 332, signal 73646/85578 (executing program) 2022/11/28 11:45:44 fetching corpus: 381, signal 79611/92744 (executing program) 2022/11/28 11:45:44 fetching corpus: 431, signal 83245/97555 (executing program) 2022/11/28 11:45:44 fetching corpus: 481, signal 88965/104278 (executing program) 2022/11/28 11:45:44 fetching corpus: 531, signal 91231/107710 (executing program) 2022/11/28 11:45:44 fetching corpus: 580, signal 94879/112436 (executing program) 2022/11/28 11:45:44 fetching corpus: 630, signal 100302/118718 (executing program) 2022/11/28 11:45:44 fetching corpus: 678, signal 103905/123275 (executing program) 2022/11/28 11:45:45 fetching corpus: 727, signal 107593/127907 (executing program) 2022/11/28 11:45:45 fetching corpus: 777, signal 110065/131336 (executing program) 2022/11/28 11:45:45 fetching corpus: 827, signal 113560/135686 (executing program) 2022/11/28 11:45:45 fetching corpus: 877, signal 117140/140043 (executing program) 2022/11/28 11:45:45 fetching corpus: 927, signal 119716/143451 (executing program) 2022/11/28 11:45:45 fetching corpus: 976, signal 122566/147119 (executing program) 2022/11/28 11:45:45 fetching corpus: 1026, signal 125838/151119 (executing program) 2022/11/28 11:45:45 fetching corpus: 1076, signal 127525/153661 (executing program) 2022/11/28 11:45:45 fetching corpus: 1125, signal 130036/156920 (executing program) 2022/11/28 11:45:46 fetching corpus: 1174, signal 132122/159779 (executing program) 2022/11/28 11:45:46 fetching corpus: 1224, signal 135881/163962 (executing program) 2022/11/28 11:45:46 fetching corpus: 1274, signal 138938/167476 (executing program) 2022/11/28 11:45:46 fetching corpus: 1324, signal 141114/170266 (executing program) 2022/11/28 11:45:46 fetching corpus: 1374, signal 143144/172908 (executing program) 2022/11/28 11:45:46 fetching corpus: 1423, signal 144686/175132 (executing program) 2022/11/28 11:45:46 fetching corpus: 1473, signal 146338/177401 (executing program) 2022/11/28 11:45:47 fetching corpus: 1523, signal 149284/180703 (executing program) 2022/11/28 11:45:47 fetching corpus: 1573, signal 150592/182702 (executing program) 2022/11/28 11:45:47 fetching corpus: 1621, signal 151747/184597 (executing program) 2022/11/28 11:45:47 fetching corpus: 1671, signal 153618/186985 (executing program) 2022/11/28 11:45:47 fetching corpus: 1721, signal 155027/189075 (executing program) 2022/11/28 11:45:47 fetching corpus: 1770, signal 156315/191006 (executing program) 2022/11/28 11:45:47 fetching corpus: 1820, signal 157804/193044 (executing program) 2022/11/28 11:45:47 fetching corpus: 1870, signal 159698/195358 (executing program) 2022/11/28 11:45:48 fetching corpus: 1920, signal 161652/197681 (executing program) 2022/11/28 11:45:48 fetching corpus: 1969, signal 162722/199386 (executing program) 2022/11/28 11:45:48 fetching corpus: 2019, signal 163887/201092 (executing program) 2022/11/28 11:45:48 fetching corpus: 2069, signal 165389/203070 (executing program) 2022/11/28 11:45:48 fetching corpus: 2118, signal 166963/205005 (executing program) 2022/11/28 11:45:48 fetching corpus: 2168, signal 168442/206881 (executing program) 2022/11/28 11:45:48 fetching corpus: 2218, signal 169318/208361 (executing program) 2022/11/28 11:45:48 fetching corpus: 2268, signal 170896/210271 (executing program) 2022/11/28 11:45:49 fetching corpus: 2318, signal 172741/212326 (executing program) 2022/11/28 11:45:49 fetching corpus: 2367, signal 173643/213745 (executing program) 2022/11/28 11:45:49 fetching corpus: 2417, signal 175128/215581 (executing program) 2022/11/28 11:45:49 fetching corpus: 2466, signal 176942/217605 (executing program) 2022/11/28 11:45:49 fetching corpus: 2516, signal 178404/219361 (executing program) 2022/11/28 11:45:49 fetching corpus: 2566, signal 179888/221111 (executing program) 2022/11/28 11:45:49 fetching corpus: 2615, signal 181237/222734 (executing program) 2022/11/28 11:45:50 fetching corpus: 2665, signal 182578/224363 (executing program) 2022/11/28 11:45:50 fetching corpus: 2715, signal 183712/225836 (executing program) 2022/11/28 11:45:50 fetching corpus: 2765, signal 184405/227003 (executing program) 2022/11/28 11:45:50 fetching corpus: 2815, signal 185712/228510 (executing program) 2022/11/28 11:45:50 fetching corpus: 2865, signal 186761/229897 (executing program) 2022/11/28 11:45:50 fetching corpus: 2915, signal 188815/231876 (executing program) 2022/11/28 11:45:50 fetching corpus: 2965, signal 189513/233030 (executing program) 2022/11/28 11:45:51 fetching corpus: 3015, signal 190692/234433 (executing program) 2022/11/28 11:45:51 fetching corpus: 3064, signal 191648/235668 (executing program) 2022/11/28 11:45:51 fetching corpus: 3114, signal 192550/236839 (executing program) 2022/11/28 11:45:51 fetching corpus: 3164, signal 193412/237993 (executing program) 2022/11/28 11:45:51 fetching corpus: 3212, signal 194131/239086 (executing program) 2022/11/28 11:45:51 fetching corpus: 3262, signal 195066/240289 (executing program) 2022/11/28 11:45:51 fetching corpus: 3311, signal 195941/241451 (executing program) 2022/11/28 11:45:51 fetching corpus: 3360, signal 196727/242556 (executing program) 2022/11/28 11:45:52 fetching corpus: 3409, signal 197728/243758 (executing program) 2022/11/28 11:45:52 fetching corpus: 3458, signal 199239/245157 (executing program) 2022/11/28 11:45:52 fetching corpus: 3508, signal 200119/246273 (executing program) 2022/11/28 11:45:52 fetching corpus: 3558, signal 200770/247236 (executing program) 2022/11/28 11:45:52 fetching corpus: 3608, signal 201551/248306 (executing program) 2022/11/28 11:45:52 fetching corpus: 3658, signal 202097/249215 (executing program) 2022/11/28 11:45:52 fetching corpus: 3708, signal 202749/250218 (executing program) 2022/11/28 11:45:52 fetching corpus: 3757, signal 203348/251128 (executing program) 2022/11/28 11:45:53 fetching corpus: 3807, signal 204180/252162 (executing program) 2022/11/28 11:45:53 fetching corpus: 3857, signal 205254/253275 (executing program) 2022/11/28 11:45:53 fetching corpus: 3907, signal 205951/254209 (executing program) 2022/11/28 11:45:53 fetching corpus: 3957, signal 207705/255539 (executing program) 2022/11/28 11:45:53 fetching corpus: 4007, signal 208678/256533 (executing program) 2022/11/28 11:45:53 fetching corpus: 4057, signal 209414/257461 (executing program) 2022/11/28 11:45:53 fetching corpus: 4107, signal 210124/258351 (executing program) 2022/11/28 11:45:53 fetching corpus: 4157, signal 211275/259408 (executing program) 2022/11/28 11:45:54 fetching corpus: 4207, signal 211866/260208 (executing program) 2022/11/28 11:45:54 fetching corpus: 4257, signal 212668/261075 (executing program) 2022/11/28 11:45:54 fetching corpus: 4307, signal 213412/261920 (executing program) 2022/11/28 11:45:54 fetching corpus: 4357, signal 214078/262748 (executing program) 2022/11/28 11:45:54 fetching corpus: 4407, signal 214495/263454 (executing program) 2022/11/28 11:45:54 fetching corpus: 4456, signal 215418/264351 (executing program) 2022/11/28 11:45:54 fetching corpus: 4505, signal 216009/265104 (executing program) 2022/11/28 11:45:54 fetching corpus: 4555, signal 216456/265805 (executing program) 2022/11/28 11:45:55 fetching corpus: 4605, signal 217138/266584 (executing program) 2022/11/28 11:45:55 fetching corpus: 4655, signal 217678/267284 (executing program) 2022/11/28 11:45:55 fetching corpus: 4705, signal 218275/267987 (executing program) 2022/11/28 11:45:55 fetching corpus: 4755, signal 218964/268671 (executing program) 2022/11/28 11:45:55 fetching corpus: 4805, signal 219561/269360 (executing program) 2022/11/28 11:45:55 fetching corpus: 4855, signal 220004/270000 (executing program) 2022/11/28 11:45:55 fetching corpus: 4905, signal 220706/270708 (executing program) 2022/11/28 11:45:55 fetching corpus: 4954, signal 221402/271442 (executing program) 2022/11/28 11:45:56 fetching corpus: 5004, signal 222098/272138 (executing program) 2022/11/28 11:45:56 fetching corpus: 5053, signal 222651/272787 (executing program) 2022/11/28 11:45:56 fetching corpus: 5103, signal 223571/273542 (executing program) 2022/11/28 11:45:56 fetching corpus: 5153, signal 224495/274262 (executing program) 2022/11/28 11:45:56 fetching corpus: 5203, signal 225196/274911 (executing program) 2022/11/28 11:45:56 fetching corpus: 5253, signal 225815/275551 (executing program) 2022/11/28 11:45:57 fetching corpus: 5302, signal 226753/276249 (executing program) 2022/11/28 11:45:57 fetching corpus: 5352, signal 227563/276924 (executing program) 2022/11/28 11:45:57 fetching corpus: 5401, signal 228139/277522 (executing program) 2022/11/28 11:45:57 fetching corpus: 5450, signal 228844/278144 (executing program) 2022/11/28 11:45:57 fetching corpus: 5500, signal 229859/278844 (executing program) 2022/11/28 11:45:57 fetching corpus: 5550, signal 230559/279444 (executing program) 2022/11/28 11:45:57 fetching corpus: 5600, signal 231308/280035 (executing program) 2022/11/28 11:45:57 fetching corpus: 5649, signal 232164/280669 (executing program) 2022/11/28 11:45:58 fetching corpus: 5697, signal 232709/281203 (executing program) 2022/11/28 11:45:58 fetching corpus: 5744, signal 233087/281698 (executing program) 2022/11/28 11:45:58 fetching corpus: 5794, signal 233680/282208 (executing program) 2022/11/28 11:45:58 fetching corpus: 5844, signal 234234/282686 (executing program) 2022/11/28 11:45:58 fetching corpus: 5894, signal 234895/283210 (executing program) 2022/11/28 11:45:58 fetching corpus: 5943, signal 235474/283692 (executing program) 2022/11/28 11:45:58 fetching corpus: 5993, signal 236036/284164 (executing program) 2022/11/28 11:45:58 fetching corpus: 6041, signal 236573/284630 (executing program) 2022/11/28 11:45:59 fetching corpus: 6091, signal 237078/285060 (executing program) 2022/11/28 11:45:59 fetching corpus: 6140, signal 237541/285522 (executing program) 2022/11/28 11:45:59 fetching corpus: 6189, signal 238249/286017 (executing program) 2022/11/28 11:45:59 fetching corpus: 6239, signal 239003/286493 (executing program) 2022/11/28 11:45:59 fetching corpus: 6289, signal 239597/286947 (executing program) 2022/11/28 11:45:59 fetching corpus: 6339, signal 240030/287407 (executing program) 2022/11/28 11:45:59 fetching corpus: 6387, signal 240929/287879 (executing program) 2022/11/28 11:46:00 fetching corpus: 6436, signal 241396/288282 (executing program) 2022/11/28 11:46:00 fetching corpus: 6486, signal 242017/288692 (executing program) 2022/11/28 11:46:00 fetching corpus: 6535, signal 242664/289074 (executing program) 2022/11/28 11:46:00 fetching corpus: 6585, signal 243110/289470 (executing program) 2022/11/28 11:46:00 fetching corpus: 6635, signal 243430/289842 (executing program) 2022/11/28 11:46:00 fetching corpus: 6685, signal 243988/290208 (executing program) 2022/11/28 11:46:00 fetching corpus: 6735, signal 244681/290577 (executing program) 2022/11/28 11:46:00 fetching corpus: 6785, signal 245115/290948 (executing program) 2022/11/28 11:46:01 fetching corpus: 6835, signal 245380/291281 (executing program) 2022/11/28 11:46:01 fetching corpus: 6885, signal 245863/291639 (executing program) 2022/11/28 11:46:01 fetching corpus: 6934, signal 246354/292002 (executing program) 2022/11/28 11:46:01 fetching corpus: 6983, signal 246958/292321 (executing program) 2022/11/28 11:46:01 fetching corpus: 7033, signal 247502/292637 (executing program) 2022/11/28 11:46:01 fetching corpus: 7083, signal 247990/292970 (executing program) 2022/11/28 11:46:01 fetching corpus: 7133, signal 248589/293284 (executing program) 2022/11/28 11:46:01 fetching corpus: 7183, signal 249021/293631 (executing program) 2022/11/28 11:46:01 fetching corpus: 7233, signal 249937/293938 (executing program) 2022/11/28 11:46:02 fetching corpus: 7283, signal 250396/293938 (executing program) 2022/11/28 11:46:02 fetching corpus: 7331, signal 250950/293938 (executing program) 2022/11/28 11:46:02 fetching corpus: 7381, signal 251495/293956 (executing program) 2022/11/28 11:46:02 fetching corpus: 7428, signal 252017/293956 (executing program) 2022/11/28 11:46:02 fetching corpus: 7478, signal 252449/293956 (executing program) 2022/11/28 11:46:02 fetching corpus: 7527, signal 253459/293956 (executing program) 2022/11/28 11:46:02 fetching corpus: 7577, signal 253954/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7626, signal 254374/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7676, signal 254751/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7726, signal 255250/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7776, signal 255673/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7824, signal 256251/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7874, signal 256650/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7922, signal 257093/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 7969, signal 257501/293964 (executing program) 2022/11/28 11:46:03 fetching corpus: 8016, signal 257876/293967 (executing program) 2022/11/28 11:46:04 fetching corpus: 8066, signal 258894/293967 (executing program) 2022/11/28 11:46:04 fetching corpus: 8115, signal 259214/293967 (executing program) 2022/11/28 11:46:04 fetching corpus: 8165, signal 259561/293967 (executing program) 2022/11/28 11:46:04 fetching corpus: 8215, signal 260152/293967 (executing program) 2022/11/28 11:46:04 fetching corpus: 8265, signal 260490/293967 (executing program) 2022/11/28 11:46:04 fetching corpus: 8314, signal 260838/294013 (executing program) 2022/11/28 11:46:05 fetching corpus: 8362, signal 261357/294013 (executing program) 2022/11/28 11:46:05 fetching corpus: 8411, signal 261851/294013 (executing program) 2022/11/28 11:46:05 fetching corpus: 8461, signal 262448/294018 (executing program) 2022/11/28 11:46:05 fetching corpus: 8510, signal 262719/294018 (executing program) 2022/11/28 11:46:05 fetching corpus: 8560, signal 263000/294037 (executing program) 2022/11/28 11:46:05 fetching corpus: 8610, signal 263588/294037 (executing program) 2022/11/28 11:46:05 fetching corpus: 8658, signal 264070/294042 (executing program) 2022/11/28 11:46:05 fetching corpus: 8708, signal 264439/294042 (executing program) 2022/11/28 11:46:06 fetching corpus: 8757, signal 264939/294042 (executing program) 2022/11/28 11:46:06 fetching corpus: 8807, signal 265303/294042 (executing program) 2022/11/28 11:46:06 fetching corpus: 8856, signal 265778/294052 (executing program) 2022/11/28 11:46:06 fetching corpus: 8906, signal 266398/294052 (executing program) 2022/11/28 11:46:06 fetching corpus: 8956, signal 266759/294052 (executing program) 2022/11/28 11:46:06 fetching corpus: 9003, signal 267226/294052 (executing program) 2022/11/28 11:46:06 fetching corpus: 9053, signal 267579/294052 (executing program) 2022/11/28 11:46:07 fetching corpus: 9102, signal 268059/294052 (executing program) 2022/11/28 11:46:07 fetching corpus: 9152, signal 268584/294052 (executing program) 2022/11/28 11:46:07 fetching corpus: 9201, signal 268932/294052 (executing program) 2022/11/28 11:46:07 fetching corpus: 9249, signal 269472/294052 (executing program) 2022/11/28 11:46:07 fetching corpus: 9299, signal 269806/294052 (executing program) 2022/11/28 11:46:07 fetching corpus: 9349, signal 270579/294052 (executing program) 2022/11/28 11:46:08 fetching corpus: 9398, signal 270921/294072 (executing program) 2022/11/28 11:46:08 fetching corpus: 9448, signal 271426/294072 (executing program) 2022/11/28 11:46:08 fetching corpus: 9498, signal 271954/294072 (executing program) 2022/11/28 11:46:08 fetching corpus: 9546, signal 272351/294076 (executing program) 2022/11/28 11:46:08 fetching corpus: 9595, signal 272736/294076 (executing program) 2022/11/28 11:46:08 fetching corpus: 9644, signal 273083/294076 (executing program) 2022/11/28 11:46:08 fetching corpus: 9692, signal 273512/294076 (executing program) 2022/11/28 11:46:09 fetching corpus: 9741, signal 273799/294076 (executing program) 2022/11/28 11:46:09 fetching corpus: 9791, signal 274296/294076 (executing program) 2022/11/28 11:46:09 fetching corpus: 9841, signal 274729/294076 (executing program) 2022/11/28 11:46:09 fetching corpus: 9891, signal 275123/294076 (executing program) 2022/11/28 11:46:09 fetching corpus: 9940, signal 275438/294096 (executing program) 2022/11/28 11:46:09 fetching corpus: 9990, signal 275749/294096 (executing program) 2022/11/28 11:46:09 fetching corpus: 10037, signal 277656/294096 (executing program) 2022/11/28 11:46:09 fetching corpus: 10087, signal 277854/294113 (executing program) 2022/11/28 11:46:09 fetching corpus: 10137, signal 278138/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10187, signal 278631/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10235, signal 278974/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10284, signal 279286/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10334, signal 279582/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10383, signal 279918/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10432, signal 280476/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10482, signal 280814/294113 (executing program) 2022/11/28 11:46:10 fetching corpus: 10531, signal 281305/294201 (executing program) 2022/11/28 11:46:11 fetching corpus: 10581, signal 281981/294201 (executing program) 2022/11/28 11:46:11 fetching corpus: 10629, signal 282330/294227 (executing program) 2022/11/28 11:46:11 fetching corpus: 10679, signal 282617/294232 (executing program) 2022/11/28 11:46:11 fetching corpus: 10728, signal 283012/294232 (executing program) 2022/11/28 11:46:11 fetching corpus: 10777, signal 283467/294232 (executing program) 2022/11/28 11:46:11 fetching corpus: 10827, signal 283957/294232 (executing program) 2022/11/28 11:46:11 fetching corpus: 10876, signal 284350/294232 (executing program) 2022/11/28 11:46:12 fetching corpus: 10924, signal 284774/294232 (executing program) 2022/11/28 11:46:12 fetching corpus: 10974, signal 285178/294232 (executing program) 2022/11/28 11:46:12 fetching corpus: 11023, signal 285539/294232 (executing program) 2022/11/28 11:46:12 fetching corpus: 11072, signal 285916/294235 (executing program) 2022/11/28 11:46:12 fetching corpus: 11122, signal 286338/294235 (executing program) 2022/11/28 11:46:12 fetching corpus: 11170, signal 286699/294235 (executing program) 2022/11/28 11:46:12 fetching corpus: 11220, signal 286972/294235 (executing program) 2022/11/28 11:46:12 fetching corpus: 11270, signal 287282/294235 (executing program) 2022/11/28 11:46:13 fetching corpus: 11319, signal 287613/294235 (executing program) 2022/11/28 11:46:13 fetching corpus: 11368, signal 287831/294235 (executing program) 2022/11/28 11:46:13 fetching corpus: 11417, signal 288146/294235 (executing program) 2022/11/28 11:46:13 fetching corpus: 11466, signal 288402/294245 (executing program) 2022/11/28 11:46:13 fetching corpus: 11484, signal 288479/294245 (executing program) 2022/11/28 11:46:13 fetching corpus: 11484, signal 288479/294245 (executing program) 2022/11/28 11:46:16 starting 8 fuzzer processes 11:46:16 executing program 0: r0 = msgget$private(0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1, "439b528a1a1b68c411f57d082089c6faa431638c64259014ec40cb67d0daf2c560f8789e4b1c966cc12ed2f3077643a5b4ff46e5e05af01ab33ea4a10b35b4081a1773808ad8111e4183367cf2c1aaee8f925e5a59669ffcc3e19aabec6c1bd4983c2789b25c30a2bdd92b92ca37fdf5622a63ae39f16bc982a200943faa3d5ad0174781dd12633b22c2d85d0e95d65027a8d812e73b6a35b07f099193015d6bd5dcc5bf88512f4f92ad3d660401f4f68b9d8d6d2880970e74d9ca34fcdcb87ad5ba5a78026404b51c285a299223bb08281ec49d595c728d8c067dc70fd53fcb0a70787fbda119be13b0148228ccaf443930cae28e7d608a6d5cae5e606fcc48f5e901fc97f7d483577d3b522ab8aabfbec3458100fe4ba85f9fb6dbf4544f63f99270fb9a0a4ed426093a3dd5faae43b9f63c245beb18baf74419b75efbf4c973e54a6097f4dbe6b0535f52184d8dde93cdb05ce076c01666dfd9a74826e9ae2bf09449ce3da394461f9d29faec1bec7689473f27fca21522c122aaa334e7cd529b9a8b0fbcc1544a95d66e2fa454ba22ea5dda27edc13db02ad3d34ee93de25f153d49d681d70dc994f1a32be0910ab71abca76d03691ed727c68f623a605d786b18aa8f3ac9b17bb99e98e16a86a95e411fd4e43f038f3a74a610ef617a58ac624ae61ce2a5d10f6e67e29311f2127ba87e41003d3b10e716b77463610343daf2dd1ac2c2562c649741024d32f8c6de8c6f92ad2841b87965ea4e5ed6067d467c9cc81327341e99bc62e7beea0095a0ae651a97bc44057fbbb53011b0af8f6a155f53b148d1486af10b698386e7bde0f2cbd85b0ce9e6e2976d266077cad179e557cb78483bd10be4e8fa300e208ee08e7df86e5e528fd511876e03ecb27ce4ee28925bbe696343f5b52920e6d99ccc99817ae6ffd77593ee37e2a3e4ad6ed1956ae7b2390c03c0e6a6c694f9d7cd75bd7097af757d9aef6440dd1047b42947dea36f039da626f702b990c75f2fc387dc1a529bfb044c547c4ddd421ec556c0a6c3fde7477a265212d2b4a5c6b1a10184753222871755501900fae4f17dc8ee41680693308dcdbe247cbb7658588fe1685f069a5ad1ca052ecb3ede06accd80380572f6b2dd5ee0d38f7d7119de2e9c0a19f52486b5c125178472bdfdb50a06192e23bcb17a58b6933eddfdc0f5e8bf34f8edd112d33ea518506cd950cedca7e1ef63cf309041641eea97de0a378994bf6657cac3f09a70c2bfdc4e7f72192051891703bd3378980f4f5d68b1306b722113837d747860a85dac132514b04d8216f9196ec2e687c8f241502f30c3403b81f14a5d724f72e39a8deeec7ea802bd0a063ed4530ac3ba8d8d3bca2c332bb38e1ecb6ba5b3c8e81aad5dc4af2c815f2167290f5d4f4ee22bea7d8296d8e7411e80eaeaa8842a50"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000001480)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 11:46:16 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000040)={{r0}}) 11:46:16 executing program 2: mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000001280)=0xe8, 0x4b, 0x2) 11:46:16 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x1c, 0x1a, 0x101, 0x0, 0x0, "", [@nested={0x2, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @str='})\x04\x00'}]}]}, 0x1c}], 0x1}, 0x0) 11:46:16 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) pwritev2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 87.252836] audit: type=1400 audit(1669635976.396:6): avc: denied { execmem } for pid=258 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:46:16 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000080)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xffffffffffffffff}) 11:46:16 executing program 6: r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000080)) semctl$IPC_RMID(r0, 0x0, 0x0) 11:46:16 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f00000006c0)=ANY=[@ANYBLOB="20000000060000008206c11ba0727085a0f826ae871b9605b4d29b47b69ca560a5e62596f7b462b546410b7cf537d86aec11b69321891aade249e1c9b46fa5d661c7aad3fce7a2003c9c70965319eab7fbb0247bafbe63dd731c81ea822412"]}) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) [ 88.608372] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.610099] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.611744] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.614884] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.616949] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.618294] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.619617] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.625625] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.682151] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.684023] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.685460] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.686862] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 88.688584] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 88.690775] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.692754] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.694019] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.695769] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 88.697076] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 88.698239] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.707007] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.707951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.709191] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 88.709348] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 88.710371] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.715469] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.722224] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 88.723708] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.724872] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.726267] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.728918] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 88.731460] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.732694] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 88.733526] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 88.735772] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.736896] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 88.738031] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.739528] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.740832] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 88.742374] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.744467] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.745831] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.750380] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 88.755547] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 88.806472] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 88.809461] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 88.812670] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 88.815243] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 88.816992] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 90.680481] Bluetooth: hci0: command 0x0409 tx timeout [ 90.808474] Bluetooth: hci3: command 0x0409 tx timeout [ 90.809464] Bluetooth: hci7: command 0x0409 tx timeout [ 90.810361] Bluetooth: hci4: command 0x0409 tx timeout [ 90.811224] Bluetooth: hci2: command 0x0409 tx timeout [ 90.812059] Bluetooth: hci5: command 0x0409 tx timeout [ 90.812954] Bluetooth: hci1: command 0x0409 tx timeout [ 90.872622] Bluetooth: hci6: command 0x0409 tx timeout [ 92.728769] Bluetooth: hci0: command 0x041b tx timeout [ 92.856409] Bluetooth: hci1: command 0x041b tx timeout [ 92.857187] Bluetooth: hci5: command 0x041b tx timeout [ 92.857860] Bluetooth: hci2: command 0x041b tx timeout [ 92.858594] Bluetooth: hci4: command 0x041b tx timeout [ 92.859319] Bluetooth: hci7: command 0x041b tx timeout [ 92.859991] Bluetooth: hci3: command 0x041b tx timeout [ 92.920272] Bluetooth: hci6: command 0x041b tx timeout [ 94.777275] Bluetooth: hci0: command 0x040f tx timeout [ 94.905270] Bluetooth: hci3: command 0x040f tx timeout [ 94.905673] Bluetooth: hci7: command 0x040f tx timeout [ 94.906028] Bluetooth: hci4: command 0x040f tx timeout [ 94.906781] Bluetooth: hci2: command 0x040f tx timeout [ 94.907154] Bluetooth: hci5: command 0x040f tx timeout [ 94.907509] Bluetooth: hci1: command 0x040f tx timeout [ 94.968166] Bluetooth: hci6: command 0x040f tx timeout [ 96.825179] Bluetooth: hci0: command 0x0419 tx timeout [ 96.953518] Bluetooth: hci1: command 0x0419 tx timeout [ 96.953937] Bluetooth: hci5: command 0x0419 tx timeout [ 96.954356] Bluetooth: hci2: command 0x0419 tx timeout [ 96.954729] Bluetooth: hci4: command 0x0419 tx timeout [ 96.955096] Bluetooth: hci7: command 0x0419 tx timeout [ 96.955490] Bluetooth: hci3: command 0x0419 tx timeout [ 97.017179] Bluetooth: hci6: command 0x0419 tx timeout [ 144.738808] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.739497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.740726] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 144.861640] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.862241] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.863713] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 145.035653] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.036279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.037758] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 145.133272] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.134351] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.136450] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 145.289444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.290052] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.291418] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 145.657497] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.658644] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.660977] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 146.267544] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.269319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.273640] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 146.452513] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.453610] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.456831] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:47:16 executing program 1: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) dup3(r0, r1, 0x0) 11:47:16 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) poll(&(0x7f0000000240)=[{r0}, {r0}, {r1}], 0x3, 0x0) 11:47:16 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) [ 146.963329] audit: type=1400 audit(1669636036.106:7): avc: denied { open } for pid=3844 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 146.966011] audit: type=1400 audit(1669636036.106:8): avc: denied { kernel } for pid=3844 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 147.044706] audit: type=1400 audit(1669636036.188:9): avc: denied { write } for pid=3850 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:47:16 executing program 1: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x0, 0x103, 0x1cb}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000380), 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r2, r3], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x1200, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r4, 0x0, 0x0, 0x87ffffc) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0xf798, 0x4, 0x1, 0x60, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) 11:47:16 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) poll(&(0x7f0000000240)=[{r0}, {r0}, {r1}], 0x3, 0x0) 11:47:16 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) 11:47:16 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) poll(&(0x7f0000000240)=[{r0}, {r0}, {r1}], 0x3, 0x0) [ 147.289808] hrtimer: interrupt took 28223 ns 11:47:16 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) [ 151.119613] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 151.124075] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 151.125643] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 151.131934] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 151.136826] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 151.138058] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 151.150445] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 151.154104] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 151.157784] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 151.165395] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 151.165444] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 151.169102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 153.144213] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 153.145535] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 153.208235] Bluetooth: hci6: command 0x0409 tx timeout [ 153.208268] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 153.272331] Bluetooth: hci2: command 0x0409 tx timeout [ 155.257207] Bluetooth: hci6: command 0x041b tx timeout [ 155.320258] Bluetooth: hci2: command 0x041b tx timeout [ 155.649671] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 155.651074] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 155.652542] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 155.656552] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 155.657861] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 155.658553] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 155.969726] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 155.970872] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 155.972626] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 155.977280] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 155.978610] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 155.979767] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 157.304185] Bluetooth: hci6: command 0x040f tx timeout [ 157.368171] Bluetooth: hci2: command 0x040f tx timeout [ 157.688246] Bluetooth: hci0: command 0x0409 tx timeout [ 157.945189] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 158.008291] Bluetooth: hci7: command 0x0409 tx timeout [ 159.352213] Bluetooth: hci6: command 0x0419 tx timeout [ 159.416225] Bluetooth: hci2: command 0x0419 tx timeout [ 159.736194] Bluetooth: hci0: command 0x041b tx timeout [ 160.057252] Bluetooth: hci7: command 0x041b tx timeout [ 160.486926] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 160.489641] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 160.491464] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 160.495862] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 160.498766] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 160.499568] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 161.785256] Bluetooth: hci0: command 0x040f tx timeout [ 162.105174] Bluetooth: hci7: command 0x040f tx timeout [ 162.552314] Bluetooth: hci3: command 0x0409 tx timeout [ 163.833221] Bluetooth: hci0: command 0x0419 tx timeout [ 164.152264] Bluetooth: hci7: command 0x0419 tx timeout [ 164.600222] Bluetooth: hci3: command 0x041b tx timeout [ 166.648195] Bluetooth: hci3: command 0x040f tx timeout [ 168.696202] Bluetooth: hci3: command 0x0419 tx timeout [ 181.911083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.911723] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.913249] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 182.090545] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.091193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.092731] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 183.799435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.800036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.802133] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 183.853090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.853753] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.855289] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 189.319407] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.320485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.322791] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 189.428072] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.429857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.432708] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 189.624372] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.625013] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.626644] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 189.673047] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.673686] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.675218] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 192.766113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.767397] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.773700] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 192.786964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.788036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.790167] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:48:02 executing program 0: r0 = msgget$private(0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1, "439b528a1a1b68c411f57d082089c6faa431638c64259014ec40cb67d0daf2c560f8789e4b1c966cc12ed2f3077643a5b4ff46e5e05af01ab33ea4a10b35b4081a1773808ad8111e4183367cf2c1aaee8f925e5a59669ffcc3e19aabec6c1bd4983c2789b25c30a2bdd92b92ca37fdf5622a63ae39f16bc982a200943faa3d5ad0174781dd12633b22c2d85d0e95d65027a8d812e73b6a35b07f099193015d6bd5dcc5bf88512f4f92ad3d660401f4f68b9d8d6d2880970e74d9ca34fcdcb87ad5ba5a78026404b51c285a299223bb08281ec49d595c728d8c067dc70fd53fcb0a70787fbda119be13b0148228ccaf443930cae28e7d608a6d5cae5e606fcc48f5e901fc97f7d483577d3b522ab8aabfbec3458100fe4ba85f9fb6dbf4544f63f99270fb9a0a4ed426093a3dd5faae43b9f63c245beb18baf74419b75efbf4c973e54a6097f4dbe6b0535f52184d8dde93cdb05ce076c01666dfd9a74826e9ae2bf09449ce3da394461f9d29faec1bec7689473f27fca21522c122aaa334e7cd529b9a8b0fbcc1544a95d66e2fa454ba22ea5dda27edc13db02ad3d34ee93de25f153d49d681d70dc994f1a32be0910ab71abca76d03691ed727c68f623a605d786b18aa8f3ac9b17bb99e98e16a86a95e411fd4e43f038f3a74a610ef617a58ac624ae61ce2a5d10f6e67e29311f2127ba87e41003d3b10e716b77463610343daf2dd1ac2c2562c649741024d32f8c6de8c6f92ad2841b87965ea4e5ed6067d467c9cc81327341e99bc62e7beea0095a0ae651a97bc44057fbbb53011b0af8f6a155f53b148d1486af10b698386e7bde0f2cbd85b0ce9e6e2976d266077cad179e557cb78483bd10be4e8fa300e208ee08e7df86e5e528fd511876e03ecb27ce4ee28925bbe696343f5b52920e6d99ccc99817ae6ffd77593ee37e2a3e4ad6ed1956ae7b2390c03c0e6a6c694f9d7cd75bd7097af757d9aef6440dd1047b42947dea36f039da626f702b990c75f2fc387dc1a529bfb044c547c4ddd421ec556c0a6c3fde7477a265212d2b4a5c6b1a10184753222871755501900fae4f17dc8ee41680693308dcdbe247cbb7658588fe1685f069a5ad1ca052ecb3ede06accd80380572f6b2dd5ee0d38f7d7119de2e9c0a19f52486b5c125178472bdfdb50a06192e23bcb17a58b6933eddfdc0f5e8bf34f8edd112d33ea518506cd950cedca7e1ef63cf309041641eea97de0a378994bf6657cac3f09a70c2bfdc4e7f72192051891703bd3378980f4f5d68b1306b722113837d747860a85dac132514b04d8216f9196ec2e687c8f241502f30c3403b81f14a5d724f72e39a8deeec7ea802bd0a063ed4530ac3ba8d8d3bca2c332bb38e1ecb6ba5b3c8e81aad5dc4af2c815f2167290f5d4f4ee22bea7d8296d8e7411e80eaeaa8842a50"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000001480)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 11:48:02 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) poll(&(0x7f0000000240)=[{r0}, {r0}, {r1}], 0x3, 0x0) 11:48:02 executing program 6: r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000080)) semctl$IPC_RMID(r0, 0x0, 0x0) 11:48:02 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) 11:48:02 executing program 1: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x0, 0x103, 0x1cb}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000380), 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r2, r3], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x1200, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r4, 0x0, 0x0, 0x87ffffc) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0xf798, 0x4, 0x1, 0x60, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) 11:48:02 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x2, 0x0}, 0x0) syz_io_uring_setup(0x7ccc, &(0x7f0000000200), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000000280), 0x0) io_uring_enter(r2, 0x58e4, 0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:48:02 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000080)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xffffffffffffffff}) 11:48:02 executing program 7: r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000080)) semctl$IPC_RMID(r0, 0x0, 0x0) 11:48:02 executing program 7: r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000080)) semctl$IPC_RMID(r0, 0x0, 0x0) 11:48:02 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000080)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xffffffffffffffff}) 11:48:02 executing program 6: r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000080)) semctl$IPC_RMID(r0, 0x0, 0x0) 11:48:02 executing program 2: r0 = msgget$private(0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1, "439b528a1a1b68c411f57d082089c6faa431638c64259014ec40cb67d0daf2c560f8789e4b1c966cc12ed2f3077643a5b4ff46e5e05af01ab33ea4a10b35b4081a1773808ad8111e4183367cf2c1aaee8f925e5a59669ffcc3e19aabec6c1bd4983c2789b25c30a2bdd92b92ca37fdf5622a63ae39f16bc982a200943faa3d5ad0174781dd12633b22c2d85d0e95d65027a8d812e73b6a35b07f099193015d6bd5dcc5bf88512f4f92ad3d660401f4f68b9d8d6d2880970e74d9ca34fcdcb87ad5ba5a78026404b51c285a299223bb08281ec49d595c728d8c067dc70fd53fcb0a70787fbda119be13b0148228ccaf443930cae28e7d608a6d5cae5e606fcc48f5e901fc97f7d483577d3b522ab8aabfbec3458100fe4ba85f9fb6dbf4544f63f99270fb9a0a4ed426093a3dd5faae43b9f63c245beb18baf74419b75efbf4c973e54a6097f4dbe6b0535f52184d8dde93cdb05ce076c01666dfd9a74826e9ae2bf09449ce3da394461f9d29faec1bec7689473f27fca21522c122aaa334e7cd529b9a8b0fbcc1544a95d66e2fa454ba22ea5dda27edc13db02ad3d34ee93de25f153d49d681d70dc994f1a32be0910ab71abca76d03691ed727c68f623a605d786b18aa8f3ac9b17bb99e98e16a86a95e411fd4e43f038f3a74a610ef617a58ac624ae61ce2a5d10f6e67e29311f2127ba87e41003d3b10e716b77463610343daf2dd1ac2c2562c649741024d32f8c6de8c6f92ad2841b87965ea4e5ed6067d467c9cc81327341e99bc62e7beea0095a0ae651a97bc44057fbbb53011b0af8f6a155f53b148d1486af10b698386e7bde0f2cbd85b0ce9e6e2976d266077cad179e557cb78483bd10be4e8fa300e208ee08e7df86e5e528fd511876e03ecb27ce4ee28925bbe696343f5b52920e6d99ccc99817ae6ffd77593ee37e2a3e4ad6ed1956ae7b2390c03c0e6a6c694f9d7cd75bd7097af757d9aef6440dd1047b42947dea36f039da626f702b990c75f2fc387dc1a529bfb044c547c4ddd421ec556c0a6c3fde7477a265212d2b4a5c6b1a10184753222871755501900fae4f17dc8ee41680693308dcdbe247cbb7658588fe1685f069a5ad1ca052ecb3ede06accd80380572f6b2dd5ee0d38f7d7119de2e9c0a19f52486b5c125178472bdfdb50a06192e23bcb17a58b6933eddfdc0f5e8bf34f8edd112d33ea518506cd950cedca7e1ef63cf309041641eea97de0a378994bf6657cac3f09a70c2bfdc4e7f72192051891703bd3378980f4f5d68b1306b722113837d747860a85dac132514b04d8216f9196ec2e687c8f241502f30c3403b81f14a5d724f72e39a8deeec7ea802bd0a063ed4530ac3ba8d8d3bca2c332bb38e1ecb6ba5b3c8e81aad5dc4af2c815f2167290f5d4f4ee22bea7d8296d8e7411e80eaeaa8842a50"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000001480)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 11:48:03 executing program 0: r0 = msgget$private(0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1, "439b528a1a1b68c411f57d082089c6faa431638c64259014ec40cb67d0daf2c560f8789e4b1c966cc12ed2f3077643a5b4ff46e5e05af01ab33ea4a10b35b4081a1773808ad8111e4183367cf2c1aaee8f925e5a59669ffcc3e19aabec6c1bd4983c2789b25c30a2bdd92b92ca37fdf5622a63ae39f16bc982a200943faa3d5ad0174781dd12633b22c2d85d0e95d65027a8d812e73b6a35b07f099193015d6bd5dcc5bf88512f4f92ad3d660401f4f68b9d8d6d2880970e74d9ca34fcdcb87ad5ba5a78026404b51c285a299223bb08281ec49d595c728d8c067dc70fd53fcb0a70787fbda119be13b0148228ccaf443930cae28e7d608a6d5cae5e606fcc48f5e901fc97f7d483577d3b522ab8aabfbec3458100fe4ba85f9fb6dbf4544f63f99270fb9a0a4ed426093a3dd5faae43b9f63c245beb18baf74419b75efbf4c973e54a6097f4dbe6b0535f52184d8dde93cdb05ce076c01666dfd9a74826e9ae2bf09449ce3da394461f9d29faec1bec7689473f27fca21522c122aaa334e7cd529b9a8b0fbcc1544a95d66e2fa454ba22ea5dda27edc13db02ad3d34ee93de25f153d49d681d70dc994f1a32be0910ab71abca76d03691ed727c68f623a605d786b18aa8f3ac9b17bb99e98e16a86a95e411fd4e43f038f3a74a610ef617a58ac624ae61ce2a5d10f6e67e29311f2127ba87e41003d3b10e716b77463610343daf2dd1ac2c2562c649741024d32f8c6de8c6f92ad2841b87965ea4e5ed6067d467c9cc81327341e99bc62e7beea0095a0ae651a97bc44057fbbb53011b0af8f6a155f53b148d1486af10b698386e7bde0f2cbd85b0ce9e6e2976d266077cad179e557cb78483bd10be4e8fa300e208ee08e7df86e5e528fd511876e03ecb27ce4ee28925bbe696343f5b52920e6d99ccc99817ae6ffd77593ee37e2a3e4ad6ed1956ae7b2390c03c0e6a6c694f9d7cd75bd7097af757d9aef6440dd1047b42947dea36f039da626f702b990c75f2fc387dc1a529bfb044c547c4ddd421ec556c0a6c3fde7477a265212d2b4a5c6b1a10184753222871755501900fae4f17dc8ee41680693308dcdbe247cbb7658588fe1685f069a5ad1ca052ecb3ede06accd80380572f6b2dd5ee0d38f7d7119de2e9c0a19f52486b5c125178472bdfdb50a06192e23bcb17a58b6933eddfdc0f5e8bf34f8edd112d33ea518506cd950cedca7e1ef63cf309041641eea97de0a378994bf6657cac3f09a70c2bfdc4e7f72192051891703bd3378980f4f5d68b1306b722113837d747860a85dac132514b04d8216f9196ec2e687c8f241502f30c3403b81f14a5d724f72e39a8deeec7ea802bd0a063ed4530ac3ba8d8d3bca2c332bb38e1ecb6ba5b3c8e81aad5dc4af2c815f2167290f5d4f4ee22bea7d8296d8e7411e80eaeaa8842a50"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000001480)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 11:48:03 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000080)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xffffffffffffffff}) 11:48:03 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x2, 0x0}, 0x0) syz_io_uring_setup(0x7ccc, &(0x7f0000000200), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000000280), 0x0) io_uring_enter(r2, 0x58e4, 0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:48:03 executing program 4: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x0, 0x89}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000180)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)) dup3(r0, r2, 0x80000) epoll_create(0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1a23}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pidfd_open(0x0, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000004b80)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0x1) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:03 executing program 7: r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000080)) semctl$IPC_RMID(r0, 0x0, 0x0) 11:48:03 executing program 2: r0 = msgget$private(0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1, "439b528a1a1b68c411f57d082089c6faa431638c64259014ec40cb67d0daf2c560f8789e4b1c966cc12ed2f3077643a5b4ff46e5e05af01ab33ea4a10b35b4081a1773808ad8111e4183367cf2c1aaee8f925e5a59669ffcc3e19aabec6c1bd4983c2789b25c30a2bdd92b92ca37fdf5622a63ae39f16bc982a200943faa3d5ad0174781dd12633b22c2d85d0e95d65027a8d812e73b6a35b07f099193015d6bd5dcc5bf88512f4f92ad3d660401f4f68b9d8d6d2880970e74d9ca34fcdcb87ad5ba5a78026404b51c285a299223bb08281ec49d595c728d8c067dc70fd53fcb0a70787fbda119be13b0148228ccaf443930cae28e7d608a6d5cae5e606fcc48f5e901fc97f7d483577d3b522ab8aabfbec3458100fe4ba85f9fb6dbf4544f63f99270fb9a0a4ed426093a3dd5faae43b9f63c245beb18baf74419b75efbf4c973e54a6097f4dbe6b0535f52184d8dde93cdb05ce076c01666dfd9a74826e9ae2bf09449ce3da394461f9d29faec1bec7689473f27fca21522c122aaa334e7cd529b9a8b0fbcc1544a95d66e2fa454ba22ea5dda27edc13db02ad3d34ee93de25f153d49d681d70dc994f1a32be0910ab71abca76d03691ed727c68f623a605d786b18aa8f3ac9b17bb99e98e16a86a95e411fd4e43f038f3a74a610ef617a58ac624ae61ce2a5d10f6e67e29311f2127ba87e41003d3b10e716b77463610343daf2dd1ac2c2562c649741024d32f8c6de8c6f92ad2841b87965ea4e5ed6067d467c9cc81327341e99bc62e7beea0095a0ae651a97bc44057fbbb53011b0af8f6a155f53b148d1486af10b698386e7bde0f2cbd85b0ce9e6e2976d266077cad179e557cb78483bd10be4e8fa300e208ee08e7df86e5e528fd511876e03ecb27ce4ee28925bbe696343f5b52920e6d99ccc99817ae6ffd77593ee37e2a3e4ad6ed1956ae7b2390c03c0e6a6c694f9d7cd75bd7097af757d9aef6440dd1047b42947dea36f039da626f702b990c75f2fc387dc1a529bfb044c547c4ddd421ec556c0a6c3fde7477a265212d2b4a5c6b1a10184753222871755501900fae4f17dc8ee41680693308dcdbe247cbb7658588fe1685f069a5ad1ca052ecb3ede06accd80380572f6b2dd5ee0d38f7d7119de2e9c0a19f52486b5c125178472bdfdb50a06192e23bcb17a58b6933eddfdc0f5e8bf34f8edd112d33ea518506cd950cedca7e1ef63cf309041641eea97de0a378994bf6657cac3f09a70c2bfdc4e7f72192051891703bd3378980f4f5d68b1306b722113837d747860a85dac132514b04d8216f9196ec2e687c8f241502f30c3403b81f14a5d724f72e39a8deeec7ea802bd0a063ed4530ac3ba8d8d3bca2c332bb38e1ecb6ba5b3c8e81aad5dc4af2c815f2167290f5d4f4ee22bea7d8296d8e7411e80eaeaa8842a50"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000001480)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 11:48:03 executing program 1: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x0, 0x103, 0x1cb}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000380), 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r2, r3], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x1200, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r4, 0x0, 0x0, 0x87ffffc) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0xf798, 0x4, 0x1, 0x60, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) 11:48:03 executing program 6: r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000080)) semctl$IPC_RMID(r0, 0x0, 0x0) 11:48:03 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa01a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r0, 0x2) r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200050000000e"], 0x125) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0xec, 0x8, 0x6, 0x3, 0x0, 0x10001, 0x40810, 0xf5e19cfaf0c55636, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x2000, 0x2, 0x3, 0x5, 0x7, 0x8, 0x1, 0x0, 0x80, 0x0, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x2) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000400)=""/85, 0x55}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000580)=""/127, 0x7f}], 0x3) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) 11:48:03 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000380)) 11:48:03 executing program 0: r0 = msgget$private(0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1, "439b528a1a1b68c411f57d082089c6faa431638c64259014ec40cb67d0daf2c560f8789e4b1c966cc12ed2f3077643a5b4ff46e5e05af01ab33ea4a10b35b4081a1773808ad8111e4183367cf2c1aaee8f925e5a59669ffcc3e19aabec6c1bd4983c2789b25c30a2bdd92b92ca37fdf5622a63ae39f16bc982a200943faa3d5ad0174781dd12633b22c2d85d0e95d65027a8d812e73b6a35b07f099193015d6bd5dcc5bf88512f4f92ad3d660401f4f68b9d8d6d2880970e74d9ca34fcdcb87ad5ba5a78026404b51c285a299223bb08281ec49d595c728d8c067dc70fd53fcb0a70787fbda119be13b0148228ccaf443930cae28e7d608a6d5cae5e606fcc48f5e901fc97f7d483577d3b522ab8aabfbec3458100fe4ba85f9fb6dbf4544f63f99270fb9a0a4ed426093a3dd5faae43b9f63c245beb18baf74419b75efbf4c973e54a6097f4dbe6b0535f52184d8dde93cdb05ce076c01666dfd9a74826e9ae2bf09449ce3da394461f9d29faec1bec7689473f27fca21522c122aaa334e7cd529b9a8b0fbcc1544a95d66e2fa454ba22ea5dda27edc13db02ad3d34ee93de25f153d49d681d70dc994f1a32be0910ab71abca76d03691ed727c68f623a605d786b18aa8f3ac9b17bb99e98e16a86a95e411fd4e43f038f3a74a610ef617a58ac624ae61ce2a5d10f6e67e29311f2127ba87e41003d3b10e716b77463610343daf2dd1ac2c2562c649741024d32f8c6de8c6f92ad2841b87965ea4e5ed6067d467c9cc81327341e99bc62e7beea0095a0ae651a97bc44057fbbb53011b0af8f6a155f53b148d1486af10b698386e7bde0f2cbd85b0ce9e6e2976d266077cad179e557cb78483bd10be4e8fa300e208ee08e7df86e5e528fd511876e03ecb27ce4ee28925bbe696343f5b52920e6d99ccc99817ae6ffd77593ee37e2a3e4ad6ed1956ae7b2390c03c0e6a6c694f9d7cd75bd7097af757d9aef6440dd1047b42947dea36f039da626f702b990c75f2fc387dc1a529bfb044c547c4ddd421ec556c0a6c3fde7477a265212d2b4a5c6b1a10184753222871755501900fae4f17dc8ee41680693308dcdbe247cbb7658588fe1685f069a5ad1ca052ecb3ede06accd80380572f6b2dd5ee0d38f7d7119de2e9c0a19f52486b5c125178472bdfdb50a06192e23bcb17a58b6933eddfdc0f5e8bf34f8edd112d33ea518506cd950cedca7e1ef63cf309041641eea97de0a378994bf6657cac3f09a70c2bfdc4e7f72192051891703bd3378980f4f5d68b1306b722113837d747860a85dac132514b04d8216f9196ec2e687c8f241502f30c3403b81f14a5d724f72e39a8deeec7ea802bd0a063ed4530ac3ba8d8d3bca2c332bb38e1ecb6ba5b3c8e81aad5dc4af2c815f2167290f5d4f4ee22bea7d8296d8e7411e80eaeaa8842a50"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000001480)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) [ 194.360307] sg_write: data in/out 917468/251 bytes for SCSI command 0x0-- guessing data in; [ 194.360307] program syz-executor.6 not setting count and/or reply_len properly [ 194.505742] audit: type=1400 audit(1669636083.648:10): avc: denied { read } for pid=6225 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 194.522924] ------------[ cut here ]------------ [ 194.524780] WARNING: CPU: 0 PID: 6227 at lib/iov_iter.c:629 _copy_from_iter+0x2f1/0x1130 [ 194.526813] Modules linked in: [ 194.533212] CPU: 0 PID: 6227 Comm: syz-executor.6 Not tainted 6.1.0-rc6-next-20221128 #1 [ 194.535293] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 194.537393] RIP: 0010:_copy_from_iter+0x2f1/0x1130 [ 194.539034] Code: 37 ff 44 89 f3 e9 2f ff ff ff e8 4a 77 37 ff be 79 02 00 00 48 c7 c7 40 b5 9e 84 e8 99 e4 5a ff e9 13 fe ff ff e8 2f 77 37 ff <0f> 0b 45 31 f6 e9 77 ff ff ff e8 20 77 37 ff 31 ff 89 ee e8 e7 72 [ 194.542480] RSP: 0018:ffff88804632f5e8 EFLAGS: 00010216 [ 194.544193] RAX: 0000000000008aad RBX: 0000000000000000 RCX: ffffc90004797000 [ 194.545748] RDX: 0000000000040000 RSI: ffffffff8211a1c1 RDI: 0000000000000001 [ 194.547085] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 194.548315] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 194.549716] R13: ffffea000117f200 R14: 0000000000001000 R15: ffff88804632f818 [ 194.551175] FS: 00007fa370d39700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 194.552813] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.554874] CR2: 00007fa370d18718 CR3: 000000001c6f0000 CR4: 0000000000350ef0 [ 194.556762] Call Trace: [ 194.557893] [ 194.558803] ? __pfx__copy_from_iter+0x10/0x10 [ 194.560143] ? bio_add_pc_page+0xbc/0x100 [ 194.562035] ? page_copy_sane+0xd3/0x390 [ 194.563001] copy_page_from_iter+0xe3/0x180 [ 194.565832] blk_rq_map_user_iov+0xb0c/0x1650 [ 194.567523] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 194.569314] ? __pfx_blk_rq_map_user_iov+0x10/0x10 [ 194.572193] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 194.580285] ? blk_rq_map_user_io+0x1d5/0x220 [ 194.581505] blk_rq_map_user_io+0x1ee/0x220 [ 194.584199] ? __pfx_blk_rq_map_user_io+0x10/0x10 [ 194.587365] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 194.589565] ? sg_build_indirect.isra.0+0x3b2/0x640 [ 194.591574] sg_common_write.constprop.0+0xd84/0x15e0 [ 194.594137] ? __pfx_sg_common_write.constprop.0+0x10/0x10 [ 194.595915] ? _raw_spin_unlock_irqrestore+0x37/0x60 [ 194.597415] sg_write.part.0+0x706/0xb20 [ 194.600283] ? __pfx_sg_write.part.0+0x10/0x10 [ 194.602084] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 194.604414] ? lock_is_held_type+0xdb/0x130 [ 194.605351] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 194.607504] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 194.610034] ? lockdep_hardirqs_on+0x7d/0x100 [ 194.612092] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 194.616443] ? selinux_file_permission+0x1f1/0x510 [ 194.618336] ? __sanitizer_cov_trace_pc+0xb/0x70 [ 194.622415] ? avc_policy_seqno+0xd/0x70 [ 194.625775] ? selinux_file_permission+0x3a/0x510 [ 194.628294] sg_write+0x88/0xe0 [ 194.630964] vfs_write+0x358/0xe40 [ 194.634445] ? __pfx_sg_write+0x10/0x10 [ 194.636946] ? __pfx_vfs_write+0x10/0x10 [ 194.640344] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 194.643475] ? __pfx_read_tsc+0x10/0x10 [ 194.646175] ? ktime_get+0x157/0x1f0 [ 194.648864] ? lock_is_held_type+0xdb/0x130 [ 194.651180] ? irqentry_enter+0x2a/0x60 [ 194.652371] ? __fget_light+0x212/0x280 [ 194.656193] ksys_write+0x12b/0x260 [ 194.657355] ? __pfx_ksys_write+0x10/0x10 [ 194.663060] ? __pfx___x64_sys_write+0x10/0x10 [ 194.664273] do_syscall_64+0x3f/0x90 [ 194.665454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.670073] RIP: 0033:0x7fa3737c3b19 [ 194.673474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 194.678765] RSP: 002b:00007fa370d39188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 194.683614] RAX: ffffffffffffffda RBX: 00007fa3738d6f60 RCX: 00007fa3737c3b19 [ 194.686614] RDX: 0000000000000125 RSI: 00000000200003c0 RDI: 0000000000000004 [ 194.688265] RBP: 00007fa37381df6d R08: 0000000000000000 R09: 0000000000000000 [ 194.693734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.697664] R13: 00007ffd6fae5a9f R14: 00007fa370d39300 R15: 0000000000022000 [ 194.701743] [ 194.705735] irq event stamp: 18711 [ 194.709114] hardirqs last enabled at (18981): [] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 194.713544] hardirqs last disabled at (19268): [] sysvec_apic_timer_interrupt+0xf/0xc0 [ 194.717845] softirqs last enabled at (5238): [] __irq_exit_rcu+0x11b/0x180 [ 194.721994] softirqs last disabled at (4927): [] __irq_exit_rcu+0x11b/0x180 [ 194.723363] ---[ end trace 0000000000000000 ]--- 11:48:05 executing program 4: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x0, 0x89}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000180)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)) dup3(r0, r2, 0x80000) epoll_create(0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1a23}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pidfd_open(0x0, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000004b80)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0x1) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:05 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000380)) 11:48:05 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x2, 0x0}, 0x0) syz_io_uring_setup(0x7ccc, &(0x7f0000000200), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000000280), 0x0) io_uring_enter(r2, 0x58e4, 0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:48:05 executing program 0: syz_mount_image$nfs4(&(0x7f00000001c0), 0x0, 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000280)="82", 0x1}], 0x0, &(0x7f0000000480)) 11:48:05 executing program 1: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, 0x0) syz_io_uring_setup(0x2175, &(0x7f0000000680)={0x0, 0x1df2, 0x0, 0x103, 0x1cb}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000380), 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000800)=[r2, r3], 0x2) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x1200, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r4, 0x0, 0x0, 0x87ffffc) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000640)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000480)=0x10) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d65, &(0x7f00000001c0)={0x0, 0xf798, 0x4, 0x1, 0x60, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000240)) 11:48:05 executing program 2: r0 = msgget$private(0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1, "439b528a1a1b68c411f57d082089c6faa431638c64259014ec40cb67d0daf2c560f8789e4b1c966cc12ed2f3077643a5b4ff46e5e05af01ab33ea4a10b35b4081a1773808ad8111e4183367cf2c1aaee8f925e5a59669ffcc3e19aabec6c1bd4983c2789b25c30a2bdd92b92ca37fdf5622a63ae39f16bc982a200943faa3d5ad0174781dd12633b22c2d85d0e95d65027a8d812e73b6a35b07f099193015d6bd5dcc5bf88512f4f92ad3d660401f4f68b9d8d6d2880970e74d9ca34fcdcb87ad5ba5a78026404b51c285a299223bb08281ec49d595c728d8c067dc70fd53fcb0a70787fbda119be13b0148228ccaf443930cae28e7d608a6d5cae5e606fcc48f5e901fc97f7d483577d3b522ab8aabfbec3458100fe4ba85f9fb6dbf4544f63f99270fb9a0a4ed426093a3dd5faae43b9f63c245beb18baf74419b75efbf4c973e54a6097f4dbe6b0535f52184d8dde93cdb05ce076c01666dfd9a74826e9ae2bf09449ce3da394461f9d29faec1bec7689473f27fca21522c122aaa334e7cd529b9a8b0fbcc1544a95d66e2fa454ba22ea5dda27edc13db02ad3d34ee93de25f153d49d681d70dc994f1a32be0910ab71abca76d03691ed727c68f623a605d786b18aa8f3ac9b17bb99e98e16a86a95e411fd4e43f038f3a74a610ef617a58ac624ae61ce2a5d10f6e67e29311f2127ba87e41003d3b10e716b77463610343daf2dd1ac2c2562c649741024d32f8c6de8c6f92ad2841b87965ea4e5ed6067d467c9cc81327341e99bc62e7beea0095a0ae651a97bc44057fbbb53011b0af8f6a155f53b148d1486af10b698386e7bde0f2cbd85b0ce9e6e2976d266077cad179e557cb78483bd10be4e8fa300e208ee08e7df86e5e528fd511876e03ecb27ce4ee28925bbe696343f5b52920e6d99ccc99817ae6ffd77593ee37e2a3e4ad6ed1956ae7b2390c03c0e6a6c694f9d7cd75bd7097af757d9aef6440dd1047b42947dea36f039da626f702b990c75f2fc387dc1a529bfb044c547c4ddd421ec556c0a6c3fde7477a265212d2b4a5c6b1a10184753222871755501900fae4f17dc8ee41680693308dcdbe247cbb7658588fe1685f069a5ad1ca052ecb3ede06accd80380572f6b2dd5ee0d38f7d7119de2e9c0a19f52486b5c125178472bdfdb50a06192e23bcb17a58b6933eddfdc0f5e8bf34f8edd112d33ea518506cd950cedca7e1ef63cf309041641eea97de0a378994bf6657cac3f09a70c2bfdc4e7f72192051891703bd3378980f4f5d68b1306b722113837d747860a85dac132514b04d8216f9196ec2e687c8f241502f30c3403b81f14a5d724f72e39a8deeec7ea802bd0a063ed4530ac3ba8d8d3bca2c332bb38e1ecb6ba5b3c8e81aad5dc4af2c815f2167290f5d4f4ee22bea7d8296d8e7411e80eaeaa8842a50"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000001480)={0x3}, 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 11:48:05 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa01a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r0, 0x2) r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200050000000e"], 0x125) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0xec, 0x8, 0x6, 0x3, 0x0, 0x10001, 0x40810, 0xf5e19cfaf0c55636, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x2000, 0x2, 0x3, 0x5, 0x7, 0x8, 0x1, 0x0, 0x80, 0x0, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x2) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000400)=""/85, 0x55}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000580)=""/127, 0x7f}], 0x3) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) 11:48:05 executing program 7: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x0, 0x89}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000180)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)) dup3(r0, r2, 0x80000) epoll_create(0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1a23}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pidfd_open(0x0, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000004b80)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0x1) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:05 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000380)) 11:48:05 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa01a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r0, 0x2) r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200050000000e"], 0x125) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0xec, 0x8, 0x6, 0x3, 0x0, 0x10001, 0x40810, 0xf5e19cfaf0c55636, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x2000, 0x2, 0x3, 0x5, 0x7, 0x8, 0x1, 0x0, 0x80, 0x0, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x2) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000400)=""/85, 0x55}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000580)=""/127, 0x7f}], 0x3) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) 11:48:05 executing program 3: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x137, &(0x7f00000003c0), &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x2, 0x0}, 0x0) syz_io_uring_setup(0x7ccc, &(0x7f0000000200), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000000280), 0x0) io_uring_enter(r2, 0x58e4, 0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11:48:05 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000380)) 11:48:05 executing program 2: mq_notify(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x2}) [ 196.587050] sg_write: data in/out 917468/251 bytes for SCSI command 0x0-- guessing data in; [ 196.587050] program syz-executor.0 not setting count and/or reply_len properly 11:48:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$netlink(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000a40)={0x4c, 0x20, 0x5cd72c73c6d2024b, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @nested={0x34, 0x0, 0x0, 0x1, [@typed={0x2d, 0x0, 0x0, 0x0, @binary="1f39648f3bdf6cb9ba46e72516939071b7419969b1f4d1bd67bdff499b7f0ba06e69e4e27535aead0b"}]}]}, 0x4c}], 0x1}, 0x0) 11:48:05 executing program 5: clock_gettime(0x6, &(0x7f0000000040)) 11:48:05 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x4, 0x0, 0x0) 11:48:10 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa01a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r0, 0x2) r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200050000000e"], 0x125) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0xec, 0x8, 0x6, 0x3, 0x0, 0x10001, 0x40810, 0xf5e19cfaf0c55636, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x2000, 0x2, 0x3, 0x5, 0x7, 0x8, 0x1, 0x0, 0x80, 0x0, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x2) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000400)=""/85, 0x55}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000580)=""/127, 0x7f}], 0x3) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) 11:48:10 executing program 1: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "542080c43c12d6315c9c2b4e0bc03d24dc716d767ab927c9b7b80e84b55e26b3f2f3fcb43eae4b15d53aea75f0a21e5f210ed4b14d5d1d512c7ffd377b21514e"}, 0x48, 0xfffffffffffffffe) keyctl$clear(0x7, r0) 11:48:10 executing program 4: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x0, 0x89}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000180)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)) dup3(r0, r2, 0x80000) epoll_create(0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1a23}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pidfd_open(0x0, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000004b80)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0x1) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:10 executing program 7: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x0, 0x89}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000180)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)) dup3(r0, r2, 0x80000) epoll_create(0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1a23}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pidfd_open(0x0, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000004b80)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0x1) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:10 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa01a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r0, 0x2) r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200050000000e"], 0x125) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0xec, 0x8, 0x6, 0x3, 0x0, 0x10001, 0x40810, 0xf5e19cfaf0c55636, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x2000, 0x2, 0x3, 0x5, 0x7, 0x8, 0x1, 0x0, 0x80, 0x0, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x2) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000400)=""/85, 0x55}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000580)=""/127, 0x7f}], 0x3) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) 11:48:10 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$hidraw(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0) 11:48:10 executing program 3: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0x30000004}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x3d}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:10 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid\x00') [ 201.590539] sg_write: data in/out 917468/251 bytes for SCSI command 0x0-- guessing data in; [ 201.590539] program syz-executor.6 not setting count and/or reply_len properly 11:48:10 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="f204", 0x2}], 0x1, &(0x7f0000000700)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}], 0x18}, 0x0) 11:48:10 executing program 2: perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x26e1, 0xe8) syncfs(r0) openat(r0, &(0x7f0000000000)='./file0\x00', 0x80, 0x102) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 201.660379] sg_write: data in/out 917468/251 bytes for SCSI command 0x0-- guessing data in; [ 201.660379] program syz-executor.0 not setting count and/or reply_len properly 11:48:10 executing program 1: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "542080c43c12d6315c9c2b4e0bc03d24dc716d767ab927c9b7b80e84b55e26b3f2f3fcb43eae4b15d53aea75f0a21e5f210ed4b14d5d1d512c7ffd377b21514e"}, 0x48, 0xfffffffffffffffe) keyctl$clear(0x7, r0) 11:48:10 executing program 5: mknod$loop(&(0x7f0000000880)='./file0\x00', 0x6000, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) unlink(&(0x7f0000000740)='./file0\x00') 11:48:11 executing program 1: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "542080c43c12d6315c9c2b4e0bc03d24dc716d767ab927c9b7b80e84b55e26b3f2f3fcb43eae4b15d53aea75f0a21e5f210ed4b14d5d1d512c7ffd377b21514e"}, 0x48, 0xfffffffffffffffe) keyctl$clear(0x7, r0) 11:48:12 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffe, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x404000, 0x0) memfd_create(0x0, 0x2) getsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f0000000200), &(0x7f0000019600)=0x4) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000019480), 0xa30) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = openat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x26e1, 0x62) r2 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x400080, 0x0) fcntl$getown(r2, 0x9) r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x7, 0x8, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200, 0x80000001}, 0x330, 0x8, 0x7, 0x4, 0x8, 0x3, 0x4, 0x0, 0x7f1460ba, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x2) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, 0x0) close(r3) syncfs(r1) perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x0, 0x8, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp, 0x1080, 0x81, 0x40, 0x0, 0x3, 0x2507f2d1, 0x3, 0x0, 0x6, 0x0, 0x619e}, 0xffffffffffffffff, 0xc, r2, 0x9) gettid() 11:48:12 executing program 5: mknod$loop(&(0x7f0000000880)='./file0\x00', 0x6000, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) unlink(&(0x7f0000000740)='./file0\x00') 11:48:12 executing program 1: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "542080c43c12d6315c9c2b4e0bc03d24dc716d767ab927c9b7b80e84b55e26b3f2f3fcb43eae4b15d53aea75f0a21e5f210ed4b14d5d1d512c7ffd377b21514e"}, 0x48, 0xfffffffffffffffe) keyctl$clear(0x7, r0) 11:48:12 executing program 0: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa01a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r0, 0x2) r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200050000000e"], 0x125) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0xec, 0x8, 0x6, 0x3, 0x0, 0x10001, 0x40810, 0xf5e19cfaf0c55636, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x2000, 0x2, 0x3, 0x5, 0x7, 0x8, 0x1, 0x0, 0x80, 0x0, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x2) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000400)=""/85, 0x55}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000580)=""/127, 0x7f}], 0x3) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) 11:48:12 executing program 3: r0 = syz_open_dev$loop(0x0, 0x40000000000002, 0x38d40) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(0xffffffffffffffff, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00') write$binfmt_aout(r2, &(0x7f0000000500)={{0x10b, 0x3, 0x5, 0xc6, 0x3b, 0x5, 0x15f, 0x1ea44656}, "8f50ba5b8d22b679908b5f67d23a437bceeff6412c8a120c7222669424424991a77225898b55ca6befbff3fd276bd7d165410f4b51bf5436816f782662ab3db5d5e6062bc14262802b8f1e16e79b32a69b1e8f3fbd63ce3d6d3e3b66fad7", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x97e) setxattr$trusted_overlay_origin(&(0x7f0000000340)='./file0\x00', &(0x7f0000000400), 0x0, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000380)={r0, 0x0, 0x1, 0x400}) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) setsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0x7, 0x0, 0x0) fcntl$F_GET_FILE_RW_HINT(r4, 0x40d, &(0x7f0000000140)) ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x0) gettid() perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$BTRFS_IOC_GET_FEATURES(0xffffffffffffffff, 0x80189439, &(0x7f0000000040)) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) write(r5, &(0x7f0000000080)="01", 0x292e9) 11:48:12 executing program 6: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa01a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, r0, 0x2) r1 = perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200050000000e"], 0x125) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0xec, 0x8, 0x6, 0x3, 0x0, 0x10001, 0x40810, 0xf5e19cfaf0c55636, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x2000, 0x2, 0x3, 0x5, 0x7, 0x8, 0x1, 0x0, 0x80, 0x0, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x2) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000400)=""/85, 0x55}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000580)=""/127, 0x7f}], 0x3) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) 11:48:12 executing program 4: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x0, 0x89}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000180)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)) dup3(r0, r2, 0x80000) epoll_create(0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1a23}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pidfd_open(0x0, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000004b80)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0x1) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:12 executing program 7: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000800)={0x6, 0x0, 0x20, 0x81, 0x0, 0x89}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cb, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000004c0)) r2 = syz_open_procfs$userns(0x0, &(0x7f0000000180)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)) dup3(r0, r2, 0x80000) epoll_create(0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001600), 0x400000, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1a23}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pidfd_open(0x0, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000004b80)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @private}}}, 0x108) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0x1) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:48:12 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000080)="94e8cf2d", 0x4}], 0x1}}], 0x1, 0x4000000) 11:48:12 executing program 5: mknod$loop(&(0x7f0000000880)='./file0\x00', 0x6000, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) unlink(&(0x7f0000000740)='./file0\x00') 11:48:12 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r2, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) 11:48:12 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffe, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x404000, 0x0) memfd_create(0x0, 0x2) getsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f0000000200), &(0x7f0000019600)=0x4) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000019480), 0xa30) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = openat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x26e1, 0x62) r2 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x400080, 0x0) fcntl$getown(r2, 0x9) r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x7, 0x8, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200, 0x80000001}, 0x330, 0x8, 0x7, 0x4, 0x8, 0x3, 0x4, 0x0, 0x7f1460ba, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x2) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, 0x0) close(r3) syncfs(r1) perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x0, 0x8, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp, 0x1080, 0x81, 0x40, 0x0, 0x3, 0x2507f2d1, 0x3, 0x0, 0x6, 0x0, 0x619e}, 0xffffffffffffffff, 0xc, r2, 0x9) gettid() 11:48:13 executing program 5: mknod$loop(&(0x7f0000000880)='./file0\x00', 0x6000, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) unlink(&(0x7f0000000740)='./file0\x00') 11:48:13 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r2, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) [ 204.095815] Bluetooth: MGMT ver 1.22 VM DIAGNOSIS: 11:48:03 Registers: info registers vcpu 0 RAX=000000000000006c RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8247f505 RDI=ffffffff87fafae0 RBP=ffffffff87fafaa0 RSP=ffff88804632eee0 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006c R11=0000000000000001 R12=000000000000006c R13=ffffffff87fafaa0 R14=0000000000000010 R15=ffffffff8247f4f0 RIP=ffffffff8247f55d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa370d39700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe3eda1da000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe3eda1d8000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa370d18718 CR3=000000001c6f0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fa3738aa7c000007fa3738aa7c8 XMM02=00007fa3738aa7e000007fa3738aa7c0 XMM03=00007fa3738aa7c800007fa3738aa7c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000002 RBX=0000000000000c00 RCX=000000000000004a RDX=1ffff1100878b280 RSI=ffff888043c59400 RDI=0000002d4b02e22c RBP=ffff88801b777a28 RSP=ffff88801b7779b0 R8 =0000000000000000 R9 =0000002d4b02e22c R10=ffff888043c59500 R11=0000000000000001 R12=ffff888043c59400 R13=0000002d4b02e22c R14=ffff88801b4e36c0 R15=ffff88801b4e3600 RIP=ffffffff81280f04 RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055555615d400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe3dca827000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe3dca825000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f7f47e9dc10 CR3=0000000018f72000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffff00ffffffffffffffff XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000